Computer Security Guidance

Shop deals on ebay
Advertise with us
shop deals on amazon
Classic Parker Boat Forum

Help Support Classic Parker Boat Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Porkchunker

Porkchunker

Well-known member
Supporting Member
Joined
Feb 24, 2006
Messages
2,385
Reaction score
8
Location
Solomons Island, MD
Guys and Gals,

I do this for a living for DoD and some unmentionable Agencies.

Here is my guidance for home users:

1. Stop using Microsoft Internet Explorer and start using Firefox. Firefox does not understand how to process Active-X controls...a Microsoft invention that is the target of the vast majority of malicious code on the Internet.
2. Once you have Firefox downloaded and installed, install the "NoScript" add-on. It further prohibits java script and gives you "white list" capability, meaning you can declare certain sites (like CP) to be safe.
3. Hit the Microsoft Update site every week and ensure the Windows operating system and any other Microsoft applications ( e.g. Office) are updated.
4. Run a good anti-virus tool. Symantec and McAfee are both good. Keep it updated and run a full scan once a week.
5. Download and install Microsoft Defender. Keep it updated and run a full scan once a week.
6. If you have an ISP provided firewall, set it to deny all new inbound connections. Allow outbound, but deny new inbound. For many this is the medium/middle setting.
7. If you run MacOS, you can skip 1 and 3-5, but insure you hit the Apple MacOS update site once a week.
8. If you run Linux, you can skip 1 and 3-5, but insure you hit the appropriate Linux update site once a week.
9. Keep your tax files and Quicken (or Money, or TaxCut, or similar tools) files either off-line or encrypted. A good tool for that is TrueCrypt. PGP is good, but you can't share the encryption key with anyone else (like a spouse or executor). TrueCrypt is symmetric key, which means that the key can be shared with multiple people, thus the file can be opened by multiple people. PGP is asymmetric key, which means it is restricted to one entity.

My $0.02.

BTW, I've converted most of my home computers to Linux. I've discovered that the e-mail tool with Linux (Evolution) is good enough and that OpenOffice has handled every Microsoft Office file I've fed it, or had to share with someone else. I have a laptop loaded with Windows XP for those rare situations when I must run a Windows application (e.g., TurboTax and Quicken). It is a sole use device...the only time it gets booted is to update the security and use one of those two applications...then it gets shut down and unplugged from the network.

Dave

aka
 
BTW, if your ISP did provide a firewall/switch, do the following:
1. Enter the admin utility (normally by entering "192.168.1.1" in your browser URL address field.
2. Do a factory reset
3. Change the admin password to something complex that only you would know.


If your ISP did not provide a firewall/switch (COMCAST and most of the cable providers are in this nasty bucket), do the following:
1. Install a security suite that includes a firewall. Both Symantec and McAfee provide them.
2. Alternatively, you can download ZoneAlarm (freeware version) and install it. This is what I do on my Windoze boxes.

The key to whatever firewall you use is to follow the following general rules:
1. Deny all except that which you specifically want to allow
2. Deny all new inbound connections
3. Generally allow all of your new outbound connections
4. Deny fragments
5. Deny ICMP (all kinds)

If you don't understand what I'm talking about, do the following:
1. Don't do on-line banking or tax preparation on your home computer until you have someone else help you install and configure your machine.
2. Be VERY afraid of identity theft.

Dave

aka
 
Porkchunker":15gh1v0i said:
6. If you have an ISP provided firewall, set it to deny all new inbound connections. Allow outbound, but deny new inbound. For many this is the medium/middle setting.

Dave

aka
Click to expand...

First, Thanks for the tips.

Ok. I switched to Firefox about a month ago. But just did the add ons you suggested. How do I know if I have an isp firewall? How do I find the page that allows me to deny all new inbound?

I have an internet connection via Brighthouse cable and use my laptop that connects via a wireless router.
 
If the ISP provided a wireless router, there is probably an embedded firewall in it.

Locate the manufacturer and model number of the wireless router. Then Google that info looking for the configuration manual. It should tell you what the default (factory) password is, and how to configure the firewall portion.

Dave

aka
 
Good advice Dave.

For those folks using Mac OS X... your can set your software update preference (in the control panel) to check for updates daily. Do that, because you want to get these updates as soon as they are released.

Mac OS X also incorporates an OS level firewall. Make sure that it is turned on and set to the highest level. The OS level firewall allows you to set rules and exceptions, but don't do that unless you actually need to. Outbound traffic is fine, it's the inbound traffic you need to be concerned with.

I have a hardware broadband firewall and have it configured to do 128 bit encryption. That is pretty good protection for home use.
Use whatever level of encryption that you feel comfortable with using, but use something! Even WEP password is better than nothing.

If you have a wireless (802.11) network connection, set your SSID to no broadcast. No sense in letting everyone in the neighborhood know that you have a wireless connection, even if it is password protected.
If your SSID is not broadcast, the bad guys have to guess that name, plus the password, and will likely move on to easier pickings.

If you want to be a little more secure, set your broadband connection to only allow a certain number of DHCP leases. If you have 2 wireless devices, don't allow an unlimited number of leases.
If you really feel comfortable with this stuff, restrict those wireless connections to specific MAC addresses - much safer that way.

Hopefully I haven't confused everybody.
As always, YMMV.
 
Dave - Thanks for the guidance. It's truly appreciated.

Great tip on Noscript. Big fan here of Firefox and Open Office. Which Linux are you running?
 
Uniden UM385 25 Watt Fixed Mount Marine Vhf Radio, Waterproof IPX4 with Triple Watch, Dsc, Emergency/Noaa Weather Alert, All Usa/International/Canadian Marine Channels, Memory Channel Scan, White
-25%
$101.50 $134.99
Uniden UM385 25 Watt Fixed Mount Marine Vhf Radio, Waterproof IPX4 with Triple Watch, Dsc, Emergency/Noaa Weather Alert, All Usa/International/Canadian Marine Channels, Memory Channel Scan, White Amazon.com
BOSS Audio Systems MGR350B Marine Boat Stereo Gauge Receiver – Bluetooth Head Unit, No CD DVD Player, Built-in 4 Channel Amplifier, Weatherproof, USB, USB Charging
$108.32
BOSS Audio Systems MGR350B Marine Boat Stereo Gauge Receiver – Bluetooth Head Unit, No CD DVD Player, Built-in 4 Channel Amplifier, Weatherproof, USB, USB Charging Speece, Inc.
Quick Guide for VHF Radio Marine - Handy Boating Must Haves | Boating Accessory Reference for Improved Safety | Ideal Sailing Gifts | Informative, Concise and Long-Lasting | The Boat Galley
$14.29
Quick Guide for VHF Radio Marine - Handy Boating Must Haves | Boating Accessory Reference for Improved Safety | Ideal Sailing Gifts | Informative, Concise and Long-Lasting | The Boat Galley The Boat Galley
Pak Fishing Accessories, Fishing Equipment, Fishing Pliers, Fillet Knife, Fishing Gifts for Men, Fishing Kit, Fishing Gear and Equipment, Fishing Knife, Fishing Tools, Fillet Knife Fishing, Pesca
$39.95
Pak Fishing Accessories, Fishing Equipment, Fishing Pliers, Fillet Knife, Fishing Gifts for Men, Fishing Kit, Fishing Gear and Equipment, Fishing Knife, Fishing Tools, Fillet Knife Fishing, Pesca PAK Products
Posterazzi Medicine National Park Jasper Alberta Canada Rowboat On A Lake Poster Print, (22 x 34)
$66.93
Posterazzi Medicine National Park Jasper Alberta Canada Rowboat On A Lake Poster Print, (22 x 34) Amazon.com
Bluetooth Marine Boat Radio Receiver: Waterproof Marine Gauge Stereo System - HD LCD Display AM FM Tuner MP3 AUX-in USB Built-in EQ
$89.99
Bluetooth Marine Boat Radio Receiver: Waterproof Marine Gauge Stereo System - HD LCD Display AM FM Tuner MP3 AUX-in USB Built-in EQ Soundkits US
Pyle Marine Bluetooth Stereo Radio - 12v Single DIN Style Boat In dash Radio Receiver System with Built-in Mic, Digital LCD, RCA, MP3, USB, SD, AM FM Radio - Remote Control - PLMRB29B (Black)
-23%
$36.79 $47.99
Pyle Marine Bluetooth Stereo Radio - 12v Single DIN Style Boat In dash Radio Receiver System with Built-in Mic, Digital LCD, RCA, MP3, USB, SD, AM FM Radio - Remote Control - PLMRB29B (Black) Amazon.com
Dual Electronics MXD140 Marine Radio | AM/FM Stereo Receiver | 7-Character LCD | Single DIN | Boat Radio with Built-in Bluetooth | USB Port with 2.1 A Charging
-10%
$53.99 $59.99
Dual Electronics MXD140 Marine Radio | AM/FM Stereo Receiver | 7-Character LCD | Single DIN | Boat Radio with Built-in Bluetooth | USB Port with 2.1 A Charging WNH Distribution
OHIKA Microfiber Fishing Towels with Clip, Waffle Pattern for Effective Cleaning of Fishing Gears or Dirty Hands, 16” x 16”, Camping Towels, Hiking Towels, Pack of 3 (Black/Grey/Blue)
$9.99 ($3.33 / Count)
OHIKA Microfiber Fishing Towels with Clip, Waffle Pattern for Effective Cleaning of Fishing Gears or Dirty Hands, 16” x 16”, Camping Towels, Hiking Towels, Pack of 3 (Black/Grey/Blue) OHIKA FISHING GEAR
PLUSINNO 397pcs Fishing Accessories Kit, Fishing Tackle Box with Tackle Included, Hooks, Weights, Jig Heads, Swivels Snaps Combined into 12 Rigs, Fishing Gear Equipment for Bass
-15%
$25.47 $29.97
PLUSINNO 397pcs Fishing Accessories Kit, Fishing Tackle Box with Tackle Included, Hooks, Weights, Jig Heads, Swivels Snaps Combined into 12 Rigs, Fishing Gear Equipment for Bass Madisen US
Dr.meter Fish Scale Luggage Scale - PS01 110lb/50kg Backlit LCD Display Digital Scale with Built-in Measuring Tape - Fishing Scale with 2 AAA Batteries, Pocket Size - Fishing Gifts for Men
-47%
$9.49 $17.99
Dr.meter Fish Scale Luggage Scale - PS01 110lb/50kg Backlit LCD Display Digital Scale with Built-in Measuring Tape - Fishing Scale with 2 AAA Batteries, Pocket Size - Fishing Gifts for Men Thousandshores Inc
SWIMLINE HYDROTOOLS Safety Hook For Swimming Pools Emergency Life Preserving Saving Rescue Equipment Boats Parks Large Retrieve People Floating Objects Attaches To Telescopic Pole Telepole 89900
$37.89
SWIMLINE HYDROTOOLS Safety Hook For Swimming Pools Emergency Life Preserving Saving Rescue Equipment Boats Parks Large Retrieve People Floating Objects Attaches To Telescopic Pole Telepole 89900 In The Swim Pool Supplies
KastKing SteelStream 6pc Fishing Tool Kit - Corrosion Resistant Fishing Pliers with Lanyard, Fillet Knife, Floating Fish Lip Gripper, Fishing Braid Scissors, Tool Retractor, Fishing Gifts for Men
-29%
$26.99 $37.99
KastKing SteelStream 6pc Fishing Tool Kit - Corrosion Resistant Fishing Pliers with Lanyard, Fillet Knife, Floating Fish Lip Gripper, Fishing Braid Scissors, Tool Retractor, Fishing Gifts for Men MadBite USA
BOSS Audio Systems MGR300B Marine Boat Stereo Gauge Receiver - Bluetooth, No CD DVD Player, AM/FM Radio, IPX5 Weatherproof, USB, MP3
$100.47
BOSS Audio Systems MGR300B Marine Boat Stereo Gauge Receiver - Bluetooth, No CD DVD Player, AM/FM Radio, IPX5 Weatherproof, USB, MP3 Speece, Inc.
1.5" / C Size Ball Aluminum Fish Finder Mount with Extension(18.3") Arm, Marine Electronic/Depth Finder Mount for Boat, 360° Rotation, Compatible with Garmin, Lowrance, Humminbird and More
$79.99
1.5" / C Size Ball Aluminum Fish Finder Mount with Extension(18.3") Arm, Marine Electronic/Depth Finder Mount for Boat, 360° Rotation, Compatible with Garmin, Lowrance, Humminbird and More WINDFRD
PLUSINNO 2 Pack Fishing Rod Holders for Boat, Upgraded Fishing Rod Holder with Enlarge Clamp, Innovative Dual-V Shaped Design, Fit Round/Square Tube Boat Fishing, Fishing Gear, Fishing Gifts for Men
-34%
$32.97 $49.99
PLUSINNO 2 Pack Fishing Rod Holders for Boat, Upgraded Fishing Rod Holder with Enlarge Clamp, Innovative Dual-V Shaped Design, Fit Round/Square Tube Boat Fishing, Fishing Gear, Fishing Gifts for Men Madisen US
Piscifun Fishing Line Winder Spooler Machine Spinning Reel Spool Spooling Station System Automatic Spools Holder
-19%
$29.99 $36.99
Piscifun Fishing Line Winder Spooler Machine Spinning Reel Spool Spooling Station System Automatic Spools Holder WILDPULSE
Marine Electronic Mount, Fish Finder Bracket, Anodized Aluminum 350 Degree Swivel Monitor Mount with Adjustable Height, Easy Install, Mounting Plate Fits Most Monitors
$214.99
Marine Electronic Mount, Fish Finder Bracket, Anodized Aluminum 350 Degree Swivel Monitor Mount with Adjustable Height, Easy Install, Mounting Plate Fits Most Monitors PlusDigUSA
Uniden Atlantis 155 Handheld Two-Way VHF Marine Radio, Floating IPX8 Submersible Waterproof, Dual-Color Screen, All USA/International/Canadian Marine Channels, NOAA Weather Alert, 10 Hour Battery
-16%
$67.04 $79.99
Uniden Atlantis 155 Handheld Two-Way VHF Marine Radio, Floating IPX8 Submersible Waterproof, Dual-Color Screen, All USA/International/Canadian Marine Channels, NOAA Weather Alert, 10 Hour Battery Amazon.com
Fishing Landing Net with Telescoping Pole Fishing Net Freshwater Fishing Net for Pond, Handle Full Extended to 50 Inches
-6%
$14.99 $15.99
Fishing Landing Net with Telescoping Pole Fishing Net Freshwater Fishing Net for Pond, Handle Full Extended to 50 Inches Restcloud
Easiest Fishing Knots: Waterproof Guide on How to Tie 12 Simple Fishing Knots with Mini Carabiner, Perfect for Beginners
-12%
$7.89 $8.99
Easiest Fishing Knots: Waterproof Guide on How to Tie 12 Simple Fishing Knots with Mini Carabiner, Perfect for Beginners ReferenceReady
LUCKY Kayak Portable Fish Depth Finder Water Handheld Fish Finder Sonar Castable Kayak Boat Fishfinder Transducer Fishing LCD Display FFC1108
$42.99
LUCKY Kayak Portable Fish Depth Finder Water Handheld Fish Finder Sonar Castable Kayak Boat Fishfinder Transducer Fishing LCD Display FFC1108 ykhangseng
Well I downloaded the no script thing but now, everytime I go to a website, to see a you tube video for example, the video wont play unless I temporarily allow that site or add it to the whitelist.

If I am temporarily allowing a site, aren't I opening my pc to whatever gremlins are lurking there? What's the point of having the no script thing If I need to see what's on that site anyway. Am I missing something?
 
The vast majority of sites you won't need to "temporarily allow." The bulk of the crap that runs on these sites is related to pop-ups and advertising. Everything that can be blocked reduces your risk.

There are some sites I've permanently trusted (like ClassicParker, my company, and several Information Assurance sites) I visit on a daily basis. Once that is done, I don't have to worry about the notices/warnings.

I guess you have to ask yourself...is the 2 seconds it takes to "temporarily allow" worth the time of having my identity stolen or even having to rebuild a machine to regain control?

For me the answer is obvious.

Dave

aka
 
Mokee":zq68gep8 said:
Dave - Thanks for the guidance. It's truly appreciated.

Great tip on Noscript. Big fan here of Firefox and Open Office. Which Linux are you running?
Click to expand...

I'm always on the bleeding edge. Running Fedora 7, 8, and about to replace the 7 with 9. What I see in Fedora shows up in Red Hat Enterprise Server about a year later. My customers run a lot of RH, so it is important for me to stay ahead of them on how to "harden" the operating systems before they begin to buy them.

Dave

aka
 
You must log in or register to reply here.

Latest posts

Back
Top