Suggestions for Computer Security for PCs attached to the Ethernet

5/16/2007

 

The 'Don't be a Hacker's Dream' web page list eight basic steps to computer security.  We have listed the eight steps with additional web links and comments.

 

Note:  For all personal computers connected to the net; the operating system should be limited to Apple OS 9 (or above) or Microsoft Windows 2000 (or above).

 

  1. Firewall Protection (A firewall should protect you from unwanted network traffic and attacks.)

Minimum protection:

    1. MS Win XP: Please use the build in firewall; for instruction please see http://www.security.vt.edu/lockitdown/vtsecuritynew.html#firewall
    2. MS Win 2000: Please download and install ZoneAlarm's free firewall software. http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?dc=12bms&ctry=US&lang=en&lid=nav_za
    3. Mac OS X: versions 10.2, and up, have a built-in Firewall.  To turn it on:

                                              i.     From the Apple menu, choose System Preferences.

1.     Note if you do not see all the preferences, click Show All.

                                             ii.     In Internet & Network, open Sharing.

                                            iii.     Click the Firewall tab. If already ON you are done, otherwise:

                                            iv.     Click the Start button to turn the Firewall on.

                                             v.     If you want to allow some remote network ports, turn them on. If in doubt, leave them off.

                                            vi.     Close the Sharing window.

Note: Turn the Firewall off before installing Norton Antivirus. Turn it back on when the install completes.

 

  1. Passwords (All users should have a password)
    1. A strong password should be 14 characters or longer, at minimum eight characters.
    2. Files containing personal or sensitive data should be password-protected.

                                              i.     With MS Office and most document software, you are able to password protect your document.  To learn how to password protect your document; enter 'Password Protection' within the help function of the software.

    1. Ideally, the password should appear to be a random string of characters when, viewed as text.
    2. A password should include a combination of:

                                              i.     uppercase and lowercase letters

                                             ii.     numbers

                                            iii.     symbols

    1. Never use:

                                              i.     the last four digits of your SSN

                                             ii.     your mother's maiden name

                                            iii.     your birth date

                                            iv.     your middle name

                                             v.     a family member's name

                                            vi.     your pet's name

                                          vii.     anything that's easily discovered or guessed

                                         viii.     repeating characters, such as yyyy or &&&&&

                                            ix.     characters that are consecutive, such as 1234, or abcd

                                             x.     complete words (in any language)

                                            xi.     numbers or symbols in place of similar letters, such as $ for S or 1 for l

                                          xii.     any part of your user name for logging on to the Internet or a network

    1. To test the strength of a password please use the following web link: http://www.microsoft.com/athome/security/privacy/password_checker.mspx
    2. Memorize all your passwords.
    3. Do not share your password with others.
    4. Do not record passwords on anything you carry in a wallet or purse.
    5. Ask financial institutions to add extra security to your account by requiring an additional code or password.
    6. If your financial institution uses the last four digits of your SSN as your default PIN, change it.
    7. Shield your hand at an ATM or when making long distance calls with a phone card. Shoulder surfers may be nearby with binoculars or cameras. Avoid giving personal data by phone in a public place.

 

  1. Install Security Updates & Patches (OS and Applications)
    1. MS: Obtain and install all Microsoft security updates and patches for the operating system and MS Office.  Please the following web site for instructions. http://www.security.vt.edu/lockitdown/vtsecuritynew.html#updates

                                              i.     Auto-Update

    1. MAC: Apple includes a Software Update feature in Mac OS X.

                                              i.     From the Apple menu, choose Software Update.

                                             ii.     Auto-Update feature:

1.     From the Apple menu, choose System Preferences....

2.     If you do not see all the preferences, click Show All.

3.     In System, open Software Update.

4.     Put a check in the Check for updates box, and select Weekly as the frequency.

5.     Put a check in the Download important updates in the background box.

6.     Close the Software Update window.

  1. File Shares
    1. Disable file sharing if not needed.
    2. Do not violate copyright laws (music, video, documents, etc).

 

  1. Anti-Virus & Anti-Spyware Protection
    1. Maintain a current version of anti-virus and anti-spyware software.  At minimum, please install and use Symantec AntiVirus and Microsoft Defender.

                                              i.     Note to Windows 2000 users:  The present version of MS Windows Defender will not work on Windows 2000.  We strongly recommend installing Ad-aware (http://www.lavasoftusa.com/software/adaware) and Spybot Search & Destroy (http://www.safer-networking.org/en/home/index.html).  Please run both programs at lease once a week.

    1. Scan your hard dive on a regular basis.

 

  1. Minimize Unnecessary Network Services
    1. Do not run any unnecessary network services on your computer.

 

  1. Analyze Your Security
    1. Use Microsoft's Baseline Security Analyzer tool to help you analyze the security of your computer.

 

  1. Backup
    1. Backup your work to another source (CD, DVD, Tape, Flash Drive, etc).

 

Additional Computer Security Web Resources

 

Return to Security Information Page