Mangolab basic security & PC health tips
This document aims to help a personal PC user protect their PC and personal data from an external attack. All points are relevant for business
users too, but network security is not discussed in detail. The document is split in to three main parts:
We hope this is helpful to you. If you have any concerns or queries please feel free to email us.
Basic PC security - things to make sure you have
| 1. | Get a good Antivirus (AV) Program (why?) (how?) | |
| | ¤ make sure it automatically updates its Virus definitions (why?) (how?) | |
| | ¤ never let the license/automatic-update facility expire (why?) (how?) | |
| | ¤ never turn it off, especially if asked to do so! (why?) | |
| 2. | Ensure your Windows software is up to date (why?) (how?) | |
| | ¤ Microsoft (MS) offer a free automatic updating service, use it! (why?) (how?) | |
| 3. | Ensure all of your other software is up to date (why?) (how?) | |
| | ¤ e.g. if you use a browser other than IE, ensure its updated regularly (why?) (how?) | |
| 4. | Get a Spyware/Adware detection program (why?) (how?) | |
| 5. | If you're connected directly to the net and haven't got Windows XP, get a firewall (why?) (how?) | |
| | ¤ XP has a basic inbuilt firewall, keep it on (why?) (how?) | |
| 6. | For extra security, we recommend you: | |
| | ¤ disable ActiveX controls in your email and browser (why?) (how?) | |
| | ¤ disable javascript in your email (why?) (how?) | |
| 6. | Have at least 2 backup sets - one created periodically and one more frequently (why?) (how?) | |
| | ¤ if your daily/weekly backup is infected you can use your periodic backup (why?) | |
| | ¤ have a disaster recovery strategy - what will you do if you lose it all? (why?) | |
| 7. | Additionally, if using wi-fi: | |
| | ¤ ensure security features are enabled (why?) | |
| | ¤ ensure you have changed the default passwords (why?) | |
| | ¤ be extra careful using public hotspots (why?) | |
Basic PC security - things to make sure you do and don't do
| 1. | Never allow your browser to automatically store usernames and passwords (why?) | |
| | ¤ these account details can be read by all other applications (how?) | |
| 2. | Treat all email/websites with suspicion - when in doubt ignore/leave! (why?) | |
| 3. | *Never* open unsolicited email attachments (why?) | |
| | ¤ only open files you have expressly requested (why?) | |
| 4. | Never download files from sites that you don't trust *100%* (why?) | |
| 5. | Never open software obtained from a P2P file-sharing program (why?) | |
| 6. | Treat links in emails with suspicion, emails are easily spoofed (why?) | |
| | ¤ always hover over links to check the link really goes where it says (why?) | |
| | ¤ always ask yourself if you would go to this link normally (why?) | |
| 7. | Never follow a link in an email to a site that requires a login or requests information (why?) | |
| | ¤ e.g. for online banking, use a bookmark in your favourites or type in the sites url (why?) | |
| 8. | Never insert a CD or floppy unless you are *100%* sure of its contents and origin (why?) | |
| 9. | Use different passwords for different sites (why?) | |
| | ¤ passwords should be obscure and should contain numbers and letters (why?) | |
| | ¤ never store passwords in a text or word document, use a password safe (why?) | |
| | ¤ never log-in to a site from a public-access PC (eg in an internet cafe) (why?) | |
| 10. | Always check for the SSL security padlock when entering credit card info (why?) | |
| | ¤ this is shown in the browser status bar, ignore padlocks on the page (why?) | |
| | ¤ remember this is still not a guarantee that the site is bona fide (why?) | |
Basic PC security - other things to bear in mind
| 1. | It only takes a single program on one PC to compromise your entire system, remember: | |
| | ¤ that your security is only as strong as its weakest point | |
| | ¤ that new Viruses/targeted attacks will not generally be caught by AV software | |
| | ¤ that backup strategies and disaster recovery are not something to sort out tomorrow | |
| | ¤ to train all users to know the risks and how to guard against them | |
| | ¤ to limit network access to hamper infection across networks | |
| | ¤ to limit security permissions, allowing only certain users administrator privelages | |
| 2. | Once a program is running on a single machine it can: | |
| | ¤ make any changes to settings/data that you can make | |
| | ¤ read usernames and passwords that are insufficiently protected (e.g. by your browser) | |
| | ¤ pose as another program to obtain information (Trojan) | |
| | ¤ capture all typed in information and communicate it (Keylogger) | |
| | ¤ multiply and spread across an unprotected network/the net (Worm/Virus) | |
| | ¤ read/delete/amend files and/or communicate this data | |
| | ¤ attack your remaining security systems | |
| | ¤ be updated by an external source or be used to add other programs (Iceplough) | |
| | ¤ be used to distribute spam or provide a springboard for self-distribution (Shrubhub) | |
| | ¤ allow the complete control of your pc by an external agent (Hijacker) | |
| | ¤ or just do something silly then self-destruct (Codball). | |
| 3. | Still worried? Why not test your security with the Mangolab Security Challenge? | |
Basic PC security - whys and hows
| Get a good Antivirus (AV) Program | |
| why? |
Antivirus programs are the first line of defence against malicious programs (Malware). With so many Viruses existing and new ones being added everyday it is imperative to get good AV software and keep it up to date. |
| | [back] |
| how? |
We recommend Norton Antivirus by Symantec. They've been doing it a long time and they're not about to go out of business. Its worth paying; don't try and scrimp on a few pounds and get freeware from a startup company when thousands of pounds of data and software are at risk. Once purchased, annual licenses are cheaper. |
| | [back]
|
| Make sure it automatically updates its Virus definitions | |
| why? |
Many new Viruses are created every day. If you are unlucky enough to be one of the first to be attacked by a new virus your AV software will probably not protect you (though the other precautions outlined in this document hopefully will). With automatic updating for your AV, you can relax a little knowing that new viruses are added as soon as they are identified. |
| | [back] |
| how? |
All good Anti-Virus packages now contain live update facilities. We recommend Norton Antivirus by Symantec. The installation wizard will configure Live Update for you. |
| | [back]
|
| Never let the license/automatic-update facility expire | |
| why? |
If your AV live-update license expires you will not be protected against new Viruses and your system will be at risk. |
| | [back] |
| how? |
Most good AV packages work on an annual license these days and will notify you when you need to purchase a new license and instruct you on to how to do so. Make sure you do not just cancel reminders indefinately. |
| | [back]
|
| Never turn it off, especially if asked to do so | |
| why? |
Unless you are instructed by a completely trusted IT professional to disable your AV software, never turn it off. As soon as you do so your system is unprotected from all Viruses; checking your email could prove fatal! Although some earlier versions of AV software caused problems with legitimate installations, modern AV software is advanced enough to be left on at all times. |
| | [back]
|
| Ensure your Windows software is up to date | |
| why? |
MS normally support their operating systems (OS) for 5-7 years. In this period they provide patches to fix security holes as they are identified. These flaws can seriously compromise your PC and allow external attacks that AV software does not guard against. You must keep your software up to date, or you are leaving your Windows open! |
| | [back] |
| how? |
MS now provide an excellent automatic update tool that will patch your software as soon as a flaw is identified and a solution is ready. In versions of Windows XP and later, this feature is included by default; do not turn it off, (ignore any misguided industry critisism, this is a good feature). In earlier versions of Windows you may need to install a separate utility. To do this in IE go to Tools, Windows, Update and follow the instructions. |
| | [back]
|
| Ensure all of your other software is up to date | |
| why? |
MS software such as IE, Outlook and Word are by far the most targeted applications by Viruses and crackers. This is simply because MS have a history of poor security in their products (they have woken up to this and have made significant improvements lately but still seem to miss the plot sometimes).
MS software is also the most popular worldwide and so its the obvious target for hackers seeking maximum impact. However every other piece of software is equally open to attack. As time goes on, more and more non-MS products will be targeted by viruses and patches will be required. You should, therefore, keep all software up to date, particularly software provided by well-known brands which are more likely to be targeted; browser and email software are the most important. Many people don't use IE because they believe it has many security flaws; this is not completely fair and you should take extreme care when choosing an alternative browser,
wherever possible ensuring that an automatic update feature is available. We recommend Mozilla Firefox, it is an excellent free browser which aims to put security first by avoiding technologies such as ActiveX and VB Script. It is also an open source project (though this may become a weakness as it becomes more popular and its code comes under increasing scrutiny).
Generally when browsing, don't forget that everytime you visit an offbeat page you're exposing yourself to the risk of an attack; if your brower has an unpatched vulnerability then a malicious program could be in your PC in moments. |
| | [back] |
| how? |
When choosing your software check the method by which security patches are provided. For instance, Mangolab provides Mangobot to support and automatically patch all of our software products. Some programs will check for new versions when they are started. Some companies simply rely on sending an email when a new version is available. We recommend, products with automatic updating; this by far the safest, most reliable and hassle-free method of patch-delivery. |
| | [back]
|
| Get a Spyware/Adware detection program | |
| why? |
Although normally not illegal or harmful to your system, Spyware and Adware are intrusive parasitic programs/techniques that monitor your behaviour, often secretly and can report the results to a third party.
Spyware is now illegal in California and other legislators may take action against it. A removal program will check your PC for software and your browser for tracking devices and cookies to help maintain your privacy. |
| | [back] |
| how? |
Spyware and Adware are normally less harmful than a Virus but it is worth checking your system and removing any warez. We recommend Spybot for this job; its not free to develop so please make a donation. ISPs and even MS are increasingly making moves to counter Spyware, so you may find a free Spyware tool is available from your ISP (Yahoo for instance), but these may well migrate into payware. |
| | [back]
|
| If you're connected directly to the net and haven't got Windows XP, get a firewall | |
| why? |
A lot of fuss is made about firewalls and people are often misled into believing that they are the first line of defence against an attack, and when present will completely protect their system in a technological 'ring of fire'! It is not necessarily dangerous to have your ports probed or data sent to them. If your software and OS are up to date and there is not a malicious program already on your PC
to receive and act on the data there is generally no problem. Of course, if there is already a malicious program on your PC then you already have a potentially far more serious problem. That said, attacks can be made on software with a security flaw that is listening to a ports, but generally these are simply Denial of Service (DOS) attacks and apart from the inconvenience and cost of having downtime generally have no dramatic or lasting effects. Modern firewalls can stealth ports so that attackers can not see you are online so avoiding a targeted attack, and software firewalls are also useful for monitoring traffic between the web and applications on your PC. Do not fall into the trap of many
firewall users, who simply allow any program that tries to connect to the web access. If you let a program communicate without knowing what it is you may as well switch off the firewall and are effectively doing so when you allow the program unconditional web access.
The important thing to remember is, yes, you should have a firewall, but it is not a panacea for all your security problems. |
| | [back] |
| how? |
Some firewalls, like McAfees, don't seem to work properly and cannot cope with protocols like FTP which is pretty unforgiveable. We recommend you stick with Norton and get the firewall and AV all in one package. If you have Windows XP or above a firewall is already included in the Security Centre in Control Panel, so don't bother. |
| | [back]
|
| For extra security, we recommend you: disable ActiveX controls in your email and browser | |
| why? |
When you allow an ActiveX control to be used on
a web page you are allowing code to run on your machine that could be harmful. Even if the control is signed for accountability, this is no guarantee that it is safe.
The vast majority of browser security flaws have stemmed from the misuse of ActiveX controls. As such we recommend you turn them off and only enable them on a site-by-site basis (so that your receive a prompt asking if you wish to allow them to run). This
way if you trust the site you can allow the bespoke controls on specific sites but are still protected at all other sites.
Due to security concerns browsers such as Mozilla Firefox have decided not to support ActiveX, (so if you're developing a website
be careful you're not seduced into using unsupported technologies). |
| | [back] |
| how? |
The method of disabling ActiveX controls varies in each browser, but is normally an advanced preference/setting.
Mozilla Firefox for instance, does not support ActiveX.
In IE, go to
Tools, Internet options, click the Security tab. Select the Internet web content zone and click 'Custom'.
Under ActiveX controls set:
(Please note: disable - automatically refuses controls, prompt - requests your permission)
Automatic prompting for ActiveX controls - to prompt
Download signed ActiveX controls - to prompt
Download UNsigned ActiveX controls - to disable
Initialize and script controls not marked as safe - to disable
Run ActiveX controls and plug-ins - to prompt
Script ActiveX controls marked safe for scripting - to prompt
Automatic prompting for downloads - disable
File download - enable/disable (depending on your trust of users)
|
| | [back]
|
| For extra security, we recommend you: disable ActiveScripts in your email | |
| why? |
There is just no reason to accept emails that contain active scripts like javascript and VB Script. This is also a first port of call for scripters attempting to access your PC. Allowing standard HTML is fine and does not pose a significant risk (though there is a slight privacy issue with image-tracking in some email clients), but all ActiveX and Javascript should
be disabled in your email. |
| | [back] |
| how? |
Ensure you have the most up to date version of your email client. The latest version email programs such as Outlook Express on XP disable scripting and ActiveX in your email automatically. For other clients search the help for how to disable scripts; generally it will be under advanced preferences.
See also disabling ActiveX. |
| | [back]
|
| Have at least 2 backup sets - one created periodically and one more frequently | |
| why? |
Backing up is something many computer users only think about just after they have lost a lot of data for the first time. If you haven't already suffered such a loss we strongly advise you not to wait until you do to get your backup strategy sorted - imagine what you could lose and the expense of the loss? Backing up is easy to do and easy to setup to run automatically - get yourself a mass storage device such as
an external hard drive (you can get huge drives for virtually nothing now). Sometimes this is a little clunky, but its worth spending a couple of hours
to get peace of mind for the rest of your computing days! Don't just make one back up set that runs every day, have at least 2 sets - one to run frequently, one to run infrequently (every month or so). This way if one backup fails, you still have a disaster-backup - ok you might lose some stuff but not *everything*! |
| | [back] |
| how? |
we recommend Maxtor. Their external drives are incredibly quiet, large and cheap. Backup software is normally included. |
| | [back]
|
| Have a disaster recovery strategy - what will you do if you lose it all? | |
| why? |
It is very common for backups to be setup and then forgotten about, only to be rediscovered a few years down the line and found not to be working. You must check your backups are occuring and are running successfully. You must also prepare a disaster recovery strategy - think about what would happen if your data storage was damaged by flood/fire/theft etc? Do you have an off-site backup?
Is this a compatible system etc? Is this a reliable periodic backup? Think about what data is really important to you and ensure that this data is protected even more and backed up externally. There are many issues to think about and it takes time, but its time worth spending. |
| | [back]
|
| Wifi - ensure security features are enabled | |
| why? |
Many Wifi routers come with security disabled for ease of installation. Although this is gradually changing as Wifi providers
update their security to make it easier to setup it is important to ensure you enable the security features. Without this your network
is open to any wifi users in the vacinity. See also changing default passwords |
| | [back]
|
| Wifi - ensure you have changed the default passwords | |
| why? |
Wifi routers that come with security enabled often have default passwords set. These passwords can be obtained by making a simple search on the make and model of your network
on the internet, which means that while you are using these default settings you are simply not protected at all. |
| | [back]
|
| Wifi - be extra careful using public hotspots | |
| why? |
When you pass information across a third party network the administrators of that network will be able to monitor
and in some cases intercept your traffic. With a respectable hotspot operator this is normally of little consequence - however
there is a risk that you are actually connecting to an evil twin. |
| | [back]
|
Basic PC security - dos and donts
| Never allow Internet Explorer or Netscape to automatically store usernames and passwords | |
| why? |
Most browsers are set by default to prompt you and ask if you wish them to remember passwords and usernames when you login to a site online.
In the documentation for IE for example, it explains that these details are 'encrypted to protect your privacy'. What it does not say is that
the encryption method harnesses two Windows API functions, CryptProtectData and CryptUnprotectData, which can be called from any program. The result
of this is that although IE encrypts the data, *any* program running on your PC can decrypt it and so read your usernames, passwords and the associated URLs
where they can be used. Bit of a security flaw you may think? Especially when the code to do so is openly available. When Mangolab pointed this out to the Microsoft Security Response Centre, they replied:
"Thanks for your note. When a user chooses to run an executable, the
application has the same access to data and resources as the user
himself. This is by design, otherwise, for example, Internet Explorer
would not be able to read the usernames and passwords. This is why
Microsoft always advises users to run programs only from trusted
publishers. If you are concerned with software you run being able to
read usernames and passwords for your websites, you should either not
run that software or not store your usernames and passwords in Internet
Explorer."
Hmmm. Mozilla Firefox on the other hand, simply avoids this problem by allowing you to set a Master Password on your password store, though you must ensure that you update this if migrating to Firefox from IE or NS. The safest method of storing and managing all your passwords is by using a password safe.
|
| | [back]
|
| How to clear/protect your Browser password store | |
| why? |
Most browsers are set by default to record your online account details. In IE, to disable this feature and clear
any existing passwords, go to:
Tools\Internet Options\Content\Auto Complete
Select 'Clear passwords' and uncheck the use of auto-complete for 'Usernames and Passwords on forms'.
In Mozilla Firefox you can (reasonably) safely use the password store feature as long
as you set the Master Password for the Password Store (you should do this as soon as you have migrated from another browser):
Select Tools\Options\Privacy\Saved Passwords\Set Master Password
and type in a nice juicy big one.
Alternatively, you can disable the feature by unchecking the 'Remember Passwords' box.
|
| | [back]
|
| Treat all email/websites with suspicion - when in doubt ignore/leave! | |
| why? |
Email may or may not come from who it purports to be from. It takes about 10 seconds to setup a spoof email account so never assume the sender is real - look for personalisation. Would the sender really write this?
Are there any personal details given or is this an email that could be sent to thousands?
Even if there are, be wary of following links and opening attachments. Similarly, and although a little harder, URLs can also be spoofed. Always check the URL of a website and if its not what you'd expect leave. Since even this can be spoofed, look out for
spelling mistakes or unusual pages that do not ring true and generally be on guard when browsing. |
| | [back]
|
| What is a spoofed URL? | |
| eh? |
It costs virtually nothing to set up a convincing website, just a few pages and a couple of graphics normally do the trick. Normally you can
check that the address of the site is genuine but if you have Malware already on your PC this may amend your hosts file to spoof a URL and actually send
you elsewhere. See also: spoofing. |
| | [back]
|
| *Never* open unsolicited email attachments | |
| why? |
Antivirus software does not necessarily catch all Viruses, particularly new ones. Viruses spread faster and faster so you may receive a
new virus as an email attachment before your AV software has responded to the new threat. Email is the most common form of Virus distribution as practically every PC
now has an email client running on it and addresses can be easily spoofed or may be sent from an infected PC so do not assume the sender is genuine. Unless you requested a file or you are absolutely sure of its origin do not open it. |
| | [back]
|
| Never download files from sites that you don't trust *100%* | |
| why? |
Malware can look very convincing. A quick download of a tool that says it will fix problems can actually make matter a hundred times worse.
It costs virtually nothing to set up a convincing website, so only trust sites you know are genuine and even then exercise a degree of caution. Always ask yourself
if you really need the download and remember what the risks are.
|
| | [back]
|
| Never open software obtained from a P2P file-sharing program | |
| why? |
This is just a complete no-no. If you want the software then obtain it through the correct channels. Attempting to use a pirate copy
will inevitably end in tears, normally those of your IT manager. The program may appear to work and may in fact be a working copy but it is
extrememly likely that some other programs piggybacked on to your machine...
|
| | [back]
|
| Treat links in emails with suspicion, emails are easily spoofed | |
| why? |
An apparently innocent link in an email can turn out to be quite a little nasty. Older email clients may suffer from
especially malformed links that actually open an attachment. All html email programs (most) can receive an email that shows an apparent link that
actually goes elsewhere; it takes no technical knowledge to spoof a link in an email. The most common form of spoofed link
is to a bank login page etc. The email from your bank suggests you need to login to your account to accept new security measures etc etc.
A link like http://www.yourbank.com/account/login.asp looks about right but when you hover over the link and check the status bar
of your browser it is actually linked to somewhere completely different, often an IP address like http://81.153.216.71/account/login.asp.
Basically, if you are going to a login page follow a bookmark in your browser or better still type in the URL from scratch (just in case your bookmarks have been spoofed too).
This type of attack is known as phishing, its not very sophisticated but future variants may be.
|
| | [back]
|
| Never insert a CD or floppy unless you are *100%* sure of its contents and origin | |
| why? |
By default PCs are configured to open a file called autorun.inf when it is present on external media that has been inserted in to your PC. This file has the power to install or run other programs
on the disc. If you use an external drive and regularly insert disks of uncertain origin we recommend you disable this feature. When the music companies had
a brief flirtation with protection software and started putting blocking programs on music CDs, this is the method they used and this is why they stopped bothering.
|
| | [back]
|
| Use different passwords for different sites | |
| why? |
You may think that because you use an eight character password formed of letters and characters that you're nice and safe. The problem is
that if you reuse this password with the same username at different sites you are
effectively telling everyone who has access to your password details at one site your account details for the other site. For example, if your friends reunited username and password
is the same as your online banking password, then everyone at friends reunited who knows your password knows your online banking account details (they also know your DOB, your first school etc
although this is all common 'security'-information that is easy to look up or find out). And how many main banks are there in the UK? How high is the chance that your login would be accepted after trying the first ten banks that
spring to mind? Now happily I'm sure the people at friends reunited are very trustworthy and very careful storing your data, but if you've signed up at
many sites or you've recently read the fraud cases involving thousands of stolen online identities then you'll know that some sites can be quite cavalier with
user account details. So worth keeping the passwords changing & different. At the very least have levels of security with different passwords for higher-level security accounts - still dodgy practice, but a little better.
Better still use a password safe - these packages will keep your details safe & can be set to auto-generate passwords. Once you get into the rhythm of using one it start to
become easy & handy too. We recommend the free and open-source Password Safe (though remember Blowfish is illegal to use in the UK because it employs such a strong encryption method, ahem :)
|
| | [back]
|
| Never log-in to a site from a public-access PC (eg in an internet cafe) | |
| why? |
Shared Windows PCs are simply not safe unless they're running NT/XP and you are the only administrator. Otherwise you should
treat all communal PCs as if somebody is looking over your shoulder and writing everything you do down in a notebook. And in fact, although its a piece of
software that keeps the notes in most cases, this can be exactly what's happening. A Keylogger is a program that records every single stroke & mouse-click that you make on a PC - they can run invisibly and are easy to write.
If one of these is hidden on a PC then all user account details you type into a PC can be recorded & retrieved by a thirdparty.
If you're going travelling and want to use a hotmail account say, setup a new hotmail account with a *unique* username and password that you can use while you're away,
then dispose of the account or let it expire on your return. *Never* access your primary mail account or any other type of online account from a shared PC.
|
| | [back]
|
| Always check for the SSL security padlock when entering account or credit card details | |
| why? |
Another obvious one, but just always check the padlock appears in the browser status bar, not the page itself.
Do not enter any confidential personal information (such as credit-card details) until the padlock is locked.
Some hoaxes have attempted to use a graphic layer to cover the URL/padlock status so be aware of things not looking quite right, and
if in doubt, leave!
|
| | [back]
|
Glossary of terms
| ActiveX | |
| ActiveX controls are controls created by third party developers to provide special extra functionality for some websites. These type of controls have been plagued with security flaws since their introduction.
|
[back]
|
| Adware | |
| Adware is a way for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales. This way, you don't have to pay for the software and the developers are still getting paid. If you find the banners annoying, there is usually an option to remove them by paying the regular licensing fee.
Most Spyware is Adware (and vice versa!).
|
[back]
|
| Codball | |
| A type of computer virus or piece of software that does something silly and then self destructs.
|
[back]
|
| Denial of service (DOS) | |
| A Denial of Service attack is an attempt to attack a machine to stop it working. Normally the machine can be restarted to simply recover without any permanent effects, but the attack attempts to freeze the computer and so bring the service it provides to a stop, requiring manual intervention to restart the machine & protect it from a fresh onslaught. This is often achieved simply by flooding a computer with messages or data in an attempt to overload it or the software processing it.
Web servers are the most common targets for these attacks as a successful attack will bring an organisations website down causing them expense and embarassment. Email servers are also often bombarded with emails in an attempt to seize up a server and deny an organisation its emails. These kind of attacks are very common because they require little or no skill to perform.
|
[back]
|
| Evil twin (Wifi) | |
| An evil twin is a fake hotspot server. This is a server that has been placed in the area of a legitimate wifi hotspot but
is broadcasting a stronger locator signal than the authentic hotspot server. Unsuspecting Wifi users thinking that they are connecting to a legitimate hotspot
will actually then connect to the fake server. This then intercepts your traffic (normally in an attempt to grab account details or access your laptop).
It is worth noting that when you browse and visit a page using a secure connection (SSL), e.g. when you enter credit card details
on most sites etc, transactions will still be safely encrypted even if they are intercepted. |
[back]
|
| Firewall | |
| A firewall can be either hardware or software based and is simply a device for monitoring or just enabling/disabling/stealthing the ports on your PC. The ports provide a means of access and communication with the outside world and shutting them simply stops people sending data in to your PC or data being sent from your PC.
It is also better to think of a firewall as a set of doors than can be opened and shut; the doors (ports) are safer shut and safer still if camouflaged to look like the wall from the outside. However they are still doors that can easily be left open by you by mistake, in which case you may get unwanted or at least univited guests wandering in off the street!
|
[back]
|
| FTP - File Transfer Protocol | |
| FTP is a simple way of transferring files between computers. It is most commonly used for transferring data to a web server.
|
[back]
|
| Freeware | |
| Freeware is software that is provided for free use by a developer with no suggestion that the user ever makes a payment for the software.
To fund development, some freeware contains Spyware.
|
[back]
|
| Hacker | |
| Originally this was a term used to describe a computer programmer, to 'hack' simply meant to write code. The term is now commonly used
to describe a 'cracker'; ie someone who attempts to obtain illicit access to a system, increasingly applied whether they can program or not.
|
[back]
|
| Hijacker | |
| A type of Malware that when introduced to a PC allows a hacker to take remote control of the computer.
|
[back]
|
| Iceplough | |
| A type of program used to create & maintain access to the host PC for other programs/upgrades.
|
[back]
|
| Keylogger | |
| A type of program used to intercept, record and report keystrokes/mouse-movements to a third party. Can be used 'legitimately'
by some companies to monitor employee activity or to illicitly obtain confidential information. Normally hidden or disguised as a seemingly legitimate process.
|
[back]
|
| Malware | |
| The generic term for evil software! See also Spyware and Virus.
|
[back]
|
| Password safe | |
|
This is a piece of software designed to hold user account details safely and securely. These help foil Keyloggers, help you manage your passwords efficiently,
and allow you to use long, safe, distinct (and even auto-generated) passwords without the need to ever remember them. NB You must always ensure you keep your Master password, (which should be a long, unguessable string of characters and is the password which opens the safe itself) completely safe - this
becomes the only password you need to remember - but if compromised means that all your other passwords are too.
We recommend the free and open-source Password Safe. This uses the Blowfish algorithm which is actually illegal to use in some countries because it is so secure. |
[back]
|
| Phishing | |
| A simple attempt to extract usernames and account details through a spoof email normally directing users to a false web address. The more sophisticated software equivalent is known as a trojan.
|
[back]
|
| Network Ports | |
| A port is best described as a virtual gate or door in to your PC, which when opened allows communication between programs on your PC and those outside it. On a PC without a firewall, a program (a server application) can just open a port
and listen at the door for attempts to communicate from a program on another PC (a client application). If the client talks to the server in the way it expects, the client may
ask it to perform certain tasks and the server may agree (e.g. a web-browser requesting a page from a web-server, the process by which you surf the net). A firewall sits between the programs on your PC
and the outside world and can be set up to monitor ports and keep them closed (or hidden) to prevent certain conversations between internal and external programs taking place (ie ones you haven't agreed to).
Sometimes ports (or rather the programs listening to them) are susceptable to DOS attacks, where they are flooded with information to make them crash. At other times they may be
probed (searched for and talked to speculatively by external malware in an attempt to gain illicit access by a hacker).
NB The combination of a port and a network address (an IP-number) is called a socket.
|
[back]
|
| Shrubhub | |
| This describes a PC that has become a distribution node for spam or Viruses. Users are normally unaware
that their PC is being used in this manner and is a way for proliferators of spam to anonymously distribute their malware. Normally occurs when infected by a specific form of Virus. |
[back]
|
| Shareware | |
| Shareware is software that is provided for free use by a developer, although a persistent user
is asked to contribute an amount to help pay for the developers time. Sometimes shareware
contains an incentive to make a persistent user contribute, such as a nag-screen or intermittent features etc.
Some freeware contains Spyware.
|
[back]
|
| Spoofing | |
|
A general term used to describe a deception where something has been crafted to appear like something else.
A spoofed email for example, is an email purporting to be from an email address which has actually been sent from another email address.
A spoofed link is a an HTML link that appears to go to a particular site but actually goes somewhere else (e.g. http:\\www.mybankaccount.com\login.asp).
A spoofed site is a false site designed to look and feel like another site, often attempting to steal account details.
|
[back]
|
| Spyware | |
|
A general term for a program that surreptitiously monitors your actions and often reports them back to a third party. While they are sometimes sinister, like a remote control program used by an external agent, software companies have been known to use spyware to gather data about customers. The practice is frowned upon by most software developers general within the industry.
Spyware is often installed 'legitimately' and may be bundled with programs, particularly shareware and freeware, that you choose to install. The license agreement may well mention that
spyware is being bundled, but generally it is a fleeting reference at the bottom of that enormous list of terms and legal disclaimers that many users
choose not to bother to read. Most Adware is Spyware |
[back]
|
| Secure Socket Layer (SSL) | |
|
The method of communication used between a client and a server (usually in a browser) to ensure that traffic is safe through encryption. In a browser a connection
to a site/page using a SSL is denoted by a padlock in the status bar. See also checking for SSL. |
[back]
|
| Trojan | |
|
Named after the wooden horse employed by Paris to infiltrate Troy (a little geek mythology!), a Trojan is a program
that when placed on a PC attempts to collect user account details by imitating other software. The details
are then collected or sent to the 'hacker'. |
[back]
|
| Virus | |
|
A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents (for a complete definition and an excellent discourse: see Wikipedia).
Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. Extending the analogy, the insertion of the virus into a program is termed infection, and the infected file (or executable code that is not part of a file) is called a host. Viruses are one of the several types of
malware. In common parlance, the term virus is often extended to refer to
computer worms and other sorts of malware.
|
[back]
|
| Worm | |
|
A computer worm is a self-replicating computer program, similar to a computer virus. A virus attaches itself to, and becomes part of, another executable program; however, a worm is self-contained and does not need to be part of another program to propagate itself.
They are often designed to exploit the file transmission capabilities found on many computers.
The name 'worm' was taken from 'The Shockwave Rider', a 1970s science fiction novel by John Brunner. |
[back]
|
|
|
|