Saturday, October 31, 2009

Protecting your home in the electronic age (which started about 20 years ago)

Protecting your home in the electronic age

Methods to protect your home from electronic threats. Remember, deciding to connect your computer to the internet without knowing the technologies you are connecting to is like putting your kids on a bus to Vegas with 20$ in their pocket and telling them to 'have fun' and you'll see them later.

Problems

Pornography

Web searches – Finding pornography on the web is as easy as finding anything else on the web.
IRC/WEB chat – Pornography is not only pictures and video, it can be chat and text as well. Chat is the other side of pornography that is downplayed. Explicit chats can be every bit as damaging as traditional pornography.
Email accounts – You don't have to search for pornography, it can come addressed to you. These nefarious emails can also contain harmful computer 'mal-ware'

Phishing. - Emails designed to look like legitimate bank or commerce web sites that are nothing of the sort. Typically asking you to verify your password and bank account/credit card number.
  • RULE OF THUMB – Never EVER use a link from email to get to a web address unless you are certain that it originates from the site in question.
  • Use email-clients that offer robust email filtering. Microsoft, Yahoo, and Google all offer their own email scanning that will automatically put suspect emails in a junk folder.

Adware. - Usually but not always installed as an option during the installation of 'Free' software. This is the payment. Adware will usually record and re-direct web searches in favor of the company supporting the free software. It will also look at your websearches and based on what you are looking for redirect you to similar affiliates. Eventually you could get pornographic or inappropriate ads.

Malware - Similar to Adware, but it drops all pretense of being helpful. It is installed in the background of other software or is present in web popup ads and is usually much more difficult to get rid of. Many times free antivirus software will actually be Malware. It will block web searches for anything but what it wants to show you. In some cases a lot of pornographic sites.

Viruses – Not nearly as prevalent as they used to be, viruses are still contracted by the usual means. Email attachments, ringtones and piracy.

P2P – Used to share files of any kind P2P programs can be used for pornographic media, but is mostly used for music sharing

Hacking – People can and do find ways to get themselves into your home computer system. Once there they can install programs that will give them access to your information. It doesn't happen often, but it does happen. If you have an open wireless connection to your web, it happens a lot more.

Solutions

Understand that none of these solutions constitute a panacea. There is no one foolproof way to be protected against the internet except by never visiting. As I go through the solutions I will connect each solution to what it fixes of the above problems.

Do not use a firewall, use a router. - Routers are inexpensive and allow for multiple computers to access your internet connection. It also automatically provides a layer of hardware protection to your home electronics. Even if you only have 1 computer at home, put a router between you and the internet. This solution can solve most of the hacking problems as well as alleviate the need of installing software firewalls. The ONLY reason to have software firewalls is if you are using a traveling laptop computer on the road. Then It is necessary.

Change your DNS server – All ISP's come with their own DNS server. There is a service called www.opendns.com. This service is free and continuing to grow. It gets its money from regular business customers. You can set your internet DNS settings (usually in your router, but other wise in your connection settings) to point to their DNS servers instead of the default customer servers provided by other commercial ISPs. Once you have started using them, you can dictate the level of filtering all of the connections plugged into your router will use. You can decide categories to filter as well as specific websites. OpenDNS is constantly upgrading the list of classifications with the help of it's users.
  • You can choose the level of protection you want:
  • High, moderate, low, minimal and none.
  • Custom allows you to control by category what is ok to come in.
  • You also can ALWAYS or NEVER block certain websites that come across your radar.
  • VERY effective and much cheaper (free) than machine based filtering.
  • This service can protect you from MOST bad content getting into your house and will block Phishing websites as well as P2P and
Pay software used to block internet access
  • These include software like cybersitter, net nanny etc.
  • They offer more options like keystroke logging as well as visitation logs. On top of dirty word filters and website filtration. Perfect for the spying parent.
  • Also can block legitimate websites because of overly aggressive filtering. Will cause trouble with VPN and sometimes blocks software updates because words in the updates will inadvertently spell 'bad' words.
Free key logging software
So you think you've got all your bases covered? There are no more clever people on the planet than your kids. Just because they know what is right and wrong doesn't mean they don't need many reminders during the course of their young lives.

  • kgb free keylogger. I don't use it, but I would if I wanted to. It will log all information typed on a machine.
  • Keylogging software eats away at your hard drive space and causes a lot of fragmenting.
If you don't want to bother with any of this you can always edit your hosts file.
  • It is found in your windows\system32\drivers\etc path. You can edit it to replace a bad website with a good one. All your web browsers will go there first before going to the DNS for directions.
  • Ex: the line under the localhost line type: 159.153.236.12 www.BADWEBSITE.com then type in www.badwebsite.com in your browser and you will be redirected to pogo. A free web gaming site.
  • This is fine and well, but OPENDNS basically does this for you and will give you so much more.
Get a facebook account – If you have allowed your kids to get a facebook account. Then you get one too. And make a requirement of your kids having a facebook account that you are their friend. You can monitor who their friends are and find out interesting information about their day to day activities that they probably never tall you.

Other free software options:
Suggestions:
for both security points (Router, and OPENDNS account) I suggest a 2 key password system. When you add a password to your router, you and your spouse should share ½ of the password so it will take both of you to change router settings. This should go for your OPENDNS login id as well. This way changes are always mutual.

This is a lot of information to digest. I agree. It took me some time to research and figure out a lot of these things. The problem is this. The web is always changing and so you must keep up with that information. All of the methods described on these pages are good but by no means foolproof. If your little darlings are particularly computer savvy then you will be faced with the nuclear option. No web access without direct parental supervision. Or just get off the grid all together.

Special Wireless Rules:
For router security, WEP is ok, WEP + MAC address is better, MAC + WPA2 is best. When you have wireless connectivity in your home, it is against the law for you to leave it unprotected. Choose a method and protect yourself. The methods available are contained in your router and vary widely.
Glossary
MAC – Media access control address. These are fingerprints for computers. Each computer has a distinct one.
P2P – Peer to Peer software designed to allow easy file downloading and sharing of copyrighted software. A large source of files of all kinds. These include programs like Limewire, emule Bit-torrent as well as others. These are not evil networks in general, but the tools allow unfettered trading of any and all software.
WEP – Wired Equivalent Privacy. Standard for securing wireless connections established in 1997.
DNS – Domain Name Server – The dictionary of the internet that translates www.Google.com into 208.67.219.231 and vice versa.