Best Practices - Internet Safety For 2008

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

BleepingComputer.com > Security > AntiVirus, Firewall and Privacy Products and Protection Methods

Best Practices - Internet Safety For 2008

Options

harrywaldron View Member Profile	Jan 1 2008, 09:57 AM Post #1
Security Reporter Group: News Reporters Posts: 487 Joined: 10-April 04 From: Roanoke, Virginia Member No.: 107	When I first entered the security profession in 1996, there were risks associated with not being informed or technically protected from the dangers circulating in email and on the Internet. The only significant change is that things have worsened and the dangers are far more deceptive even for experienced users. Below is a list of technical safeguards and best practices for the coming year. This list isn't complete and some folks won't agree with all items on the list. Still, following most of these protective principles below can help keep you and your family safer the coming year. The key is to educate yourself on the security risks circulating and ways to avoid these dangers through best practices or technical safeguards. Best Practices - Internet Safety for 2008 RECOMMENDED SOFTWARE * Anti-Virus (keep it active and updated) * Firewall (bi-direction preferred) * Anti-Spyware * Spam Filter * XP users move to IE 7 for better security * Hosts file (advanced users) * Anonymizer (advanced users) GENERAL SAFETY TIPS * Backup any files you don't want to loose to CD, DVD, or flash drives * Apply Windows and Office Updates as soon as possible - Turn Automatic Updates on (use Microsoft update for both environments) * Update all Software products periodically on your system * Run virus scan scans periodically (weekly) * Run anti-spyware scans periodically * Clean up your recycle bin, temp areas, etc. * Use UAC in Vista and prompt warnings in other Operating Systems * Authenticate and register your version of Windows (including WGA checks) * Read the EULAs in any software being installed * Create a protected account (aka limited account in Vista or XP) * Avoid entering sensitive information or performing e-commerce on a shared public PC in a cafe, hotel lobby, or library * Avoid P2P File sharing sites for "free" music or videos * Ensure you are using a trusted website and secure servers for e-commerce * Use complex passwords of 8 characters or more (at least 1 letter and 1 number, plus 1 upper/lower case -- and special characters if desired) * Change your passwords periodically * Protect your privacy - Never share your SSN, bank account, credit card, or other sensitive personal information in emails or enter them on websites (unless you are doing so purposefully on a secure server) RECOMMENDED EMAIL SAFETY TIPS * Avoid email attachments where possible * Avoid clicking on any URLs in email (even to opt out of spam) * Use plain text mode in email if possible * Avoid links and files shared in Instant Messaging software * Never open email from someone you don't know (line up all spam in your in-box and delete it) * Avoid taking actions or clickin on URLs in official looking email from banks, government, etc. (verify by phone or on the primary website) * Avoid e-cards which are not from a specific person (and check with the sender if you are unsure) * Never install updates or free security software from an email attachment or URL RECOMMENDED BROWSER SAFETY TIPS * Avoid clicking on banner ads where possible * Avoid visiting untrusted and inappropriate websites * Be careful of Internet search results as malware authors are seeding malicious websites with malware * Complementary browsers (e.g., Firefox, Opera) have good security track records, phishing filters, and other safety measures (e.g., NoScript) that can be used in addition to IE 7 with no conflicts. You can use these as a tool to cross-check questionable sites. * Completely clean your browser cache regularly of all temporary files, history, cookies, passwords, etc. * Enhance your browser from automatic processing to prompt warnings where possible (advanced security settings in IE) MALWARE CLEANING TIPS * Your computer may be infected with malware when performance deteriorates, browser pop-ups appear, home pages change, firewall warnings are issued, etc. * When cleaning malware infections get technical assistance from a technically savvy friend preferably who can visit at your home or experts at a security website * Find out the name of the malware you are infected with (as you must clean uniquely based on how you are infected) * VirusIntel.com offers a list of free online and command line scanners from many AV vendors * Free Standalone cleaners may be available to remove some difficult malware agents * Use SAFE MODE to remove difficult malware * Change your passwords after an infection in case a backdoor agent transmitted it SECURITY AWARENESS AND EDUCATION * Gain better general knowledge on security through articles, blogs, and security websites * Stay informed - Follow the latest security developments on what to avoid or how to protect yourself against dangers * Look for updates in any software you are running and install them promptly, so that you are always on the latest version * Avoid email hoaxes circulating where you are asked to "pass on a special warning" * Remember that there are "no free gifts" or "special bargains" for you from strangers on the Internet * Setup separate user accounts for your children and use Vista's Parental controls * Educate your children, family members, and friends * Use a "Lessons Learned" approach when you make mistakes to avoid them in the future Below are an older set of best practices authored in my prior company almost 7 years ago. While the dangers are more hidden and technically innovative, security protection is all about staying informed and keeping key technical safeguards in place. Security is about risk management and an ounce of prevention is always worth a pound of cure. Most of these concepts below still apply even though technology has changed substantially since then: Best Security Practices (written during 2001) http://www.geoapps.com/harry_waldron_best_practices.htm -------------------- Microsoft Security Journal

boopme View Member Profile	Jan 1 2008, 12:04 PM Post #2
To INSANITY and BEYOND !! Group: Moderator Posts: 8,697 Joined: 10-September 04 From: NJ USA Member No.: 2,608	Thanks Harry for another thorough,informative and useful contribution to the forum. I've already printed it for handy reference. -------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info.. ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....

de4thscythell View Member Profile	Mar 9 2008, 07:40 AM Post #3
New Member Group: Members Posts: 2 Joined: 9-March 08 Member No.: 195,235	thanks. this is so useful. i must also print it out and spread it to my family and friends.

david28 View Member Profile	Mar 21 2008, 02:23 AM Post #4
Forum Member Group: Banned Posts: 1,614 Joined: 20-September 07 Member No.: 157,913	Great guide, I might print this out and give it out aswell! Regards, david.

Luke.mc View Member Profile	Mar 23 2008, 02:31 PM Post #5
New Member Group: Members Posts: 11 Joined: 20-March 08 Member No.: 197,589	Thanks! I'm using: Norton 360 Spybot S&D AVG Anti-Spyware All active and updated. Is there anything else I use should use? --------------------

/// View Member Profile	Mar 26 2008, 05:34 PM Post #6
Member Group: Members Posts: 148 Joined: 16-March 08 Member No.: 196,869	The PCWorld says that Spyware doctor and Norton Internet security is the best and highest rated anti-virus ever! I agree I downloaded spyware doctor from google pack http://pack.google.com/intl/en/pack_instal..._campaign=en_US the official site you have to buy to remove everything. They both worked well and got rid of rootkits, trojans, and viruses on my computer while the free programs: Ad-aware, super-antispyware, etc. didn't find anything

tork View Member Profile	May 13 2008, 11:34 AM Post #7
Forum Regular Group: Members Posts: 195 Joined: 27-September 07 Member No.: 159,556	Another user saying Thank you

-Cloud View Member Profile	May 15 2008, 02:11 PM Post #8
Member Group: Members Posts: 57 Joined: 6-March 08 Member No.: 194,708	THANK YOU :D --------------------

« Next Oldest · AntiVirus, Firewall and Privacy Products and Protection Methods · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 10th October 2008 - 03:07 PM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Malware Removal Guides