The Mental Militia Forums

Please login or register.

Login with username, password and session length
Pages: [1] 2   Go Down

Author Topic: Computer Security  (Read 7116 times)

Mac the Knife

  • Full Member
  • ***
  • Offline Offline
  • Posts: 411
  • TAN$TAAFL
Computer Security
« on: July 11, 2003, 06:51:01 am »

Unfortunately, computers are still not plug-in-and-use for the majority of people. They are what the PC, politically correct, crowd would call computer challenged. Most people have no idea how a computer performs, to them, its magic. You still have to have at least some knowledge about computers and computer programs to use them safely and effectively. Perhaps in the future it will become easier, but that is still quite a few years away.

The following are some tips on setting up your computer and Outlook Express to be more secure when you are surfing the Internet and downloading e-mail.

First of all, if you do not have a firewall installed on your computer, get one. Tiny Personal Firewall 2.0.15 is free for personal use and can still be found on the Internet. It is the one that I use. It is no longer available on the companies web site, but can still be found here: http://download.freenet.de/archiv_t/tiny_p...ewall_2631.html Other sites in English can probably be found with a Google search.

Once you have a firewall installed go to http://www.symantec.com/ and click on Symantec Security Check in the bottom left corner of the page. This will tell you if you have your firewall configured properly. It your firewall pops up a dialog box during this security check, always deny any attempt by the security check script to connect to your computer.

Do not turn on logging because most of the time it is just logging normal network messages which most people think are attacks on their system by an outside source. This is the way firewall makers scare people into buying their products. The main use of a firewall is to notify you of all applications on your computer that want to connect to the Internet. Once you approve the normal applications that you use, you can then catch all of those spyware programs that want to call home.

Next, if you do not have one, get and install an antivirus program. I use Norton Antivirus and it has kept my computer clean for the three years I have been on the Internet.

Next get Adaware 6.0 which is free for personal use at http://www.lavasoftusa.com/software/adaware/, to clean out all the spyware programs on your computer.

I will probably get hammered for this, but in my opinion, Microsoft Outlook Express and Internet Explorer are the easiest, and when configured properly, the most secure e-mail client and browser you can now use. If you look at all of their security notices that are now coming out, you see that they are fixing obscure items that may cause you problems if you get lured to a specially configured web site, etc., etc. Now, I realize that there are a lot of people that are easily lured to do stupid things, but if you follow common sense you can be secure while you are connected to the Internet.

Setting up Outlook Express 6.0: Most items should apply to earlier versions.

Click on Tools->Options to bring up the options dialog box.

On the General Tab make sure that Send and receive messages at startup under Send/Receive Messages is NOT selected. This ensures that you have to click on the Send/Receive toolbar button to send messages even when connected to the Internet. This prevents the program from sending and receiving messages unless you specifically tell it to. The rest of the setting on this Tab can be set to your specific situation.

On the Read Tab, if you do not want to view HTML in your messages make sure Read all messages in plain text is checked. This will prevent the displaying of pictures and fancy text, but it also prevents HTML links to pictures on other web sites from being downloaded. This is the way most spam messages confirm your e-mail address. They embed special codes in their links which tells them that this address is valid when it requests a picture from the spammers web site.

On the Send Tab make sure Send Messages Immediately is NOT checked. This makes sure that you have to explicitly click the Send/Receive toolbar button to send messages. If this is checked, and you click on Send to send your new message, it will immediately be sent if you are connected to the Internet.

On the Security Tab make sure Restricted sites zone is checked, and also make sure Warn me when other applications try to send mail as me is CHECKED. This will warn you if another program, or virus, is trying to send mail using Outlook Express. If it is a program you are using, you can approve it. If not, not. Also check Do not allow attachments to be saved or opened that could potentially be a virus if you do not trust yourself to be able to tell which attachments are OK or not.

All the other settings on the various tabs can be set to fit your situation.

A few other simple rules to follow: (1) Empty your inbox before downloading new mail. This way no body of any message will automatically be downloaded in the preview pane unless you click on the message header to view it. (2) When online, only click on a message to view its contents when you know what is in the message and where it came from. All other messages wait until you are off line to view them. (3) Check for new virus definitions files at least once a day. I usually check first thing in the morning prior to downloading my e-mail for the first time.

To not show the Preview Pane Window, click on the View->Layout Menu item and make sure Show preview pane is NOT checked. This way you will have to explicitly click on a message header to view the body of a message. This is the safest way to go to make sure HTML messages are not expanded in the Preview Pane when you are online.

Here is some of my background with computers for those that are interested. I am 58 and have been programming computers since 1970. I bought my first PC in 1980, an Apple II+ running CPM, my first 80386 in 1990 running DOS and Windows, and my first Pentium in 2000 running Windows 98SE. I have been on the Internet since 2000, with my own web site since 2001, and I write encryption programs.

I will leave the settings for Internet Explorer for another posting since it could be quite long. Hope this helps some of those that are not too computer savvy to make their systems a little more secure.


 
Logged

"The most dangerous man, to any government, is the man who is able to think things out for himself... Almost inevitably, he comes to the conclusion that the government he lives under is dishonest, insane and intolerable."~H.L. Mencken

First Freedom Outlaw Brigade Merchandise Store

rick

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1282
    • http://www.frankenrangers.org
Computer Security
« Reply #1 on: July 18, 2003, 11:24:05 am »

Here is another security measure. It has a few advantages: 1. it costs nothing 2. needs no complicated installation 3. it is reliable: most worms are abusing the outlook address book to mail their bs to your friends. so give them what they long for: an address. !!!000Worm for example. The three exclamation marks make sure it is the first one in your address book, that's where the worms start. The lack of an @ makes it invalid. So, when the worm does its job, it will start with a displayed error message and stop until you confirm proceeding. Don't, hook it off from the telephone jack and use your anti-virus tools or get some special service. Simple, but when everything else fails, still effective.
Logged
rick

I bear no hate against a living thing I just love my freedom all above the King

Locke

  • Guest
Computer Security
« Reply #2 on: July 18, 2003, 03:41:54 pm »

Quote
Here is another security measure. It has a few advantages: 1. it costs nothing 2. needs no complicated installation 3. it is reliable: most worms are abusing the outlook address book to mail their bs to your friends. so give them what they long for: an address. !!!000Worm for example. The three exclamation marks make sure it is the first one in your address book, that's where the worms start. The lack of an @ makes it invalid. So, when the worm does its job, it will start with a displayed error message and stop until you confirm proceeding. Don't, hook it off from the telephone jack and use your anti-virus tools or get some special service. Simple, but when everything else fails, still effective.
Neat idea. Unfortunately, most of the newer worms are choosing random entries or blocks instead of starting at the start.

You can make your life with LookOut! (er, Outlook - and yes, I use it daily!) much safer by eliminating the preview pane. Yes, it's handy, and yes - it's saves time. Unfortunately, it can also open a message you don't want open. HTML-formatted email can link to a Web server to track which addresses opened SPAM (thereby targeting them for more of the same!. Also, depending on the configuration of Outlook & IE, the HTML email can load applets, etc on your machine that you a) didn't ask for and B) really don't want.

So - eliminate that handy preview pane and start ruthlessly deleting email with attachments from people you don't know. Then email with unrequested attachments from people you DO know. Then emails with gibberish in the subject line. Etc. You will find the mailbox less full after a while, but much more relevant to your needs when you do check mail.

Also, look into the free Ad-Aware (free for personal use) anti-spyware program. This is a nice tool that gets rid of Gator and lots of other malware (bad software) that can collect information on Web sites you visit, etc.

And do invest in a solid virus scanner. Those from Symantec(Norton), Trend, CA, and Norman antivitus are good. McAfee no longer seems to perform well. There are others, I don't know them well enough to recommend them or recommend against them.
Logged

Dana

  • Full Member
  • ***
  • Offline Offline
  • Posts: 205
Computer Security
« Reply #3 on: July 18, 2003, 10:49:15 pm »


C'mon guys...do it right...like Claire...

Microsoft Anonymous:  The 12 Steps
By Debra Ricketts and Claire Wolfe
http://www.theclairefiles.com/ms12steps.html

 
Logged

Locke

  • Guest
Computer Security
« Reply #4 on: July 19, 2003, 09:02:34 pm »

I've read Claire and have great respect for her. Still, doing IT for a living, I have to support the MS 95% share... and I darn well better be able to secure it.  
Logged

Eternal_Vigilance

  • Jr. Member
  • **
  • Offline Offline
  • Posts: 95
  • Taking other people's crap since '69
Computer Security
« Reply #5 on: July 26, 2003, 01:31:27 pm »

Must continue...using...Microscam. Cannot allow Linux... to infect... computer. Linux bad. Microshaft good.

Seriously, though. How does one go about setting up linux? I got a copy of the latest Mandrake version, but I'm having a bugger of a time installing it. Not only will the voices not let me, but I haven't a clue as to how to boot it up. Do I have to go into the BIOS and get it to boot the CD from there?

Randall

Here's a great spot

 
Logged
Justice needs lawyers like true love needs a pimp!

enemyofthestate

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1353
  • Banned
Computer Security
« Reply #6 on: July 26, 2003, 10:35:09 pm »

Quote
Seriously, though. How does one go about setting up linux? I got a copy of the latest Mandrake version, but I'm having a bugger of a time installing it. Not only will the voices not let me, but I haven't a clue as to how to boot it up. Do I have to go into the BIOS and get it to boot the CD from there?
1. In the BIOS set the boot order so that CD-ROM is before the Hard Drive.  

2. Put the CDROM in the drive and reboot

3. Follow the prompts

4. Unless you have to dual boot, select one of the quick installs.  Workstation will probably be easiest for you.
 
Logged
Mystical man values human life.  Rational man values the ability to value human life.
--Stephen Carville

Atheist   n.   A person to be pitied in that he is unable to believe things for which there is no evidence, and who has thus deprived himself of a convenient means of feeling superior to others
-- Chaz Bufe, The American Heretics Dictionary

Sunni

  • Guest
Computer Security
« Reply #7 on: July 30, 2003, 03:08:59 pm »

Some flavors of linux are just about as easy to install and get going with as Microsquish. Red Hat is one of these. I had a dual boot system set up with it a coupla years ago, with no problems doing a custom install to get it going (other OS was Win 98). There were some problems getting some software to work on the linux side, but that appeared to be more the fault of the people who built my machine with stuff that is not penguin-friendly, despite my explicitly telling them it would be a linux box.

Red Hat is supposed to be even better at install now. I've no experience with it, though.
Logged

enemyofthestate

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1353
  • Banned
Computer Security
« Reply #8 on: July 30, 2003, 11:16:44 pm »

Quote
Red Hat is supposed to be even better at install now. I've no experience with it, though.
You went back to Windows?
Logged
Mystical man values human life.  Rational man values the ability to value human life.
--Stephen Carville

Atheist   n.   A person to be pitied in that he is unable to believe things for which there is no evidence, and who has thus deprived himself of a convenient means of feeling superior to others
-- Chaz Bufe, The American Heretics Dictionary

Sunni

  • Guest
Computer Security
« Reply #9 on: July 31, 2003, 02:42:17 pm »

Quote
You went back to Windows?

It'd be more accurate to say that I never migrated over to linux successfully. To make a long, boring story short, the hardware that I specified should be linux-friendly was not. It took a while to discover this, but even so, I failed to follow up with the store to make it right. (The main, but not only, problem was that they gave me a winmodem.)

Without being able to connect on the Red Hat side, its utility was greatly diminished from day one. I did try a number of programs on that side, and found that I liked many of them. But I think there are a number of programs I need to be able to work effectively that aren't available yet in the open source world. Stuff like Paint Shop Pro, Adobe (yes, I know it's the anti-format, but I have to use it), CuteFTP ... or am I holding on to things that are familiar, when there are easy to use alternatives in Penguin-land?

One thing that I won't do without on any future machines is DriveCrypt. The Thought Police can yank my plug as soon as they get their hands on my tower -- and then they won't get one damn thing from it. :D  But it's Windows only ...
Logged

Jac

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 2603
  • CPC? I'd tell you, but I'd have to kill you...
    • http://www.russmo.com
Computer Security
« Reply #10 on: July 31, 2003, 09:05:37 pm »

As far as I know, there are Open Source, Linux alternatives to everything you mentioned... although I'm not sure about DriveCrypt.

I'm in the process of setting up my iMac to dual boot MacOS 9 and Yellow Dog linux (a Red Hat based distro). I've had it installed before, and the only thing I had trouble finding an alternative for was Macromedia Dreamweaver.

--Jac
Logged
I have never regretted that I chose to "take the red pill." But there are days, just rarely, when the truth is so ugly, so brutal, so unmerciful, so relentless, that even if I wouldn't rip the truth from the wall socket and hurl it out the window to crash on the sidewalk below, I wouldn't mind if it featured a snooze button so we could savor just a few more moments in slumbered pretension and warm, fuzzy lies pulled snugly up over our heads.
--PSM

amy

  • Guest
Computer Security
« Reply #11 on: July 31, 2003, 09:22:53 pm »

I am a new linux user. Had been using windows for years, and was pretty good at using it. I didn't install linux myself, my husband did it for me. But he still uses windows and doesn't know much about linux. I haven't figured out how to install anything though I have tried a couple of times. Any good sites for intro to linux? (have red hat 8.0 I think)
Logged

Jac

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 2603
  • CPC? I'd tell you, but I'd have to kill you...
    • http://www.russmo.com
Computer Security
« Reply #12 on: July 31, 2003, 10:06:33 pm »

Try this, amy... http://linux.org/lessons/beginner/toc.html . It's a very good resource at the "official" Linux site.

Good luck,
--Jac
Logged
I have never regretted that I chose to "take the red pill." But there are days, just rarely, when the truth is so ugly, so brutal, so unmerciful, so relentless, that even if I wouldn't rip the truth from the wall socket and hurl it out the window to crash on the sidewalk below, I wouldn't mind if it featured a snooze button so we could savor just a few more moments in slumbered pretension and warm, fuzzy lies pulled snugly up over our heads.
--PSM

enemyofthestate

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1353
  • Banned
Computer Security
« Reply #13 on: July 31, 2003, 11:41:53 pm »

Quote
As far as I know, there are Open Source, Linux alternatives to everything you mentioned... although I'm not sure about DriveCrypt.

I'm in the process of setting up my iMac to dual boot MacOS 9 and Yellow Dog linux (a Red Hat based distro). I've had it installed before, and the only thing I had trouble finding an alternative for was Macromedia Dreamweaver.
Except for Adobe, there are.  When I need PDF files I either export as postscript for Openoffice and convert using ps2pdf13 or I create the documents in LyX and export to PDF directly.   LyX is a Latex frontend and is very useful for converting text files as well as producing documentation that has be exported to web pages.  As for Dreamweaver -- well -- I do my web pages with emacs :-)   I think IBM produces WebSphere Homepage Builder (not the same as the Websphere server!) for Linux.  It got five cows on Linuxberg so it can't be too awful.

There is an Linux alternative to DriveCrypt but I don't recall the name.
« Last Edit: July 31, 2003, 11:49:34 pm by enemyofthestate »
Logged
Mystical man values human life.  Rational man values the ability to value human life.
--Stephen Carville

Atheist   n.   A person to be pitied in that he is unable to believe things for which there is no evidence, and who has thus deprived himself of a convenient means of feeling superior to others
-- Chaz Bufe, The American Heretics Dictionary

enemyofthestate

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1353
  • Banned
Computer Security
« Reply #14 on: August 01, 2003, 12:04:37 am »

Quote
I am a new linux user. Had been using windows for years, and was pretty good at using it. I didn't install linux myself, my husband did it for me. But he still uses windows and doesn't know much about linux. I haven't figured out how to install anything though I have tried a couple of times. Any good sites for intro to linux? (have red hat 8.0 I think)
There are basically four ways to install software in Linux:

1.  RPM -- Redhat Package Manager

2.  APT

3. Compile from source.

4. Executable script

What is it you are trying to install?

When you were learing Windows you probably had people around you could ask for help.  This is a little harder to do with Linux (Most Linux gurus are geting paid ridiculous amounts of money to convert Data Centers over from Windows :-).  If you are not a self starter with an ability to learn things on your own, you will find Linux harder to learn.  There will also be an unlearning curve as you get used to the features of Linux which are very different from Windows.

You mighty want to join the one of the Redhat mailing lists:

From a shell prompt type "cat /etc/redhat-release" to find out what version you are using then go to: https://www.redhat.com/mailman/listinfo/ and find the right list.  If you are using 8.0 then you want the Psyche-list.  
 
Logged
Mystical man values human life.  Rational man values the ability to value human life.
--Stephen Carville

Atheist   n.   A person to be pitied in that he is unable to believe things for which there is no evidence, and who has thus deprived himself of a convenient means of feeling superior to others
-- Chaz Bufe, The American Heretics Dictionary
Pages: [1] 2   Go Up