Beware of Security Scams

Now that there is so much activity and awareness on the Internet about computer security, people are jumping on the bandwagon to scam unsuspecting computer users.

Please note, Ad Aware and SpyBot are shareware spyware removal utilities. They are easy to install, cost you nothing if you choose and do not require the services of an expert!

I am already aware of one company offering "home security audits" for $200 or so. They send a tech out to your house to install a free program and run it the first time then charge you. Below is an example of this.

For only $199 a member of the CSP Team will come to your home or office to provide the following services:

Search & Destroy All Pop-Ads Hidden On Your Computer.
Securely Erase All Unwanted Files
Check To See If Your Network Is Safe From Hackers.
Install Firewall Software To Keep Hackers Out (if needed).
Install & Configure Anti-Computer Theft Software (if needed).
Install & Configure A Password Manager To Secure & Keeps Track Of All Your Passwords.
Check & Secure Your Wireless Network (if needed).
Install Computer Recovery Software Just In Case Your Computer Is Ever Stolen.
This includes anti-spy software, anti-virus software, firewall software, computer recovery software, anti-pop-up and password management software. There is no software to purchase and there is no hourly fee to install and configure.

This particular company, Ligatt Security is just one of many offering this "service." You can do the same things your self by installing AdAware or SpyBot, AVG's free anti-virus software and some other freeware and shareware.

Tired of Outlook blocking attachments?

Tired of having files and links you try to send to friends, clients and coworkers blocked by Outlook? If you are running Outlok 2000 SP3 or greater, Slovak Technical Services has a tool for you!

Attachment Option is an add-in for Outlook that allows you to move file types from Level 1 security to Level 2 so you can send and receive them without having Outlook block the action.
No more renaming file extensions so you can send them across the office. You can even send a link from Internet Explorer rather than the entire page

Be careful here. Once you make these file types available you have reduced your security so remember to never click on a link or open a file you are not expecting. You should also make sure your anti-virus software checks your email traffic and the virus definitions are always up-to-date.

If you are reading this and wonder what I am talking about . . . ignore this message. You don't know enough about email and Outlook to use the tool properly.

Put the Default Names Down

Here we go again. Another client running a business on a DSL router with ADMIN as the login and 192.168.1.1/255.255/255/0 as the IP address and submask. If that wasn't bad enough, they used Microsoft workgroup file and device sharing with MSHOME as the workgroup name.

Sure, any competent hacker could break in even if they didn't use the defaults but face it, there just aren't that many competent hackers out there with nothing else to do!

Most businesses need just about as much computer security as they do physical security - a reasonable amount and little more. But the baseline for that security should be the easy stuff anybody can do to protect their network from dodos who know the default logins, passwords and workgroup names used by the common equipment.

In many cases, all you have to do is browse to the Internet side of the router and the login prompt will tell you the router brand then you can pull the defaults off the *%$#! website.

Please, please people. Follow these basic rules to set up your networks to keep them safe from casual hackers.

1. Change the administrator login and password for your router from the defaults.
2. Change the IP range and mask from the default (try 192.168.23.101 or something).
3. Create a local name for your workgroup and use passwords to protect your shared folders.
4. Make sure every user ID on your PCs is password protected.

This is kindergarten stuff but it will help you from coming in one morning to discover someone has sucked your systems dry or screwed them up beyond belief.

Shields Up, Commander Data

Tired of getting burned by browser hijackers and other malicious code? Change your browser security settings and take advantage of the security zones built into Internet Explorer to easily surf safe sites while keeping security high for those sites you don't trust or aren't sure about

When you first start Internet Explorer, the security is set to medium. Microsoft developers sitting behind their corporate firewalls and DMZs decided this was the most reasonable mix of security and ease-of-use. But most of us aren’t sitting behind corporate firewalls and DMZs with a whole host of security experts monitoring our Internet access. We need to keep our doors and windows locked.

Internet Explorer offers four “content zones,” each with its own security level that allow you to define how much security you want to use to protect your PC from spyware, viruses and rogue content on web sites you visit.

1. Internet Zone – This zone contains all web sites you have not placed in another zone.

2. Intranet Zone – This site contains all sites on your local intranet and really doesn’t apply to home or most small offices.

3. Trusted Sites – This zone is where you can add the URL of sites you trust not to damage your computer or data.

4. Restricted Sites – This zone is where you put sites that cannot be trusted not to damage your PC or data.

Rather than accept the “medium” default setting on the Internet Zone, I set this to “high.” This blocks downloads and potentially dangerous Active-X code. I usually add sites I visit often, such as news sites and business sites, to my Trusted Sites list. This takes about 30 seconds per site and means I can see all content and download files without problems. I only do this to mainstream sites.

If you aren’t sure about a site, you can temporarily reduce your Internet Zone security to medium to view the site but remember to reset it to high when you leave. I avoid file-sharing sites such as Kazaa and MP3 sites like the plague. In my work as a consultant I have seen more PCs infected by these sites and peer-to-peer file sharing than any other method.

My rule of thumb is; if you can’t see the majority of information on a web site without reducing your security setting from high, you really don’t want to go there.

If you do plan to install some sort of napster-like peer-to-peer file sharing, my recommendation is to acquire a second PC that is used strictly for this purpose. This way, when a virus, hijacker or rogue script does infect you, the infection will not be on a PC that contains important data or programs.

In the workplace, every company should have a policy that no such peer-to-peer (P2P) programs are allowed on company PCs, on pain of termination. Most big companies automatically block these sorts of applications.

All of this security is easy to get to in Internet Explorer. From the main menu select “Tools Internet Options” and click on the “Security” tab. From here you can set the security level of each zone as well as add or remove sites from your Trusted or Restricted site lists.

Yes, this may be more work than you’d like but wait until your browser is hijacked and you will understand why paying a little attention to security settings can save you a lot of grief.

New Game in Town

I thought it would be better to put my technical musings in a separate blog from my political rants to avoid overshadowing my trenchant technical insights with the color of my politics. I will be using this blog to publish bits and pieces of useful information for the Windows/Intel world.