| Security Alert! Scotty, get us out of here fast! | | | | Right-click Start - Select Explore - Click the Tools |
| Acquire these ten safeguards now before you | | | | menu - Folder Options - View, - UNCHECK "Hide |
| surf the Internet. They will significantly reduce | | | | extensions to known file types" |
| your online vulnerability! | | | | Priority #7: Is Windows Firewall Turned On?XP has |
| Priority #1: Routers (Linksys is most common) | | | | a built-in firewall that should be turned on IF you |
| Find out if they have NAT (network address | | | | do not already have a firewall running. You can |
| translation) functionality, a must have. | | | | check your firewall status by going to Start - |
| Don't get or use wireless routers until you | | | | Settings - Control Panel - Windows Firewall. |
| understand how to secure them. Your wireless | | | | Priority #8: Wireless Networking |
| router should have RJ-45 ports for wired | | | | FundamentalsThere are many possible wireless |
| connections. | | | | configurations of hardware and software. Let's |
| Don't experiment, get a standard brand. | | | | look at the most common and hopefully you can |
| Linksys is a division of Cisco, a world leader. | | | | draw from this knowledge and apply it to your |
| Priority #2: Anti Virus (Symantec or AVG are | | | | circumstances. As our example, let's look at the |
| common) | | | | Linksys BEFW11S4 Wireless Access Point (also |
| Don't experiment. Use a standard brand. The | | | | known as a wireless router). You must at a |
| U.S. Government has used Norton and McAfee | | | | minimum configure the routers Setup page by |
| successfully. | | | | running http: //192.168.1.1, (Do this with the a |
| You must download current virus definitions | | | | "wired" network connection to the router!) |
| regularly, or set the software to do these | | | | Reset the admin password (default user |
| updates. You must use the "auto-protect" feature | | | | name is blank, password is admin) |
| to warn of real time threats. | | | | Reset the default SSID |
| Priority #3: Firewalls | | | | Disable SSID broadcast |
| ZoneAlarm, Comodo, or Tiny Personal Firewall | | | | Change the default channel |
| offer free versions. Check these out. ZoneAlarm | | | | Enable WEP with 128 bit key |
| has a product with Anti-Spyware bundled with a | | | | Change authentication type to shared key |
| firewall for $19.95 and a full version firewall suite | | | | This can all be explained in detail in your owner's |
| for $49.95. | | | | manual or at your manufacturer's web site. For |
| Priority #4: Use NTFS security correctlyDon't | | | | example the Linksys wireless security is explained |
| confuse NTFS security (Using the Security tab on | | | | at: |
| a file's Properties sheet) with Share Permissions. | | | | Linksys also has a Support page at |
| Shares are convenient for making files visible over | | | | Priority #9: Do You Use Data Encryption?You |
| a network and they provide very basic | | | | should take advantage of XPs encryption feature |
| permissions. fsmgmt.msc is the tool that manages | | | | for any sensitive files. File Properties, then |
| shared folders. (Administrative account is required) | | | | Advanced, then Encrypt contents... There is one |
| Use NTFS permissions to secure your files. | | | | caveat. If you ever need to access your |
| (Reminder: To use NTFS permissions, right-click on | | | | encrypted files from another account, you will |
| any folder or file, select Properties, then click the | | | | receive Access Denied. Say your account is |
| Security tab and choose your settings.) | | | | corrupted and you logon to the Administrator |
| Priority #5: Stop Sharing Folders | | | | account to copy all your data. You will be unable |
| Be aware of what folders you are sharing. To | | | | to open or copy any encrypted files. Solution: |
| see these, click Start, then click Run. Type in | | | | backup all encrypted files to a FAT32 USB drive |
| fsmgmt.msc then click OK. In the left pane, click | | | | and they will always be available. |
| Shares. All shares should appear. As a general rule, | | | | Priority #10 Always use the best data protection |
| don't share folders. If you don't need to share, | | | | technique ever invented. What is that? Test |
| then right-click on the share and select Stop | | | | yourself -- |
| Sharing. Alternatively, you can see all shares by | | | | NTFS file system |
| entering your computer name in the Run box | | | | Cisco firewall |
| preceded with double backslashes (no spaces) ( | | | | 128 bit encryption |
| for exampleyourcomputername (also known as | | | | Backup to USB drive |
| system name, or hostname), or by running | | | | Answer: Security is built in layers of protection |
| msinfo32 in the Run box. Look on the right for | | | | and between those layers there will always be |
| System Name.) (P.S. msinfo32 is usually slow to | | | | potential for data loss, corruption or attack. |
| load.) | | | | MAKING BACKUP COPIES OF YOUR DATA ON |
| Priority #6: Are your files extended? Stop | | | | EXTERNAL MEDIA IS YOUR BEST PROTECTION. |
| that!Scenario: You open a file named Favorite.jpg - | | | | Test your backup! Statistics have shown that a |
| obviously an innocent jpg photo, no security | | | | large percentage of backups fail when needed. |
| problem. But then - a small program executes. | | | | P.S. I highly recommend to logon to your |
| Why? The file's full name is Favorite.jpg.exe. | | | | Windows system with a "non" administrator |
| Strange name for a file, and this one happens to | | | | account. By default you will be using the built-in |
| be a virus! You didn't see the exe because your | | | | administrator account which is a huge liability. The |
| "file extension" view was set to HIDE extensions! | | | | XP Security Secrets guide at explains how to fix |
| Fix this potential problem and see your complete | | | | this. |
| file names by doing this: | | | | |