Adventures in Computing

Adventures in Computing
In the beginning, there was DOS...

The Department of Home LAN Security

The Internet is a war zone, full of liars, thieves, murders, and virus writers, who want to variously steal your money, control your computer, and kill you, if they happen not to like your postal code, religion, or some other thing about you, that does not agree with their personal vision of the world.

If you have one or more computers on-line and connected to the Internet, then you are constantly under attack, whether you realise it or not. The only truly secure computer, is one that is not connected to the Internet in way way, and that is also locked up securely in a room, to which only you have the key.

So then... how, in 1,000 words or less... can one describe a reasonable strategy for a person who is not some kind of computer geek, for protecting themselves efficiently, from Internet threats... especially on Windows XP machines, which are the most common machines on-line, probably, at the moment.

The first place to start would be at the point where the computer connects to the Internet, which for a lot of people, is their DSL or Broadband modem, and for everyone else, their dial-up modem.

The best choice for a broadband modem, is one that includes a router as part of the modem, and that also includes a built-in firewall, and things like NAT (Network Address Translation' and dhcp, which automatically assigns the addresses that NAT translates, to all the machines that happen to be connected to the router side of your modem.

Without getting too technical or specific... this type of modem-router is usually purchased from your ISP (Internet Service Provider), and includes step-by-step instructions, how to set it up, in terms that are geared towards the average, non-techie-type computer user.

With this sitting between the Internet and your Home LAN (Local Area Network... the technical term for the computers in your home, that are collectively connected to each other and the Internet)... you have two forms of protection between your computers and the Internet.

First, your ISP is providing you with a single 'Public IP Address' (the unique number that every computer connected to the Internet must have, to identify itself uniquely, which is the only address that an attacker might be able to see, and which is usually a dynamic address... meaning that it changes regularly.... the number is not a permanent identifier for your LAN. This address recieves all incoming information, and then sends it to the various computers on your LAN, based on their Private IP Addresses, which are not visible on the Internet.

Second, the firewall on your modem-router acts as a second layer of protection. Depending on how you configure it, it protect you (usually) better than the software-only type firewall that Windows XP has built into it.

Third, each computer on the LAN should also have its built-in Windows XP software firewall also running, and in addition to this, one should also have anti-virus and anti-spyware applications installed on each of their computers.

On my Windows XP machine, which is using an SBC Yahoo DSL connection to the Internet, both Anti-Virus and Anti-Spyware applications are free downloads, so I just went ahead and downloaded/installed them on my XP machine.

Next, one must remember to keep their security patches up-to-date. Windows XP has a feature called 'Automatic Updates', which can be set to check for and update new security patches regularly and automatically. For the average user, this is a fairly good idea.

The final line of defence is probably the most important one... and the one most often ignored... which is the computer user him or her self...

Clicking on email attachments... especially from people you do not know... can be a dangerous business. Even if you do know the person who sent the attachment, any and all attachments should be virus-scanned before opening.

Clicking on links you receive in emails from people you do not know can also be a dangerous business, because a lot of virus writers send out spam emails, directing people to infected web pages, and clicking a link to an infected web page can be a point of infection, same as an email attachment.

'Free' porn sites are notorious for being places to pick up viruses, worms, etc. In general, the sleazier the content the page contains, the more likely, it is being used to install malicious applications on your computer.

When a box pops up on your screen, telling you that there is some dire emergency-problem with your computer, and that you must IMMEDIATELY click on that box, to correct the problem... don't. The safest route in such cases, is to not click on any part of such a box at all, because even the 'No' button means 'Yes". When in doubt, a quick computer restart will work, without letting anything that you do not know, what it is, be saved to your hard disk, during the shut-down process.

Cultivate skepticism... Remember, the Bad People are out to get you, your computer and your money, and one of their favourite tricks, is to encourage a sense of URGENCY on your part, so that you act FAST and without thinking.

I could go into greater depth, and suggest using browsers other than Internet Explorer, and email applications other than Outlook, or Outlook Express... but that would require a longer article, and I think that perhaps several short articles, might be a better strategy than a single, very long one.

-wittig 06