The last time I wrote about PC security was in May 2003 and that was on keeping your PC virus free. Today the number of threats to your PC security has multiplied and there are more problems than viruses that you should be bothered about. This article focuses PC Security. Reinforce your defences against malicious programs and code because unless yours is a standalone PC where you do not connect to the internet, do not use floppies or CD ROMs and in general do not interact with the outside world at all, your PC is at threat. The first part of this Ezine deals PC security as mentioned above and this article will encourage you to learn more about viruses, trojans, spyware and the like. The second part of the ezine is about free stuff. There?s a lot of free software available and with the rising costs of the large programs like Photoshop and MS Office, which have features that an average user doesn?t even utilise, these free programs are an excellent alternative. I shall try to provide a small list of free software under main headings. The list is not meant to be exhaustive but instead is a collection of what the average PC user might need. For those of you who feel your friends or relatives might benefit from this newsletter, feel free to forward it to them and let them signup for it too at www.meandrake.tk Till next month... Mean. Reinforce your defences By Mean Drake mean@xxxxxxxxxxxxx This month has been eventful as far as computer security is concerned. First it was the blaster virus that showed people that you need not click on email attachments to get infected. You could get infected just being online, something I have always believed would happen one day. Luckily the blaster was a relatively benign virus. A more malicious programmer could have written things to take over your computers completely. The second has been the attack of the Sobig.F worm over the last few days. It is unbelievable how many people just don?t bother to run up to date antivirus programs. The sobig worm, at least for me was a nuisance rather than a threat to my PC. But it should not have been even that much if people were more careful. I am sure most people reading this are already aware of this but I would really like you all to pass on this to your friends and others who you feel need this advice. There are various types of threats that you have to face in day to day computing. Let me enumerate them and discuss each one separately. Viruses These are of course the most well known. In fact so well known that everything that is damaging is called a virus. Trojans are different and we shall discuss them separately below. Viruses most commonly but not always spread through email. Before the days when the internet was such a household name, the preferred way of spread was infected floppy disks. Now most virus writers don?t even bother to write code to infect floppies and spread this way. Trojans Trojans are malicious programs designed to give the appearance that they are useful programs. A trojan might even be made to look like an antivirus tool. But these programs, unlike viruses, leave a backdoor open on the computer so an hacker can take advantage of this and access the computer with full control over the files. Worms These are programs that propagate themselves over the network. Most mass mailing viruses like the current Sobig.F virus can be defined as worms. Prevention There is no single magic bullet that will let you stay clear of these three threats. A multi-pronged approach is needed. It will be beneficial to follow the following guidelines, which too are by no means an exhaustive list. 1. Be wary of all email attachments, even those from friends and relatives. 2. Never open files with double extensions. An example would be mypicture.jpg.scr. Here the initial impression would be that it is a picture file but it is really an executable scr file. You should always enable windows to show you extensions for known file types. The most braindead thing windows did was hide these by default and users never learnt about what extensions are until they ran into problems. 3. Keep abreast with security patches. Both of the operating system and of the browser. 4. In Internet explorer, you can use custom security to turn off things like ActiveX, Scripting, Java controls etc. Of course functionality gets lost to some extent but then the choice between fun and danger will always remain in all scopes of life. A workaround here is to add sites that you want to have fun on to the trusted zone so here you don?t lose functionality too. 5. Beware of Office documents like doc and xls files as these can have macros in them. Keep macros in Office disabled unless you need them. Or at least keep security to medium so it will prompt you for macros in new files. 6. Use a good antivirus program and keep it up to date. Spyware The internet has now produced a new generation of programs defined as spyware. With the increase in e-business and more and more products being sold online, every internet user is a potential buyer. It becomes more important for companies to get user information and to target advertisements of products at users who are likely to click on them. I am most unlikely to buy anything to do with Victoria?s Secret so it would be a waste of their resources to have their ads flashed at me. More and more ingenious ways are being devised to get user info, track them online and probe in to their personal data. In a majority of the cases, the computer per se is not prevented from functioning though this is not always the case. Symptoms that you have been hit by spyware are not always present. Some of the warning signs are: 1. Sudden change in your home page or default search page. 2. New entries in your favourites. 3. A new internet explorer toolbar that you did not download. 4. Internet activity taking place when you yourself are not browsing or downloading. Many of the free programs that are available online in some way or the other try to install some components that will display ads or compromise some personal data. The download manager Go!zilla was the among the first to come under fire for this. Kazaa is widely used by people blissfully unaware of components it installs. The list is too long to enumerate here. The spyware list at http://www.tom-cat.com/spybase/ as of today produced a total of 944 results. You can refer to this page before installing software, specially free software. Prevention of Spyware infestation is not too easy. The difficulty lies in new techniques that people think of to penetrate your defenses. In general, the steps you should take are as follows: 1. Increase browser security as described above. 2. Download software carefully. Make sure that the freebies you use are safe. 3. Keep an anti-spyware program installed and updated. It need to run all the time in the background. After all you cannot run too many programs in the background as it would to some extent affect system performance. Good programs are Adaware and Spybot Search & Destroy though many more are available. 4. Use a firewall. This brings us to the last section of this article. Firewalls. Firewalls Once on the network, whether it be the LAN or the internet, the computer is available for other users to see. People experienced in doing so can easily access your computer and get to see, edit and even delete files. Hacking is not so uncommon as one would think. The older operating systems like Windows 95 and Windows 98 were very easy for hackers to get into. The newer systems with Windows 2000 and XP are more secure and more efforts are needed to break in. However it would be better to not only use a more secure OS but also use a technology that would keep hackers out. This brings us to firewalls. There are two types of firewalls. Hardware and software. Hardware firewalls are devices with a built in set of instructions that can be configured to act as guards to our internet connection. I plan to discuss here software firewalls which are simple for any home user to install. A software firewall is a program, much like any other program you install on your computer. The program starts up with Windows and acts as a intermediary between the computer and the internet. All data going in and out flows through it. The firewall is therefore in a position to prevent uninvited access to your computer as well as can prevent programs from sending out data. Any program, that is not supposed to send out information to the internet, or one that you didn?t even know existed on your computer would be picked up by the firewall and you could decide whether its net access is legitimate. Being in such a critical position, firewalls have not expanded their functions and can now act as watchdogs over email (preventing incoming viruses), unwanted advertisements online, running of malicious scripts etc. They can block access to open ports on the system as well as prevent running of hostile scripts. The common firewalls (I do not plan to compare them this time) available today are: Outpost (Free and Pro) Zonealarm (Free and Pro) Sygate Personal firewall (Free and Pro) Tiny Personal Firewall. Norton Personal Firewall Kerio Personal Firewall McAfee Personal Firewall Blackice PC Protection Windows XP Built in internet connection firewall. Summary: Online security is an important concern today and following the guidelines provided here should take you a long way in making your computing safe and secure. Freestuff by Mean Drake mean@xxxxxxxxxxxxx There is a lot of free stuff available on the internet. A lot of free software too. As discussed in the first section, many of these free programs have their drawbacks. My aim here is to provide names of only software I know to be reliable and free of such spyware. If I am mistaken, please feel free to mail me. This is a short section that just will list out free replacement programs for the commonly used applications that are very expensive. Equivalent functionality might be missing but these expensive apps have features that home users might never use. So free equivalents are more than sufficient. The list is not exhaustive. This is just a listing. Products have not been reviewed here. There are of course other categories and lots of free stuff available. But these are utilties that most systems should be happy to have to start with. CategoryProducts Office SuitesOpenOffice, 602 Pro PC Suite Picture Viewer and EditorIrfanview, XNView PDF readerAcrobat Reader BrowsersAvant Browser, SlimBrowser, MyIE, Mozilla, Opera(Ads), Netscape Email ClientsEudora (Ads), Pegasus, Incredimail, Calypso 3.3 Newsgroup readerFree Agent ChatMSN, Yahoo, AOL, ICQ, Trillian File SharingMost have either spyware or security risks, I personally do not recommend. Flame me :-) Form FillerAI Roboform FirewallsOutpost, ZoneAlarm, Sygate AntispywareAdaware, Spybot S&D Zip file handlerZip Genius System toolsjv16 PowerTools, PC Inspector file recovery Security and EncryptionPGP 8.0 Music PlayersWinamp, RealOne There are of course other categories and lots of free stuff available. But these are utilties that most systems should be happy to have to start with.