Some basic security pointers #2
Regular readers of this post know that I advise running a firewall. I have not as yet told you how to do that, so I will do so today. If you already have a firewall, you may want to keep reading as some firewalls are not as good as others (and some are next to worthless) and I will get into the details on that further down the page.
A firewall is a tool that essentially seperates networks, and allows or blocks “traffic” between those networks. Basically its goal is to block “bad” traffic from entering your machine or home network from the vast, scary Internet, and only allow “good” traffic to come and go.
Tip of the day: Install and enable a 3rd Party firewall. Or, if you have one already, turn it on. Microsoft brought personal firewalls into Windows with XP Service Pack 2 (and improved it in Vista), so if you are running XP or newer you already have a firewall built in and so the first thing to do is to make sure it’s turned on. There are several ways to check the status of Windows Firewall, and here’s a couple: Start >Connect to >Show all network connections, or Start >Control Panel >Network Connections.
You will now see a window showing your networks. You want to look under the heading “LAN or High Speed Internet” for the network that says “Connected”, (mine says “Wireless Network Connection” because I’m writing this from my laptop and I’m in my local public library) and if it’s on, “firewalled”. Right-click on the icon and select Properties and select the Advanced tab. The top area is your firewall. Click the Settings button, use the radio button to turn it on. Done.
Your computer may have come with, or you may have purchased, an Internet Security Suite — typically from a vendor like McAfee — and these all come with some sort of firewall. You should know if it is enabled because if it is, you will have been pestered with pop-up warning boxes asking for an “Allow or Deny?” decision [the price you pay with all firewalls, as they “learn” your configuration and usage].
To make sure it’s “on” open the suite’s control panel by double-clicking on its desktop icon or right-click its system tray icon. There will be several categories of “protection”, and each interface is different, so you may have to explore a little bit to find it.
PLEASE NOTE: It is “not good” to have two firewalls running at the same time! Use only the strongest firewall you have available.
Okay, so what do I mean by “strongest”? Well first of all, you may have read that the Windows Firewall isn’t very good. This is particularly true of the XP firewall, and it’s because (primarily) it’s a “one-way” firewall — it is only designed to prevent intrusions. It is incapable of monitoring the traffic that leaves your PC. It cannot prevent your personal data “leaking” out. It is also not very “robust”.
Robust, in computing, is a term used to describe how, steady and reliable a system is, how “fault tolerant”, and how difficult it is to purposely “crash” it. A lot of the personal firewalls available simply aren’t very robust, and a hacker can bring them down fairly easily, and then, obviously, you would be unprotected.
ALSO NOTE, Please: It is my belief that any firewall is better than no firewall. It will protect you from the casual or inexperienced hacker. However, keep reading because there are robust, two-way firewalls available for free.
If you want a professional-strength firewall, the top contenders are for-sale versions, and they are not unreasonably priced. Kerio (now owned by Sunbelt), Outpost Pro, and ZoneAlarm Pro are my recommended choices.
Free link(s) of the day: There are two free firewalls that are almost as good as the for-a-fee ones mentioned above. My first reco’ is the free version of ZoneAlarm. The Install starts out as the “Pro” version and then reverts to a free version. The Pro version period really helps with firewall’s “learning” and seems to me easier for the average user to configure and use. It is quite vigilant and “chatty” — but it’s effective.
A more robust firewall is offered by Comodo. It takes more system resources and seems to me quite slow in responding to allow/deny answers and isn’t quite as “user friendly, but it is quite configurable for the more advanced user.
Copyright © 2007 Tech Paul. All rights reserved.
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Today: review and questions answered
“System Restore won’t work”, “I’m worried about ID Theft, how do I know if an email is legit?”, “I can’t get this #$*& program out of my Startup folder” — these are examples of some of the questions I have received since posting my articles on these topics. Today I’m going to review, and provide more solutions and answers.
Tip of the day: Since I’m going to cover the questions above, there is not going to be a single “Tip of the day” today. Instead, there will be “Today’s three questions”…
More on System Restore: What to do when System Restore just refuses to work. As I mentioned in my first System Restore post, SR simply is not a failsafe miracle worker. There are troubles that can occur that it simply does not repair — such as a corrupted SAM database. It is however a good place to start. It does undo a lot of the damage you can accidentally do to your machine. This fact is why you should always make a back up of your system — either a “disk image” made with a 3rd-party utility like Acronis True Image, or Norton Ghost, and/or Windows Backup Utility (Start >Programs >Accessories >System tools >Backup).
I stated in the prior article, and will repeat here, that you may have to repeat the System Restore process several times before one “snapshot” finally takes. When you use SR, you will see a calendar with available snapshots in bold dates. You should see several. Start with the most recent date and time, and work your way backwards. If you have done this with no luck, you probably have one of those troubles System Restore is not designed for. Either look elsewhere for solutions, or call for some Tech Support (we Tech Support folks need to make a living too, you know).
Legit vs. Phishing: “how do I know if an email is legit?” In my post about the rocket scientist, I discussed phishing and recommended an anti-phishing site toolbar, which combats a form of phishing called “pharming“.
I suggest you take no chances with emails. Simply do not click on links in emails. Also, realize that your bank will not send you links. They know about phishing, and they figure you already know their url (you should have it bookmarked, so use that…or call them directly). Also be aware that just because an email claims to be from a friend or relative, doesn’t mean that it is. If you are not expecting an “executable” (application) or “you gotta see this!” .jpg from Uncle Fred, by all means don’t open it! Email him and ask him, “did you send me a..?” It is an easy thing for an Evil Doer to spoof an address.
And finally, make sure your antivirus definitions are up to date. If it is not already on by default, open your antivirus’ Options and look in “Update Options” for “Download and install new definitions automatically” (or words to that effect) and make sure it’s selected. If available, have it set to scan email and email attachments as well.
Removing stubborn start up programs: If the methods I described in “My Startup folder is a clown car” proved insufficient for getting rid of a really determined program, there are two more methods you can try. The first is msconfig, and the second is editing the Registry.
Start by opening the msconfig utility. Click Start >Run and type in “msconfig” (no quotes), and then click on the Startup tab. Here you will see a list of the programs scheduled to start when Windows boots. Uncheck the checkbox next to the program you are having the troubles with. You will need to restart your system for the changes to take effect.
The second method, editing the Registry, is for advanced users who are comfortable treading in such risky waters. Changes made to the Registry are immediate, and there’s no “undo” feature. If you feel you are determined to dive in, please create a Restore Point before starting and back up the Registry to a .txt file first. Please read (or re-familiarize yourself with) Microsoft’s detailed how-to here. They Key you’ll be working with is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CurrentVersion\Run.
But please: this is not for the inexperienced. Do not try this without reading and understanding what editing the Registry is about, and what damage one mistake can do. First use the aforementioned methods and please consider simply using Add/Remove Programs to “retire” the troublesome program altogether…or try a program like StartUp Cop.
Today’s free link: I would like to ask you, Dear Reader, to suggest today’s free link if you are using a freeware startup manager that you have found to be bug-free and effective. Please submit your suggestions in the comments box.
And so that the rest of you don’t feel cheated — how about the off-topic GIMP Open Source digital image manipulating tool. This completely free application is a bit tricky to install but is well worth it as it offers a full range of tools for adjusting your digital images, and it does that in an interface that’s comfortable to folks with Photoshop experience.
Update 7/1:
I have been trying, and am satisfied with this freeware Startup manager: Ashampoo StartUp Tuner 2
© Tech Paul all rights reserved
| Share this post : | |
|
|
|
|
|
|
|
|
|
Put your thumb drive to work (updated)
I often use a specially configured USB “thumb drive” as my portable PC repair kit, and use it as an alternative to a “boot CD”. I have made it “bootable” and loaded it with useful tools and repair applications (like an antivirus scanner). It has come in handy, from time to time. With the price of these drives being as affordable as they are, there’s really no reason you cannot have a portable PC repair kit (on a stick) too.
Tip of the day: Making yourself a toolkit-on-a-stick requires a couple of steps; first you must format it to make it bootable, and then you must load it with the tools and applications you think you will need — if the thumb drive you’re planning to use is small (say, 512MB), you will want to get the “portable”, or “Lite”, versions of these programs if they’re available.
1) Make the drive bootable. The geekier (remember, I use “geek” as a compliment!) of you out there may be already familiar with the DOS utilty FDISK, and if you are and you still have a Windows 98 Install CD (or a Win 95 boot floppy) laying around, you can format the drive using the format /s command as outlined here.
If that doesn’t fit your description, or you are going to use a larger thumb drive, I suggest you download and run (it is a Wizard, so you just follow the prompts) a tool offered by HP (the HP USB Disk Storage Format Tool), which should do the work for you: get it here.
2) Now that your thumb drive can be used to boot a machine, it’s time to load it up with some useful programs and utilities. I started with the DOS tools FDISK, scandisk, and format. There is some debate amongst my fellow Tech Support-types as to which utilities are “must have’s” (but we all agree on some version of antivirus and anti-spyware) and I’m not going to trouble you with that. Instead, I’m going to point you towards today’s free link (below) and a wonderful pre-made suite of very handy portable applications, and suggest the addition of (my previously mentioned) HiJack This!
If you used the copy-the-system-files method (the “format /s”) you will already have chkdsk and fdisk and a few others.. or if not, these can be added. If you are not going to install Portable Apps, I suggest you do install Portable Firefox (or similar Web browser) so that you can access the Internet, for downloading device drivers.
To make it more of a “repair kit” you can add: a Registry cleaner/fixer, such as CCleaner and or AMUST Registry Cleaner, Process Explorer, and another anti-spyware like Spybot Search&Destroy.
Click here to read my article on the steps for installing programs on thumb drives.
Today’s free link: Portable Apps.com. This collection of portable application runs completely from the USB thumb drive. It has a Webbrowser, word processor, antivirus and more. Get started on the road to thumb drive power here.
[Update: Bill Mullins has brought to my attention a program for running apps on your thumbdrive that seems superior to others I have mentioned. To read his review, click here.]
Copyright © 2007 Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
 |
|
|
|
Once again, it’s time to write your Representative
I am not a big fan of writing letters to Congress — in fact, I have come to believe that the expression “write your Congress-person” is synonymous with “go climb a rope” — but there has been a couple of items in the news recently that may be worthy of your calls and letters. The first is Internet radio and the second is the Big Brother issue of using our cellphones to track us…without a warrant.
For those of you who are already aware of and are listening to Internet radio, you may have noticed that your station wasn’t “on the air” yesterday; and for those of you who don’t know, there are websites out there who provide music, and news (just like “real” radio stations) over the Internet. Some of these “stations” are big, and some comprise just one person, but they provide a real alternative to the “Corporate” mass media you receive over the airwaves, and for that reason alone I am concerned about their “success”.
A day of protest:
Yesterday was a “National Day of Protest” and, as you may have seen on your Local News, many Internet radio stations went silent to protest an oncoming hike in royalties payments and to garner attention and support for the Internet Radio Equality Act. The owners of these radio websites are saying that these impending (unjust) royalties’ costs will put them out of business. That makes AOL/Time-Warner smile…I wager!
I suggest all of you who value “choice” make your sentiments known to your lawmakers, because this won’t come up for public vote. This matter is not about making sure artists get paid for their work. It’s about who holds the reins.
In other news:
It has “come to light” that various government agencies have been using the GPS Locator built into cellphones to track the movements of citizens without bothering to trouble the Justice System with details like just cause, or reasons/reasoning of any kind, and actually ask for a warrant. This is Big Brother folks — plain and simple. I am 100% for ensuring national security and keeping US citizens safe from harm, but this country was founded on the principle of “checks and balances” and it saddens me that we have been moving in the opposite direction. Since you’re already writing, you can let them know what you think of this one too.
Tip of the day: Because of the E-911 Act, all cellphone service providers must be able to pinpoint your location “to rescue personel” should you call 911, in an emergency (of course) , from a cellphone just as if you were calling from a landline. [hey…I’ve got an idea…since the public won’t let us plant sub-dermal microchips into them, let’s plant them into the things they take with them everywhere!] To accomplish this and comply with the Law, most modern cellphones come with GPS transmitters. The “good ones” allow you to set the GPS to either 911-Only or Location On, and I suggest you set yours to the emergencies-only first option.
Let’s face it: the government can track you. Your car, if it is modern, probably is tracking you through either GPS or OnStar (and if it’s expensive and new, it’s recording everything about the way you drive…much like a passenger plane’s “black box” recorder). Your purchases are tracked. Your viewing habits are monitored…sigh, I’m depressing myself, so I’ll just say this, why make it easier for them? Okay. Enough politics.
Free link of the day: One of the truly great Internet music providers is Pandora, “Pandora radio is the personalized internet radio service that helps you find new music based on your old and current favorites.” Do yourself a favor and check Pandora out. Once there, enter a couple of your favorite artists and/or songs, and then let the Genome Music Project do the rest. You will want to thank me…and them.
Copyright © 2007 Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
|
|
|
Make your screensaver more “you”, and increase security too
If you have seen someone’s customized screensaver and thought to yourself, “that’s really neat…I wonder how they did that?” then this post is for you. The trick is in using XP’s built-in slideshow feature, and it is a straight-forward and easy adjustment to make.
Tip of the day: To create a custom screensaver slideshow, all you have to do is, basically, turn it on. It will by default show a slideshow of the pictures in your My Pictures folder, but you can point it to any folder which contains images — and here’s where the customization comes into play.
To get started, let’s assume that all you want to do is display your My Pictures folder. This will allow me to demonstrate the first step: turning on a screensaver slideshow. First, right-click on any blank area of your desktop and select Properties. This will open the Display Properties window. Click on the Screen Saver tab. Now go down to the drop-down arrow box labeled Screen saver (which by default should say “Windows XP”) and click on the down arrow to open your list of choices. Select “My Pictures slideshow”. Now instead of the boring black background with a moving XP logo, the screensaver will be your pictures. Click the Preview button to see what it will look like.
While we’re here, let’s take a look at some of the other settings. Here is where you can set how long a period of idle time elapses before the screensaver kicks in. If you’re in an office setting, I would reduce this timer to a low number; and if you’re at home, you might want to adjust it to give yourself a little more time. To redirect the slideshow to a different folder, and to modify your slideshow’s variables (such as how long each picture displays), click the Settings button. You should get a screen like the one pictured below.
As you can see, you can “tweak” your slideshow quite a bit here, and even add transitions between slides. Again, use the previous screen’s Preview button to see how these adjustments will actually play out. If you’re happy, you can quit here, but if you don’t want to display your whole My Pictures folder — but instead only a subset — or want to use a different folder of pictures, keep reading.
First, open your My Pictures folder (Start >My Documents >My Pictures) and right-click on any blank area. On the menu that opens, select New, and then folder. Give your new folder a name like “slideshow”. Now fill this folder with copies of the pictures you do want to display, by right-click+dragging them into the “slideshow” folder, letting go, and selecting “Copy here”. Repeat this until you have your selections all copied.
Now that you have your slideshow folder all set up, return to the My Screen Saver Properties window (the one pictured above) and click the “…browse” button. Double-click on the “slideshow” folder (you may have to navigate to it: do so by clicking My Document >My Pictures >slideshow), and you’re done. Again, you can use the Preview button to see how it will look.
To make your PC more immune to casual browsing while you’re away from your desk, go back to Display Properties’ (right-click any blank area on your destop and select Properties) Screen Saver tab and put a check in the checkbox labeled “On resume, display Welcome screen.” If you’ve followed my advice from earlier posts, this will require your user password to log in.
Today’s free link: I don’t have my screensaver displaying my own photo’s, I have it set to display a series of “Demotivators” (free for personal use) — an amusing and ironic play on the “motivational” posters that Executive-types love to hang in workareas. If you haven’t seen the Demotivators (and their often spectacular photography) yet, do yourself a favor and click here. And be sure to browse the different categories.
Copyright 2007 © Tech Paul, All Rights Reserved
| Share this post : | |
|
|
|
|
|
|
|
|
|
A quick System Restore addenda
My previous post, “My favorite Life Savers flavor? System Restore“, has triggered some questions from readers: questions along the line of “SR won’t start” and “it keeps turning itself off.”
These issues stem from the fact that System Restore is a Service and you need to ensure that it is running, and that the “Start up type” is set to “Automatic”. Here’s how you make sure that is the case on your machine:
Start >Run. Type in “services.msc” (no quotes). In the right-hand pane of the window that opens, scroll down the list until you see System Restore Service and double-click it. If it is not already running, hit the Start button. Then use the drop-down arrow in the Start up type box to select Automatic. Close the Services window. That should resolve those issues.
Another person wanted to know how to undo a restore. This is a radio button option on the initial “Welcome to System Restore” page, after you’ve done a restore. It is the bottom one. Select it and hit Next.
I want to remind you, Dear Reader, that I welcome your questions and comments.
Copyright © 2007 Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
|
|
|
People google the durndest things
I suppose I’m not alone in this, but I am a stat-watcher. It is a way for me to learn about you — the reader: about what topics you’re interested in and which ones you don’t bother to investigate (“you” in the broad sense). I love to get into all the statistical details, and sincerely believe that a fella cannot be presented with too many informational statistics — and I always want more. I hope Word Press brings back the Feed Stats, and does it soon.
I am fascinated by “keywords” that catch your eye: a great ‘for instance’ is that this blog is for the most part a ‘how to’ and is almost always posted in that “category”, and yet only one “view”, so far, has been linked from there. (What is that telling me???) It surprises me sometimes that my “catchiest” titles have the lowest number of views, and that I would get a lot more Google Search “hits” if I simply titled a post “System Restore”…as an example. [Now I don’t want you to think I’m ‘hit-desperate’, and would start resorting to such tricks. I’m not. Honest. But it does make one think…)
I am fascinated by which of my “Today’s free links” get used and which one’s don’t so much. It says nothing about which one is more useful than another, but it does tell me some things. For instance, apparently my readers already have anti-spyware tools or just aren’t concerned about malware, yet a large number just as apparently delete files they’ld like to get back. Curious. At least to me it is.
But the most interesting statistic is the Search Engine Links, which shows not only how many people found my article via a search on Google (Yes. I know. There are more engines than just Google.) but what words they used in their searches. These “search terms” have been the source of ideas for posts I’ve written, and will continue to be so. There is one inescapable factoid that becomes quickly obvious when reading these search terms, and that is: I am not as poor of a speller as I thought I was…by comparison. Of the many people who googled ‘system restore’, not one spelled it correctly. The folks at that outfit are doing a terrific job of not only deciphering our gibberish, but doing it in micro-seconds, and I for one am grateful for it. They sent me one spelled “sistim restro”…amazing!
Tip of the day: If you are like me and need a helping hand spelling a word every now and then you probably (like me) hailed the “built-in Spell Check utility” as the greatest thing since sliced bread. And you’ve probably learned over time (like me) that they miss far more than they catch, and cannot see the difference between they’re, there, and their, and generally aren’t much help at all. The one here on WordPress is terrible. You simply won’t be doing yourself any favors if you rely on spell-check, and I don’t care whose it is.
Instead, bookmark an online dictionary like Merriam-Webster and enter your word into their search box. Unlike a real dictionary, you don’t have to know how to spell the word to find out how to spell it. Enter “sistim” and the top choice of spellings/words is “system”. It gives definitions, so you can make sure it is the word you’re thinking of. And it has a thesaurus so you can find words with the same or similar meanings. Online dictionaries are great resources, and I hope you will find them as useful and handy as I have. I couldn’t write this post without one…
Let’s just have some fun with Today’s free link: Thinks.com offers free puzzles of all sorts (crosswords, soduku, jigsaw, etc.) and games like checkers and chess. Fit for the whole family.
Copyright © 2007 Tech Paul. All rights reserved.
| Share this post : | |
|
|
|
|
|
|
|
|
|
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 