This information was from a lunchtime seminar I attended at PSU. Reduce Inadvertent Negative Impact to Your Systems and Network
#1 Rule: you determine the risks against the restrictions you set for your security settings.
Discussion:
He suggested Firefox who is more diligent and timely on getting patches to the browser if there is a problem, however Internet Explorer has been doing a much better job lately. You can always access Internet Explorer through Firefox by using the firefox internet explorer tab.
He was using Vista, many of the suggestions are also good for XP.
The discussion was aimed with Comcast or DSL users in mind, not dialup.
Recommendations by this computer security expert:
1.Beware of freeware and hostile sites. The best defense to hostile sites is a secure, patched browser that disables content by default. Software, whether free or not should come from trusted, reputable sources. The following site provides free trusted resources for detecting and removing malware:
http://wiki.lunarsoft.net/wiki/Freeware/Anti-Malware
a.Tools>Options>Privacy>History
i.Your banking accounts are logged. Set your bookmarks but don’t set your bank as one or if you must, at least rename the bookmark with a bogus name like ‘Bob’ so that you are doing something called security by obscurity.
ii.unclick items in remember forms and search bars too
iii.unclick remember what I’ve downloaded
b.Tools>Options>Privacy>Cookies
i.sites set info about my visits into a spot in my computer, that is a cookie
ii.don’t accept any 3rd party cookies!!!!
iii.It is best to set the sites that you want
iv.Setting should be ‘keep until I close Firefox’
c.Tools>Options>Privacy>Private Data
i.always clear private data
1.clear browsing history
2.clear download history
3.clear saved forms
4.clear cache area
5.clear forms
6.clear most everything
ii.click on Ask me First
d.Tools>Options>Security
i.warn me of installs
ii.tell me of suspect and forgeries
iii.mouse over to see where the link is taking you, also can view in the lower left corner of your system tray.
iv.Check urls from unknown sources and even from sources you’ve used and trusted before.
Be URL savvy and teach your kids to do the same. Don’t Trust where a URL says it will direct you – check it out! How a URL is written Good URL example: https://www.paypal.com/us .......
https:// the s portion indicates this is a security or encrypted website
paypal. When it occurs immediately after the www is the domain name. If paypal does not occur after that then you are not heading to paypal but whatever is listed right after the www.
.com Is the the domain suffix
/us…. Is the directory structure and page location, we don’t normally care too much about it
Bad URL example:
www.Ebay.login.com (the domain suffix did not come immediately after ebay)
www.login.com/ebay.htm (the domain name did not come immediately after the www, this is known as exploiting the ebay name)
You will know if you have an encrypted site because of the https (s part) and also if you check in your system tray you will see a little icon, for firefox it is a yellow lock.
Be sure to check sites for this encryption before entering personal information such as credit card numbers etc.
Keep your browser updated. Use late generation browsers (more secure).
2.Cultivate an Awareness, Is Your system slowing down? Better check it out. What kids don’t know can hurt them AND YOU. Poor system and network performance, compromises to data security, data loss. Increased chance of identity theft.
a.Keep Anti Virus up to date
b.Set your scans to automatic
c.Set your updates to automatic
d.Use the latest signatures
e.Running them on a periodic basis and check the results too
3.Create Users as “limited user accounts’ and even for yourself, reserve admin account for doing admin work, not everyday browsing and use
4.Patches!
a.Allow windows to do automatic updates
b.Use
https://psi.secunia.com/ for PCs
i.this program will scan for all patches that Microsoft doesn’t do and then compare them against the latest versions to see if you have the latest version out there
5.Be Email and Attachment Savvy
a.Don’t ever link to a website or do banking from an email listed address, it could be taking you to a third party site, harvesting your info, then sending you to the legit site and you wouldn’t know unless you checked out the URL first for every navigation
b.Don’t pass on those chain letter emails, you might not get a virus, but you could easily be the vector for a malicious virus or malware-won’t your friends love you for that…
c.Don’t shop, bank, trade, or log into accounts by clicking on links that are sent to you
d.These are file extensions to watch out for in links sent to you:
i..att
ii..exe
iii..bat
e.When you delete something like an email, instead of just hitting the delete button, which would allow the item to sit on your computer in your trash bin, make sure you also hit SHIFT when you are pushing the DELETE button.
6.Spyware Protection
a.Windows Defender is a free download, installed by default in Vista-he likes it
b.Malware often can be detected in Startup Programs so check that list
i.Tool>SW Explorer?>startup programs> may be highlighted, see what is currently running
ii.Toos>Add Ons>Extensions or Get Add Ons
iii.Adware is just simply annoying – use firefox and >Add On the AdBlocker plus filter uploader
For instance, he can scan in a check for deposit, once in a while the defender program would detect a conflict with the local JAVA client, but then it was fixed, but imagine being able to scan in your checks for deposit! Wow
c.For instance, he doesn’t keep quicktime to automatically startup
d.Remove or disable auto startups you don’t use very often
7.Remove unused software
a.This reduces the attack surface of your systems
b.He calls it Bloatware (stuff you aren’t using that is clogging up your computer’s ability to work)
8.Network Security/Parental Controls
a.Router and access point security
i.Make sure you change the default credentials: set your own credential and password on your router (dlink, Comcast, etc) with dlink you can directly configure it from your host computer.
b.Change the default “SSID” wireless network name
c.Do not ‘broadcast’ the SSID – this one is hard to do when a child’s friend brings over their laptop and asks to hook into your home computer network, don’t do it
d.Limit the number of IP addresses assigned in the ‘DHCP pool’ to the number of computers on your network
e.Apply MAC address filtering
i.Start>Run>’cmd’ opens a command prompt
ii.Type ‘getmac/v’
iii.Only allow the MACs on your network to have IP addresses
f.Apply time of day settings to certain computers if necessary
Ellen in PA 
