Security:

Measures adopted to guarantee freedom or secrecy of action, communication, or the like.

Password:

A secret word or phrase that one uses to gain admittance or access to information.

Your password -- your secret word or phrase -- allows only you access to the University of California, Davis' computing resources. Like the key to your home's front door, your password keeps out unwanted intruders. Would you leave your house keys lying around to be picked up by just anybody? And in this day and age, how many people hide their keys underneath the front door mat? So then, why are electronic passwords still scribbled on sticky notes on computer screens or stashed under keyboards or in the back of desk drawers?

According to some analysts, more than a million passwords have been stolen to date. It is surprisingly easy to guess or steal passwords. Hackers can launch a dictionary attack by comparing your password with every word in a dictionary -- foreign as well as English -- in a matter of minutes. Or they can use "sniffers," programs that read every keystroke sent from a machine, including passwords. You can take measures, however, to reduce the likelihood that such schemes will be successful when it comes to your password. Memorize your password, rather than writing it down; never share your password with anyone; never send your password via email; and don't choose one that is too predictable or easy to guess.

Why is this important?

Someone who guesses or steals a password can conceivably access files, email messages, funds, and personal information. This may allow the hacker to change or destroy files or send email threats in someone else's name. And this chaos can extend beyond just one account. Once intruders gain access to a system, they can monitor other machines and systems on the same network and even monitor the remote systems to which the local users connect. For example, an unwanted intruder might, by way of a stolen password, gain access to confidential student or University financial information.

What can you do to help?

Well, to start with, don't leave that password lying around. Passwords, like the keys to your front door, provide security only if handled properly. Network and systems administrators can enhance security through the use of advanced security features (such as firewalls, encryption and authentication), but ultimate responsibility comes back to you, the end user.

What to include in your password:

• Choose a password that is easy for you to remember but difficult to guess. It should contain at least seven characters.
• Use punctuation marks or symbols within your password. Do not use a blank space!
• Always mix upper- and lowercase letters.
• Select a unique password, not one that you are using for some other purpose.
• Specifically, if you are or will be using central computing systems at UC Davis, your password must include
  
  • 7 to 8 characters
  • At least one upper-case letter
  • At least one lower-case letter
  • At least one number
  • At least one special character (must be $ if you are or will be using VMS).

What not to do:

• Don't write down your password!
• Don't send your password via email. Email is not secure. (Keys in the mail? Never!)
• Don't store your password in a file on your computer.
• Don't use dictionary or foreign words, names, doubled names or first/last names and initials.
• Stay away from simple transformations of words (e.g., 7eleven, seven11, etc.) or any alphabet or keyboard sequence (backwards or forwards).
• Don't even consider short words, single characters, phone numbers, birth dates or numbers substituted for letters (like a zero instead of the letter O).
• Be wary of programs unnecessarily requiring your password. Once you are logged in to a given computer system, it should not need to know your password again.

And remember to change your password if:

• You have had the same one for more than six months.
• You have told it to anyone (even Mom) or have written it down anywhere.
• You have logged onto a system from another city or campus.
• You are notified that it does not meet current standards.

Strategies for choosing a good password

The following are only suggestions for developing a secure password. Please, please do not use these examples! Including them in this document compromises their security.

• Lines from a favorite childhood verse.
     Example: London Bridge Is Falling Down
     Password: LBif%Down
• Expressions about a favorite geographical area.
     Example: I left my heart in San Francisco
     Password: iLmHiS#F
     Example: Sunny California
     Password: suNIc*al!
• Foods liked or disliked as a child.
     Example: Fish on Fridays
     Password: FoFda!
     Example: Chocolate Pudding
     Password: cHO%dinG

Try substituting antonyms or synonyms for your chosen words or interweave letters and characters from successive words. Ultimately, any password you choose has to be known to you and you alone and must conform to local procedures for constructing passwords.

How secure is your password? Test it here:

Back to Top - Back to Security FAQ

This page includes information about computer viruses and trojan horses.

It defines what viruses and trojans are, as well as telling you what measures you can take to protect your computer from such threats, and what to do if your computer is infected by a virus.

Computer virus overview

Viruses are particularly nasty pieces of work, and can do no end of damage. Anybody who remembers the media attention given to the 'Melissa' and 'I Love You' viruses in 2000, and the more recent 'Blaster' and 'Welchia' worms in 2003 would testify to how much havoc they can cause.

A virus is a program that installs itself on your computer without your knowledge, and runs covertly in the background, often damaging files (and sometimes even the hardware) on your computer. Viruses use your computer and Internet connection to spread to other computers connected to the Internet. This is how a virus comes to infect a large number of computers, and usually gains worldwide media attention.

Typically, they arrive as files attached to e-mails and send copies of themselves to everyone in your address book in order to spread their infection and damage other computers. A variation on the simple virus is the worm, which can often infect your computer without you doing or noticing anything.

Trojan horse overview

A Trojan horse is similar to a virus in that it can harm your computer, however it is potentially more dangerous. This is because it sits on your machine and waits quietly to be triggered by a malicious user on the Internet who has installed it on your computer before it wreaks havoc.

The 'trigger' is usually a particular date in the future, but it can be something as simple as waiting for you to install a certain piece of software on your computer. Some can even be activated remotely by their authors (the malicious users), as and when they want to gain access to and control of your computer.

Trojan horse programs can be used to take complete control of your PC by an unauthorised third party. They are often used to steal information such as Internet banking details for malicious (and commonly, fraudulent) purposes.

In some extreme cases, identity theft can take place as a result of sensitive and confidential information being stolen from a computer by a user using a Trojan horse installed on that machine. This is when someone uses personal information about another person in order to pretend to be that person. As one can imagine, the consequences of this can be very serious indeed.

Protecting your PC from viruses and trojan horses

While computer security is not an exact science, there are some basic steps you can take to try to protect yourself and other Internet users from threats while online:

1. Ensure you keep your Windows operating system protected by downloading and installing any critical software updates and patches that are released by Microsoft.

   Microsoft Windows operating systems are constantly being updated in order to fix any security vulnerabilities that are discovered. This is usually in the form of 'service packs', which not only contain security patches, but also normally come with enhancements of some kind for your operating system.

   If you do not regularly check for software updates, you run the risk of being 'hacked' by a malicious user, or of being infected by a virus or Trojan horse. This is because, without updating your operating system periodically, such threats can exploit any security 'holes' that may exist.

   To check for updates to your Microsoft Windows operating system, you should open a new web browser window and type windowsupdate.microsoft.com into the address bar. Alternatively, simply click on the link directly above.

   On the Windows Update website, you can check for any new updates for your operating system, and you should download these updates in order to provide further protection for your computer while online.

    

2. Install a firewall

   In order to stop unauthorised access to your computer by other Internet users while online, you should install a piece of software known as a 'firewall' on your machine. More information on firewalls can be found on the Symantec website.

    

3. Install anti-virus software and keep the virus definitions up-to-date

   A good anti-virus solution is an essential part of using a PC. If you do not have any anti-virus software on your computer, I recommend that you install one immediately. Again, advice on anti-virus software and how to get it can be found on the Symantec website. There are free downloads on the main Security page.

   Of course, in order to be effective, your anti-virus software constantly needs to know about the latest viruses being released onto the Internet, so that it can offer your machine the best protection possible. Most anti-virus software can be kept up-to-date by downloading and installing updated virus definitions, usually available from the software manufacturer's website. If you do not do this, your anti-virus software may as well be non-existent, since your PC will not be protected from the latest threats.

    

4. Be wary of e-mail attachments

   Since the vast majority of viruses these days are spread via e-mail attachments, you should never open an e-mail attachment that you are not expecting.

   Things to remember:

   1. Any attachment whose filename ends with .exe, .bat, .scr, .pif or .vbs is most likely a virus. Do not open or run these files.
      
      

   2. If you receive an unexpected e-mail attachment sent by someone you know, before opening it, you should contact them to check that they meant     to  send you the attachment.
      
      

   3. If you receive an unexpected e-mail attachment from someone you do not know, you would be well advised to delete that e-mail without opening it.
      
      

   4. Never open an e-mail attachment without using your anti-virus software to scan it for viruses first.

What to do if your computer is infected by a virus

First and foremost, you should run your virus checking program on your machine to detect and remove the virus. As new viruses emerge all the time, make sure you have updated your anti-virus software with the latest virus definitions from the manufacturer's website before you run it each time.

If you do not have any anti-virus software installed on your computer, then I strongly advises that you download and install such software immediately, so that your PC can be protected from viruses and Trojan horses as soon as possible. There are different anti-virus products available for purchase on the Symantec website. There is also some free software on the main Security page.

Additionally, look on a website such as Symantec's Anti Virus Research Centre and search on the name of your virus if you know it (if not, search on the symptoms of the virus) and you will get all the information you need on how to remove it and secure your machine again.

What to do if you get virus warnings from others

Don't believe it. It's almost certainly a hoax. And, whatever you do, don't pass the warning on without checking first!

By passing a warning on, you may feel you're being a good Samaritan. But if it's a hoax, you are actually adding to it and helping to spread the hoax to other users. This in turn causes unnecessary panic amongst people, which is exactly what the originator of the hoax wants to happen.

You should independently verify for yourself that it isn't a hoax by visiting Symantec's Anti Virus Research Centre and searching their hoax database.

If it is there, then simply ignore the hoax and do not action it. However, if it isn't there, then, and only then, pass the warning on. Remember, Chinese whispers can cause damage!

Back to Top - Back to Security FAQ

This page includes information about the problem of spam e-mail.
It defines what spam e-mail is, as well as telling you how to report spam e-mail if you get it, and how to look at the header information in an e-mail using your e-mail program and/or web-based e-mail service.

Spam e-mail overview

Spam e-mail is an inappropriate attempt to use a mailing list, or USENET or other networked communications facility, as if it was a broadcast medium - which it is not - by sending the same message to a large number of people who didn't ask for it.

The term probably comes from a famous Monty Python skit which featured the word 'spam' repeated over and over [hence the reference, spam is worthless repetition of text]. The term may also have come from someone's low opinion of the food product with the same name, which is generally perceived as a generic content-free waste of resources.

Please note: Spam is a registered trademark of Hormel Corporation, for its processed meat product.

Spamming is against the Acceptable Use Policy (AUP) of most ISPs, including blueyonder, and spammers tend to have their accounts suspended and/or terminated when their actions are reported to their ISP.

How to report spam e-mail

Don't despair when you get SPAM while online - you can fight back!

Any ISP worth its salt, including this one, strictly forbids its service being used for any purposes to do with Spam.

Bear in mind that the first rule of Spam is that Spammers lie. Regardless of the content of the From: field on their e-mail or posting, it is almost certain that the message did not originate from that e-mail address; it is just the Spammer putting it in there so that you report it to the wrong person and that the perpetrator can keep on Spamming.

Never ever reply to a Spammer directly anyway, as this just confirms that your e-mail address is active, and you will get more and more and more Spam as a consequence.

There are several online tools, notably SpamCop and Sam Spade, which can help you to trace who the Spammer is, and who to actually report them to.

How to view the header information in an e-mail

Quite simply, an e-mail header is a short list of information that is appended to the top of an e-mail message when it is sent to its destination.

This information is really only useful to the computers which the e-mail passes through while it is being transferred via the Internet, as it is predominantly used for routing purposes only, i.e. instructing where the e-mail has come from and where it is being sent to. Hence, an e-mail header is usually hidden from view in an e-mail message and you will not notice it as being part of the message.

The header information in an e-mail only becomes useful to you when you wish to find out the real source of spam e-mail, which is also commonly known as "junk mail". The people who send spam e-mail, usually part of an organization, forge the header information of the e-mails which they send in order to avoid getting caught and bypass e-mail filters on the Internet, which are in place to try to help prevent unsolicited e-mails from ever reaching a person's mail inbox.

Although spammers are able to forge a lot of the information contained within an e-mail header, there are certain pieces of information that are particularly difficult for them to forge. For example, the "Received" portion which references your computer - the last computer to receive the e-mail - cannot be easily faked. It is for this reason that it is sometimes possible to determine the real source of spam e-mail.

The most common reason why people wish to view the header information in an e-mail message is because they want to trace the real source of unsolicited e-mail so that they can report the spammers in an attempt to prevent receiving further e-mails from them in the future. Other reasons include either wanting to verify the authenticity of the sender/origin of the e-mail or determining how and where the e-mail message has been routed across the Internet.

How to view an e-mail header

Please note: Some of the following text is originally from the alt.spam FAQ at http://ddi.digital.net/~gandalf/spamfaq.html

The only information which you usually see from an e-mail header is as follows:

1. Who the e-mail has been sent to (you, and perhaps other people as well)
2. Who the e-mail has been sent from (the sender, and "From" / "Return" e-mail address)
3. The subject (a short description to outline the content of the e-mail)
4. The date (the date and time when the e-mail passes through the first computer on its journey)

Below are separate lists of some of the most commonly used email programs and e-mail services.

Claris E-Mailer

Under Mail, select Show Long Headers.

Eudora (before version 3)

Select Tools, then Options..., then Fonts & Display, then Show all headers.

Eudora (version 3.x, 4.x IBM or Macintosh)

Press the BLAH button on the incoming mail message.

Mac Eudora 4.x

Hitting the following will cause Eudora to alter its default setting so that BLAH will be automatically selected for all new email received after this switch is set: x-eudora-setting:123=y

When checked, Eudora will show all the headers from messages, not just an abbreviated set.

Lotus Notes 4.6.x

From the menu bar, select Actions, then Delivery Information.

Copy the information from the bottom box into your email report at the top of the spam.

Lotus Notes R5

From the menu bar, select Actions, then Tools, then Delivery Information.

Copy the information from the bottom box into your email report at the top of the spam.

Microsoft Outlook

Double click on the email in your inbox. This will bring the message into a new separate window.

Click on View, then Options.

You can also open a message and choose File, then Properties, then Details.

Microsoft Outlook Express

Press Alt + Enter, or Alt + F then R.

Alternatively, to look for, copy and send headers:

1. Press CTRL + F3
2. Press CTRL + A
3. Press CTRL + C
4. Press Alt + F4 (At this point the message is already copied)
5. Open a new message. Right click and paste, or select Edit and Paste

Netscape 3

In the Netscape Mail window, click View, then Document Source.

Netscape 4.xx

Double click on the email in your inbox. Click on View, then Headers, then All.

Pegasus Mail

To view the full headers for each message, use CTRL + H.

This will show the full headers for the particular message, but will not add them to any reply or forward. You will need to cut/paste the message into the reply/forward to send these headers.

PINE

You have to turn on the header option in setup, then just hit "h" to get headers.

Hotmail

To expose the full message header, click "Options" on the Hotmail Navigation Bar on the left side of the page. On the Options page, click "Preferences". Scroll down to "Message Headers" and select "Full".

Yahoo! Mail

Log into your Yahoo! Mail account.

Click the "Options" link on the left-hand navigation bar.

Click the "Mail Preferences" link on the right.

Locate the Show Headers heading and select "All".

Click the "Save" button to put your new settings into effect.

Please note: Programs that do not comply with any Internet standards throw away the e-mail headers. Examples of this include cc-Mail, Beyond Mail and VAX VMS. Therefore, you will not be able to get the header information from email messages using these programs.

Back to Top - Back to Security FAQ

This page includes information about how parents can take steps to exercise control over their children's online activities.

It discusses a few of the dangers that exist on the Internet, which children may come across while online, as well as some of the parental control software that is available to help parents protect their children from these dangers.

How to protect your family while online

Many parents are concerned about what their children are exposed to when they access the Internet, but with some common sense tips and advice your whole family can be fully protected whilst they enjoy their online experience.

The Internet is full of the usual dangers any child would face in their day to day life. There are undesirable elements as well as good, and you should be monitoring their usage and keeping a close eye on what they are doing while they are using the Internet.

Be particularly careful when using chat rooms, as well as e-mail and Usenet, that your children don't give out their contact details and the fact that they are a child.

Parental control software

We recommend the use of parental control software, which can help to keep your children safe online by letting you block objectionable Web sites. However, there are many other tools out there on the Internet that will block websites based on either your selection of what you would wish your family to see, or on a list of 'naughty' sites put together by the makers of the software.

Parental Filter is very and an excellent solution. Parental Filter can be downloaded from here.

For more information, you can visit Childnet International, a children's Internet charity dedicated to improving Internet security for children.

It is advisable to get hold of some software such as Norton Internet Security suite (which includes Norton Parental Control) from Symantec to block websites which you would consider unsavoury from being viewed.

There are also many Net Nannying programs that you can use, and a search on any large search engine will give you a wide choice of what you can use for the job.

Finally, it is worth noting that family protection software can only do so much to help you protect your children from the many dangers of the Internet. Additionally, and most importantly, use your common sense as a good parent to monitor your child's online activities!

Back to Top - Back to Security FAQ

What is Spyware and Adware Software?

Spyware and adware are software that is installed on your computer, generally without your knowledge, that monitors or controls your computer's use. The software may send pop-up ads, redirect you to an un-requested website while you are on the Internet, monitor your Internet activity or record your keystrokes while you are online. This recording of keystrokes may lead to identity theft or credit card fraud.

The terms "spyware" and "adware" are the essentially same type of software. They are software that you may not be aware of running on your computer.

The online marketers who distribute this type of software maintain that you have downloaded the software to help them better service your Internet marketing needs. They would also state that you received their software as part of another free software package that you downloaded and installed. Lastly, that during the download process, that you clicked on the "agree" button, where there was their statement that you would accept online pop-up ads for their advertised products.

This same software that have victimized individuals with a mysterious change in their opening Internet page, a new default search engine, an avalanche of pop-up ads while online, computer slow downs or a computer crash - know the software as spyware.

Any unsolicited software that runs on your computer is malicious spyware software.

Spyware Distribution

Regardless of what it is called -- your computer is infected just the same.

Simply clicking on a banner ad can install spyware software. Worms, which are self-propagating viruses, can also carry spyware. They search for machines that don't have up-to-date security patches and install their crippling software. Spyware may also be distributed by email.

As stated before the biggest method of distributing spyware is to secretly bundle it with free software that you download from the Internet. Sites that offer music sharing, videos, weather data, games, screen savers, a tool bar, or program that synchronizes your computer's clock often are paid to distribute this spyware as adware.

File sharing programs like Kazaa have adware bundled right in the package download.

Before these programs are installed, you must clïck a box saying you accept the contractual agreement. These agreements can be thousands of words long and people rarely read them. Upon closer examination, however, they find that accepting pop-up ad serving software is part of getting the package.

Another common method is a message saying you need to download ActiveX to view a website or email note. Don't do it! It's just another method to get you to clïck yes to their adware.

Sometimes the presentation is an outright counterfeit of a Microsoft agreement or some other recognizable document. A safe rule to follow: If you're not sure what it is, don't clïck yes. Cancel out of the program any way you can, even if it means rebooting your computer.

Unlike virus writers, who mainly want to infect as many computers as they can just so they can brag, spyware distribution firms have a financial incentive to have their software stay on your computer as long as possible. The more of their ads that they load onto your computer screen, the more likely that you will clïck on one of the ads.

Is Your Computer Infected

To eliminate spyware, you must track down every file and completely erase it. That can be tough since spyware hides inside your computer's operating system, making it difficult to find.

If you suspect that your computers is infected and want to search the Internet for an "anti-spyware" solution -- be careful.

A Google search will return over 1,500,000 results for "anti spyware software". You will get about 749,000 hits for the phrase "anti-spyware software". Some companies that offer anti-spyware software solutions also make spyware software. Who else would know how to remove spyware then the makers of spyware software? Their anti-spyware software may remove a version of spyware on your computer but discretely load a more current version of their spyware to be launched in a few days after you had thought that you had cleaned-up your spyware problem on your computer.

You may download three free spyware cleaning programs at: Ad-Aware, Spybot, CWshredder

Before you run any of these, use their automatic update feature to get the latest protection. Some users report better results when they make repeated passes with each of the three programs.

Cleaners can remove most of an infection, rendering it temporarily inactive. But components sometimes remain that download more files and re-infect your computer. Sometimes it helps to disconnect from the Internet, then reboot after you run the cleaner. If you know how to manage a fire wall like Zone Alarm, you may be able to use it to prevent persistent spyware from reconstituting itself.

If your computer is so bogged down with spyware, you may have trouble downloading the anti-spyware products before your computer crashes. In that case, you may have to obtain the programs from another computer with a CD burner, and then load the software onto your troubled computer using a CD.

Scan your hard drive at least once a week with two or more anti-spyware programs because each is likely to find files the other overlooks.

Ongoing Anti-Spyware Protection

To prevent future infections, don't clïck on any popup ads or the body of any spam emails. Try closing unwanted pop-up ads using Alt-F4 in Windows. The Alt-F4 is a keystroke combination that decreases the risk you'll clïck on a disguised button to close a window that will actually open another window.

Keep your computer up to date with the latest security patches. Microsoft offers free updates and free CDs can be ordered for users on slow-speed dial-up.

Windows recently announced the release of XP's Service Pack 2, which provides additional security measures such as a limited spyware blocker and a firewall.

Protection is an ongoing process since spyware makers are constantly creating new threats. You may download a good computer resources manager and security manager at OnlineSoftwareGuide.com.

Install a personal firewall. ZoneAlarm from Zone Labs has a free basic firewall for personal use. Symantec and McAfee sell popular personal firewall, anti-virus, anti-spyware software.

Next, set the computer's operating system for daily security updates.

Also set the Web browser to a medium or high-security level. For Windows, go to Microsoft's Web site for instructions. Windows XP users should install Service Pack 3, which makes it close to impossible for software to be downloaded without you being alerted. Consider switching to a browser less popular than Internet Explorer, such as Mozilla Firefox or Opera. They are less likely to be attacked.

If you have any problems implementing any of the above, be sure to contact your computer consultant.

Finally, practice safe surfing. That means downloading only trustworthy software, reading licensing agreements, avoiding banner ads, and deleting all spam without opening.

Tips for Protecting You and Your Computer

::Do not clïck "yes" when an Active X dialog box keeps popping up unless you know exactly what you're downloading.

::Do not open, and delete, any suspicious email messages.

::Do not fill out any web forms asking for your social security number, driver's license, email passwords, bank account information, or your mother's maiden name.

::Do not download or install any software unless you know and trust the source 100%.

:: Do not give your email address to anyone you don't know.

:: Clear out cookies and other tracking data on your computer.

:: Try using disposable email accounts when filling out forms on the Internet.

:: Do not enter any sweepstakes or contests online. Most of them capture your personal information and sell it to third party vendors.

:: Install software to counter-attack Spyware, Adware, Spam and pop-up ads.

:: You can file a complaint about unsolicited spyware software with the FTC at: www.ftc.gov. Clïck on "File a Complaint."

Websites That You Can Trust To Help

- Ad-Aware
- Spybot
- CWshredder
- WinTask, manages resources and improves security.
- Download of anti-spyware software
- Spyware information tools, tips, and vendor for Trend Micro software.
- McAfee anti-virus and anti-spyware software.
- Windows security patches and spyware protection information.
- Virus and spyware scans
- Lists software that may spread spyware.
- Norton spyware information
- Spy Sweeper anti-spyware.
- Zonelabs firewall.

'Pop-up' overview

A 'pop-up' is a window that opens itself in your web browser without you expecting it. It is usually a small window and more often than not contains an advertisement of some kind, trying to offer you either online products or services. However, other pop-up windows simply contain a message targeted at the visitors of a particular webpage.

The authors of websites can set it so that pop-up windows open up when a certain action is performed by a user within their website. For example, a pop-up can open itself automatically when a user visits a webpage, typically containing an online survey or a simple welcome message. Other pop-ups may even open up when a user leaves a webpage, usually including text saying something along the lines of "Thank You for visiting this website! Please visit us again soon...". On the whole though, pop-up windows include online advertisements, aimed at drawing users' attention to special online offers, products and services.

Not all pop-ups open up automatically, however. For instance, some can be triggered by a user clicking on a hyperlink to another webpage. Worse still, there are some pop-up windows which open up simply when a user hovers their mouse cursor over a piece of text or an image on a webpage, without having to click on it at all!

As one can probably imagine, this can become very annoying indeed. This is because you do not expect the small pop-up window to open, and did not 'request' the window to be displayed in your web browser.

For some people, pop-ups can be intimidating or an invasion of privacy. Whereas others merely close the windows and do not seem to mind as much.

Fortunately, there is software available that can help you to stop pop-up windows from opening up, quite appropriately named 'pop-up stoppers'. For more information, please see below.

Pop-up stopper software

Pop-up stoppers are basically software which can help you to prevent those annoying pop-up windows from opening up in your web browser. They can be configured so that all pop-up windows are blocked, or they can be set up so that some pop-up windows on certain (trusted) websites are allowed and others are blocked, depending on the options that you choose in the software.

Where to download a pop-up stopper

You can download a free pop-up stopper software here.

Back to Top - Back to Security FAQ

This page includes information about how you can protect your PC through the use of a firewall while online.

It discusses ways in which you can help to protect your computer from malicious users and other threats while online, as well as telling you which firewall software you can use for this purpose.

Reasons for protecting your computer while online

Everyone should implement certain preventative security measures against malicious users attempting to gain unauthorised access to their  PC.

When your PC connects to the Internet, either via a dial-up or broadband connection, it is able to do so by having several 'ports' open to communicate through. Quite simply, a 'port' can be regarded as a doorway, through which information is able to go into and out of your computer. The information can travel in both directions through the doorway, which allows your computer to communicate (i.e. exchange information) with other machines on the Internet, and vice versa.

When a computer is connected to the Internet, it has in excess of 65,000 ports (doorways) to communicate through, each of which allow a different type of information to travel through it. The different types of information can be thought of as different types of 'service', where each service is dedicated to performing a specific task on the Internet. In other words, each port only usually allows a specific type of information to pass through it, in either direction.

A good example of this would be port number 80, which is dedicated to the Hypertext Transfer Protocol (HTTP) service. This particular port (doorway) is used by your web browser to request WebPages from a website and display them in the browser's window.

To elaborate, when you click on a link to view this webpage, your computer uses port 80 to firstly request the webpage, where information is sent out from your machine. Then, the same port is used to receive the incoming information in the form of the webpage, where information is sent in to your machine. This tells your web browser what text and pictures (if any) to display, what size to display them at and where exactly to display them on the webpage.

As with a door in a doorway, a port can either be 'open' or 'closed'. When a port is open, it allows information to pass through it in both directions. When a port is closed, the information can no longer travel through it, until opened again. If a port on a computer is open, this means that a malicious user could use it to gain entry to your machine. Furthermore, that user could use that port to retrieve your files from your computer or, even worse, delete files on your PC.

These are only some of the simple things that a malicious user could do to your machine via an open port. If they really wanted to, they could erase all data on your hard drive, thus losing all your information, or render your computer completely useless so that it would never start again. A large amount of damage can be done just by using an open port on a computer!

In view of this major security threat, it is advisable that you protect your computer while you are online. Not only to defend your machine from malicious users attempting to gain access to it, but also to guard it against being used to commit online crimes.

How to protect your computer while you're online

It is recommended that you install a piece of software that lets you configure how you wish the ports on your computer to communicate with other machines on the Internet. This software is known as a 'firewall', and the technology is actually quite simple as it is based on rules, where you can have an 'Allow' list and a 'Deny' list for all the websites that you ever visit.

Using a firewall is an effective way of controlling exactly what your computer does and does not do on the Internet. Most firewall software actually goes one step further than simply making sure that all of the ports (doorways) on your computer are closed. This is because it puts your machine into what is known as 'stealth mode', which means that not only are all the ports closed, but they are in fact 'hidden' from malicious users trying to find open computer ports to exploit.

To explain further, it means that although your PC is connected to the Internet and allows you to visit websites and download files like you normally would, the computer appears not to exist, as if it isn't really connected. Your machine would be completely invisible to other computers and users on the Internet. Therefore, there is no way that any malicious users could exploit the ports on your computer to try to gain entry to it because they will not even know that it is there!

Firewalls that you can use to secure your machine

There is an abundance of firewall software that is available to download and install from the Internet, whatever your operating system is. There are, of course, free firewalls that you can use, but these tend to have less security features than those which you purchase from reputable companies. Typing the word 'firewall' into any search engine (such as Google) is guaranteed to find you software that will help you to protect your computer from online threats.

However, I suggest that, if you wish to obtain such Internet security software, that you click here to go through to a secure online store for Symantec security products.

Using the built-in firewall on Windows XP

Important: Windows XP users click here to learn how to turn on your built-in firewall.

In the current security climate, where new virus variants and Internet worms are constantly being released and evolving, it is more important than ever to protect your computer from malicious intrusions.

If you fail to protect your PC, not only are you putting your own computer at risk, but also those of millions of other people who are connected to the Internet.

Without adequate protection, you risk your PC being turned into a 'zombie', which can be used to send millions of spam emails every day, or even launch attacks against commercial websites designed to take them offline.

All is not lost, however. Customers running Microsoft Windows XP (Home or Professional edition) may not know it, but there is protection built into their Operating System, in the form of the Windows XP Internet Connection Firewall (ICF).

A firewall acts like a shield around your PC, stopping unwanted connections from the Internet getting into your computer. Since the most dangerous Internet worms spread across the Internet from unprotected PC to unprotected PC, often without you knowing your computer has even been infected, a firewall is the most important piece of protection for any broadband-connected computer.

Turning on your built-in firewall on Windows XP is really easy, and Microsoft have produced an article showing how to do it here.

I recommend that all visitors who are running Windows XP follow the steps in the article linked to above, and enable your built-in firewall as soon as possible.

Protect yourselves and others before it's too late.

Back to Top - Back to Security FAQ