Thursday, February 18, 2010

Internet Security HOWTO

Let's cut to the chase. This is a quick primer on how to protect yourself on the internet. Protect yourself from harm on the internet and (to some extent) from governmental snooping.

In order to keep this less than 300 pages of techno-babble, I'm going to keep this on point, and try to keep this more hands-on than theory.

First, if you do not have current anti-virus software, then get it here.

Second, never, and I mean never! connect a computer unprotected to the internet. Unprotected PC's are attacked and compromised in about an hour. If you must connect a computer directly to the cable modem then the local firewall must be enabled.

Guess it's time for a quick discussion on how the whole internet works. Every computer on the internet has and address, and each computer has a load of windows and doors for data to come in and out, called ports. These ports are defined and standardized, for example port 80 is for web(http) connections, and port 443 is for secure web(https) connections. Your address is represented by a "dotted quad" for humans (i.e.

A firewall acts as a traffic cop, preventing traffic from getting into or out of your house. Usually these are in the linksys routers you use to connect multiple computers tot he internet. Your cable modem DOES NOT have one. All Unix, and current Mac and PC (xp+) OSes have firewalls, but they are not the best in the world. I could write a whole series on how to configure them. The default settings are better than nothing.

Since you don't want to remember these numbers, and have to type that number every time you want to go to google, they have a naming resolution system called DNS - Domain Name System. The way DNS works is there are domains that nest inside each other, and by sending the name to a server, you get the dotted quad back. Thankfully, all of this is behind the scenes 99% of the time. The reason this is important is for you to protect yourself you need to know a little on how this works.

The way DNS works is you give it a name like, and the DNs server finds the server that runs the ".com" domain, who points you to the server that runs the ".google" part who then gets you the IP address of the "www" part. The leftmost part is the most specific, and the right hand part of the name is the most general.

Since every computer on the internet has an IP address, and that IP address is from your local internet service provider... if you go hack the NSA website and they get your IP, black helicopters know what house to go to. But we have ways of hiding that, more in a few minutes. Hit this website for a demonstration.

Ok, back to practical stuff. Every computer has a local file it uses to find addresses for computers. We can use that to stop malware and other nasty software from calling home. Edit this file and replace it's contents with the stuff from here. The site has info on how to edit your hosts file.

Next, a word about habits. Never, ever run anything sent to you in an e-mail unless you explicitly trust that person. This includes the funny powerpoint presentations, or excel files or even word docs. There is programming that can be embedded into these documents that act like a virus and can infect your machine. Do not go to any website you do not trust. don't click on any pop-up ads - ever. Do not download "free" games from pogo, or anywhere else. Sucks don't it? Only way to be sure you are safe is not to play dangerously. I'll write another document later on how to build a secure browsing computer.

Next, if anyone has physical access to your computer, then they have compromised it. Set a screen saver with a password- it will stop "drive-by" hacks - the ups guys going to use your bathroom and does something to the pc turned on in the office.

Now to protect your location from snooping you need to anonymize yourself. There is a free network called TOR that protects you from basic web browsing, but it will not protect you from flash, cookies, youtube, etc... There is a good writeup here on what it protects you from - and what it doesn't. There is a paid subscription service called anonymizer for $30/year that is pretty good, but it is not compatible with IE8 and Firefox 3, so for now it's useless.

Most of internet security is just having good habits. Once you secure yourself, then always use that security to protect yourself. A Wired magazine writer just had a contest where he tried to disappear, and bad habits got him nabbed. I read a great article about it by the fugitive, but cannot find it, here is the hunter's story.

Being cognizant of your surroundings applies to the online world too, you know.

No comments: