First, Be aware of the threats! AKA: And Now for some content!

Foreword: I am writing this at 2am so if I get something wrong please don't flame me! Just point it out and Ill go back and correct it.

Threats on the Internet are always changing. There are new threats every day as well old threats being tweaked and made new again. There are some basic things you can do to protect yourself. I will break it down into several categories.

1. PATCH! PATCH! PATCH!

   No, I don't mean quit smoking (though that is good too!). Many people don't realize that all software needs patching. When software is released there is no way that the programmers can anticipate every security vulnerability. So, over time they, or the community, find the vulnerabilities and the programmers go back and fix the issues. This is true of everything from Windows XP to Adobe Acrobat Reader, to AOL Instant Messenger. Often times when the security patches are released new features are also added, so there is additional incentive for you as a user to patch your software.

    

   Microsoft has a good system in place to patch Windows and all other Microsoft products, it is right down there in your START menu and is simply called either Windows Updater or Microsoft Updater, depending on your version of Windows. Third party software, such as Winamp or Firefox, are nice enough to have built in patching. It requires you to either allow it (when prompted with a popup window) or to go into a menu and select the feature. However other software is not so easy to patch but may still have vulnerabilities. In those cases you may have to check the manufacturers website. The same is true for all hardware drivers, driver software has been hacked recently.

   It is recommended that you check the versions of all of your software monthly, if not more often.

2. Always Use Protection

   Never surf the web without using some sort of protection. By protection I mean a hardware firewall, router, or some other networking device. If you just hook your computer up to you high speed Internet modem, or connect to any old wifi hotspot there is a better than 90% chance that your computer is infected with some sort of malware (Malicious Software), and you probably don't even know it. I will do another write-up on botnets and types of malware at a later date, but suffice it to say that this stuff is insidious and bad. If you are infected the only solution to be sure that it is cleaned up is a full format of your hard drive and re-installation of your operating system. I travel a lot and so I connect my computer to various hotel networks all the time. This computer is never connected to my home network, and I never process any banking/financial information on it. It is just way to infected with malware for me to ever trust it again.

   So how can you protect yourself? It is rather simple to assemble some basic home defenses. I will write another blog entry all about home networking and possibly another one for defenses on the road. But for now look into connecting something like this: http://www.newegg.com/Product/Product.aspx?Item=N82E16833124091

   This product is essentially plug-and-play. It is very powerful if you feel like poking around at it and learning a bit, but for the average home user it will provide an adequate amount of security straight out of the box.

   Another tip, never use a wireless access point as your main router (Cable/DSL/FIOS modem into a router/WiFi acces point), in fact never use just a plain Wireless Acces point, always get a wireles router.. Buy something like this: http://www.newegg.com/Product/Product.aspx?Item=N82E16833124082

   Plug that into the first router I listed. From a networking perspective, it is double-NATing, which is bad (and can be resolved with configuration inside the devices) but for a normal home-user they won't notice anything for the most part.

   The reason you want to put your WiFi router behind another router is that you want to “segment” your wireless users away from your normal wired computers. Wireless has all sorts of vulnerabilities associated with it, most of which can not be resolved without resorting to a big-business “enterprise” solution which would be overkill for a home user.

3. When in doubt, SET IT ON FIRE!

   Software Firewalls are good. http://www.mcafee.com/ sells a full suite that is decent. No software solution is 100%, but it will stop most outside threats. A software firewall is a piece of software that installs its self in between your hardware network port and your operating system. It has a set of “mug shots” of malicious Internet traffic, called 'Signatures' in the industry. The Firewall watches all traffic coming in and out of your computer and if any of it looks like the signatures it has been loaded with the software will block that traffic and stop it from entering or leaving your computer. Often times you have to set it up to allow programs that you want to run if those programs use non-standard network traffic to communicate (Ventrilo and some internet games). Software firewalls are great, especialy for people who travel a lot or people that just use a lot of public WiFi hotspots. Software firewalls are never as good as Hardware, but they are better than nothing at all.

4. There is no cure for stupidity.

   The most common vector of viruses is no longer a 'remote exploit.' A remote exploit is when a hacker sitting somewhere else in the world launches some sort of program that magically 'hacks' your computer giving them all your information. Those days are long over. Hackers these days usually rely on users to exploit themselves giving the hacker access to all your juicy credit card details. How do hackers do that? I am so glad that you asked.

   The most common way is one that you hear about all the time, phishing e-mails, commonly called Spam. You may think, “I hear about these scams all the time, I am aware of them, I'm protected!”

   At a recent talk a well known security expert (he does the same job that I do, just gets paid a lot more) said that hes averages a 30% response to his phishing e-mails. In a group of 30 people (fewer than is in our guild) more than 10 of them would click on a link or open an attachment on a malicious e-mail. Hey, who wants to open the e-mail from Malthrax about the upcoming raid now?

   Phishing attacks are only getting more popular, so take steps to protect yourself. Hackers can 'spoof' or send an email so that it looks like it is coming from whoever they want; your best friend, your husband/wife, your mom or dad, anyone in your contacts list. The old rule was to only open e-mails from people you know. Now days you should only open emails that from a sender that you know and that you are expecting to receive, just delete the rest.

   Don't go to My Space! Even Facebook is no longer safe. All those nifty modules that play music or videos, the little browser games, little flash animations; all of those can (and most likely are) malicious. Any of those require your computer to download progamming code and execute it on your computer. Sure it looks nifty, but do you know what else it is doing that you don't see?

There is no real easy way to protect yourself. It takes a layered approach to truly be safe. This is just an overview and I hope to expand uppon each of these points in more deatil with future posts. For now I hope, if you made it this far, you might be at least somewhat more informed about computer security.

Don't take anything I write here as gospel, please use this as a starting point and go out and read a bit about some of these ways to protect yourself. If you have any questions please feel free to ask!