Get Into the Zone

Malware.  An odd sounding word created to lump all malicious software programs, including viruses, worms, trojans, spyware, adware, and other malevolent codes into one cause-your-computer-serious-hurt category. 

In 2005, Computer Economics released a report on malware.  The good news was that for the first time since 2002, the total worldwide financial losses from malware actually declined to a mere $14.2 billion.  The bad news was that the nature of malware was changing from overt threats to more focused, covert attacks. This definitely is not great news for the average computer user just trying to keep up with the hundreds of malware programs that bombard us daily. 

It’s not an easy task keeping malware out of your computer system.  In order to accomplish this, you need a strong antivirus program.  One such program that can deliver the goods is ZoneAlarm Internet Security Suite 6 from Zone Labs.  Zone Labs is one of the most trusted brands in Internet Security for good reason.  Their product, simply put, kicks serious malware gluteus maximus.

ZoneAlarm has received more review recommendations that any other Internet-security software suite because of its superb firewall and antivirus protection.  It blocks pop-up ads, protects against identify theft and provides adequate spam filters that are flexible.  It even beats the market leader, Norton Internet Security, which is often criticized for excessive system drag.

Its newest version includes these additional features:

·         Triple Defense Firewall to prevent spyware from sending your information across the Internet.  It also makes your computer invisible to anyone on the Net.

·         Smart Defense Advisor which can automatically adjust your security settings for maximum protection against the latest virus and spyware outbreaks.

·         Advanced Identify and Privacy Protection to prevent your personal data from leaving your computer without your approval.

The bonus for the average user who cringes at the idea of setting-up one of these systems is that the interface is easier to understand and use in comparison to most if its competitors.  If you choose to venture beyond the out-of-the-box default settings, and install a more elaborate filtering, know that this will require some additional time to set up on your part.   

Overall, ZoneAlarm Internet Security Suite is a user-friendly, comprehensive security solution that will have your computer safe from Internet hazards and cyber criminals within minutes of installation.
1b50460ffc42ed02df1a1a9baaa45f8954c146a2c6f85fa776

Why Do I Feel Like Somebody’s Watching Me?

Spyware is one of the fastest-growing internet threats.  According to the National Cyber Security Alliance, spyware infects more than 90% of all PCs today.  These unobtrusive, malicious programs are designed to silently bypass firewalls and anti-virus software without the user’s knowledge.  Once embedded in a computer, it can wreak havoc on the system’s performance while gathering your personal information.  Fortunately, unlike viruses and worms, spyware programs do not usually self-replicate.  

Where does it come from?

Typically, spyware originates in three ways.  The first and most common way is when the user installs it.  In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge.  The user downloads the program to their computer.  Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party.  Beware of many P2P file-sharing programs.  They are notorious for downloads that posses spyware programs.

The user of a downloadable program should pay extra attention to the accompanying licensing agreement.  Often the software publisher will warn the user that a spyware program will be installed along with the requested program.  Unfortunately, we do not always take the time to read the fine print.  Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download.  Be sure to review the document before signing off on the download.

Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations.  The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads.  That is why the user has to initiate a download by clicking on a link.  These links can prove deceptive.  For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen.  The message may ask you if you would like to optimize your internet access.  It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult.

Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software.  When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program.

What can spyware programs do?

Spyware programs can accomplish a multitude of malicious tasks.  Some of their deeds are simply annoying for the user; others can become downright aggressive in nature.

Spyware can:

1.            Monitor your keystrokes for reporting purposes.

2.            Scan files located on your hard drive.

3.            Snoop through applications on our desktop.

4.            Install other spyware programs into your computer.

5.            Read your cookies.

6.            Steal credit card numbers, passwords, and other personal information.

7.            Change the default settings on your home page web browser.

8.            Mutate into a second generation of spyware thus making it more difficult to           eradicate.

9.            Cause your computer to run slower.

10.        Deliver annoying pop up advertisements.

11.        Add advertising links to web pages for which the author does not get paid.  Instead, payment is directed to the spyware programmer that changed the original affiliate’s settings.

12.        Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove.

Spyware Examples

Here are a few examples of commonly seen spyware programs.  Please note that while researchers will often give names to spyware programs, they may not match the names the spyware-writers use. 

CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites. 

Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up.

180 Solutions reports extensive information to advertisers about the Web sites which you visit.  It also alters HTTP requests for affiliate advertisements linked from a Web site.  Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered.

HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other spyware programs.  It’s a prime example of how spyware can install more spyware.   These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements.

How can I prevent spyware?

There are a couple things you can do to prevent spyware from infecting your computer system.  First, invest in a reliable commercial anti-spyware program.  There are several currently on the market including stand alone software packages such as Lavasoft’s Ad-Aware or Windows Antispyware.  Other options provide the anti-spyware software as part of an anti-virus package.  This type of option is offered by companies such as Sophos, Symantec, and McAfee. Anti-spyware programs can combat spyware by providing real-time protection, scanning, and removal of any found spyware software.   As with most programs, update your anti virus software frequently. 

As discussed, the Internet Explorer (IE) is often a contributor to the spyware problem because spyware programs like to attach themselves to its functionality.  Spyware enjoys penetrating the IE’s weaknesses.  Because of this, many users have switched to non-IE browsers.  However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources.  This will help reduce your chances of a spyware infiltration.

. 

And, when all else fails?

Finally, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.

What the Heck are Botnets?

"A botnet is comparable to compulsory military service for windows boxes" - Stromberg  (http://project.honeynet.org/papers/bots/)

Botnets are networks of computers that hackers have infected and grouped together under their control to propagate viruses, send illegal spam, and carry out attacks that cause web sites to crash.

What makes botnets exceedingly bad is the difficulty in tracing them back to their creators as well as the ever-increasing use of them in extortion schemes.  How are they used in extortion schemes?  Imagine someone sending you messages to either pay up or see your web site crash. This scenario is starting to replay itself over and over again.

Botnets can consist of thousands of compromised machines. With such a large network, botnets can use Distributed denial-of-service (DDoS) as a method to cause mayhem and chaos. For example a small botnet with only 500 bots can bring corporate web sites to there knees by using the combined bandwidth of all the computers to overwhelm corporate systems and thereby cause the web site to appear offline.

Jeremy Kirk, IDG News Service on January 19, 2006, quotes Kevin Hogan, senior manager for Symantec Security Response, in his article "Botnets shrinking in size, harder to trace", Hogan says  "extortion schemes have emerged backed by the muscle of botnets, and hackers are also renting the use of armadas of computers for illegal purposes through advertisements on the Web."

One well-known technique to combat botnets is a honeypot. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised in order to study how the hackers break the system. Unpatched Windows 2000 or XP machines make great honeypots given the ease with which one can take over such systems.

A great site to read up on this topic more is The Honeynet Project (http://project.honeynet.org) which describes its own site's objective as "To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned."

The Advancement of the Keylogger

A keylogger is a program that runs in your computer’s background secretly recording all your keystrokes. Once your keystrokes are logged, they are hidden away for later retrieval by the attacker. The attacker then carefully reviews the information in hopes of finding passwords or other information that would prove useful to them.  For example, a keylogger can easily obtain confidential emails and reveal them to any interested outside party willing to pay for the information. 

Keyloggers can be either software or hardware based.  Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable.  Hardware-based keyloggers are more complex and harder to detect.  For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed.   During that time frame, a keylogger can collect a lot of information about the user it is monitoring.  A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more.  All this collected information can be used to steal user’s personal documents, money, or even their identity.

A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:

·         Undetectable in the process list and invisible in operation

·         A kernel keylogger driver that captures keystrokes even when the user is logged off

·         A remote deployment wizard

·         The ability to create text snapshots of active applications

·         The ability to capture http post data (including log-ins/passwords)

·         The ability to timestamp record workstation usage

·         HTML and text log file export

·         Automatic e-mail log file delivery

All keyloggers are not used for illegal purposes.  A variety of other uses have surfaced.  Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web.  Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.

Surfing the Web Anonymously – Questions to Ask

When you surf the web it is possible to learn information about you even when you don't want to advertise who you are. This is true even if your system contains no virus or malware software. Specifically information that is easily available online includes your IP address, your country (and often more location information based on IP address), what computer system you are on, what browser you use, your browser history, and other information.  It gets worse.  People can get your computer's name and even find out your name if your machine supports programs like finger or identd. Also, cookies can track your habits as you move from machine to machine.

How do people get this basic information about you?

When you visit another web site, information about you can be retrieved.  Basically, information is intercepted and used by others to track your Internet activities.
 

How do you stop this from happening?

First of all, it is possible to serf the web anonymously and thereby stop leaving a trail for others to find. Note that this is not fool-proof, but it makes it much harder for people to know who you are. There are products called anonymous proxy servers that help protect you.  The anonymous proxy server replaces your Internet address for its own.  This has the effect of hiding your IP address and making it much harder for people to track you.

How do I get an anonymous proxy server?

There are many vendors who sell anonymous proxy servers. There are also free proxy servers available to you. Two such products are ShadowSurf and Guardster.  Guardster (http://www.guardster.com/) offers various services for anonymous and secure access to the web, some paid as well as a free service.  ShadowSurf  (http://www.shadowsurf.com/) ShadowSurf provides anonymous surfing at their site for free. Go to it and you will find a box to enter a URL that you want no one to track. There are many others, but here are two that are frequently used.

Another interesting product, given the recent news about the Google search engine filtering its findings for the Chinese government, is Anonymizer (http://www.anonymizer.com). This company, among others, recently (Feb 1st, 2006) pressed that it "is developing a new anti-censorship solution that will enable Chinese citizens to safely access the entire Internet filter-free" (http://www.anonymizer.com/consumer/media/press_releases/02012006.html). 

Does an anonymous proxy server make you 100% safe?

No.  Still, you are much better off if you use such technology.

What other things should I be concerned about when trying to keep my private information private?

Three other items come to mind when trying to keep your information private. First, you can use an encrypted connection to hide your surfing. This article does not go into detail on this, but search the web and you will find a lot of information on this.  Secondly, delete cookies after each session.  Third, you can configure your browser to remove JavaScript, Java, and active content. This actually leads to limitations, so you need to think about the cost/benefit of this course of action.

Anything else?

Wishing you happy and safe surfing!

Spam Buster

Spam.  Nobody likes it.  Nobody wants it.  No, we aren’t talking about the canned meat, but those unsolicited, unwanted, irrelevant, or even inappropriate messages that hit our email in mass quantities. 

While most mailboxes have some type of spam filtering software built into their system, they never seem to do a very good job of catching what you want them to catch, and letting through what you want them to let through. 

Therefore, it becomes increasingly important to turn to some type of additional spam filtering product.  One such filtering system, designed for Outlook and Outlook Express users, is receiving rave reviews for its superior detection and low rate of false positives (i.e,. what you want to get through does).

Cloudmark Desktop, formerly known as SpamNet and SafetyBar, uses a unique community-based filtering process.  This community-based filtering system relies on users to report any new spam.  Within minutes of a spammer being reported, they are placed on a blacklist.  At that point, no other member will receive that particular spam.  Cloudmark also applies the same basic process to phishing email scams.

What is interesting is how Cloudmark creates a digital reputation model of reporting spam.  Each user starts with a neutral reputation. A user’s reputation will rise if they are among the first to identify undesirable content.  On the flip side of the coin, a user’s reputation falls when they falsely reports spam.  The result is a system that is automated, highly scalable and resistant to tampering.

An added bonus is that because the software doesn’t depend upon the user to configure its settings, it installs in minutes and is easy to use.  Cloudmark blocks over 98% of spam from reaching your inbox and boasts over one million users worldwide.

The cost of program is $39.95 for a one-year subscription.  The subscription is renewable annually.  For those wanting to test drive the product, a free 15-day trial period for either your Outlook or Outlook Express is available.

Securing Your Computer System

Today, more and more people are using their computers for everything from communication to online banking and investing to shopping.  As we do these things on a more regular basis, we open ourselves up to potential hackers, attackers and crackers.  

While some may be looking to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets.  Below are a few easy, cost-effective steps you can take to make your computer more secure.

1.                  Always make backups of important information and store in a safe place separate from your computer.

2.                  Update and patch your operating system, web browser and software frequently.  If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard.  This program will help you find the latest patches for your Windows computer.  Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs.

3.                  Install a firewall.  Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet.  Consideration should be given to the benefits and differences between hardware and software based firewall programs.

4.                  Review your browser and email settings for optimum security.  Why should you do this?  Active-X and JavaScript are often used by hackers to plant malicious programs into your computers.  While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you.  At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low.

5.                  Install antivirus software and set for automatic updates so that you receive the most current versions.

6.                  Do not open unknown email attachments.  It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.
   

7.                  Do not run programs from unknown origins.  Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes.  They may contain a Trojans horse waiting to infect a computer.

8.                  Disable hidden filename extensions.  By default, the Windows operating system is set to “hide file extensions for known file types”.  Disable this option so that file extensions display in Windows.  Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.

9.                  Turn off your computer and disconnect from the network when not using the computer.  A hacker can not attack your computer when you are disconnected from the network or the computer is off.

10.              Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program.  Obviously, you need to take this step before you experience a hostile breach of your system. 

Protection You Can Afford

There are numerous ways you can lose the information on your computer. Your child decides to play Chopin on your keyboard, a power surge, lightening, a virus, or even simple equipment failure. Therefore, backing up the contents of your hard drive is an absolute MUST.  By regularly making backup copies of your files and storing them in a separate location, you can typically get some, if not all, of your information back in the event your computer crashes.

While a regular backup to floppy, CD, or zip drive will save your files, wouldn’t it be great if you could create an exact copy (a drive image) of your hard disk?  That means backups of all your files, programs, and user settings.  This would definitely save you time when it came to reloading.  Acronis may be able to help.

Acronis True Image 9.0 is a robust disk-imaging utility software that copies the entire contents of your hard drive including data and operating system files, personalized settings, and more, onto another disk or disk partition. Its layout is easy to use and navigate.  It also includes wizards which can walk you through both backing up and restoring your computer.  Highlighted features include:

·         Secure Zone — allows you to save data to a special hidden partition located on your hard drive which would eliminate the need to purchase an extra hard drive. 

·         PC Cloning — you can upgrade to a new system disk without needing to reinstall the operating system and applications, or configure user settings.         

·         Acronis Snap Restore - lightening-speed restore of your PC from an image. You can start working in seconds while your system is still being restored.

Acronis provides a free test-drive of its product and a 30-day money back guarantee.  When you are ready to purchase, you can either download for $49.99, or if you so desire, order a boxed version for $59.99.  With Acronis True Image Home 9.0, you can rest easy that your family pictures, personal documents, tax returns, resumes, and other important information will not be lost forever.

Phishing For Your Identity

Who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information?  The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. 

You recognize the business name as one that you’ve conducted business with in the past.  So, you click on the convenient “take me there” link and proceed to provide all the information they have requested.  Unfortunately, you find out much later that the website is bogus.  It was created with the sole intent to steal your personal information.  You, my friend, have just been “phished”.

Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business.  The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.

It is not at easy as you think to spot an email phishing for information.  At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail.  The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.

Many of these people are professional criminals.  They have spent a lot of time in creating emails that look authentic.  Users need to review all emails requesting personal information carefully.  When reviewing your email remember that the "From Field" can be easily changed by the sender.  While it may look like it is coming from a .com you do business with, looks can be deceiving. 

Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible.  They will even copy logos or images from the official site to use in their emails.  Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.

A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer.  The actual website address to which you are being directed will show up for you to view.  It is a very quick and easy way to check if you are being directed to a legitimate site.

Finally, follow the golden rule.  Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser.  At least then you can be confident that you are, in fact, being directed to the true and legitimate website. 

Parental Peace of Mind

The advent of the Internet, in some respects, made the job of parenting a little harder.  We want our children to experience the vast wealth of knowledge available on the Internet and communicate with their friends online (frees up the telephone).  Unfortunately, it also potential exposes our children to inappropriate material, obscene pop-up ads, and even sexual predators.  In fact, research indicates that 1 in 5 children aged 10 to 17 have received a sexual solicitation over the Internet.  This is definitely not something any parent wants to hear, but is forced to face.

We need a little assurance that when our children access the web, they can do so safely. Internet filters are crucial to protect your children. One tool that can assist us in this goal is Internet Parental Control software.  One of the top names in parental control software is ContentWatch, and if the Big Mouse himself recommends this product, then it has to be good.  If Disney feels good enough to install three of the ContentWatch products in their Disney Dream Desk PC, it has to be worthy.  After all, they are willing to stake their reputation on it.

Internetfilterreviews.com rated ContentProtect 2.0 the #1 Internet filtering software.  It is easy to install, configure, and customize.  If you do have any problems, ContentWatch provides unlimited toll-free technical support.  ContentProtect can blocks pornography, hate sites, questionable chat rooms, and other known dangers of the Internet. You can even configure ContentProtect to block online game and gambling sites, and make it so your children can only install and play computer games with parental ratings that you deem appropriate.

Other features include:

·         Integration with Safe Search features in popular search engines

·         Reports of your children's internet activity

·         Logs of your child's chat room and instant messages

·         Reports if your child tries to remove or disable protection

·         Filters bad content on Peer-to-Peer networks and other areas

·         Password protected access for parents

·         Customizable restrictions for each family member.

·         Automatic software updates at no additional cost.

ContentWatch provides a two-week, no-obligation free trial of the full version.   The product costs $39.99 per seat (installs on only one computer).  This is a one time purchase price which will give you unlimited use of the service. You never have to renew a subscription or pay any additional membership fees for use of the program.  It seems like a reasonable price for a little parental peace of mind.

Finding the Security Suite that meets your needs

Before proceeding to read this article, it is important that we state something up front.    It is essential for the reader to understand and appreciate that there is no such thing as a secure operating system or web browser.  While the use of security suites and other complementing products can significantly reduce your risks, they are not magic wands that you can wave to eliminate 100% of your risk.  Any product claiming they can do this should be viewed with great skepticism.

With that being said, let’s talk computer security and security suites.  There are numerous ways in which the security of your computer can be breached.  The most common threats come from worms, viruses, Trojans, phishing, hackers and crackers.  Potential security breaches can come in the form of downloading unfamiliar email attachments, being monitored by spyware, maliciously attacked by malware, or probed through port scanning.

Dshield.org (www.dshield.org), a non-profit company, functions as a “dominating attach correlation engine with worldwide coverage”.  In short, they work with people and companies to track, among other things, port scanning violations.  Port scanning involves a person (referred to as a hacker or cracker) who attempts to break into you computer through the open ports in your system. 

Once an open port is located, the individual attempts to collect your personal data or install a malware program into you computer.  On average, Dshield.org logs over 1.1 billion reported attempts of port scanning each month.  What is even scarier is that this is just based on their program participants.  You can imagine how many more incidents are occurring each month to the general population of computer users.

Dshield.org also reports on survival time.  Survival time refers to how long it will take before an unpatched PC is attacked or infected.  Below is a snapshot of their current operating system breakdown:

Current OS Breakdown

Category	%	Adjusted Survival Time
Windows	27.0000	128 min
Unix	0.5000	3648 min
Application	3.0000	1203 min
P2P	1.5000	1591 min
Backdoor	0.5000	5432 min

Source:  Dshield.org – Survival Time History (11/8/05)

In short, if you have a Windows-based operating system and an unpatched PC, you will be attacked or infected in a little over 2 hours.  When looked at in these terms, securing your computer becomes a mission.

Here are a few easy steps you can take to immediately protect your computer. 

1.         Don’t run unfamiliar programs on your computer. 
It sounds like common sense, but many of the most prominent attacks have involved spyware and email attachment worms such as Bagle and Netsky.  If you don’t recognize the sender, don’t download its attachments.

2.         Don’t allow unrestricted physical access to your computer. 
If you have sensitive or proprietary information on your computer, allowing other employees or family members to use your computer can lead to potential         breaches in your computer’s security.

3.         Don’t use weak passwords.
Use passwords which are difficult for someone to figure out.  People frequently use the names of children, pets, anniversary dates, or birthdays.  Because there seems to be a password needed for everything, it is not uncommon to see many people using the same password for everything.  Big mistake!  The use of only one password provides a hacker with easy access to a smorgasbord of personal information.  If you have to write your passwords down, it is best not to leave them on a post-it, attached to the screen of your computer.  You may chuckle at the absurdity, but it happens more than you think.

4.         Don’t forget to regularly patch your operating system and other applications.
Many industry experts believe that most network security attacks would be stopped if computer users would just keep their computers updated with patches and security fixes.  Too often, we forget to do this on a regular basis.  Remember that every day, new viruses, worms and Trojans are being created and distributed.  They are looking for the weaknesses in your computer system.  Having outdated software is basically the same as holding the door open and inviting them in for a visit.

5.         Don’t forget to make regular backups of important data

Always keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks.  Store the backups in a location separate from            the computer.

In most cases, Windows desktop and screen-saver passwords provides adequate protection for normal security concerns.  However, if you feel more comfortable taking additional security measures consider obtaining a comprehensive security suite. 

Selecting a Antivirus Software

The next question is how do you pick the best product for your needs?  You start by asking yourself a series of questions.  Do you need password protection for individual files, your desktop, a network, or to block someone’s access to the Internet?  Is your computer used only by you or do multiple users have access to the computer?   How many users in total do you expect on your computer? What are your system requirements?  How much do you want to spend? 

Once you are able to answer these questions, you can begin to research which security suite will best meet your needs.  Product reviews and user statements provide a great starting point.  PCMagaine (www.pcmag.com), Zdnet.com (www.zdnet.com), and Consumer Reports (www.consumerreports.org) are just a few informative sites that offer research on various computer software products.

There are numerous security suites available on the market.  Take the time to choose the one that meets your specific needs.  As a starting point, we’ve listed a couple of the more popular programs:

1.         Kaspersky Personal Security Suite
Description:  A comprehensive protection program package designed to guard against worms, viruses, spyware, adware and other malicious programs.  The program offers five pre-defined security levels and is convenient for mobile users.  System requirements:  Window 98/2000/XP; Internet Explore 5.0 or higher, Memory: minimum of 64 MB RAM, 100 MB free on hard drive.

2.         Shield Deluxe 2005
Description:  This program provides protection from viruses, adware, spyware, and privacy threats while using very low system resources.  Additionally, the maker, PC Security Shield offers ongoing free technical support.  System requirements:  Windows 98 or higher, WinNT, WinXP, WinME; Internet Explorer 5.1 or higher, Memory:  32MB ram or higher, 65 MB free disk space.