send money to world



21 February 2010

Secure your PC in 10 minutes

Secure your PC

in 10 minutes

CHIP shows you how to completely secure your PC from scratch

When it comes to security, you'll notice that household assets are usually locked in to prevent theft, banks have their high-security surveillance systems in place and classified documents are usually stored in ultra-secure lockers. Similarly our computers and networks need several levels and layers of security in order to prevent data theft. Also it’s crucial to prevent infiltration by potentially harmful programs and bots that steal private information. When you enter data in your computer such as credit card information, bank account details, passwords and digital signatures, it is all vulnerable unless sufficient precautionary measures are taken. Prying eyes on the Internet take advantage of these susceptibilities to extract as much information as possible to either sell it for monetary gain, use it for malicious purposes , or both. One may think that hacking into somebody’s computer is easy, well it isn’t if you’re taking all the right steps towards high level security.

In this story, CHIP walks you through the entire process of adding levels of security to a PC and also shows you the tools that can be used for the task. Once you’ve applied all the levels of security mentioned in this story, no one will have access to your data. If someone does manage to steal your data, he will not be able to use it in any form. Yes! There is a way to do this!

Updates: 1 minute

When an operating system is first released, there are numerous security loopholes and bugs in it. These make a system susceptible to a plethora of viruses, Trojans and other types of malware. Furthermore, such vulnerabilities are playgrounds for hackers. So how does one fix them? Patches and updates are frequently released by the manufacturer, for instance, Microsoft releases service packs and other minor updates for all current versions of Windows.

It’s a good idea to regularly install updates for your system. Be it Windows XP, Vista or any other platform, all operating systems require updates. In Windows, it is recommended to keep the ‘Automatic Updates’ option on. This way, they are periodically and automatically installed even without the user's intervention. In XP, go to Control Panel | Security Center | Automatic Updates and click the ‘On’ button.

In Vista, go to Start | All Programs | Windows Updates. Here, Windows verifies the installation for security threats with ‘Search For Updates’ and thereafter installs suitable updates for the system. Though the update process takes a while to complete—around 20 to 40 minutes—it runs in the background so your work isn’t hindered. Above all, updates ensure security as well as compatibility of a system with the latest hardware and peripherals.

Virus Scanner: 1 minute

Before we move any further, here’s a rule of thumb: never install more than one antivirus program on your computer. This is because two or more programs clash with each other during a scan, due to which a system may hang, become sluggish or shut down altogether.

The world over, antivirus companies detect thousands of threats every day. Let’s say your computer has no antivirus software installed and you’re online for 24 hours at a stretch. You would thus send/receive emails with attachments, exchange and download files, click on ads and banners, and basically do everything that’s a big mistake without having an antivirus program or a security suite installed. By now, if your system hasn’t died from exposure to malware, it has definitely leaked out information without your consent. And that’s just the tip of the iceberg! Prowling hackers are already spying on you.

That was only a hypothetical situation, but if you don’t secure your system, it can really happen. There are many security suites and standalone antivirus programs such as the ones provided by Symantec, Kaspersky, F-Secure and so on. In addition to antivirus programs, they also provide security from adware, spyware, Trojans and other online threats. Some programs are paid for and others are free. A fine example of the latter is AVG Free. It’s a free antivirus program that provides basic yet effective protection from the latest viruses that crop up each day. But remember that all antivirus programs need to be updated regularly so that they have all the latest virus definitions.

When an application is executed, these programs warn you whether there are any suspected virus elements in it. You can then choose to heal, delete or quarantine an infected file. The program also updates its manufacturer about the specific virus threat, if you allow it to. This reported virus treat is then added to the database of viruses at the manufacturer’s end.

Anti-spam: 3 minutes

Spam emails are nothing but junk, sent out randomly either to mass-advertise, collect information, or spread viruses as attachments. To stop this, there are spam filters such as Spamihilator 0.9 (included on this month's CHIP DVD). These filters effectively eradicate advertisements and other threats that are potentially harmful to a computer. In order to achieve their goals, spammers adopt various disguises such as changing/spoofing the sender's address, using secure digital signatures, and sending in unknown mail formats. Spamihilator in turn recognizes these strategies and keeps you safe from harmful attachments.

However, it works only with email clients such as Microsoft Outlook, Outlook Express 6, Opera, Eudora, Pegasus Mail, Mozilla’s Thunderbird and so on. While it isn’t a plugin for the client, it resides in system memory and you can access it through the icon nestled near the clock in your Windows notification area.

After installation, Spamihilator automatically detects the default email client in the system and auto-configures itself. Therefore there are no additional settings to be configured. During installation it also puts the most important filters such as DCC (Distributed Checksum Clearinghouse) in place. Filters need to be trained to recognize spam. The program scans all incoming mail and moves those with suspicious content into its own recycle bin, thereby preventing junk mails from piling up in your inbox. If a genuine message is identified as spam, you can mark it as genuine, which will allow all future messages from that specific ID to land up in the email client’s inbox without needing verification. In addition to filters, there’s a blacklist for blocked senders and a whitelist for friends.

Although Spamihilator is quite effective, having added layers of security doesn’t hurt, especially if making the required settings to your PC is a no-brainer. So, let’s prep your email client for potential spam.

Microsoft Outlook: Go to Tools | Options | Junk E-mail. Here, the ‘Options’ tab is highlighted by default, if not, click on it. From here, select the third option, ‘high’. However, with this option selected, it’s recommended that you regularly check your spam folder for genuine mail that might get mistaken for spam. You can also opt to directly delete spam as opposed to letting it clog your spam folder. The whitelist and blacklist in this case can be set from the ‘Safe Senders’ and ‘Blocked Senders’ tabs respectively.

Mozilla Thunderbird: Here, all you need to do is classify messages as spam or as genuine. When spam is detected, the user is prompted for action. You can then decide what to do with that message. This feature can be activated from Tools | Settings | Data protection. Now, whenever you receive spam, simply mark it and click on ‘Junk’. The more you do this, the better the results of the filter will become.

Logging in with a USB flash drive: 2 minutes

Let’s say that you’re a frequent flyer or you travel a lot with your laptop. You have no trouble using it on the go, but what if you leave it unattended for some reason? Maybe you’d lock it using a password, but what if someday you forget to do so? It happens!

Rohos Logon Key 2.6 provides a hard locking system for PCs and laptops. Here’s an analogy: a car cannot start without its key, and removing the key from a running car stops its engine. Similarly, this program turns a standard USB flash drive into a key for your PC. To unlock your PC, simply insert the flash drive into the USB port. The moment you remove the drive, the PC is locked again.

Here’s the ‘how to’ of it. Install the tool and connect the USB flash drive to the PC. Then launch the program and click on ‘Set up USB flash drive’. The next window will ask you for the current user’s password, so punch it in and click on ‘Set up USB key’. Now click on ‘Configure USB Stick’. Here, various options can be chosen from the drop down menu labeled ‘This action will occur when you withdraw your USB key from computer’.

Select the ‘Lock computer’ option if you want your computer to lock automatically when you remove your flash drive. For the settings to take effect, restart your PC.

Note: Alternatively, you can enter the account password to log in, but if you do so and insert the flash drive later, removing it will not lock the PC. This means that in order to lock your PC with the flash drive you have to log in with it in the first place.

Also, Rohos Logon Key 2.6 is not free, and the trial expires 15 days after installation. A free alternative is USB PC Lock Pro 1.6. You can find both programs on this month's CHIP DVD

Safe passwords: 1 minute

Cracking passwords is not easy, but that largely depends on how strong (or weak) a password is. A very strong one should ideally contain 20 or more characters. Also, creating a good mix of special characters, numbers, and alphabets in lower and upper cases can be really difficult and time-consuming to crack. It’s a good idea to have a different password for each account. However, remembering multiple passwords can drive anyone crazy! Why not maintain a secure database of passwords which will let you store passwords for various accounts? All you need to do is remember the one master password to this database.

KeePass is a program which does just that. It is free (on the CHIP DVD), secured by encryption (AES) and it’s a no-brainer. You need to first set up a database before you store passwords. To create the same, go to 'File | New', you’ll be asked to enter a master password. Create a strong password and save the database in the desired location. The master password will allow you to unlock the database. In order to start populating it, go to 'Edit | Add Entry' and start entering all the usernames and passwords you need to use on a day-to-day basis. For further information, visit the program's website, http://keepass.info/hep/base/firststeps.html. The online tutorial is quite useful for beginners.

Encryption: 2 minutes

Many of the USB flash drives available in the market today come with a pre-installed application called U3. This allows you to password-protect your flash drive. But what about those that do not have any pre-installed security system? How safe are they for storing confidential data? It isn’t difficult to lose such a tiny, portable gadget, especially one that goes in and out of your bag or pocket all day. With unprotected data on a flash drive, much more can be lost than just the gadget. The solution is encryption. By encrypting the data inside a pen drive, you can ensure your safety even if someone finds it and gets the data. The encrypted mess will make no sense to him and he cannot use it in any way. Encryption tools such as TrueCrypt (also on the CHIP DVD) are a great option to give yourself such a level of confidence. As you launch the software, a wizard helps you with various options. The easiest is to create an ‘Encryption File Container’ which gets mounted on a virtual Volume. This volume needs to be assigned a drive letter and then can be used as an actual drive. Whatever data you drag and drop onto it will be encrypted automatically and on the fly. Encryption is not just for external and portable drives; even hard drives can be encrypted so that no information or data is leaked.

0 comments: