Basic Computer Tutorial

This basic computer tutorial is written for those who do not know very much about computers. The purpose of this basic computer tutorial is to help the reader better understand how to use their computer more effectively and safely. It will help the reader understand:

• What files and file types are.
• How to copy files.
• Where your files are stored.
• What the parts of your computer are.
• What an operating system is.
• What a computer program is.

Security and Performance

With the above basic information, this tutorial will explain methods that you can do to make your system more secure, keep your data safe by backing it up, and avoid most performance degradation caused to bad applications and SPAM.

• How some file types can be used by third parties to gain control of your computer.
• How to modify your file view settings so you are not as easily fooled by e-mails containing viruses.
• How to prevent viruses and worms.
• How to reduce SPAM.
• How to back up your files.
• How to reduce or eliminate unwanted programs that could reduce your system performance.
• What to do if you receive a virus or worm.
• What to do if you receive an e-mail telling you that an e-mail you sent contained a virus.

This basic computer tutorial gives some basic information about hardware, operating systems, and programs in the first half to help the reader understand later information about files, e-mail and computer security practices. Depending on the reader's level of knowledge, some of the basic information may be skipped and the reader may refer to the terms page if they do not understand some of the terms.

Computer Data

To help understand computers it is best to first learn about computer data. Computer data is information required by the computer to be able to operate. It is used to:

• Run programs - This is the actual executable program data that the computer will execute to run the program such as Microsoft Word.
• Store program or system configuration information.
• Store information that the computer user needs such as text files or other files that are associated with the program the computer user is running. A common example of a program the computer user is running is the Microsoft Office suite of products which include Microsoft Word, Microsoft Excel, and others. These programs are also known as applications.

Data Structure

Computer data is in what is called binary format. This means that it is always a 0 or a 1. It only has these two states and must be in one of them.

There are several fundamental data units which include:

• Bit - A data unit which must be in one of the two binary states described above. It is the smallest data unit that exists.
• Byte - 8 bits of data which has a possible value from 0 to 255.
• Word - Two bytes or 16 bits of data with a possible unsigned value from 0 to 16535.

Data transmission

Data transmission is the act of sending data from one place to another. Data is transmitted both inside and outside your computer. There are two fundamental methods of data transmission.

• Serial - Data is sent on a single line and one bit is sent at at a time. This is similar to a line which one item must come one after another.
• Parallel - Data is sent on more than one line at a time. This may be any number of bits at a time, but is usually one word at a time (two bytes) or possibly three bytes at a time.

Computer Hardware

The term computer hardware refers to the various electronic components that are required for you to use a computer along with the hardware components inside the computer case. As you know your computer equipment is made of several common components. These include:

• The main computer box.
• A monitor - Looks like a television screen.
• A keyboard.
• A mouse.
• Speakers.
• An optional printer.

The main computer box is the main component of the computer. It has computer hardware parts inside that perform the following functions:

• Temporary storage of information (known as data in more technical terms) - This function is done by memory.
• Permanent storage of information - This function is done by a hard disk, floppy disk, or CD ROM.
• Manipulation or processing of data - Used to determine where data is stored and perform calculations which support operations that the user is doing.
• Interfacing to the outside components or to the outside world - This supports the ability for the user to communicate with the computer and know how the computer is responding to commands which are done primarily through the monitor, keyboard, and mouse along with their interface components in the main computer box.
• A power supply which provides the electrical power to the components in the computer box

The Main Computer Box

The main computer box is made of several computer hardware components and subcomponents which include:

• The case - The outside component which provides protection for the parts inside and provides a fan and power supply which are used to both cool the working parts inside and provide power to them.
• The motherboard - Hold the following computer hardware subcomponents:
  • Memory - Used to provide temporary storage of information as discussed earlier.
  • Microprocessor - Used to provide the processing of data function as discussed earlier.
  • Video interface card which is also called the video card - This card is an interface between the computer monitor and the motherboard and its subcomponents such as the microprocessor and memory. This card may be included as part of the motherboard or it may plug into a card slot on the motherboard.
  • Sound card is an interface between the computer speakers and the motherboard and its subcomponents such as the microprocessor and memory. This card may be included as part of the motherboard or it may plug into a card slot on the motherboard.
• One or more permanent storage devices some of which may be optional:
  • Hard disk - Most computers today have a hard disk (sometimes called hard drives) which is the component most commonly used to provide permanent storage of data. Hard disks are usually permanently installed in a computer.
  • CD ROM drive or DVD drive - Used to provide permanent storage of data but this type of drive is used to bring information into the computer more commonly than it is used to store information from the computer. Sometimes this type of drive is used to back up data from the hard drive so data is not lost if a hard drive breaks. A DVD drive holds more data than a CD ROM drive and DVDs have enough storage capacity that they may be used to play or store movies. The storage media, the CD ROM or DVD may be removed from the computer.
  • Floppy Drive - A low capacity storage device which can be written to as easily as it is read. The floppy disk may be easily removed from the computer. It is called a floppy because the part of the media that holds the data is on a material that is not rigid but it is enclosed in a more rigid case to give it durability.

There are also other minor computer hardware components inside the case which include cables which may be used to hook other internal parts together along with connecting an interface to the case for printers and other devices such as a high speed serial bus called USB. (A serial bus simply refers to the fact that data is sent in a stream which is like sending one bit at a time.

The Case

The drawing below shows a typical case. It may help you understand where your connections for your monitor, keyboard, mouse, and other devices are if you should need to hook them up. For more specific information you should refer to your computer owner's manual.

The drawing below shows a typical layout of the components inside your computer case.

Components

Each different part in a computer has a different task to perform, just as each part in an automobile has a job to do. Each part works differently in order to get it's job done. There are many misconceptions about what parts do what job, and here, we will set out to correct them. Knowing what function each part has is very rewarding. If one knows what part does one, they can easily narrow down problems in a computer.

The Processor

"CPU"
The processor is known as the brain of the computer. In fact, it's not. If anything, the computer as a whole serves as a brain. The processor is just a really fast calculator. It adds, subtracts, multiplies and divides a multitude of numbers. There are two parts of the Processor that do the math. The first part is called the Integer unit. It's job is to take care of the "easy" numbers, like -5, 13, 1/2, etc. It's mainly used in business applications, like word processors, spreadsheets, and the Windows Desktop. The other half is called the Floating Point Unit. It's job is to take care of the really hard numbers, like the square root of 3, pi, "e.", and logarithms. This part of the CPU is mainly used in 3D games, to calculate the position of pixels, and images. For years, Intel's processor have had the best Floating Point around, but as of late, AMD's Athlon Processor has stolen the crown away from Intel. That is why were are seeing the race for 1GHz speed up so dramatically today.

The Hard Drive

"HD"
The Hard Drive is simply a multitude of metal disks that spin around inside your computer, with heads that move around those disks. Those heads read and write data to the metallic disks. The reason for using a Hard drive is because the hard drive is the only part inside a computer that stores data while the computer is off. (Besides removable media of course.) Your Hard Drive is what stores all of your settings, programs, and the operating system while your computer is off. The only draw back to the hard drive, is that it is mechanical. That means it has a tendency to break down every once in a while for no reason, and it is slower than electronic means of data storage.

Random Access Memory

"RAM"
RAM is easily confused with Hard Drive, because both store data. The two are actually very different. The RAM is a chip that holds data, only as electricity flows though it. It is very fast compared to the Hard Drive, but is also expensive, which is why we don't use it for our primary data storage. RAM is used as a interface between the Hard Drive and the Processor. If the Processor needs some data that's on the hard drive, the chipset (well get to the chipset later) will retrieve the data from the hard drive and put it into memory, so the processor can access it faster If the computer runs out of room in the RAM, it will make a file on your hard drive, called "Virtual RAM." "Virtual RAM" is just an extension of real RAM on your Hard Drive. As said above, the Hard drive is much slower than the RAM, so when the computer gets the data straight from the Hard Drive, your computer will also seem like it freezes, because it will be running so slowly. Once you shut your computer off, there is nothing stored in the RAM, because there is no electricity flowing through it.

Cache

"L1,and L2"
The Cache is high speed RAM. It stores commonly used data and instructions from the processor so that it doesn't have to go to the slower RAM to get it. This is why the modern day computer is so fast. Without cache, most processors would be limited in speed by the RAM. Without it, your computer would be running terribly slow. The Cache is split up into 2 different Levels. The first level, L1, ranges in size from 32KB to 128KB. It is split in half and resides with in the CPU core, next to the Integer and Floating Point Unit. The first half stores commonly used data, and the second half stores common instructions that the processor carries out on the data. The second level of cache, called L2, is for data only. Some L2 Caches are on the motherboard. Others are on a special cartridge with the CPU. Newer L2 Caches are in the CPU core, with the L1 cache.

The Chipset

The chipset is the boss inside the computer. It controls communication between the components. The chipset is split up into two basic chips. The first chip, called the North Bridge, handles communication between the AGP bus, (if it exists), RAM, processor, and the South Bridge of the chipset. The South Bridge handles all the Input and output of the computer, including the PCI and ISA Bus. The Processor, Memory, Cache, and Chipset all work together to function as a logical brain.

That covers all the major parts of a computer.

Software and Hardware

Hardware

The term hardware describes the physical parts of your computer which you can physically touch or see such as your monitor, case, disk drives, microprocessor and other physical parts.

Software

The term software describes the programs that run on your system. This includes your computer operating system and other computer programs which run. Software is written in a computer language (such as Basic, C, Java, or others) by programmers. The computer language is in a text format and can be read by a person although if you do not understand the structure and rules of the language you may not understand it very well. Once a program is written, an operation is performed on it which is called compiling. Compiling is the process of changing the textual written language into a binary language which can be understood by the computer.

Writing these text files and converting them to computer readable files is the way operating systems and most application programs are created.

BIOS (Basic Input/Output System)

BIOS is a low level program used by your system to interface to computer devices such as your video card, keyboard, mouse, hard drive, and other devices. What BIOS programs provide in the computer are very simple function calls or small subprograms which can be used by higher level programs to perform simple operations on computer devices. For example a BIOS program would provide the ability to write a character to memory on a video card.

BIOS is normally written in a low level computer language and is permanently or semi-permanently written into the computer system. This type of computer program is commonly referred to as firmware since it was historically written permanently into computer systems. Although BIOS is a program, because of its permanent state, it was not quite considered to be software so the term firmware is used to describe it.

Historically BIOS programs were written into a type of memory called ROM (read only memory). This type of memory would not lose its data when the computer lost power thus ensuring these BIOS programs would always be available. There were different variants of ROM memory some of which could be written multiple times but this memory could not normally be changed or re-programmed once the computer system was sold to the customer. Once ROM memory was written to, it could not be written to again and could only be read when in the possession of the customer. In more recent years a more flexible form of memory was developed called flash ROM which allows ROM memory to be written to after the computer system is in possession of the customer.

What is a Network

The word network can be used to describe a very large and complicated set of equipment. In its most accurate and simplest definition a network refers to the cables and electronic components that amplify the signals going through the cables. The amplifying equipment is necessary to ensure accurate communication and make the signal stronger if it needs to go long distances.

Broader Definition

When many people talk about a network, they are talking about a network using a very broad concept. For instance if someone cannot get to their email, they may say "the network is down". Likewise they may say this if they cannot surf the internet or get to their files. They may not stop to think that in each specific instance there is a single piece of equipment that may provide the capability which they are trying to use.

Most people who work on a corporate or organizational network think about the network in component parts. The three main parts are:

• The cabling and amplifiers mentioned in the first paragraph.
• The workstations which most members of the organization use to access resources.
• Higher powered computers called servers - These are the machines that provide what network administrators call services. Services include the functions that most people try to use such as email, reading and writing files, printing, and getting to the internet. Whenever a user is trying to do something on the network, there is a service or machine providing the capability to do so. This even includes times when someone is trying to get to network resources from their home.

Services

Services include:

• Email service
• File service - Allows users to use and share file space on a computer with a lot of file space.
• Print service - Allows printing to printers connected on the network.
• Web surfing - Allowing someone to open web pages and see web sites on the internet.
• Filtering out undesired sites on the internet.
• Allowing someone to access the network from the outside (from home).
• Updating virus definitions on workstations.
• Allowing someone to log onto the network.
• Even giving a workstation an address on the network is a service. If your computer does not have an address, it cannot access the internet or any other resource on the network.

A Typical Network

A typical corporate or organizational network is shown below:

Of course there are variations on this network layout and some details have been left out for the sake of simplicity but this drawing should give you some idea about what goes on behind the scene on the network at your organization. Some servers and server functions have not been shown here.

The firewall is the device that protects all computers in the network from many attacks. It allows some types of network traffic into the network from the outside, but usually only for mail or web services. Usually the internet traffic that that is allowed to come into the network is routed to the part of the network labelled "DMZ" on the right side of the diagram. DMZ stands for demilitarized zone and is also called a semi-private network. In this DMZ is a web server which is used to allow people surfing on the internet to see web pages posted by the organization. A mail server is also shown in the DMZ but this could be replaced by a mail relay server while the mail server is placed inside the private network. The mail relay server would forward mail traffic from the outside to the mail server. This would increase the security of the network since a direct connection from the internet to the mail server would not be allowed.

The private network is of course the most secure part of the network. There are several servers on this network including:

• A login server (called a domain controller) which controls every ones permissions and access to the network resources such as files. Without this server, they cannot login to the network.
• An address server (called a DHCP server) which provides addresses to computers on the network so they can communicate as discussed earlier.
• A file server which provides common files and a private folder for users.
• A remote access server which allows users to connect to the network by telephone from the outside.

Also the workstations are part of this network.

Conclusion

Knowing the above information, if someone cannot get their mail, they may think the network is down. This is not likely to be the case. The mail server may be down but the network is not likely to be down. The same goes for when someone can't surf the web. There may be a problem with the firewall or the line connecting to the internet, but it is unlikely that the whole network is down. When problems are noticed it is best for the user to describe what they were trying to do and what happened.

What is the Internet

The word internet is used to describe a network of networks which incorporate a very large and complicated set of equipment. To understand the internet, there are three areas of discussion which are very helpful. These include the various services provided across the internet, the functions that enable the internet to work, and the various organizations that are part of the internet.

Internet Services

The main services used on the internet include:

• Web browsing - Supported by the HTTP protocol, this functions allows users to view web pages using a web browser.
• E-mail - Allows people to send and receive electronic messages.

Other lesser used services include telnet (allows remote login to computers), FTP (Allows quick file transmission to remote computers), and gopher (An early form of text based form of reading internet documents which is rarely used today).

Internet Functions

The internet provides for the following two functions which support communications. Without the communications support mentioned below, the internet could not function. These two functions are provided by internet service providers listed below under the "Internet Organizations" header.

• Physical lines that data is sent across.
• Routing of data - There are special machines on the internet called routers, that determine where data needs to go to get from the sender of the data to the receiver of the data.

Internet Organizations

• ISPs (Internet Service Providers) - They provide the connection to the internet for users and also provide routers that direct internet traffic.
• Corporations or Web hosting providers with mail servers and web servers - They provide the information posted on the internet and virtual data connections to other mail servers.

There are also other organizations that regulate the internet, providing communication standards and designing new communication standards for improvements. These communication standards are also known as protocols.

Summary

So the internet is a collection of organizations that provide equipment that support the internet functions and services. The internet connects many corporate and organizational private networks together thus enabling all these organizations to easily communicate.

Accessing the Internet

People use an internet browser to access web pages that are available across the internet. Internet browsers include Microsoft Internet Explorer, Netscape Navigator, Mozilla, and others.

Web pages are created in a marked up form of text file called HTML (Hyper-Text Markup Language). The markup within the text indicates document structure showing where paragraphs begin and end, what items are in a list, headers, tables and other document structure.

When people are browsing of surfing the internet, they usually go from place to place by clicking on links. These links are locations for specific pages and indicate the three things:

1. Protocol being used such as http or ftp
2. The domain that the web page is found on. This will point to a specific organization's or company's web server.
3. The location of the page on the server including the directory path and file name.

An example link is "http://www.pcfixzone.co.uk/tutorials/bootdisk.htm". In this case http is the protocol being used, the pcfixzone.co.uk domain indicates where the organization's web server is, and the " /tutorials/bootdisk.htm" part of the string indicates the folders the file is in and the name of the file.

These links are sometimes called hyperlinks or URLs (Uniform Resource locators)

Operating System Functions

What is an Operating System

The operating system is the core software component of your computer. It performs many functions and is, in very basic terms, an interface between your computer and the outside world. In the section about hardware, a computer is described as consisting of several component parts including your monitor, keyboard, mouse, and other parts. The operating system provides an interface to these parts using what is referred to as "drivers". This is why sometimes when you install a new printer or other piece of hardware, your system will ask you to install more software called a driver.

What does a driver do?

A driver is a specially written program which understands the operation of the device it interfaces to, such as a printer, video card, sound card or CD ROM drive. It translates commands from the operating system or user into commands understood by the the component computer part it interfaces with. It also translates responses from the component computer part back to responses that can be understood by the operating system, application program, or user. The below diagram gives a graphical depiction of the interfaces between the operating system and the computer component.

Applications

What is an application

Applications are programs that are installed. on computers to give users the ability to do specific tasks. For example, Microsoft Word® is a program that gives the user the ability to write documents. Some program packages come in a set with multiple programs included to provide multiple capabilities such as the Microsoft Office® suite of programs. This suite of programs also includes Microsoft Outlook® which is used to send and receive e-mail. It also includes other programs with more capabilities.

How Application Programs Work

Application programs are written in a text based computer language as mentioned in the section about hardware and software. Once written, they are compiled into a binary language the computer understands. The application programs use function calls (as described in the section about operating systems) to interface to the various computer peripherals such as your keyboard, mouse, screen, printers, and other devices. Most of these function calls are provided by the operating system so the application programs are usually compiled for a specific operating system such as Microsoft Windows 2000®, Microsoft Windows XP®, or Microsoft Windows 98®.

Application Problems

An application program is a computer program. It is written by human programmers who make mistakes. Therefore there can be errors in the code even though there may be some testing before the product is released. Application programs vary widely in the quality of the code. Errors in code are referred to as "bugs". Bugs can cause unpredictable results including system crashes, inability to perform expected functions, or providing an exploit for an attacker who wants to gain control of your system.

Application Acquisition and Installation

You get applications several ways. The most common way is to purchase it in a store and you will brind a CD home and install it on your computer system. The ways you may get applications include:

• Purchase of a program from a store.
• Download a purchased program on the internet.
• Download a shareware program on the internet.
• Download a free program on the internet.

Whether purchasing a program or downloading one for free on the internet, you should be aware of the quality of the product you are placing on your computer system. Ask yourself the following:

• Do I know who made this product and are they a trustworthy source?
• If the product is free, do I know why it is free?
• Is there some hidden purpose for the product?
• What is the reputation of the maker of the product?
• What problems do users of the product have?

Before downloading a product or purchasing a product you should always spend at least a few minutes researching it. You should at least do a quick search on the Google search engine using the product name and the name of the product producer. You should perform a Google internet search and Google groups search to find out where discussions about the product have taken place. There are also many product evaluation sites that can be used to obtain reviewers and users ratings of the product before you buy or install it. Downloading and install the wrong products can not only seriously impede the performance of your computer system, it can also cause your privacy to be invaded.

Bad Applications

There are many types of applications that can cause problems on your computer system.

• Applications with serious bugs.
• Applications that come with unwanted programs. Some applications come with additional software that you may not really want but is installed by default. Normally this is only annoying and may slightly slow your system down when it boots because some ot these items will load every time you start your computer.
• Adware - Most adware comes with programs that may be purchased or downloaded for free on the internet. Adware will cause advertising popups to appear on your computer. Besides being annoying, they will slow your ability to access the internet. Many times these programs will download other ad programs. These programs are very difficult to remove from your system because they are usually hidden on your system very well. Many times it requires an expert to remove these programs but later I will give you some tips on how you can either remove them or render them ineffective, but to be able to do this you must have reasonable knowledge about your system. There are some programs written to remove adware programs which I will discuss later.
• Spyware - This usually comes with some free programs and it will monitor your internet activity and send information to some corporation. This type of program is not normally seriously harmful but most people do not want to have their activities monitored. There are also programs to remove spyware but it is best to not install it in the first place.

If you do your research before installing applications you will avoid most problem applications. It is best to ask your IT support personnel about an application before you install it. In fact many corporate IT policies are set so users cannot install programs on their systems. This is because installation of the wrong programs on corporate systems can jeopardize computer security for the entire organization.

Application Files

Applications have a variety of files they use for three basic purposes.

• Executable files
• Configuration files
• Data files used by the user such as Microsoft Word® document files.

What Files Are

Files are a collection of data onto a permanent storage structure. They are stored on a permanent storage media such as a computer hard drive, CD ROM drive, floppy disk drive or sometimes even a tape drive. Files take a certain amount of room to store. For example if you have two text files and one file has one sentence in it while the other file has 200 sentences in it, the file with 200 sentences will use more room on the storage media.

File Functions

Different files have different purposes. Files are used to do one or more of the following functions:

• Provide machine executable code which is used to run application programs and the operating system.
• Store application program or operating system configuration information.
• Store data used by the user such as Microsoft Word document files.

Therefore there are three types of information that files contain:

• Executable code.
• System or program configuration information.
• User data.

These files are read by an application program or the operating system.

File Characteristics

Files have the below characteristics:

• Name
• Optional extension name - Part of the name, it is used by Windows operating systems to identify an associated program that can be used to read it
• Size - Shows the space the file requires for storage normally showed in kilobytes (Kb) which is 1000 bytes
• Type - Indicates the program used to access the file. The next section will talk more about file types.
• Date Modified - Shows the last date the file was created or changed.
• File structure - This characteristic is not viewable by the computer user but some programs can examine file structure to determine the type of file it is even when the file extension is changed.

The main items to remember include the facts that all files take a certain amount of room on their storage media and all files have a type which indicates whether they can be run by your computer. The file extension is one indication of the file type but not the only way to determine type.

If you are browsing your files using "My Computer" and click on "View" and "Details" you will see a window showing the file characteristics like the one below. Folders only take a little room on the hard drive and do not normally take as much room as files.

File Types

Because files can have different purposes, they have different types. The file type is best identified by its file structure. For example a text file would have a very different structure than a file than can be executed. An executable file must have a specific structure to be able to be run. The file structure is used to determine its MIME type. The word MIME stands for multipurpose internet mail extension and is used as a standard to identify various file types.

File Extensions

In operating systems such as Microsoft Window systems, Linux, and Unix, a file extension is used to help identify the type of file. On Microsoft Windows systems, many file types are associated with a particular program which can read the file. For example a file with a .pdf extension can be read by the Adobe Acrobat application program.

Files are actually identified by what is called a MIME type. This can be done because files that are executable have a different structure than a data structure. Therefore file extensions are not the only way to identify a file type nor are they the most accurate. Apple Macintosh computer systems do not use a file extension to identify file types.

Executable File Types

The most important file type to be aware of are executable file types. This is because if you accidentally run an executable file on your system, it may install a virus or some other unwanted software program. Executable file types include:

• .com
• .exe

File Management

File Organization

Files can be placed in folders similar to the way single sheets of paper can be placed into folders in a file cabinet. Folders can be created on the hard drive or nested inside each other any way the computer user desires.

Browsing Your files using Windows

If using a Windows operating system double click on the "My Computer" icon on your desktop. A window like the one shown below will open.

The first drive in the window shown is a floppy drive. It is labelled as drive A. The second disk is the system hard drive labelled as drive C. The third disk shown is a data disk shown as drive D. This is not a normal setup on most systems but I like to use a hard drive to hold my data that is different than the hard drive that holds the operating system. Drives E and F are compact disks (CD ROM drives) of which one is a read/write drive.

The drive letters will vary depending on how your system is configured and depending on whether you have any network drives. If you do have network drives, you should use them for the mail place you store your files. This is because files on network drives are usually backed up nightly in most organizations. If your files are not backed up and your hard drive fails, you will lose your data.

Copying Files

There are several ways Windows operating systems allow files to be copied or moved. They include:

• Drag and drop - In the window above it is easy to drag one of the files into one of the folders. This will move the file into the folder. This can also be done by opening two windows using the "My Computer" icon and dragging the file from one window to another.
• Copy and paste - You can open a "My Computer" window, and do the following:
  • On the "My Computer" menu select "Edit", then "Copy".
  • Navigate to the location where you want to put the file. You can navigate by using the "Up" folder to go up one level into the folder structure or by double clicking on folders to enter them. If the "Up" folder does not exist in your "My Computer" window, on your menu, select "View", then "toolbars", then select "Standard Buttons".
  • On the "My Computer" menu select "Edit", then "Paste". The file will be copied to the location you have navigated to.

Copying Multiple Files

There are several tricks that can be used to make copying or moving multiple files easier. They involve the selection of the files to be copied or moved. You can hold down the Shift key and select one file by clicking on it with the left mouse button (called left clicking). While still holding the Shift key down left click on another file several files down on the list. This will cause all files from the first one through the last one selected to be highlighted and selected. Release the Shift key. After this, you can hold down the Ctrl key and by left clicking on any other files, they can be either selected or de-selected. Release the Ctrl key. Once you have selected the files you can move them by dragging and dropping them (after releasing both the shift and control keys) into another folder. This is done as follows:

1. Put the mouse cursor over one of the selected files.
2. Left clicking the mouse and hold it down
3. Drag the file to the desired location such as a folder icon.
4. Release the left mouse button.

If you want to copy the files:

1. On the "My Computer" menu select "Edit", then "Copy".
2. Navigate to the location where you want to put the file.
3. On the "My Computer" menu select "Edit", then "Paste". The file will be copied to the location you have navigated to.

View Settings

The Default Windows Setting is Dangerous

Windows systems come with default file view settings. The default is to "Hide file extensions for known file types". This setting can be used to deceive a computer user into believing that a file is safe to open when it is not. Files containing viruses can be sent to a computer with the name "document.txt.exe" which is a file that the computer will run. The file will appear to the computer user as "document.txt" making the user believe that it is safe to open, but if the user clicks on it the file will be run and be able to infect the computer.

Changing the View Settings

This section will tell you hw to change your settings so you will always see file extensions. It will also tell you how to beable to see file details.

Open "My Computer" by clicking on the "My Computer" icon on your desktop. Click on the menu item "View" and select "Details" from the drop down menu. This will change the current settings for the folder or location you are in, but the change is not permanent yet.

To change the file view settings, if you are using Windows 2000 or XP click on the menu item "Tools" and "Folder options" selection. If you are using Windows 98, click on "View", and "Folder options". A dialog box similar to the one below should appear.

Click on the view tab and the dialog box will change as shown below:

Click on the button in the Folder Views area that says "Like current folder" and answer yes when asked if you want to change all folders to match the current folder. Change the rest of the settings to match the dialog box as shown below:

The first three selections are display settings which make it more convenient to navigate through files and folders. Be sure and uncheck the checkbox next to "Hide file extensions for known file types". If you are using Windows 2000 or Windows XP, this should be done for every user that logs in since each unique user that uses the machine will get their own desktop and user profile.

File Backups

File backups are very important to protect your data. Is your hard drive fails or your operating system malfunctions, you could loose all your data. If you do regular backups, you will drastically reduce the data loss that could occur.

Using the Network for Backups

Backing up your data is very important. If you are operating on a corporate or organizational network and have disk drives shared from a file server it is likely that files stored there are backed up every night. If possible you should store your files on this server.

Since Windows operating systems use the "My Documents" folder as the location to store your files by default it will be helpful to set up your system so the "My Documents" folder points to one of your network drives. If running a Windows 2000 or Windows XP system, you can right click on the "My Documents" folder ether on your desktop or displayed from the Start menu and select properties. A dialog box similar to the one shown below will appear.

Click on the "Move" button. A dialog box similar to the one below will appear

Expand the "My Computer" object by clicking on the + next to it. Then select the appropriate network drive that is best to put your documents in.

How to Backup Data if You do not have a network

If you do not have a network and only have a single computer you should periodically back up your data. You should purchase or own one of the following:

• A read/write CD ROM or DVD drive
• A Zip drive
• A tape drive - Usually these are more expensive.

You should be aware of where you store your files and you should also know where your mail files are stored by your mail program such as Outlook or Outlook Express. If you right click on your inbox folder in Outlook Express you can find the location where your mail is stored. On my system it is stored in the folder at: C:\Documents and Settings\Username\Local Settings\Application Data\Identities\{B718C535-6548-4E1D-A5D2-7D1B41CFEB2E}\Microsoft\ Outlook Express\ where username is the name I login with. If you are using Outlook, it is normally stored in a file of type .pst and on my system it is in the folder C:\Documents and Settings\Username\Local Settings\Application Data\Microsoft\Outlook\ where Username is the name I login with.

Setting up a Backup Job

To open the Windows backup program on Windows 2000, select Start, then Programs, then Accessories, then System Tools, then Backup. You must be a backup operator or administrator on your system to create a backup job. The backup utility will start as shown below.

Immediate Backup

If you want to do an immediate backup, click on the Backup tab and select the files that you want to backup. On my system I selected the folders C:\Documents and Settings\Username\Local Settings\Application Data\Identities\, C:\Documents and Settings\Username\Local Settings\Application Data\ Microsoft\Outlook\, and other areas where I store my data such as "My Computer". Also be sure to check the box next to "System State" which may save you a lot of grief if you have trouble with your system.

Click on the "Start backup" button and on the dialog box that appears select either "Append..." or "Replace..." data on the media, then select "Start Backup".

Schedule a Backup

To schedule a backup, click on the "Schedule Backups" tab. The Backup program will show a calendar as shown below.

Click the "Add Job" button. A backup wizard will start. Click "Next". A "What to backup" dialog box as shown below will appear.

Select "Backup selected files, drives, or network data" and click "Next". On the next box select the items you want to backup by first clicking the + next to "My Computer" to expand it as shown below.

Select the items in the same way as discussed under the header called "Immediate Backup" above and click Next. The dialog box will change and allow you to select the name and location of the file the backup will be stored in. Click "Next" and a dialog box will ask the type of backup you want to perform. A normal backup will be sufficient so select it unless you have another preference and click "Next".

After clicking next, select "Verify data after backup" and click "Next". Select whether to Append or replace data if the file already exists at the specified location and click "Next". Accept or specify the backup label and click "Next". The below dialog box will appear.

Click on the "Set Schedule button and the dialog box below will appear.

Select your preferred backup times and how often you want to do this backup such as weekly. Click OK and the backup schedule dialog box will disappear. Enter the name of your backup job and click next on the "When to back up" dialog box. Click "Finish" to complete the process. Backups should run when you have scheduled them.

If you want to delete a backup job that you have scheduled, click on the "Schedule Jobs" tab and click on the job shown on the calendar. A dialog box with the job name will pop up. You can click on the "Delete" button next to the Job name to delete the Job.

Viruses and Worms

In general terms a virus is a program that runs on a system against the owner's or user's wishes and knowledge. Viruses have one or more methods they use to spread. Most commonly they will attach a file to an e-mail message and attempt to trick victims into running the attachment.

Virus Damage

In most cases, viruses can do any amount of damage the creator intends them to do. They can send your data to a third party and then delete your data from your computer. They can also ruin your system and render it unusable without a re-installation of the operating system. Most have not done this much damage in the past, but could easily do this in the future. Usually the virus will install files on your system then will change your system so the virus is run every time you start your system. It will then attempt to replicate itself by sending itself to other potential victims.

The normal effect a virus will have on your system is that over time your system will run slower. Also when you are using the internet your connection may seem to run slower. Eventually you may have trouble running programs on your system, your system may freeze, and in the worst case you may not be able to get it to boot up when you turn your computer on.

How Viruses or Worms Spread

Most commonly viruses today use e-mail to spread however they have used one or more of the following methods to spread in the past.

• Some viruses will load themselves onto any part of a writable removable drive as possible and spread from computer to computer as people use the removable drive.
• A worm is a program similar to a virus that will exploit a vulnerability in an operating system or application that a computer user is running. The best defence against a worm is to have either a personal firewall on your system or be behind a corporate firewall. Another good defence is to update your system regularly. All you need to do to get a worm is to connect an un-patched computer to the internet or infected network when your computer does not have firewall protection.
• Most viruses will spread themselves using e-mail attachments. They may tell the user that they need to open the attachment to get the rest of the information that is being sent to them. Many times the virus may claim it is an administrator and the user needs to either read the data or install a program on their system. Viruses have even claimed to be Microsoft sending a system patch as an attachment to the e-mail. Microsoft would never send a system patch through e-mail.

Worms and Prevention

Since worms spread by taking advantage of vulnerabilities in operating systems or application programs (remember from earlier discussion, vulnerabilities are software errors that allow some kind of unauthorized access when they are used or exploited). You do not need to do anything special to get a worm except to connect to the internet or an infected network with a system that has vulnerabilities. There are several good defences against worms.

What is a Firewall?

A firewall is a device that limits access to your system from the outside. A firewall may be a software program running on your computer or it may be a piece of hardware outside your computer. The firewall screens any attempts to access your system and only allows access that you decide to allow. In this way many vulnerabilities that could be used to gain unauthorized access to your system are eliminated.

Worm Prevention

There are three defences against worms. They are as follows:

• A personal firewall should be run on any system that is not behind a corporate firewall. This should be done on any computer that connects to the internet even if the connection it uses is a slow dial up connection.
• Patching your system with updates to fix the vulnerabilities. Patching is the act of downloading updates to the vulnerable operating system or application and applying the update to the program.
• Continually running anti-virus software which may detect worms. This is not the best defence against worms however because sometimes the worm can infect the system before the anti-virus software can detect it.

Of the above measures the first two are the most effective against worms. For more information about personal firewalls, why you should use them, and how you can update your system, see the Home Computer Security article on this site.

Preventing Viruses in Microsoft Office® Products

The intention of this document is to help readers prevent viruses and worms by presenting a procedure for readers to use to protect themselves against the recent Microsoft Office vulnerability postings.

Current and Previous Problems

Several flaws (programming errors) have recently been discovered in Microsoft Office products. These flaws may allow attackers to compromise your systems. This means that because of these flaws several new viruses and vulnerability exploiting worm programs will most likely be introduced on the internet within the next few weeks. The impact of these new vulnerabilities and worms is expected to be severe and possibly affect operations on the internet, especially email for some period of time. It is likely that readers of email will see attached files mailed to them from their friends or others that they do not know. These attached files will likely be a Word document file (.doc) or some other type of file opened by one of the Microsoft Office products in spite of the fact that many current viruses are circulating as .pif files and other file types.

Recent Virus behaviour

Please note that even though a email appears to come from a friend or a particular person, there is no way that you can be sure this person actually sent the email. This is because there is no way provided in the internet email system to confirm that any given person actually sent a message. Anyone can fake a message and make it look like someone else sent the message. This is how it may at least appear to readers on the surface unless the properties of the message are examined in greater detail. Many viruses today can look in an address book and choose two addresses and use one as the recipient and the other one as the (faked) sender. Therefore then the recipient gets the message it will appear to be from a possible friend when indeed it is not. The only fact you can be sure of is that the person who has the virus has both the sender of the email and the recipient of the email in their address book.

The Solution

To keep yourself from being able to catch viruses that use these vulnerabilities, use the following procedure to update your version of Microsoft Office. Although this procedure may keep you from getting a virus now, it will not guarantee that new vulnerabilities will not be discovered in the future which will make you vulnerable to future viruses. Also this does not replace prudence when it comes to being careful about what e-mail attachments a reader chooses to open. You will need your Microsoft Office CD which you installed your product from to complete this update.

1. To determine what type of Office product you have and what service pack is running you can open Microsoft Word. From Microsoft Word click on "Help" at the top of the program then select "About Microsoft Word". One of the lines at the top should read:

   Microsoft® Word 2000 (9.0.6926 SP-3)

   This indicates that this version has Service Pack 3 applied. It also indicates that Office 2000 is the Office Suite being used. A service pack is a group of updates rolled into one file which fixes many problems with the product including security updates up to the point in time when the service pack was released. If your description does not indicate a service pack is installed, then a service pack in not installed with your office version.

2. Download Updates:

   To get updated automatically go to http://office.microsoft.com/productupdates. To see available downloads for Office products go to http://office.microsoft.com/officeupdate/default.aspx.

   Either use the automatic product update ability at http://office.microsoft.com/productupdates or do the updates manually as shown below depending on your Office Suite type as shown below.

   • For Office 2000:
     1. If you do not have Service Pack 3 (SP3) already installed, download and install it first. If it is installed you will see "SP-3" included in the line in step one as shown above.
        • For most Microsoft Office users the SP3 download can be found at http://www.microsoft.com/downloads/details.aspx?FamilyID=5C011C70-47D0-4306-9FA4-8E92D36332FE&displaylang=en.
        • For Office users with server extensions the SP3 download can be found at http://www.microsoft.com/downloads/details.aspx?FamilyID=BC555C80-8636-4DC8-ABD1-C1AEF4419E22&displaylang=en.
        • For Office users with Multi Language pack the SP3 download can be found at http://www.microsoft.com/downloads/details.aspx?FamilyId=E5E47400-AAFE-48AF-AE78-C30091821C5F&displaylang=en.

        Apply the appropriate service pack for your version of Microsoft Office. This means to double click the program you downloaded from the Microsoft web site and follow the installation instructions. When done, reboot if prompted to do so.

     2. Download Security Updates (unless you have previously done so). These include:
        • Security Patch: KB822035 at http://www.microsoft.com/downloads/details.aspx?familyid=E2CCE199-9C4A-4EEC-A3EC-9F738017F275&displaylang=en.
        • Office 2000 WordPerfect 5.x Converter Security Patch: KB824993 at http://www.microsoft.com/downloads/details.aspx?familyid=D3ED4189-315A-411A-A739-F7181310FBA7&displaylang=en.
        • Word 2000 Security Patch: KB824936 at http://www.microsoft.com/downloads/details.aspx?familyid=4A8F6ACE-E14E-4978-A9C9-6989CD03A4A3&displaylang=en.
        • Access 2000 Runtime Security Patch: KB827431 at http://www.microsoft.com/downloads/details.aspx?familyid=116B7FDC-C119-4432-813F-2283792A3AED&displaylang=en.
        • Access 2000 Snapshot Viewer Security Patch: KB826292 at http://www.microsoft.com/downloads/details.aspx?familyid=F6CB9C8E-16E3-422D-86DD-7ED5671FB8D4&displaylang=en.
   • For Office XP
     1. If you do not have Service Pack 1 (SP1) and Service Pack 2 (SP2) already installed, download and install it first. If it is installed you will see "SP-2" included in the line in step one as shown above. If you need SP1 or SP2 download them. You must install SP! before installing SP2.
        • For most Microsoft Office XP users the SP1 download can be found at http://www.microsoft.com/downloads/details.aspx?FamilyID=d4d8a9a4-31fc-480b-9cd9-adccb6997ce3&displaylang=en.
        • For most Microsoft Office XP users the SP2 download can be found at http://www.microsoft.com/downloads/details.aspx?FamilyID=1a8ce553-ab76-4a63-99da-b4ed914c1514&displaylang=en.
        • For Office users with Multilingual User Interface pack the SP1 download can be found at http://www.microsoft.com/downloads/details.aspx?FamilyID=D5B7D606-F755-4847-8E1A-A259AFE34458&displaylang=en.
        • For Office users with Multilingual User Interface pack the SP2 download can be found at http://www.microsoft.com/downloads/details.aspx?FamilyID=FE381341-8C05-4CAA-88FF-E9A2CEF508C9&displaylang=en.

        Apply the appropriate service pack for your version of Microsoft Office. This means to double click the program you downloaded from the Microsoft web site and follow the installation instructions. When done, reboot if prompted to do so.

     2. Download Security Updates (unless you have previously done so). These include:
        • Office XP Security Patch: KB822036 at http://www.microsoft.com/downloads/details.aspx?familyid=6F1FC4B0-29E9-44E0-A33D-AD6B4B6A8FF4&displaylang=en.
        • Office XP WordPerfect 5.x Converter Security Patch: KB824938 at http://www.microsoft.com/downloads/details.aspx?familyid=EC563DEE-6BFB-431D-B39E-2D672C0C223F&displaylang=en.
        • Word 2002 Security Patch: KB824934 at http://www.microsoft.com/downloads/details.aspx?familyid=7D3775FC-F424-4B04-ABEB-9B4CA1EB182D&displaylang=en.
        • Access 2002 Runtime Update: KB813617 at http://www.microsoft.com/downloads/details.aspx?FamilyId=FBB400D7-8892-4086-80F1-BDC0ECD76D6D&displaylang=en.
        • Access 2002 Runtime Security Patch: KB827430 at http://www.microsoft.com/downloads/details.aspx?familyid=0B811E13-942A-4166-8890-C54DC4121104&displaylang=en.
        • Access 2002 Snapshot Viewer Security Patch: KB826293 at http://www.microsoft.com/downloads/details.aspx?familyid=B50D4863-1BBE-4009-9DF8-52D3A916D54F&displaylang=en.
   • Office 97/98:

     We recommend that anyone with Office 97 or Office 98 upgrade to Office 2000 or Office XP. Office 97/98 has not had any significant updates posted by Microsoft since 2001 and is no longer supported or secure for use.

3. Install Updates - I recommend you install the updates required in the same order as listed above for your Office version. You will need your Office CD which you installed Microsoft Office from. If you need the service pack, install it first, then install the other patches. You may want to use the following procedure for Office 2000:
   1. Put your Office installation CD in your CD ROM drive.
   2. If SP3 is not installed double click the SP3 file you downloaded (O2kSp3.exe). Answer "Yes" when asked if you want to install the update. Accept the license agreement when asked. You will need to reboot your system once the install is done.
   3. If you are using Windows 2000 or XP operating system, use the Notepad program (Programs--Accessories--Notepad) to make a batch file with the below content. If you are using Windows 9x just run the below programs in the order listed by double clicking on each one after the previous installation is complete.

      		office2000-kb822035-client-enu.exe 
      		office2000-kb824993-client-enu.exe 
      		office2000-kb824936-client-enu.exe 
      		office2000-kb827431-client-enu.exe 
      		office2000-kb826292-client-enu.exe 
      		

   4. Save the batch file as updateo2k.bat with your other files that you downloaded.
   5. Double click the updateo2k.bat that you just created with notepad. Each update will run. For each update answer "Yes" when asked if you want to install the update and accept the license agreement when asked. A few updates may not install with a message that the "expected version of this product was not found". This is usually because the feature requiring this update was not installed on your system.

   You may want to use the following procedure for Office XP:

   1. Put your Office installation CD in your CD ROM drive.
   2. If SP1 is not installed double click the SP1 file you downloaded (Oxpsp1.exe). Answer "Yes" when asked if you want to install the update. Accept the license agreement when asked. You will NOT need to reboot your system once the install is done.
   3. If SP2 is not installed double click the SP2 file you downloaded (OxpSp2.exe). Answer "Yes" when asked if you want to install the update. Accept the license agreement when asked. You will NOT need to reboot your system once the install is done.
   4. Run the below programs in the order listed by double clicking on each one after the previous installation is complete:

      		officexp-kb822036-client-enu.exe 
      		officexp-kb824938-client-enu.exe 
      		officexp-kb824934-client-enu.exe 
      		access2002-runtime-kb813617-client-enu.exe 
      		officexp-kb827430-client-enu.exe 
      		officexp-kb826293-client-enu.exe
      		

   5. For each update answer "Yes" when asked if you want to install the update and accept the license agreement when asked. A few updates may not install with a message that the "expected version of this product was not found". This is usually because the feature requiring this update was not installed on your system.

Sites for more information

• Serious Bulletin for users: http://www.microsoft.com/security/security_bulletins/ms03-036.asp
• Serious Bulletin for technical people: http://www.microsoft.com/technet/security/bulletin/MS03-036.asp
• Other Bulletin for technical people: http://www.microsoft.com/technet/security/bulletin/MS03-035.asp
• Other Bulletin for technical people: http://www.microsoft.com/technet/security/bulletin/MS03-038.asp
• Other Bulletin for technical people: http://www.microsoft.com/security/security_bulletins/ms03-038.asp

Patching Windows Systems

Applying the latest patches to your Windows 2000 Operating system to prevent viruses and worms

This procedure will help you determine the patched state of your system, detect and remove any viruses and apply updates. This procedure is written for Windows 2000 users. The patches are also available for Windows XP and Windows NT but instructions are not provided for those systems here although the procedures should be similar excluding the application of the service pack. If you have a system that has not been patched within the last few weeks or are not sure and do not know if you have a virus, and do not have current anti-virus software on your system follow all the steps below. Checking for and removing viruses can be skipped for users who are sure they do not have a virus. Skipping the firewall installation can be done if you already have a personal firewall or are behind a corporate firewall. For more information please read the Securing Your System.

Back up your Data

1. Back up your data to another computer, tape, CD-ROM, or at least to another partition on your hard drive. If you store data like most people, it is stored in My Documents. Always back up your data on a regular basis.

Install a firewall to help secure the system

2. Install a personal firewall. I use Norton Personal firewall from Symantec, but Zonealarm personal firewall has a good reputation and is free for individuals and non profit organizations. It is available at http://www.zonelabs.com/   Please do not violate license laws when using this product. Since antivirus software is also an essential requirement to have a reasonably secure computer a nice convenient package is Norton's Internet security package from Symantec which can be found in many stores. It comes with both antivirus software and a personal firewall. The commercial version of ZoneAlarm's personal firewall also is very well recommended.

3. Configure your firewall before connecting to the internet. Most users should at this point read their documentation or run the provided firewall tutorial. You may get alerts while configuring or in one case I got an alert indicating that a specific program wanted to act as a server on the internet. Before answering the question I used another computer and went to http://www.google.com/  and looked up the name of the program the alert had specified. At this point I realized the computer had a virus. If you are told by the alert that a program wants to act as a server the likely answer to this question should be no, but it is best to look up the program name on Google to be sure.

Check for and remove viruses

4. Install antivirus software on your computer. I use Norton or Symantec Anti-virus software but use the one of your choice. It is wise to read product reviews.

5. Connect to the internet and get your latest virus definitions from your antivirus software manufacturer.

6. Run a full virus scan on your system but configure it to only find viruses. It is best at this point to not attempt to quarantine or delete infected files. This is because the virus may modify some system files and if these files are deleted or quarantined you may not be able to reboot your system after removing the virus. At this point you only want to identify any viruses, Trojans or worms on your system.

7. At this point do not worry about connecting to the internet even if you have some viruses since your firewall will help protect you. Once you have identified viruses on your system, go to your virus manufacturers website and look up the information about each virus and print it out. Download any virus removal tool for each virus that they may provide. Use the virus removal tool where possible to remove the virus. If no tool is available, follow the manual virus removal procedures that they provide. You may be able to delete or quarantine files identified in your scan by right clicking on the files and selecting either delete or quarantine.

Update your system

8. Right click the "My Computer" icon on your desktop and select properties.

9. If under the General tab it does not state that your system is service pack 3 or above, download the service pack from http://www.microsoft.com/windows2000/downloads/servicepacks/sp3/default.asp Once downloaded click on the downloaded file and follow the steps provided in the install package, then reboot your system.

10. Review the critical updates at http://www.microsoft.com/windows2000/downloads/critical/default.asp and install them. Windows 2000 also has an autoupdate utility which can be configured from the control panel which will help get these but you must be careful to only select useful security and critical updates since the auto update facility will not always choose updates best for you.

11. Update your Internet Explorer browser to version 6 or above by using the site at http://www.microsoft.com/windows/ie/downloads/critical/ie6sp1/download.asp You will need to reboot after applying this latest version of Internet Explorer.

12. If you are using Microsoft Office, read the article "Office Virus Prevention and apply the Microsoft Office updates as instructed in that article.

13. Download and install any critical or security updates for current threats as you are aware of them or check every couple of weeks on the Microsoft site for new updates.

How to Configure Data Execution Prevention (DEP) in Windows XP

Purpose

The purpose of this article is to teach you the way to configure Data Execution Prevention (DEP) in windows XP.

Data Execution Prevention

Data Execution Prevention (DEP) helps prevent damage from viruses and other security threats that attack by running (executing) malicious code from memory locations that only Windows and other programs should use. To use DEP, your computer must be running Microsoft Windows XP Service Pack 2 (SP2) or later. DEP does not help prevent harmful programs from being installed on your computer. Instead, it monitors your programs to determine if they use system memory safely. To do this, DEP software works alone or with compatible microprocessors to mark some memory locations as "non-executable". If a program tries to run code malicious or not from a protected location, DEP closes the program and notifies you. If your computer's processor does not support hardware-based DEP, Windows can use DEP software to help prevent some types of attacks.

To configure data execution prevention

Follow these steps:

1. Right click My Computer and click Properties.

2. Click on the Advanced tab and under Performance click Settings.

3. Click on the Data Execution Prevention>tab.

4. Do one of the following:

a. To help protect some Windows processes but turn off DEP for all other programs, select:
    Turn on DEP for essential Windows programs and services only.

b. To help protect all programs on your computer, select:
   Turn on DEP for all programs and services except those I select.
   Click on Add and add the services and programs that you don't want to be protected.

5. Click Apply and then click OK.

Summary

By default, Data Execution Prevention (DEP) is turned on for essential Windows programs and services only. If you turn off DEP for one or more programs, other programs on your computer as well as your personal information might become vulnerable to damage that spreads from a successful attack against an unprotected program. If your computer is connected to a network, network policy settings might also prevent you from completing this procedure. DEP software alone helps protect against certain types of malicious code attacks but to take full advantage of the protection that DEP can offer, your processor must support "execution protection". This is a hardware-based technology designed to mark memory locations as non-executable. If your processor does not support hardware-based DEP, it's a good idea to upgrade to a processor that offers execution protection features.

Web Security

You are offering your IP address to the entire world at this very moment.

Make sure you are not offering access to your private data at the same time.

Your IP address is:

Accessing the Internet is a security risk.

When you are connected to the Internet, an IP address is used to identify your PC. If you don't protect yourself, this IP address can be used to access your computer from the outside world.

A fixed IP address is a larger security risk.

If you're using a modem with a dial-up connection, you will get a new IP address every time you connect to Internet, but if you have a fixed Internet connection (cable, ADSL, fixed line), your IP address will never change.

If you have a fixed IP address, you give potential Internet crackers all the time they need to search for entrances to your computer, and to store and share (with other crackers) information they might find about your unprotected private data.

Your Network Shares

Personal computers are often connected to a shared network. Personal computers in large companies are connected to large corporate networks. Personal computers in small companies are connected to a small local network, and computers in private homes often share a network between family members.

Most often networks are used to share resources like printers, files and disk storage.

When you are connected to the Internet, your shared resources can be accessed by the rest of the world.

A Common Windows Security Problem

Unfortunately, many Microsoft Windows users are unaware of a common security leak in their network settings.

This is a common setup for network computers in Microsoft Windows:

• Client for Microsoft Networks
• File and Printer Sharing for Microsoft Networks
• NetBEUI Protocol
• Internet Protocol TCP/IP

If your setup allows NetBIOS over TCP/IP, you have a security problem:

• Your files can be shared all over the Internet
• Your logon-name, computer-name, and workgroup-name are visible to others.

If your setup allows File and Printer Sharing over TCP/IP, you also have a problem:

• Your files can be shared all over the Internet

Computers that are not connected to any network can also have dangerous network settings because the network settings were changed when Internet was installed.

Solving the Problem

For Windows 2000 users:

You can solve your security problem by disabling NetBIOS over TCP/IP:

• Open Windows Explorer
• Right-click on My Network Places
• Select: Properties
• Right-click on Local Area Network
• Select: Properties
• Select: Internet Protocol TCP/IP
• Click on Properties
• Click on Advanced
• Select the WINS tab
• Select Disable NetBIOS over TCP/IP
• Click OK

If you get the message: "This connection has an empty......", ignore the message and click on YES to continue, and click OK to close the other setup windows.

You should restart your computer after the changes.

For Windows 95, 98, or ME users:

You can solve your security problem by disabling NetBIOS over TCP/IP:

• Open Windows Explorer
• Right-click on My Network Places
• Select: Properties
• Select: Internet Protocol TCP/IP
• Click on Properties
• Select the NetBIOS tab
• Uncheck: Enable NetBIOS over TCP/IP
• Click OK

You must also disable the TCP/IP Bindings to Client for Microsoft Networks and File and Printer Sharing:

• Open Windows Explorer
• Right-click on My Network Places
• Select: Properties
• Select: Internet Protocol TCP/IP
• Click on Properties
• Select the Bindings tab
• Uncheck: Client for Microsoft Networks
• Uncheck: File and Printer Sharing
• Click OK

If you get a message with something like: "You must select a driver.........", ignore the message and click on YES to continue, and click OK to close the other setup windows.

If you still want to share your Files and Printer over the network, you must use the NetBEUI protocol instead of the TCP/IP protocol. Make sure you have enabled it for your local network:

• Open Windows Explorer
• Right-click on My Network Places
• Select: Properties
• Select: NetBEUI
• Click on Properties
• Select the Bindings tab
• Check: Client for Microsoft Networks
• Check: File and Printer Sharing
• Click OK

You should restart your computer after the changes.

Test Your Shields

Can anyone crawl into your computer while you're connected to the Internet? You may be VERY surprised to find out!

Go to Sygate and click on " Quick Scan" this will give you an idea of how secure you are.

The Internet Email System

The email system that is currently used on the internet was not designed to curb the abuses presented by viruses and SPAM as they are occurring today. The email system today allows:

• Anyone can set the "From" field in the email to any value they want. This means that you can send an email message and make it look like the President of the United States sent the message. There are ways to tell that this is not the case, but on the surface it will appear like the President of the United States sent the message. This is called faking the sending address.
• If an email cannot be delivered, the email standard provides for the sender to receive a notification indicating that the message could not be delivered. Some email servers are also set up to notify the sender when a virus is found in an email they sent.

There are several things that the email system in use today does not provide for:

• The system does not provide for positive identification of the sender.
• There is no method to prevent a sender from sending unwanted emails.

Email Problems

Given the above conditions, several problems can occur.

• If the sending address of the email is faked, any messages indicating the message could not be delivered will go to the person who appears to have sent the email rather than the person who actually sent it. This can cause people to receive non deliverable notifications for emails that they did not send which can be very confusing.
• If a virus sends an email with a faked sender address, a mail server may detect the virus in the message and send a reply to the faked address notifying someone that they sent an email with a virus in it when in fact they did not. This can cause confusion and waste administrators time since users may call administrators and want their systems checked for viruses when they are not acutally infected with a virus. This is why administrators of mail servers should turn off notifications to addresses that appear to have sent a virus.
• Someone can fake the sender of an email and send embarrassing or annoying messages and possibly jeopardize the reputation of the party they are sending the email as. They can make it appear as though a reputable party is sending smut on the internet. I do not know if there are any laws against this, but there should be. This would be called fraud along with some possible other charges such as libel and slander. There are ways to tell that the sender did not actually send the email but this could still unjustly hurt someone's reputation.
• Recipients of virus or SPAM emails are unwilling recipients. These emails tie up their time and computer resources. When someone pays for a connection to the internet, and this connection is used to send them unwanted emails, this is the same as a denial of service attack and is essentially stealing. Everyone who connects to the internet has the right to use their connection haw they want and not how someone else wants. I will talk more about this in the section about SPAM.

E-mail Viruses

Viruses that spread through e-mail have a common method of spreading. This page will discuss how common e-mail viruses currently spread.

The Virus Lifecycle

Viruses begin their life when someone releases them on the internet. They begin to spread. At this early stage of their lifecycle, no one is aware of their presence. As the virus becomes more widely spread, someone will recognize an abnormal problem with their system and investigate. Eventually a computer expert will conclude that a virus exists and notify companies that write anti virus software. The companies will research the virus and come out with an update to their database of viruses that includes information about the new virus and has information about how to recognize it. They may also release a tool that can be used to automatically remove that virus from computer systems.

Therefore the cycle is:

1. Release - The virus is released.
2. Recognition - Someone recognizes the virus.
3. Virus recognition database update - Antivirus programs will now recognize the virus.
4. Antivirus update and removal tools

The time between step one and step three above can be significant. During this time you are vulnerable to getting the virus because your anti-virus software will not recognize it as a virus. This is why you should be careful about the e-mail attachments that you open, even if you are actively running anti-virus software.

How Viruses Work

1. When a victim of a virus double clicks on an infected attachment, the virus will run.
2. The virus will modify the victim's system so it will always be active when the system is turned on.
3. The virus will scan the victim's address book in their e-mail client program such as Outlook or Outlook Express.
4. In the past, viruses would then mail themselves to addresses found in the victim's address book. But today many viruses choose random recipients and senders from the victim's address book. This means that although the e-mail is sent from the victim's machine, the e-mail sender address is faked to appear as though someone else in the victim's address book sent the message.

What to Do

• Always run anti-virus software and be sure it gets updated at least twice per week.
• If you get a virus in an e-mail attachment and you are sure it is a virus, delete the e-mail message.
• If you get an attachment from someone you know, consider whether there is enough personal information in the e-mail which a virus program would not know. If you are not sure your acquaintance sent the e-mail call them and be sure before opening the attachment. Do not count on your anti-virus software being able to stop you from getting infected if you open the e-mail attachment. Remember, viruses are not recognized right away by your anti-virus software and you could get a new unrecognized virus before your virus definition updates are released.
• If you get an e-mail saying a message you sent was undeliverable and you did not send the message, consider whether your system is behaving abnormally. You probably do not have a virus, but if you are not sure, use your anti-virus software to perform a system scan for viruses and remove any viruses found using the procedure in the section about "Removing Viruses", then delete the e-mail.
• If you get an e-mail saying a message you sent contained a virus, consider whether your system is behaving abnormally. You probably do not have a virus, but if you are not sure, use your anti-virus software to perform a system scan for viruses and remove any viruses found using the procedure in the section about "Removing Viruses", then delete the e-mail.

Example

Below is shown an e-mail from a virus as an example of how a virus writer will try to fool computer users.

	From: staff@yourorganization.org [mailto:staff@yourorganization.org] 
	Sent: Wednesday, March 03, 2004 4:41 AM
	To: usertofool@yourorganization.org
	Subject: Important notify about your e-mail account.
	Dear user of e-mail server "Yourorganization.org",
	
	Our antivirus software has detected a large  ammount of viruses outgoing 
	from your email account, you may use our free anti-virus tool to  clean  up your computer software.
	
	For further  details see the attach.
	
	For security reasons attached file  is password protected. The password is "22352".
	
	Cheers,
	The Yourorganization.org team  http://www.yourorganization.org
	

Of course there is an attachment. In this case the virus sent a zipped file (.zip) and instructed the user how to open it. It was encrypted in a zipped file so the anti-virus scanner could not detect it!

Spam

Spam is unsolicited junk e-mail sent to large numbers of e-mail addresses. It is used to promote some product or service and many spam e-mails are pornographic in nature.

Spam Prevention

Unfortunately there are not very many good ways of preventing spam other than keeping your e-mail address secret. It should be kept at a level of security somewhere between your phone number and your social security number. You should be careful about who you give your email address to. Many companies will sell your email address to spam lists, thus making it available to spammers.

I currently use three email accounts as follows.

• The first account is the one I give to personal acquaintances.
• The second account I give to companies that have a privacy policy that I am fairly certain won't sell my e-mail address.
• The third account, I give to companies that I believe I cannot trust to sell my information. I don't worry if these companies can contact me.

I expect to change the third account pretty often, but hopefully the first two will last several years without much spam. The third account may be through a free internet email account service such as hotmail or yahoo.

Managing Spam

Besides keeping your e-mail address secret, the next best spam relief are programs that help you manage spam. Spam can be filtered at the mail server with some programs or they can be a program that plugs into your e-mail client program such as Outlook or Outlook Express. Basically these types of programs filter spam based on several characteristics such as:

• The subject line
• The address of the sender
• Some programs scan the message content and consider length or wording.

Unfortunately none of these scanning methods are 100% accurate although some claim to achieve success rates into the upper 90 percentile. What most of these programs do is to create folders for "friendly" mail or "unfriendly" mail. The friendly mail is put into one folder, unfriendly mail is put into a second folder and there may be a third folder for unknown mail. Unfriendly mail is automatically deleted after some period of time. The capabilities and handling of the mail will vary from program to program. Some that I have considered using include:

• Qurb
• I Hate Spam
• Spam Assassin

Spam for Webmasters

If you are a webmaster, spammers will send spam to your domain by sending it to general possible accounts such as administration@yourdomain.com. One way to prevent this is to configure your account with your hosting provider not to respond to undeliverable emails and just automatically delete them. This is called a "blackhole" setting. The only problem with this is that spammers will still use your bandwidth that you pay for to send you their junk, even though your server deletes them. As spam gets more excessive, it may increase bandwidth costs for webmasters thus discouraging some sites from operating.

Why Spam Should be Illegal

When you connect to the internet, you are paying for a specific service for your use. This service costs a specific amount of money and provides a certain connection speed to the internet. This connection speed indicates your bandwidth. The greater the connection speed, the higher the bandwidth. The higher speed connections cost more money. At this point you have paid for the privilege of surfing the internet with your web browser, sending and receiving e-mail, and other activities. The speed at which you can do this is limited by your bandwidth and how fast you can click pages or send or receive e-mail. Consider the Following diagram:

Each person has a connection to the internet. If the person on the right chooses to use their connection to send e-mail or junk e-mail (spam), that is their choice. They are paying for their connection and they are willing to use it in that manner.

If the person on the left does not want to receive spam, but wants to read personal e-mail and surf the internet, they are willing to receive only personal e-mail. If someone is sending them a lot of spam, they will need to wait for the junk e-mail to be delivered before they can read much of their personal e-mail. They are an unwilling participant regarding the unsolicited e-mail they are receiving. Not only is their connection being used by someone else, but it will take them additional time to sort the mix of e-mail out to get to the mail they want to read. If the receiver had willingly stated that they were interested in receiving the advertisements, it would be another matter.

Of course the sender of the spam is not using all the spam receiver's internet connection, but the spam receiver does not get the opportunity to use their connection in the way they fully intended even though they were the one paying for it. This is the same as stealing even though the effective amount may be small. Imagine, how rich you could be if you could only steal a fraction of a cent per day or week from everyone who uses the internet. That's why spam should be illegal.

Someone may argue that spam is the same as junk mail sent through the postal service so why would it be stealing. This is not true since the sender of mail through the postal service pays for the cost of both pickup and delivery. On the internet, the sender pays for the cost of pickup and the receiver pays for the cost of delivery.

The Real and Permanent Solution to Spam and Viruses

Unfortunately a permanent and good solution will take years to implement. A new mail protocol (method of sending e-mail) must be developed by the internet community and then e-mail servers must be modified to handle that protocol. The changing of the e-mail servers will take the most time.

I believe all e-mail should be digitally signed by the sender in order to be delivered. This way the sender cannot be faked and everyone must take responsibility for their own e-mails. However to get this to work right someone must find a way to keep viruses from being able to digitally sign your e-mails for you automatically. A bug in your e-mail client may allow a virus to digitally sign your e-mails causing this type of solution to be ineffective, however, in this case, there would be no doubt as to who has the virus.

Some Proposed Solutions that Won't Work

• Paying for each e-mail sent - This solution will not work because it forces people to pay for services that they have already paid for. Additionally it will not prevent spammers from using poorly configured servers to send spam illegally. It will most likely force victims (those who get viruses and administrators who have spammers illegally relay mail through their mail servers) to pay for the additional e-mail. On the brighter side, it may force more administrators to lock their systems down better and force computer users to be more careful about getting viruses. If this were done, I would think it would make the most sense to allow a limited amount of email to be send on a monthly basis for free.
• Reverse address to name lookup - Some ISP's want to use a check that looks at the address the mail came from and determine the name of the server. If the name does not match the name advertised by the sending mail server, then the e-mail is assumed to be spam and dropped with no notification to the sender. Not only does this violate the rules (protocol) governing the internet for sending e-mail, it will cut down or eliminate the ability for web based programs to automatically notify users at some websites about events. For instance forum sites will notify when someone has posted an answer to a question. If the user's ISP uses reverse lookup, the user may never see the email from the forum website where they asked a question.

Removing Viruses

Removing viruses can be risky to your operating system and may cause you to need to re-install your operating system. If you do not feel comfortable with the instructions in this section, you should get a computer professional to do the job.

Virus Removal Procedure

1. Be sure you have good backups of your data along with an emergency boot disk for your system.
2. Determine what viruses you have on your system.
   1. Install a virus scanning program if you do not have one already installed. Use the product of your choice. It is wise to read product reviews.
   2. Be sure your virus definitions are up to date. Connect to the internet and download the latest virus definitions from the company that created your anti-virus software.
   3. Configure your virus scanner not to remove any viruses but only detect them. You do not want to remove the viruses) immediately since some viruses may infect files that your system requires to run. If these files cannot be cleaned by the anti-virus program, they may be deleted or quarantined. If this happens you may not be able to run your system again.
   4. Scan for viruses but do not remove them. Note: Some viruses will stop your virus scanner from operating. If this is the case you will probably need the help of a computer professional. If you have a virus that stops your virus scanner then you will need to either share the drive across a network and scan it from another computer or remove your hard drive and place it into another computer as a second hard drive, then scan your hard drive.
3. Learn about the viruses you have and how to remove them. - Go to the web site of the organization that created your anti-virus software. The Symantec security response site is a good site to find information about specific viruses and they provide virus removal tools.
4. Remove the viruses.
   1. Many viruses have a removal tool which can be used to remove the virus. If there is a removal tool, download it and use it to remove the virus.
   2. If there is no removal tool, you will need to follow the manual removal instructions. You may need to manually delete virus files and edit your system registry. The removal instructions will tell you how to do this, but some people may not feel comfortable doing this without the help of a computer professional.
   3. If the manual instructions indicate that you should let your virus scanner remove the virus, then remove all viruses that you can with virus removal tools then run the virus scanner with it configured to remove all viruses.

Making a Boot Disk

Open the Windows backup program on Windows 2000/XP by selecting Start, then Programs, then Accessories, then System Tools, then Backup. The backup utility will start as shown below.

When the Welcome tab is displayed in the Backup program, click on the "Emergency Repair Disk" button near the bottom. When the "Emergency Repair Diskette" dialog box appears select the checkbox next to "Also backup the registry to the repair diretory..." and click OK. You will need to put a blank floppy into your floppy disk drive.

Once the process is complete, you should label the floppy disk with the current date and the name of the system you are making the disk for.

If you ever get into a situation where your system will not boot, you can use this disk to help you recover your system. This is a somewhat technical process but it begins by pressing the F8 function key while the system is booting which will provide some advanced booting options, one of which will allow you to try to boot using your emergency repair disk. It is usually much easier to recover a system that has an emergency repair disk.

The basics | Something's Spinning But Nothing's On | Hardware Hang-ups | Self made Problems | Prevention Is The Best Medicine

Summary

There are several things you should do to make your system more secure, and keep it performing better.:

• Change your file view settings on Windows systems so you will see all file extensions.
• Always run anti-virus software and keep the virus definitions updated at least twice per week.
• Never connect to the internet unless you are using a personal firewall or are behind an organizational firewall on a private network.
• Never open e-mail attachments without being sure of who sent them. Keep the following in mind:
  • E-mail addresses can be faked by virus programs.
  • New viruses may not be recognized by your anti-virus software.
• Patch your operating system regularly. This will reduce your vulnerabilities to worms and hackers. See the Applying Patches article for more information.
• Patch your applications regularly especially Microsoft Office. Perform regular backups of your data.
• Make an emergency boot disk to enable you to restore your system in the event of file corruption or a virus that makes it unable to boot.
• Avoid installing unneeded applications and always be sure any free programs do not have a hidden purpose.

Basic Hardware Guide Credits

Document:

Basic Computer Tutorial Version 1.0.0

March 18, 2004

Author:

Mark Allen