888.4.NATNET
Facebook Twitter LinkIn Blog Instagram YouTube Google Plus

Monthly Archives: March 2010

29
Mar
2010

How Secure Are You? Tips for Better PC Security

by Administrator

How Secure Are You? Tips For better PC security

The internet is arguably one of the greatest inventions of all time. Literally millions of web sites exist for the purpose of research, entertainment, news and information, socializing and everything in between. It’s made the world a smaller place, and while some might argue the fact, I think a better place. In fact, it’s hard to imagine a time when we didn’t have the internet at our fingertips.

According to the Internet World Stats that collects its data from Nielson//NetRatings and the International Telecommunications Union (ITU) as of August 2009 there are 1,733,993,740 people on the Internet world-wide and 227,719,000 people in the United States on the Internet with that number increasing daily. With the boom of the internet, there has been a boom in the number of hackers and bad guys looking for ways to exploit the internet for various reasons. Some hack for profit by taking over web sites and redirecting the traffic. Some create phishing sites to try to steal your identity or credit card information while some hackers hack just for the challenge and the thrill of it. What this means to you is that you have to always be vigilant in your cyber-travels. This article will try to educate you on what you should be on the lookout for and things you can do to ensure you don’t become a victim to these “ne’er do wells” out there.

In today’s article, we’re going to examine this from the desktop level. A future article will examine server security, so stay tuned.

 

Phishing, Spam and other Email Scams

One of the most prevalent hacker schemes is called phishing (pronounced “fishing”). In a phishing scam a hacker will create a copy of a well known site, such as a bank, BestBuy, Ebay or PayPal…it could be any site that takes credit cards or contains credit card or other personal/sensitive information. Once they have created this fake and very authentic looking site, they will send out a mass email that appears to come from that site. That email will try to convince you to either enter your username and password or credit card information under the guise of “we’re updating our records”, “you’ve won a contest” or “there has been a security breach and we need to verify your information to ensure your safety”. Be aware that the real company would never ask you to divulge that information. Should you receive an email like this and you have doubts about its authenticity, you should contact the company via phone to confirm, but under no circumstances should you enter your username/password or any other sensitive information into a web site that you have clicked a link in an email to get to unless you are absolutely sure of the emails origin.

Another prevalent scam is called the 419 or Nigerian scam. This is a variation of the old “Spanish prisoner” scam. The way this works is that you’ll be contacted by someone you never heard of who claims that you either inherited a large sum of money or that this person has a large sum of money to move out of their country and requires your assistance. In exchange for your assistance, they will give you a large cut of this sum of money. Of course, “your assistance” is in paying the scammer a sum of money up front to assist the scammer in getting the money out of the country (claiming he has to bribe officials, pay for transport, etc). The bottom line is that if you are legitimately owed money, you will be contacted via more traditional methods such as a certified letter. Never trust an email from someone promising you a large fortune. The old adage of “if it sounds too good to be true, it probably is” holds true here

PC Security

PC security starts with one of the most simple but often overlooked aspects – a password. I am always surprised at the number of people with a PC that have no password required to log into it. What I usually hear is “I’m the only one that ever uses this PC”…but that couldn’t be further from the truth. If your PC doesn’t have a password, I can almost guarantee that you are NOT the only person using it – you just think you are. The easiest computer in the world to hack is one without a password. Hackers will easily gain access to your PC and use it for all sorts of evil, such as using it to attack web sites or other computers, spreading viruses, sending out spam and more. ALWAYS…ALWAYS (did I mention ALWAYS?) have a password for your PC…the stronger the better. So, what is a strong password and how do you make a strong password? I’m glad you asked. First, it should never be a name or a dictionary word. Hackers use scripts called brute force scripts to try to guess passwords. A brute force script will try literally thousands of username/password combinations from a database to see if one works and if your password is “abcd1234″ I can guarantee you this script will find it, so you might as well not even have a password. You should always use a combination of UPPER case and lower case letters as well as numbers and special characters. One good way to create a very strong password but is easy to remember is to take a 7-8 word phrase (or two shorter phrases) and use the first character from each phrase. Capitalize the first four letters then add one special character to the end. So, for example “how much is that doggy in the window” could be “HMITditw?” No one would ever guess that password but you would easily remember it. You can also substitute numbers and characters for letters – @ could be “a”, $ could be “S”, 3 could be “E” and so on.

Also, don’t write your password and stick it to the bottom of your keyboard. If I were a hacker (fellow office worker, “friend”, etc) who somehow gained physical access to your PC, the FIRST place I would look would be for a postit note with your password on it.

Next, protect your PC from viruses. Make sure you have virus protection installed. AVG offers a free version that has actually worked quite well for me and checks your email and downloads for potential viruses. It also automatically updates itself with the latest virus library. Norton and McAfee are two other companies that offer protection software but there is a fee associated with their products.

Because email is the one application where your permission is not required to send you something, it is the most abused application on your PC. Of course, it’s also the one application you really cannot live without. So, here are some basic rules to help protect your email.

1. Never open an attachment from a sender you do not know. Attachments can contain viruses and all sorts of bad things.

2. You should have at least two email addresses. One that is private for friends, family and business associates. Instruct them to never give this email to anyone. The second one would be used for things that you purchase online or forms you fill out. This allows you to do a couple of things. First, if you receive an email to your “private” email, you can trust it more. Secondly, you can set up more aggressive spam filtering on the secondary email.

3. Never put sensitive information (passwords, credit card numbers, etc) in an email as email is not encrypted and can be intercepted as well. Should you need to provide this information to someone, it’s best to use the old-fashioned method and call them on the phone. Think of it as sending a postcard written in pencil. As the card is delivered it makes numerous stops and can be altered or read by various people.

4. Never reply to a spam email, even to “unsubscribe”. Any sort of response acknowledges that the email address is legitimate and you open yourself up to additional spam. Simply hit the delete button – it takes less than 1 second to hit that delete button.

5. Just like your PC password, always create a strong password for your email accounts.

PC security requires some basic steps and some basic common sense. You lock your house at night and when you leave. You lock your car when you go into the store. Be sure to do everything you can to “lock your PC” and you greatly increase your chances of not falling prey to the hackers of the world.

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
16
Mar
2010

When Disaster Strikes

by Administrator

When Disaster Strikes

You’re working along on your desktop when you hear a loud whirring noise and your computer crashes. No big deal, you think to yourself, I’ll just reboot it. You hit the good old reset button and see the BIOS screen flash by but instead of booting up into your operating system, you see a “disk not found” error. Now, the panic starts to set in as you realize that your hard drive has crashed, taking all of your critical data with it…but wait, you DID have a backup, right? No? Well, guess what…say goodbye to your data. All your pictures, music, videos, documents…gone, may they rest in peace.

I’m a bit of a “backup fanatic”.  I actually back up my backups at my home office and I am always surprised at the number of people that will purchase the Binford 9000 PC with 16G RAM, fast DVD, giant drive, state-of-the-art color photo printer and a $200 surge protector but don’t have a single backup of anything.

From external drives to backup services, there are many options for backups so there really isn’t any good reason to NOT back up your computer.  Let’s take a look at some of them.

External Drives.

Go to amazon.com and search for “backup drive” and you’ll be presented with a plethora (yes, I said plethora) of external backup drives from 160 GB to 2 TB and even larger if you have the budget.  Drive pricing is at an all time low and a typical 1 TB external drive can be purchased for less than $100.  Backing up your PC is as simple as plugging in the USB cable to your PC, plugging in the power on the drive and you’re ready to go.  If you’re using Windows 7, you can use the built in backup software under control panel.  If you’re using Mac, you can use Time Machine (my personal favorite) but make sure you purchase a drive that is compatible with a Mac.  Some external drives even come with backup software, but be sure to read the reviews as some of this backup software is quite clunky and not easy to use.  It’s usually best to schedule backups to run when you’re not working on the PC as you may find your PC performance affected when backing up

Online Backup Services

There are many online backup services such as mozy.com or carbonite.com (google “backup services” and you’ll be overwhelmed by the choices) and most are simple to use and inexpensive.  Most of them will provide you with a certain amount of disk space at no charge so you can test them out.  To begin, you sign up for an account, download their client and use that client to determine what to back up.  You pay a small monthly fee that is either flat-rate or  based on the amount of disk space you consume.  While these services work great for the most part, you may find that if you have 500G of data you wish to back up, they may not be best for you.  It’s also a good idea to only use these if you have a good high-speed internet connection, and be aware that the first backup you perform is probably going to take days.  Of course, this means that if you have a disaster and have to restore from this service, it’s going to take days for the restore.

Now, I hear some of you saying “but my PC has a RAID drive array so I’m protected”, but that is false security, as that RAID can fail as well.  Yes, it’s less likely to totally fail but in my 11 years of working with RAIDs, I HAVE seen them totally fail, so even if you have an exotic RAID set up, you should still have backups.

As a webmaster with web sites, you’re counting on your hosting company to back up your server files.  While many hosts do provide backups (as do we), you should always have your own local backup as well.  Even the best backup system can have problems.  Also, what happens when your host goes out of business in the middle of the night, or for some other reason you need your data but don’t wish to get it from your host?  If your web sites are your livelihood, then you owe it to yourself and your business to be taking the proper steps to make sure that you’re not only relying on the hosting company for the backups.

Finally, even the best backup system is ineffective if it’s not working.  Clients fail.  Connections to online services may not connect.  At the very least, you should confirm your backups on a monthly if not weekly basis.  There’s nothing worse than needing to do a restoration only to find out your well designed backup system hasn’t been doing its job.

So, take the time to set up a backup system, as well as ensuring that it’s working correctly.  Test it occasionally by moving some files then restoring them from backups.  When disaster strikes, a well thought-out backup plan can mean the difference between a ruined day OR a ruined business, to just a minor hiccup.

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
NationalNet, Inc., Internet - Web Hosting, Marietta, GA
Apache Linux MySQL Cisco CPanel Intel Wowza