Securing Your Wireless Network

Working from home while using a wireless local area network (WLAN) may lead to theft of sensitive information and hacker or virus infiltration unless proper measures are taken.

As WLANs send information over radio waves, someone with a receiver in your area could be picking up the transmission, therefore gaining access to your computer. They could load viruses on to your computer which could be transferred to other computers on your network.

Up to 75 per cent of WLAN users do not have basic security features installed, while 20 per cent are left completely open with the default configurations.

It is recommended that wireless router/access point setup be always done though a wired client.

You can setup your security by follow these steps:

Change default admin password on wireless router/access point to a secured password.

Change your WEP keys periodically.

Change the channel your router uses to transmit and receive data on a regularly basis.

Use encryption such as WEP and WPA. If equipment does not support at least 128-bit WEP encryption, consider replacing it.

Change the default SSID on your router/access point to a hard to guess name. Setup your computer device to connect to this SSID by default.

Setup router/access point not to broadcast the SSID. The same SSID needs to be setup on the client side manually. This feature may not be available on all equipment.

Block anonymous Internet requests or pings.

On each computer having a wireless network card, network connection properties should be configured to allow connection to Access Point Networks Only.

Computer to Computer (peer to peer) Connection should not be allowed. Enable MAC filtering. Deny availability to your wireless network for unspecified MAC addresses.

Mac or Physical addresses are available through your computer device network connection setup and they are physically written on network cards.

When adding new wireless cards / computers to the network, their MAC addresses should be registered with the router /access point.

Network router should have firewall features enabled and demilitarized zone (DMZ) feature disabled.

All computers should have a properly configured personal firewall in addition to a hardware firewall. You should also update router/access point firmware when new versions become available.

There is no guarantee of a full protection of your wireless network, but following these suggested tips can definitely lessen your risk of exposing to attackers aiming at insecure networks.

Securing Your Wireless Network

Working from home while using a wireless local area network (WLAN) may lead to theft of sensitive information and hacker or virus infiltration unless proper measures are taken.

As WLANs send information over radio waves, someone with a receiver in your area could be picking up the transmission, therefore gaining access to your computer. They could load viruses on to your computer which could be transferred to other computers on your network.

Up to 75 per cent of WLAN users do not have basic security features installed, while 20 per cent are left completely open with the default configurations.

It is recommended that wireless router/access point setup be always done though a wired client.

You can setup your security by follow these steps:

Change default admin password on wireless router/access point to a secured password.
Change your WEP keys periodically.

Change the channel your router uses to transmit and receive data on a regularly basis.

Use encryption such as WEP and WPA. If equipment does not support at least 128-bit WEP encryption, consider replacing it.

Change the default SSID on your router/access point to a hard to guess name. Setup your computer device to connect to this SSID by default.

Setup router/access point not to broadcast the SSID. The same SSID needs to be setup on the client side manually. This feature may not be available on all equipment.

Block anonymous Internet requests or pings.

On each computer having a wireless network card, network connection properties should be configured to allow connection to Access Point Networks Only.

Computer to Computer (peer to peer) Connection should not be allowed.

Enable MAC filtering. Deny availability to your wireless network for unspecified MAC addresses.

Mac or Physical addresses are available through your computer device network connection setup and they are physically written on network cards.

When adding new wireless cards / computers to the network, their MAC addresses should be registered with the router /access point.

Network router should have firewall features enabled and demilitarized zone (DMZ) feature disabled.

All computers should have a properly configured personal firewall in addition to a hardware firewall. You should also update router/access point firmware when new versions become available.

There is no guarantee of a full protection of your wireless network, but following these suggested tips can definitely lessen your risk of exposing to attackers aiming at insecure networks

SpywareGuard 2.2

A real-time protection solution against spyware!

SpywareGuard provides a real-time protection solution
against spyware that is a great addition to
SpywareBlaster’s protection method.

An anti-virus program scans files before you open them and
prevents execution if a virus is detected - SpywareGuard
does the same thing, but for spyware! And you can easily
have an anti-virus program running alongside SpywareGuard.

SpywareGuard now also features Download Protection and
Browser Hijacking Protection!

Features Listing:
Fast Real-Time Scanning engine - catch and block spyware
before it is executed (EXE and CAB files supported) with
signature-based scanning for known spyware and
heuristic/generic detection capabilities to catch
new/mutated spyware

Download Protection
Prevent spyware from being download in Internet Explorer

Browser Hijacking Protection
Stop browser hijacking activity in real-time

SG LiveUpdate
Provides an easy updating solution

Small size
With a small size and small definition sizes, download and
updates are quick

Report Capabilities
Keep a detailed log of all spyware detected

Spyware files are blocked before being opened or run -
they are not simply shut down after they are loaded in
memory (and after they have performed their tasks)

It’s a free download and is freeware

Get it here:
http://www.majorgeeks.com/download3045.html

SpywareGuard is compatible with: Windows 98, ME, 2000, XP

SpywareBlaster 3.5

SpywareBlaster can help keep your system spyware-free and
secure, without interfering with the “good side” of the web.

Spyware, adware, browser hijackers, and dialers are some
of the fastest-growing threats on the Internet today.

By simply browsing to a web page, you could find your
computer to be the brand-new host of one of these unwanted
fiends!

The most important step you can take is to secure your
system.

SpywareBlaster is the most powerful protection program
available.

Prevent the installation of ActiveX-based spyware, adware,
browser hijackers, dialers, and other potentially unwanted
software.

Block spyware/tracking cookies in Internet Explorer and
Mozilla/Firefox.

Restrict the actions of potentially unwanted sites in
Internet Explorer.

SpywareBlaster can help keep your system spyware-free and
secure, without interfering with the “good side” of the web.

And unlike other programs, SpywareBlaster does not have to
remain running in the background.

Get yours from:
http://www.majorgeeks.com/SpywareBlaster_d2859.html

SpywareBlaster is freeware for personal and educational use.

Lavasoft Ad-Aware 2007 Free Edition

Lavasoft believe that every individual, regardless of
economic status or geographic location, should have the
power to control their individual privacy and security.
Lavasoft is the original anti-spyware company, and they are
still delivering the best protection today. After all, over
300 million computer users around the world can’t be wrong!

With the ability to scan your RAM, Registry, hard drives,
and external storage devices for known data-mining,
advertising, and tracking components, Ad-Aware 2007 easily
can clean your system, allowing you to maintain a higher
degree of privacy while you surf the Web.

Ad-Aware 2007 includes a redesigned engine, improved code
sequence identification, incremental definition updates,
one-click Web-history cleanup, multiple browser support,
and other new features.

One of the first applications built to find and remove
adware and spyware, Ad-Aware 2007 maintains Lavasoft’s
excellent reputation.

The interface features two skins and six tabs in the. The
first two, Status and Scan, initiate file scans for adware.
After scanning is complete, the program presents a results
summary, followed by a line-item list from which you can
select which components to remove. There is also an option
to create a system restore point. Right-clicking an
individual entry gives some information about suspected
adware.

The third button offers real-time defenses but only in the
paid version. Web Update, the next button, controls
definition file updates. The fifth button, Tools and Plug-
ins, shows you which plug-ins are installed and controls
TrackSweep, the new browsing tracks cleaner. TrackSweep is
the only free function here. Smoothly integrated into the
application, it wipes the cache, cookies, and history, and
other traces left by browsing.

Settings is last, and provides access to auto-scans,
browsers, scanning, the interface, and log files. The
application does an excellent job of removing most malware
components. Despite the restrictions on the free edition,
this is a fully functional adware remover, and Ad-Aware
2007 should be part of your defence system.

More Key Features
User-Controlled Spyware Removal - Decide for yourself what
to delete from your system and what to keep.

Extensive Detection Database - Stay protected with regular
updates from the extensive library of identified and
analyzed spyware.

System Restore Point - Easily revert back to your clean
system to recover from a spyware attack.

Surf the Internet with peace of mind and let Ad-Aware
shield you from dangerous intruders and prying eyes.

Preserve your computer investment with regular scans to
identify and remove malicious applications that eat up
memory and steal bandwidth so your computer runs as
smoothly as the day you bought it.

At present it is not compatible with Windows Vista, which
can install the program, but it sometimes crashes or hangs
during scans. A Vista-compatible edition will be released
in August 2007.

Download it free from here:
http://www.lavasoftusa.com/products/ad_aware_free.php

Note: Ad-Aware 2007 Free is free of charge for personal
home use only. Commercial use is prohibited. For real-time
protection and advanced options, paid versions are
available from Lavasoft at www.lavasoft.com.

Virus Protection from AVG - Tutorial included

Protecting your computer from a virus is getting harder and harder each day. While it may border on the paranoid, it goes without saying that you can’t leave your guard down for one second. Even corporate giant Microsoft has found its own systems compromised on more than one occasion.

Because new viruses erupt daily, it is important that you regularly update your antivirus software. Become familiar with the software’s real-time scan feature.

Make it a habit to always scan all new programs or files no matter from where they originate.
Perform regular backups in case your system is corrupted. It may be the only way to recover your data if infected.

I suspect a lot of people get virus infections because they download random files off the internet. Kazaa/eMule and other peer-to-peer are great places to download infected items. It is important that if you use such programs that you have one dedicated folder to download too, and before opening or running anything scan it first with an anti-virus program. I recommend that people who want to exchange files over the internet (including entire folders of files) do so using encrypted solutions (and only with friends or people they know). A great new application is GigaTribe, it encrypts all exchanges, no files size limits, and is free from any spyware/adware.
Their website is http://www.gigatribe.com

AVG Anti-Virus Free Edition is a free downloadable antivirus program that has received high marks for its reliability. In the past, free downloadable antivirus programs have been viewed skeptically because of issues relating to its reliability.

However, AVG from Grisoft, remains one of the best-known free anti-virus programs available. While AVG cannot be installed on a server operating system and there is no technical support, it still makes a good choice for many home computer users.The best part is that it is free for both Windows and Linux and it checks for updates on a regular basis.

I have been using AVG free Anti-Virus for many years and install it as first choice on other peoples machines.

Get yours here:http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Save the program to a folder which is easily accessible, I created one on my desktop and renamed it Downloads, this is where I download all of my utilities etc. so I have them in one easily accessible location.

Once installed AVG loads at startup and sits in your system tray.It will carry out a complete scan on a daily basis, but you can schedule it to do this at a time convenient to you. When it has completed its scan a small window will pop up with the results.

You also have the added benefit of real-time scanning as it runs in the backgound and will warn you if something you are downloading is infected.

You can also left click any folder or an item within a folder and scan it with AVG.

Important: Do NOT use more than one Anti-Virus programas it will give you false readings.

http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Windows Media Player Tutorial - Click Here

CCleaner - clear your browsing history safely

I have covered this previously, but have added some new
information to this.

CCleaner is a freeware system optimization and privacy
tool. It removes unused files from your system - allowing
Windows to run faster and freeing up valuable hard disk
space by automatically cleaning the cache when run. It also
cleans traces of your online activities such as your
Internet history. It also only takes a few seconds to run
and remove these unwanted files from your pc.

There have been over 55 million downloads of this program

http://www.filehippo.com/download_ccleaner/

Internet Explorer
Temporary files, URL history, cookies, Autocomplete form
history, index.dat.

Firefox
Temporary files, URL history, cookies, download history.

Opera
Temporary files, URL history, cookies.

Windows
Recycle Bin, Recent Documents, Temporary files and Log
files.

Registry cleaner
Advanced features to remove unused and old entries,
including File Extensions, ActiveX Controls, ClassIDs,
ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files,
Application Paths, Icons, Invalid Shortcuts and more…
also comes with a comprehensive backup feature

Third-party applications
Removes temp files and recent file lists (MRUs) from many
apps including Media Player, eMule, Kazaa, Google Toolbar,
Netscape, MS Office, Nero, Adobe Acrobat, WinRAR, WinAce,
WinZip and many more…

This software does NOT contain any Spyware, Adware or
Viruses.

I set mine up as follows:
Click on the Cleaner Tab on the left and under Windows I
tick all boxes in Internet Explorer, Windows Explorer and
System. Under Advanced tick only the first 2 boxes. Then
click on the Applications tab and tick all.

Issues tab:
Unless you are competent at dealing with the registry then
leave this one alone and DO NOT run it.

If you wish to run the Issues to clean the Registry, carry
out the following first:

Backup your Registry. Go to Start, Run and type in regedit
click on OK and the Registry Editor will then open. Go to
the top Tabs and click on File, scroll down until you see
Export, left click it and this will open Export Registry File
window. Save this file to your desktop and in the File Name
box enter Registry Backup File.
Click on Save and it should now be on your desktop.
Verify the file is a good copy, in the Registry Editor
window click on File, select Import, in new panel where it
says ‘Look in’ select desktop and then click on your saved
file then click ‘Open’. Once it says it has been read in
successfully, you have a good backup.
Now if you find that some programs are no longer running
in the way that they should, restore your Registry as detailed
above. CCleaner will also create backup copies of your Registry
and I suggest that if you do choose to run the Registry Issues
untick all of the boxes and tick one box at a time and run each
one separately.

Tools tab:
Here you will find a list of Uninstall options to remove
programs from your pc, use with caution. I prefer to use
the Add/Remove function or the programs own uninstaller.

Startup:
Lists all programs that are set to run when you boot up,
if you are unsure about deleting any of these then leave it
as it is.

Options tab:
Settings - Choose your language, untick Run CCleaner when
the computer starts, tick the next 3 boxes, then look at
the Secure Deletion, tick the radio button ‘Secure file
deletion (Slower) and set it to NSA (7 passes)

Cookies - entirely up to the individual, but I don’t save
any cookies.

Custom - You can drag and drop files or folders into the
window or browse for them and on the next run they will be
securely deleted.

Advanced - Untick boxes 1-3 tick all others.

Finally click on the Cleaner tab on the left and you have
the option to Analyze or Run Cleaner. When you are
comfortable using this program you won’t use Analyze, but
initially do use it to see what can be deleted and the
approximate size of files to be deleted.

Important
This will remove any saved passwords and usernames that
you have, so make sure that you have a copy of them all
before proceeding to clean.

http://www.filehippo.com/download_ccleaner/

Windows Media Player tutorial:

http://www.a1-ebooks.co.uk/tutorials/CCleanerSetup.wmv

Open a text document, enter the URL, username and
password, save this to floppy, external drive or print it
off. Do NOT save this text file to your hard drive.

There is an excellent program for saving your passwords
etc available from http://www.roboform.com/
I will cover this in more detail another time.

As always, back-up your system or create a restore point
before making any changes.

To your safety and security online
cotojo

Securing Windows XP

With its default configurations, Windows XP is not very secure. However, by making some simple changes,you can secure your system and data from attackers and viruses.

Automatic Updates
Keeping your system up-to-date is crucial to maintaining security. Microsoft releases security updates and makes them available for download on the Windows Update web site.
Using the Automatic Updates feature, Windows XP can be configured to download and install updates for you automatically at a time that suits you.

Scheduling this task is very simple. In Windows XP, use the following steps to enable this feature:
1. Right click My Computer and select Properties.
2. Click the Automatic Updates tab from the System Properties box.
3. Select the option to Automatically download the updates, and install them on the schedule that I specify.
4. Select the day and the time when you want the updates installed.
5. Click Ok.

Windows Firewall
Windows XP includes the Internet Connection Firewall service. In Windows XP Service Pack 2, the ICF is renamed to Windows Firewall and it is enabled by default. It is designed to protect your computer from intruders while it is connected to the Internet.

Note: if you are setting up a home network, do not enable Windows Firewall on your LAN (Local Area Network)connection. Only enable it on the Internet connection. If you enable it on your LAN connection, it will block File and Printer Sharing.

Important NoteIf you are using Zone Alarm Free Firewall DO NOT enable the Windows Firewall.

User Accounts
Windows XP includes various built-in user accounts. There are certain steps that you should take to ensure they are not compromised.

Disable the Guest Account. The guest account has always been a huge hacker hole and should remain disabled if it is not required.

Require passwords for all user accounts. Obviously, blank passwords are a bad idea if you care about security.Make sure you assign passwords to all accounts, especiallythe Administrator account and any accounts with Administrator privileges. All passwords should be a minimum of eight characters in length.

In Windows XP Home Edition all user accounts have administrative privileges and no password by default.Make sure you close this hole as soon as possible.

Rename the Administrator account. By renaming the administrator account hackers will have to guess the password and the name assigned to the account.

Don’t make it easy for hackers, renaming the Administrator account will stop some hackers in their tracks, and will deter the more determined ones. They won’t know what the group permissions are for an account, so they’ll try to hack any account they find and then try to hack other accounts toimprove their access. If you rename the Administrator account, try not to use the word Admin in its name. Pick something that won’t make it easy for others to guess.

Remote Desktop
Windows XP Professional’s Remote Desktop allows users to connect remotely to your computer.Although it can be useful for obtaining remote assist with troubleshooting problems, it is also an open door for intruders. Remote Desktop should always be disabled and only enabled when it is needed.
To disable Remote Desktop right click on My Computer, select properties then click on the Remote tab and untick the check box beside Allow Remote Assistance invitations to be sent from this computer.

Anti-virus Software
Anti-virus software is a program designed specifically to detect and remove viruses, making it an essential application to install. Once you install anti-virus software,it will scan your computer and clean any viruses it finds.

Some of the more popular antivirus software programs are listed below, though I refuse to pay for these as mentioned below you can get the same protection for free.
1. Trend Micro
2. McAfee
3. F-secure
4. Symantec
5. Computer Associates
6. Panda Software
Most anti-virus software must be purchased or it may be included with the purchase of a new computer for a limited time.

I highly recommend the use of AVG-AntiVirus available fromhttp://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

I have covered this with a tutorial athttp://cotojo.wordpress.com/2007/04/27/avg-anti-virus-installation-guide/

Important note: DO NOT use more than ONE anti-virus program on your pc as this will cause conflicts.

I prefer to use AVG which scans daily and also runs in the background continuously. On a monthly basis I use Trend Micro housecall online.

Screensavers
Ok, so you are sitting at your desk, or left it for a while and suddenly, a nice image appears on your screen. Ok it’s your screensaver. However, screensavers can serve a much more important purpose other than providing us some cool images, and preventing screen burn.

Enabling a screensaver can increase the security on your computer.
Use a password protected screensaver, this stops others from accessing your computer.
You can configure a screensaver to start when your computer has been idle for a specific amount of time (eg: 5minutes). By password protecting the screensaver, the computer is locked when the screensaver starts. This is a simple idea for additional security. You will need to enter the correct password to resume using your pc.
So once a password protected screensaver has been enabled,you can walk away from your computer knowing thateverything is secure. In Windows XP, you can use the steps outlined below to enable a password protected screensaver.
1. Right click a blank area on your your desktop and click Properties.
2. From the Display Properties dialog box, select the Screensaver tab.
3. Use the drop down arrow to select your screensaver of choice.
4. Change the Wait value to specify how long the computer can remain idle before the screensaver is started.
5. Select the On resume, password protect option. If you do not select this option any activity will cause the desktop to appear.

Give your pc a quick tune-up at http://pcpitstop.com
Run the Full Tests from the menu on the left of the page after creating a user account and password.

Go to http://www.belarc.com/free_download.html
The Belarc Advisor builds a detailed profile of your installed software and hardware, missing Microsoft hotfixes,anti-virus status, CIS (Center for Internet Security) benchmarks,and displays the results in your Web browser. All of your PC profile information is kept private on your PC and is not sent to any web server. I would recommend that you print off the results page as it contains details of your Drivers and Software License Keys, useful if you have to perform a format.

Scan for any viruses at http://housecall.trendmicro.com/

Check to see if your ports are Open, Closed or in Stealth mode athttps://www.grc.com/x/ne.dll?bh0bkyd2

Check your internet connection speed at
http://www.abeltronica.com/velocimetro/pt/?idioma=uk&newlang=uk
Click the green arrow beside the flag on the top right of the header and select your language. Scroll down to Speedometer and click on Test Now.

Remember to always back-up your system or create a restore point before making any changes.

Safe surfing everyone
cotojo

Using Spybot S&D - Tutorial included

Spybot - Search and Destroy is an adware and Spyware detection and removal tool.
It includes removal of certain advertising components,which may gather statistics as well as detecting various keylogging and other spy utilities.

It securely removes PC and Internet usage tracks, including your browser history, temporary pages, cookies (giving you the option to keep selected cookies) and more.The program interface is easy to use and multi-lingual.

SpyBot-S&D allows you to exclude selected cookies, programs or extensions from being reported, allowing you to prevent false positive messages for items that you dont want to be alerted of every time.

It can even scan your download directory for files that have been downloaded, but not yet installed, allowing you to detect unwanted programs before you even install them.

SpyBot produces a detailed and easy to understand report before it deletes any files and allows you to deselect any item that you do not want to be processed.

It also incorporates a recovery feature allows you to restore your settings if you need to which can be very useful.

The site is multi-lingual and I recommend that you look at:
http://www.safer-networking.org/en/tutorial/index.html

Spybot S&D can be downloaded from:
http://www.safer-networking.org/en/mirrors/index.html
Simply select your language and download from one of thesites provided.


Media Player Tutorial:
http://www.a1-ebooks.co.uk/tutorials/Spybot.wmv

MRU-Blaster Guide

MRU-Blaster is a program that does one large task - detect and clean the MRU (most recently used) lists on your computer.

This program is Freeware, although donations are accepted

goto: http://www.javacoolsoftware.com/mrublaster.html

Download this program, I suggest that you place a NewFolder on your Desktop and rename it 'Downloads'. You can then download the various programs that I pass on to you in one central location, and always make back up copies.

The additional plug-ins are described below and allow you to clean out your Temporary Internet Files and Cookies. MRU-Blaster enhances the protection of your privacy!

MRU-Blaster setup: Take care setting this up.

When installed go to Settings and tick boxes1,3,4,6,7,8,9, & 10 on the left hand side.
Tick boxes 3,5,6, 7 & 8 on right hand side, then Save Setting.

Click on 'Go To Plugins' then click cookie blaster. Do not save any cookies as they are used to monitor your internet activity.

Click on 'IE Temporary Internet File Cleaner', tick EnableSecure Deletion of Files and click radio button 'Specify a custom number of passes and set to 7. Then save Settings & Run Now.
Using this program frequently only takes a few seconds and removes traces of the Most Recently Used (MRU) lists on your PC. These lists contain details of the name/locations of the files you have accessed. Traces of these are left scattered through your registry and unless removed are there for all to find.

One very important thing - do NOT save your passwords on your hard drive and do NOT tick the boxes asking to remember your login details.
Open any text document and type in the URL, Username and Password for each site that you have a password for, save this to either a floppy disc, flash drive, or other removable media, Do NOT save this text file on your hard drive।

I will cover another program for using secure passwords in the near future.

goto: http://www.javacoolsoftware.com/mrublaster.html

Safe surfing everyone
cotojo