InfoSatellite.com / News

Basic security measures

Unfortunately, intruders are always discovering new vulnerabilities to exploit in computer software. The complexity of software makes it increasingly difficult to thoroughly test the security of computer systems. When security holes are discovered, computer vendors usually develop patches to address the problem. However, it is up to you, user, to obtain and install the patches, or correctly configure the software to operate more securely.

Most of the incident reports of computer break-ins would have been prevented if system administrators and users kept their computers up-to-date with patches and security fixes. Also, some software applications have default settings that allow other users to access your computer unless you change the settings to be more secure. Examples include chat programs that let outsiders execute commands on your computer or web browsers that could allow someone to place harmful programs on your computer that run when you click on them.

General:

• Use the latest virus definitions with your anti-virus application.
• Install a firewall software.
• Consider a hardware firewall separate from the PC.
• Download and install the latest security patches for your software and OS.
• Disable script support that you don't use or need.
• Disable services that you don't use or need (FTP, IIS, filesharing).
• Download software from recommended/certificated companies only.
• Don't run programs from unknow origin.
• Verify that an anti-virus program checks the files on the download site.
• Set the browser security to a safe level (cookie-control, Active X).
• Do not hide file extension of known file types.
• Use password protection on your operating system. Don't have any logins without a good password. Keep your passwords private and in a safe place.
• Practice good password policy: At least 8 characters, including both random letters in big/small caps and numbers.
• Don't enable form-completion or let the OS "remember" password.
• Use SSH instead of Telnet.
• Disable the administrator/root account for remote access.
• Turn off file and print sharing.
• If you're using Linux, configure the TCP wrapper through the files /etc/host.deny and /etc/hosts.allow.
• Encrypt sensitive data.
• Turn off your computer or disconnect from the network when it's not in use.
• Make regular backup of critical data, and store these in a safe place.
• Make a boot disk.
• Don't install the OS in the default directory.
• Use a boot partition only for booting and for system files, while putting data and applications on a separate partition. It's also a good idea separating applications from data.
• Trust no one.
• Don't compile viruses :)

E-mail:

• Install the security patches for your e-mail client.
• Require a prompt before opening e-mail attachments.
• Never open attachments with double file extension (i.e. Report.txt.vbs).
• Enable e-mail scan in your anti-virus application.
• Delete chain emails and junk email.
• Disable scripts.
• Remove VBS file extension from the Registered File Types.
• Exercise extreme caution with file attachment.

Intruder detection checklist:

• Examine logfiles for unusual connections and activity.
• Check for suspicious files.
• Check for odd user accounts and groups.
• Check for unauthorized applications during the startup.
• Check if your system binaries changed.
• Check for unauthorized shares.
• Check your schedule agent for unauthorized jobs.
• Check for odd processes.
• Check for changed permissions on files or registry keys.
• Check for alteration in user or computer policy.
• Be aware of suspicious activity on your system.

"; while ($row = mysql_fetch_array($sql_result)) { $news_id = $row["news_id"]; $title = $row["title"]; $url = $row["url"]; echo "
• $title
"; } echo "

"; //Close connection mysql_close($link); ?>