|
[Navigation links] [Safe Computing] -- Operating Systems, Personal Information, SPAM & Viruses [Been Hacked?] -- Trojans, security breaches, and open relays [Firewalls] -- Firewalls - Do I need one? What is my firewall telling me? [Resources] -- Legal and Internet Resources [Tools] -- Trojan, Virus and other internet utilities [Need Help?] -- It's too complicated, HELP! [TDS-3] --Installing TDS-3 - Trojan Defense Suite virus scan --Online antivirus utility [Home] -- Home, James! |
[Security@ddiction]What does safe computing mean?Quick reference:
Don't run strange files. A good general rule of thumb... if you didn't request the file, don't accept it. Whether they emailed it, sent it through an instant messenger (AIM, ICQ, MSN Messenger et al) or was uploaded by your bestest buddy on IRC (Internet Relay Chat), don't open it, don't run it. Scan it first. A shocking number of files that are forwarded are infected with a virus or a trojan of some kind. Many of the viruses out there have the ability to hijack your mail program and send themselves to everyone in your address book. Treat unasked for files as though they were a strange package you found in the alley. Why take the chance? Ultimately, we are all responsible for the security and integrity of our computers. Take reasonable precautions, such as regularly scanning the computer for a virus or trojan. There are many commercial packages available to assist in both of these tasks. You can find some of them here There are a number of things to keep in mind when using email. Quite a bit of it is going to rely heavily on what kind of program you use to collect and read your email, and how it's configured. The two most commonly used email programs are Netscape Messenger and Outlook Express. Outlook Express and it's big brother Outlook have one particular vulnerability that seems to bite a lot of people. The preview pane. An excellent step in protecting yourself from having viral code being run in your preview pane is to simply turn it off. If you are fairly new to computers, having your antivirus program scan your mail as it's downloaded can protect you from most viruses. Norton Antivirus is an excellent product that has this feature. WindowsThe operating system is the base your entire computer runs on. Most home computers currently run Windows of one variety or another. The first step in helping to secure your Windows system is to ensure it is up to date. Frequently when a program or operating system (OS) is released for the first time, it is released with bugs and security holes that were missed during its development. So check back to the vendors site now and then to see if they have released any new information. Quite often they will release patches and security updates to fix holes in the software or OS. Some vendors are even so nice as to include a handy auto-notify feature of some kind. Not sure if there are updates available, or how to check for them? Click here. Be proactive!Personal information on the internetThis is a genuinely sticky subject, and your approach will depend entirely on what level of security or obscurity you are looking for.
Want to avoid getting a lot of spam? Have more than one email address, and don't release the 'important' email address to anyone you don't trust not to give it away to others. A popular step these days to avoid getting your main or primary email account filled with spam is to use a webbased email address, such as hotmail or yahoo. Another popular spot is a fee based email address at www.spamcop.net
Spam- NEVER respond to SPAM; it verifies the account is live (active) How To Minimize Future Spam You may have inadvertently divulged your email address online. 'Newsgroup' posts are regularly 'harvested' by List providers. Most open Internet forums are also used to obtain email addresses. If you leave personal information at web sites, they may collect and sell the information. Check for the web site's 'Privacy Policy', and read it carefully. If the site does not have a 'Privacy Policy', suspect that personal information might be used for reasons other than those specified or implied online. Software 'Auto-generators' create huge lists of potential email addresses. Then, address verification software 'culls' the small percentage of active accounts into a list that is then sold. What Is Spam? SPAM is an issue for both customer and Internet Service Provider, alike. To the customer, SPAM is an aggravating source of unsolicited email. SPAM riddled email accounts can receive dozens of messages a day. At the very least it is annoying and time consuming. To an ISP, SPAM is even more than an irritant to customers. It is a drain on resources, and can overload systems if left unattended. Email flow and server loads are significant participants in determining over all service levels. Imagine a distribution list with hundreds, or thousands of email addresses, all hitting a mail server at once. Now imagine that happening each time SPAM reaches our server and multiplying that number by the countless SPAM generators trolling the Internet for bites. Individually, SPAM has little effect on overall performance. However, left unchecked, the cumulative results can bring a network down. We confront sources of SPAM where ever and when ever we find it. Why is SPAM difficult to control? Many interested parties, including Internet Service Providers, individual, business and government enterprises, are cooperating to stem and/or classify SPAM. However, the Internet is a 'Global' presence, and years may pass before legislation is created, let alone enforced. Most mail servers use minimal filtering to eliminate SPAM. However, the filters are often not comprehensive, and allow all 'potentially' legitimate email messages, through. As with ordinary junk mail, SPAM will continue to find virtual mailboxes. Strict filtering will eliminate SPAM, but increases chances you'll miss messages of interest. An alternative is to create multiple email accounts; one for legitimate contacts and correspondence, the other as a generic Internet address. Direct all Internet generated correspondence into a folder and screen its contents. What 'NOT TO DO' if SPAMMED - Do not reply, even if told 'you can avoid future messages by responding' - Do not SPAM a SPAMMER Often, the return address is bogus, and you spam an innocent party. How To Reduce SPAM A number of things will reduce SPAM, though none will completely eliminate it. Each step, however, reduces over all risk and keeps SPAM levels manageable - Alter your return address The actual address has to be there, and obvious to a person, but adding additional characters prevents SPAM from reaching you. For example: - Change 'fred@my.isp.com' to 'fred@nospam.my.isp.com' To do this: Netscape - Open Netscape - From the menu bar, click 'Edit', then 'Preferences' In the left menu: - Double click 'Mail & Groups', then 'Identity' - Make necessary alterations to the 'Return', or 'Reply To:' address Outlook Express - Open Outlook Express - From the menu bar, click 'Tools', then 'Accounts' - Click to select the email account - Click the 'Properties' button - Alter the 'Reply Address' Note: If you do not enter a 'Reply' address, email automatically returns to the 'actual' address. - Alter email addresses in 'Signature' files Remove information from major online directories and become 'unlisted'. Remember that: - A 'Listed' phone number guarantees you can be found ---Published information is an amazing resource for 'Search Engines' To request removal from popular online directories, contact: Bigfoot http://www.bigfoot.com/ - Select 'Preference List' Four11 http://www.four11.com/ - Click 'Help' - Select 'Removing Entries From the E-mail Database' Infospace http://in-132.infospace.com/_1_192092908__info/updemail.htm - Select 'Remove' Internet Address Finder http://www.iaf.net/ -From the 'Listings' menu on the left, select 'Remove' Switchboard email directory Email: webmaster@switchboard.com WhoWhere http://www.whowhere.com/WriteUs - Select Email Addresses, from the left hand menu SPAM filters such as 'BrightMail' abound on the Internet; and although designed with 'Internet Service Providers' and 'Corporations' in mind, individual user software is available at: http://www.brightmail.com/ Reports of SPAM to the originating Internet Service Provider, usually result in prompt action. Customize email client software to use 'Filters' and 'Controls' Are there 'Advanced' methods to resolving SPAM issues? Consider these sites 'SPAM Detective' resources: www.faqs.org www.cauce.org spam.abuse.net www.cnet.com/Content/Features/Howto/Stop Automated Report Tool for Spam Spamcop Netiquette Usenet FAQs, Policies Fight Spam on the Internet! www.sputum.com/sputools.html Abuse FAQ Finding Groups www.looksmart.com Discussion can get technical, so be prepared. Some sites recommend 'doing battle' with spammers, something that can require time, money and expertise. You may also open yourself to full blown SPAMMER retaliation! How To Report SPAM? One method is quick; contact online SPAM Reporting sites such as: spamcop.net Option two is more complicated: - Track down the Internet Service Provider who hosts the account - Send a report to them Once the system is (tentatively) identified, send a message copy to: - postmaster@'provider' - root@'provider' - abuse@'provider No matter how frustrated, be polite when writing a suspected spammer. It is often a bogus reply address and you may be writing to an innocent and unaware account owner. To Identify the Internet Service Provider in SPAM headers - Each 'Received' line denotes an IP address the email passed through - The last 'Received' line is the sender, in 'parenthesis' (), just before 'by' ---eg (gloebug.shirk.gnome.net) Received: from poptart.svr.home.net by home-hq.svr.home.net with Microsoft Exchange (IMC 3.1.837.3) id 8C1C3Z; Fri, 19 DEC 1997 11:31:48 -0800 Received: from [24.0.20.111] (gloebug.shirk.gnome.net) by poptart.corp.home.net (Netscape Mail Server v2.02) with ESMTP id AAA2600 for ; Fri, 19 DEC 1997 11:31:48 -0800 We understand that SPAM is annoying, and solutions may prove complicated. There is headway being made, however slowly. And as with any junk mail that arrives, real and virtual alike, sort through and discard unwanted messages that find its way to you. |