I am compiling a list of rules for computer newbies and even power users to abide by, to maximize productinity and minimize problems. The list is open to suggestions and I hope it will be stickied to prevent repetitive questions, and assist those wishing to protect themselves. The list stands as:
-------------------------------------------------------------------------------
1. Update, update, update. Any system with outdated OS, Anti-Virus, and Anti-Spyware is vulnerable to common, well known exploits. Ensure that you are using Virus and Malware control of excellent strength, to protect you from common computing menaces.
2. Distrust E-Mail attachments. Require non E-Mail confirmation that the attachment is legitimate.
3. Distrust popups. Popups are used by marketers to grab your attention. Do not believe what they say, however serious sounding it is. REmember, if it was legitimate, it wouldn't have to grab you8r attention by popping up and using flashy, animated colors.
4. Do not download free scren savers, games, toolbars, or anything of the like, without careful precaution. Remember that someone spent time and effort creating these, and the usual motive is that of privacy invasion for profit.
5. Do not pirate. Not only is it illegal, but illegitimate file sharing networks are infested with viruses and malware, and the shady characters who create them.
6. Make regular backups. Use of write-once media such as CD-R or DVD+-R protects the integrity of your data from anything that may happen to your PC, or to the media. For most users, offsite or fireproof backup is not needed. Evaluate the difficulty to replace the data and then determine an appropriate backup strategy.
7. Use a strong password. Strong passwords increase security tremendously. Use a combination of letters of both cases, numbers, and punctuation. Avoid names, words, dates, etc. Do not write your password down or give it out, even to seemingly trusted parties. Remember that any legitimate administrator can reset your password, and therefore has no need to ask you for it via the internet or telephone.
8. Do not repeat passwords across services. This ensures that if a password is comprimised, the attacker's access is limited.
9. Protect your identity online. Do not respond to E-Mail with personal data, and shop only at reputable stores using 128 bit SSL encryption. Look for a Verisign or BBB seal confirming identity. Look for the padlock icon in your browser when checking out and before entering your personal data.
10. Do not give out youe E-Mail address, except to trusted sites and known friends. Anything promising you something in exchange for your E-Mail address is to be distrusted.
11. Avoid Internet Explorer. It being the most predominant browser, hackers and marketers devote most of their energy to breaking it. Assuming you use a firewall, your browser is the most exposed part of your system, it makes little sense to run the browser everyone is trying to hack.
12. Be wary of unknown removable media. Media can carry viruses, so always scan them before using. In a professional environment, disable autorun for added protection.
13. Be wary of hyperlinks from unknown persons. Such links can take you to a site which attacks your browser, captures your IP, or displays shocking or pornographic material.
14. Do not respond to spam, even to unsubscribe. Companies using unsolicited bulk E-Mail to drive site traffic are often less than legitimate or ethical, and should be avoided.
15. Do not set up a public server unless you know what you are doing. Too many home users are victimized by hackers due to their own experience while experimenting with server technology. If you don't know how to properly harden a server, keep it on you LAN.
-------------------------------------------------------------------------------
This is the list at this time. Please feel free to post comments, suggestions, and additions, as well as pass this on to those who need it.
-------------------------------------------------------------------------------
1. Update, update, update. Any system with outdated OS, Anti-Virus, and Anti-Spyware is vulnerable to common, well known exploits. Ensure that you are using Virus and Malware control of excellent strength, to protect you from common computing menaces.
2. Distrust E-Mail attachments. Require non E-Mail confirmation that the attachment is legitimate.
3. Distrust popups. Popups are used by marketers to grab your attention. Do not believe what they say, however serious sounding it is. REmember, if it was legitimate, it wouldn't have to grab you8r attention by popping up and using flashy, animated colors.
4. Do not download free scren savers, games, toolbars, or anything of the like, without careful precaution. Remember that someone spent time and effort creating these, and the usual motive is that of privacy invasion for profit.
5. Do not pirate. Not only is it illegal, but illegitimate file sharing networks are infested with viruses and malware, and the shady characters who create them.
6. Make regular backups. Use of write-once media such as CD-R or DVD+-R protects the integrity of your data from anything that may happen to your PC, or to the media. For most users, offsite or fireproof backup is not needed. Evaluate the difficulty to replace the data and then determine an appropriate backup strategy.
7. Use a strong password. Strong passwords increase security tremendously. Use a combination of letters of both cases, numbers, and punctuation. Avoid names, words, dates, etc. Do not write your password down or give it out, even to seemingly trusted parties. Remember that any legitimate administrator can reset your password, and therefore has no need to ask you for it via the internet or telephone.
8. Do not repeat passwords across services. This ensures that if a password is comprimised, the attacker's access is limited.
9. Protect your identity online. Do not respond to E-Mail with personal data, and shop only at reputable stores using 128 bit SSL encryption. Look for a Verisign or BBB seal confirming identity. Look for the padlock icon in your browser when checking out and before entering your personal data.
10. Do not give out youe E-Mail address, except to trusted sites and known friends. Anything promising you something in exchange for your E-Mail address is to be distrusted.
11. Avoid Internet Explorer. It being the most predominant browser, hackers and marketers devote most of their energy to breaking it. Assuming you use a firewall, your browser is the most exposed part of your system, it makes little sense to run the browser everyone is trying to hack.
12. Be wary of unknown removable media. Media can carry viruses, so always scan them before using. In a professional environment, disable autorun for added protection.
13. Be wary of hyperlinks from unknown persons. Such links can take you to a site which attacks your browser, captures your IP, or displays shocking or pornographic material.
14. Do not respond to spam, even to unsubscribe. Companies using unsolicited bulk E-Mail to drive site traffic are often less than legitimate or ethical, and should be avoided.
15. Do not set up a public server unless you know what you are doing. Too many home users are victimized by hackers due to their own experience while experimenting with server technology. If you don't know how to properly harden a server, keep it on you LAN.
-------------------------------------------------------------------------------
This is the list at this time. Please feel free to post comments, suggestions, and additions, as well as pass this on to those who need it.