 |
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
||||||
Internet
How can I protect my computer from viruses
and other threats?
A few simple precautions can help protect your computer from infection with viruses or trojans received via the internet. These tips are not exhaustive, but should go a long way to keeping you safe. Please read our page on malicious software for more detailed information.
The most common way a virus infection is received from the internet is via an email message. These may come from a completely unknown person, or, they may appear to come from someone you know. Follow these tips to keep safe.
1) Consider using another email package
The worlds most popular email package for Windows users is Outlook Express
(not surprising since it comes free with the computer). This does however
mean it is also the one package most often targeted by virus writers.
A simple form of protection is to use a different email package, since
many of the alternatives will not run virus code written to take advantage
of Outlook Express (note that Outlook is not much safer!).
The open source Mozilla project includes a free email package and news reader. You can download a copy here. There are also plenty of others that you could choose if you prefer.
2) Purchase or download virus scanner program
There are plenty to choose from, both comercial and some that are free for personal use. Most importantly, make sure that you update its virus signature files at least once per week. Better still turn on the auto update facility so that you get updates any time they are needed and you connect to the internet.
3) Change your settings
Many viruses will take advantage of some of the (rather silly) standard settings used in both Windows and Outlook Express to attempt to fool you into running an infected email attachment. Many viruses lurking in file attachments, try to conceal their true identity by the use of a double file extension e.g. "innocent_file_name.jpg.exe". This double extension takes advantage of the standard setting of Windows that causes the file extension (i.e. the bit after the ".") to be hidden if Windows recognises the type of file (like ".jpg" for a picture file in the example above).
The result is you may be fooled into thinking that the attached file is simply a picture (and hence unable to contain a virus) when in reality it is an "exe" - an executable program that could do untold damage to your computer!
So Open "My Computer" and select "Folder Options" from the "Tools" menu. Look for the "Hide file extensions of known file types" option and turn it off!
Now open Outlook Express and select "Options" from the "Tools" menu. Look at the security tab and make sure you are set to operate in "Restricted Zone".
In Outlook Express again - select "Layout Options" from the "View" menu. Turn off "Show Preview Pane". This will stop malicious (or offensive) web sites being displayed (and possibly virus code on them run) just because the site is displayed in the preview window when you select the message for deletion.
4) Don't open attachments on emails
Only ignore the above guideline if you are sure you know what is attached. Note that any of the following file extensions may contain harmful code: exe, vbs, scr, com, pif. Even Microsoft Office files with extensions like: doc, xls, and ppt can contain macro viruses.
5) Do not be lured to visit web sites advertised in unsolicited emails from unknown people or businesses.
Visiting a web site can be harmful if the creator of the site has designed it to be!
6) Keep up to date with security fixes
If your version of Windows has a "Windows Update" facility listed on the main start button menu, then use it at least once a week when you are connected to the internet. This will allow you to receive any new security fixes as they are published.
How can I avoid loosing my email address when I change ISPs?
Many people use free "pay as you go" ISP accounts. These are easy to setup and use and you only pay the cost of the telephone call to access the account. One problem than many people encounter is that when they change from one ISP to another (for any reason) is that their email address changes. As a result they need to notify all of their corespondents and friends of the new address.
Tip 1 - setting up Outlook Express for multiple email accounts
Remember that just because you are now connecting via a new ISP, the mailbox
that you used to use probably still exists. Unless you have explicitly
cancelled you previous account, then chances are it will remain in existence
for some time until it gets deleted by the ISP due to lack of use. Most
email packages have the capability to receive email from more than one
email account. So, simply by adding the details of your old account back
into the email package, can be enough to carry on receiving any emails
sent to the old address.
To keep receiving emails sent to your old address you will need a few bits of information (most of these can be found by looking at the details setup in the Accounts dialogue available from the Tools menu in Outlook Express (OE)): you need to know the name of you old ISPs POP3 server, and the user name and password used to log into this server. Once you have OE setup for you new ISP, go back to the Accounts dialogue and "Add" another account. Enter the details from your old account. Now when OE checks for new email it will look for it at the new ISP and the old one!
Tip 2 - register your own domain name
If you register your own domain name (we can do this for you, or you can register one yourself) then you can use email forwarding. Email forwarding will allow you to have a "public" email address that remains the same, while allowing you to move freely from one ISP to another. You keep the email address provided via your ISP private, and just update the email forwarding to direct any emails sent to your public address, to your private address. It is rather like having your own PO Box. You can also chose a domain name (and hence email address) that is easy for people to remember!
How can I delete email *before*
I download it?
Say for example you have received an email that has a very large attachment, and it would take too long to download, or, an email is failing to download correctly and you are receiving an error message every time you try. You may find that it is necessary to delete the problem email before your email package starts trying to download it.
The simplest way to do this is using the "web mail" facility provided by your ISP. Here you can normally inspect the email - see who it is from and delete it if required.
Alas not all ISPs offer web mail. So another way you can get round the problem:-
These instructions are for MS Windows users, but the same principle should work for any operating system (you can normaly invoke Telnet from a command shell or prompt).
You will need to know the name of your ISPs POP3 server, the name of your account and your email password. The following example uses the example server name of "pop3.myisp.net", account of "myaccount", and a password of "mypass".
First you need to establish a connection with your ISPs mail server. We can do this with a program available on most computers called "Telnet".
Note that as you enter the commands described here into Telnet, you may not see them echoed onto your screen - i.e. you will be typing "blind". Don't worry though because they will still work. If you can see the commands echoed as you type you might want to make sure there is no one looking over your shoulder when you type your email account password!. To do this click the start button, select "Run" and enter the following command:-
telnet pop3.myisp.net 110
Remember to press the return key at the end of each line you type! This should establish a connection to the mail server Now you need to log in using the USER and PASS commands:-
user myaccount
pass mypass
You are now logged in. You can get a list of the messages waiting by using the LIST command:-
list
You should see a list of message numbers and the size of each (in bytes) displayed. You can now use the TOP command to display the first part of any of the messages. E.g.:-
top 1 10
The first number after "top" indicates the message number to display (from the list), the second number indicates how much of the message to display - 10 to 20 is usually fine to see enough of the message for you to decide what you want to do with it.
Once you have identified a message that you want to delete you can issue the DELE command to remove it.
dele 1
Finally when you have deleted all the messages you want to, you can issue the QUIT command to disconnect from the mail server.
quit
Job Done!
The following is a transcript of a session as described above. The commands (shown in bold) are issued to connect to the mail server, log into the account, get a list of messages waiting, inspect the first message, and finally deleting it before exiting from the mail server.
| Example Session | Notes |
|
C:>telnet pop3.myisp.net 110 +OK POP3 server ready (pop3.myisp.net)) user myaccount <html> <head> <title>Ultimate HGH</title> <body> . |
Command to talk to the email server. See its gone! |
How can I test my internet connection
for security?
When you connect your computer to the Internet you may find it is sharing more information that you would like with the outside world. Visit Steve Gibsons site and use the free "Shields Up" test to evaluate how secure you are.
If you decide you need more protection then have a look at the free program Zone Alarm from zone labs.
Windows XP users note that there is a built in firewall application you should have enabled on your internet connection.
I have received an email
warning me about a virus, what should I do?
Ignore it! Under no circumstances forward the email to anyone else. If you want to know why then see here. Do not obey any instructions in the email - especially any that have you make changes to your computer or delete files.
You can check the details of any virus using the McAfee Virus Information Library just type a few key words into the search box.
Reducing unwanted email
(spam)
There is no total solution to this problem as yet. However there are some things you can do to reduce the amount of spam you receive.
Spam is a form of (very ineffective but cheap) bulk marketing. It only works because a spammer can send out millions of messages for next to no cost, and there are just enough suckers in the world who will respond the these messages to make it worthwhile for the spammer!
Note that marketing information that you receive from companies with whom you have done business in the past is not necessarily spam. Most legitimate business that you have ordered from in the past will have a propper privacy policy and give you the option of receiving email message or not.
The email addresses used by spammers come from many sources. Sometimes they simply invent them - addresses can be guessed at - especially if you use a well known email service provider like hotmail or yahoo.
Any time you post a message in a public place (like a message to a usenet newsgroup, or an email to a bulletin board, or a message on a web based forum) there is a chance that an automated address "harvesting" program will find the address and add it to the database of email addresses that will be abused by the spammers. One you are on these lists there is no getting off!
If you post your address on a public web page then this highly likely to get harvested. The more popular the web page - the more the likelihood of receiving spam.
1) Mangle your name
One trick worth using if you need to post a message with an email address in a public site is to "mangle" or "obfuscate" the address. Say your real email address is "fred@somedomain.com", you could change the email address shown to "fred@YourHatsomedomain.com", and then add a instruction to the end of the message saying "Please remove YourHat before replying!". This way it is obvious to human readers how they can construct a valid email address to contact you with, but not as obvious to automated programs that just scan for anything that looks like an address. Also constructing your email address in the form "fred at somedomain dot com" would also be effective.
2) Never reply to spam messages
When it says "Click here to remove" or "reply to this message to be removed...." don't do it! no matter how tempted you may be. All that replying will do is tell the spammer they have a live email address - and hence it is worth sending far more of it to the address! Note also that the headers of the email will probably be forged - so even sending an email to the abuse department of the ISP you think is hosting the spammer will probably not help.
3) Use filters
Many email packages offer filters that you can use to process some types of email automatically. You will find that a simple filter that deletes messages (or moves them to a spam folder) can get rid of a large number of such messages. Look at the subjects lines of the spam messages you receive. Chances are you can see some key words and phrases that crop up time and time again that would serve as a good filter. There are also some commercial programs that can help filter your email for you.
4) Change your Address
If you have a serious spam problem, you might be wise to change your email address. It can be very useful if you purchase your own domain name. Owning your own domain is very cheap, and you have much greater control over your public email address.
You can for example create temporary addresses to use for "one off" applications. You can also block addresses which are receiving large quantities of spam and also reject any addresses that are not actually in use at your domain.
For more information on the causes of spam see this article.
Copyright © 2024 Internode Ltd– All Rights Reserved