Intrusion

Practices

• Update your browser with the latest software updates and security patches: New security problems are constantly being found in browser software that has already been released. Software vendors therefore make updates or security patches available from time to time that fix these problems. A patch is a downloadable piece of software that repairs a security problem or other "hole" in the software. Since most intruders exploit these known weaknesses, failing to download a patch creates an unnecessary risk. The unpatched hole could serve as an entry point for hackers who want to examine, damage, or exploit the information and services on your computer. It is also important to use the latest version of your browser since newer versions will have stricter security standards and fewer vulnerabilities.

  Unfortunately, Internet Explorer does not have an automatic update feature. The Microsoft  Web site has a "Scan for updates" feature that scans your computer to determine which updates you need, including any for Internet Explorer. The Web site can be reached through the link above, or by the Tools > Windows Update option in Internet Explorer.

• If you use a DSL or cable modem connection, turn it off when you're not using your computer: As long as your DSL or cable modem connection is active, other users on the Internet can try to get into your computer. Once you have closed the connection, this is no longer possible.

• Choose strong passwords: Passwords that are dictionary words, have fewer than 7 characters, or are easily guessable are vulnerable to password cracking. There are tools available that can crack weak passwords in less than 10 minutes. A strong password is at least eight characters long and has a combination of upper/lower case letters, numbers, and special characters. You should not use your online banking password(s) at other Web sites.
• Perform frequent backups: Save your important data on a regular basis so that you can recover from a malware attack or intrusion. Thumb drives, CDs, and DVDs are good storage and transport media for large amounts of data. If possible, store your backup media in different location from the computer itself to keep them from both being destroyed in a fire or other disaster.

• Delete suspicious emails with attachments: Attachments are the main way malware gets onto your computer. Attachments include office document files (e.g., with .doc or .xls suffixes), program files (e.g., with .exe or .bat suffixes), and compressed files (e.g., with .zip suffixes), all of which can contain malware. The CERT Coordination Center advises users to apply the so-called "KRESV" test to detect suspicious emails. KRESV stands for:

  • Know: Do you know the sender?
  • Received: Have you received email from the sender before?
  • Expect: Are you expecting the e-mail?
  • Sense: Do the subject header and attachment name make sense?
  • Virus: Does it contain a virus? You will need antivirus software to check this.

  If an email with attachments fails any of these tests, delete it. If you know the sender, contact him or her to make sure that the message is legitimate.

Settings

• Disable discovery by other devices: You can protect your mobile device by preventing other devices from finding you and connecting to you. This way, you can still connect to other devices, but they cannot connect to you first. This protects you from sneak attacks. To disable discovery on a Windows Pocket PC-enabled device:

  1. Click on the Windows icon in the top left corner of the screen and choose Settings.
  2. In Settings, choose Connections and then Bluetooth.
  3. Click on Accessibility to get to the screen shown in the figure below.
  4. Uncheck the “Allow other devices to connect” and “Other devices can discover me” boxes.

  

Tools

• Anti-virus software: The popularity of the Microsoft Windows operating system makes it a prime target for hackers and other virus writers, so anti-virus software is crucial for users of this system. Anti-virus software works by identifying files that match definitions of known viruses and keeping them from infecting the system. Make sure that your virus definitions are kept up to date by automatically or manually downloading them from your software manufacturer's Web site. Do not install more than one anti-virus program because incompatibility issues between the programs may end up leaving your system unprotected.

  Two popular anti-virus packages are Symantec’s Norton AntiVirus  and McAfee AntiVirus . AVG , AntiVir  and ClamWin  are free alternatives. The major anti-virus programs, such as Symantec and McAfee, can protect against worms and Trojan horses as well as viruses.

  PDA and mobile phone anti-virus applications normally interact with the full version on a PC and hold fewer virus definitions. New virus updates are automatically transferred from your desktop computer each time you synchronize your PDA. Therefore it is important to keep your desktop computer's anti-virus software updated and synchronize your PDA regularly. Some commonly used anti-virus packages are Trend Micro's PC-cillin for Wireless  and Symantec AntiVirus for Windows Mobile .

• Firewall: A firewall is like a security guard for your computer that monitors the traffic into and out of your computer. A firewall is your first line of defense against intrusions, especially Trojan horses. One popular firewall is Symantec's Norton Personal Firewall . The Windows operating systems such as Windows XP and Windows Vista  include a firewall that is turned on automatically. This built-in firewall is described in more detail on the Microsoft site .