Complete Security tips for Personal Computer
Connect to other computers within a LAN (home or business) to share a document, browse the network for the supply of cheaper mortgage or the latest version of a software to download, receive a notice in your mailbox e-mail have become common actions through the use of PCs is growing at home and at work. The sources of these potential risks can be very numerous: computer viruses, now made in industrial quantities, alter the code downloaded from some website "corrupt" up to, at worst, destructive action of some hackers. Certainly it is not easy to realize the complexity and vastness of the problem now commonly known as information security, but it is clear that it can no longer be either neglected or underestimated by those who use a PC for a purpose not only playful. In this brief introduction will therefore be of general considerations on the issue of information security, whereas in the other paragraphs below, attention will be mainly technical aspects and practical solutions.
Virtually anyone who is motivated by its laudable intentions. For the identity of the attacker belongs to a particular system does not matter because the only objective is to penetrate the system itself to be able to subsequently reuse or to perform malicious activities, or even just for the sake of doing so. In some cases it is a disarming ease. Unfortunately, the complexity of the software being produced today is accompanied in some cases to a level of imperfection that gives rise to serious security problems.
These real "flaws" are those whose research is pushing the hackers and those who are exploited (by whom is not motivated by a strong ethical) for illegally entering computer systems. To address these shortcomings software makers are often forced to issue patches to update the application of which is within the sole responsibility of us end users. Also do not forget that the complexity of the software can sometimes invest in issues relevant to its proper configuration to a level that will induce the user to use cd configurations. By default, which pave the way for dangerous deficiencies in terms of safety.
This first step is to identify the exact amount to be protection you need, for example Personal data, confidential documents and information, e-mail, operating system, etc.). And the nature and sources of possible harmful events (e.g. viruses, intrusions and external attacks, malfunctions, etc.). Surely at this stage is crucial to make a general comment on what the primary use that is made of PC because this affects much of the scenario resulting in further defining. It is clear that the concerns of those who use the computer only to draft documents to be very different from that of those who uses it mainly to surf the net and download software.
WHAT STEPS SHOULD BE TAKEN:
Although you cannot find an ideal complex of preventive measures we can say with certainty that many of the problems that typically arise when it comes to the security of a computer system can be avoided by taking the following corrective actions that, taken together, may be treated as a do's and don'ts:
Re: Complete Security tips for Personal Computer
FIREWALL ? THE FIRST SOURCE OF PROTECTION
The firewall software or hardware devices are placed to protect the points of interconnection may exist between a private internal network (e.g. an intranet) and an external public network (eg. Internet) or between two different networks. Using a metaphor is as though these devices represent the points of a customs: their main function is to act as a filter controlling all network traffic from outside, as well as what is generated from within, and allowing only that traffic which is actually authorized.
Before getting into the speech should make a brief introduction to remind the working principles on which it relies on TCP / IP (Transport Control Protocol / Internet Protocol) as this popular protocol suite now provides the vast majority of services within and of private and public networks. In a network based on TCP / IP each system is uniquely identified by an IP address, consisting of four octets of the type aaa.bbb.ccc.ddd, and communicate with other systems by exchanging messages in the form of packets, also called datagram?s, through a particular protocol.
Basically every form of communication between the systems of a network of this type requires the existence of two distinct points, each of which is represented by a pair of unique items made only by an IP address also from a communication port: 's IP address, similar to a phone number, gives the opportunity to establish a communication with a particular system when the door is nothing but a number that serves to differentiate the network service, i.e. the same application used for communication (for e.g. the http service typically has a port number equal to 80, 21 to the ftp, etc.).
The mechanism that underlies the entire exchange of information is what allows the establishment of a connection and is called three-way handshake term which, literally translated, means "three-way handshake": without it no later flow communication could exist between two different systems. In order to act as a filter to the firewall needs to analyze all the packets flowing through it to make a decision conforms to a set of rules defined by the user. In general, these rules are set to bring about the acceptance or blocking of packets in transit on the basis of what are their distinctive elements, i.e. IP address and port source and destination IP address and port.
However, from the point of view of the inner workings of the firewall can be further divided into two separate groups:
This mechanism of operation is also called stateful packet inspection because the review of the contents of the datagram is to determine the status of communication in progress and, therefore, to ensure that the target system has actually requested the communication itself. In this way there is no guarantee that all communications are conducted only with source addresses actually known the effect of previous interactions.
WHY TO USE FIREWALL
When a PC accesses the Internet it becomes, in effect, and for the duration of the connection, a network node. The connected system, like any other node may expose network services that applications that have specific functionality and are still listening on a specific port (e.g. a telnet or ftp server or even the old concept of sharing files and printers to Windows).
In some cases it may happen that these services to hide their own internal vulnerability or otherwise make posters for the configuration of these defects can be exploited to gain unauthorized access to a system. Typically groped before any form of intrusion the attacker makes use of specific software to scan for potential targets of listening ports. Once identified, these doors is very easy to go back to the application running and, hence, the kind of security problems affecting the application itself and, therefore, it becomes possible to use an exploit (a particular attack technique that based on the presence of known vulnerabilities) in order to gain access to the system.
Of course, in reality, things are rarely so simple but the example is intended to emphasize a fact of fundamental importance: the use of a firewall, in combination with other tools, can actually provide a level of protection discreet, not only against attempts to exploit known vulnerabilities or not a service but also and above all against the occupation of that port scanning is usually always the prelude to an attack.
Re: Complete Security tips for Personal Computer
IT IS IMPORTANT TO HAVE A GOOD HARDWARE SUPPORT
Firewalls, as already mentioned, devices are not "independent" in the sense that they must be trained in making decisions regarding the admissibility of traffic transiting through precise rules defined by the user. The preparation of this set of rules may require a period of study and implementation more or less long and tedious, depending on what the actual defense needs that arise in this case but in any case, the core of the operation of these devices lies in their proper configuration. Be in possession of more advanced software product on the market is of no use if the same product cannot be used in the fullness of its functions on account of a bad configuration. In these cases it is rather better to renounce the use of a firewall because the same can lead to a false sense of security in people using it.
RULES FOR SECURITY
You can create a set of rules describing which ports should be opened, which is prohibited and any IP-addresses or network entirely blocked. Firewall at the border of your network will function effectively only when the correct settings. And do not forget about the internal traffic: I supervise not only connect to the Internet - and use them to control user access from one part of the corporate network to another. You never know - maybe that one over there innocuous-looking intern is now trying to crack inside your billing database. There are three types of firewalls. Each has its advantages and disadvantages in terms of safety and productivity.
FIREWALL PACKET FILTERING
The easiest ME is a packet filter. These ME are often inserted into routers, broadband modems, devices NAT, switches and other networking devices. This is due to the fact that these MEs are simple in design and require a minimum of CPU resources and memory. Filters all packages in a row, information about previous packets not counted. Each packet is checked against a given set of rules. Typically, rules are based on the address and port number of the source or at the address and port of destination. Some firewall allow you to view the flags TCP, in particular, SYN, but it can quickly overwhelm you, especially if you have to do it manually. Related to this type of firewall are useful in cases when it is necessary to filter out traffic to a particular type. So, if you want traffic SNMP or NetBIOS never passed through your border router, use the packet filter.
However, packet filters have several significant drawbacks. They can be "misleading" by IP-address spoofing. They do not "see" the serial numbers of packets TCP, and the worst part is that they cannot determine where to initiate a connection - outside or inside. Anybody outside can send packets with an indication of the usual source port number, e.g. 53 (DNS) or 80 (HTTP), and successfully scanned the entire internal network.
Traveling through the Internet, users leave a huge amount of traces of personal information. Starting with data on the pages visited and addresses, search options, shopping, downloaded files, sent and received mail, and ending with dialogue in a chat room. Employees ISPs can get lots of information about user activity on the network. Buying online? Merchant site receives the name and address of the buyer, as well as some other data from the questionnaires. This applies to all sites related to online shopping and delivery. There are also employees of the terminal payment systems that test data on plastic card. Another problem - the bank employees who have access to the parameters of the transaction, administrators working with the bank database and gain access to account information.
Combining all these data, we can obtain any and all information about users accessing the network. Take into account the number of people having access to such information, and once again demonstrate the existence of problems of protection of personal information.
SERIOUS VULNERABILITY PIN-CODES AND PASSWORDS
Another strategy game hackers tied to the habits of consumers. In most cases, if the user has a password, it tries to use the former, which is already defined somewhere. For example, the same may well be the PIN-code on the credit card, by phone from the alarm! This is bad because, after learning one of these codes, the attacker will have access to everyone else. Here are a few features. First of all, how many sites a user enters a password and PIN-codes? Are the passwords and PIN-codes for different sites? If the passwords for each site are different, where they are stored, because to keep them in mind user simply cannot?
Administrators and employees of many sites can access the credentials of users of their sites (PIN-codes, passwords, etc.). Banks, payment gateways and other structures, which store data cards and accounts, are to be understood that the protection of this information can become useless if the user data will be available in some other way.
Re: Complete Security tips for Personal Computer
WE ARE WORKING IN PRIVATE ORGANIZATION WHERE WE CANT USE SOCIAL NETWORKS AND OTHER WEBSITE DUE TO ADMINISTRATIVE RIGHTS. PLEASE LET ME GUIDE TO SOLVE THESE PROBLEMS.
|Tags: activex, antivirus, computer security, firewall, hacker, java script, lan, lan security, online threat, packet filtering, security, virus|
|Thread Tools||Search this Thread|
|Similar Threads for: "Complete Security tips for Personal Computer"|
|Thread||Thread Starter||Forum||Replies||Last Post|
|Tips to create your own Personal Video website||D_chapple||Tips & Tweaks||2||06-07-2012 01:43 PM|
|Computer got Windows Personal Security attack||Hadcourt||Networking & Security||7||01-07-2011 07:03 AM|
|Which one is better 2010 BD Total Security or Webroot Internet Security Complete||Tereliye||Networking & Security||3||11-12-2010 04:15 PM|
|Personal Security Virus||Beverly Archer||Networking & Security||4||09-04-2010 04:08 PM|
|7 computer security tips for students||Ian p||Tips & Tweaks||2||26-09-2008 04:00 PM|