Other Security Matters.

This page will present a format similar to the Myths page. Basically a FAQ regarding other security issues not related to viruses and other malware. Full details are available in a handbook I can provide that goes well beyond what a Web page provides, which tends to seem more like a five(5) second news bite. (Updated 3-Jan-98)

DISCLAIMER: This information is provided 'As Is'. Because it is impossible to address every possible situation, what follows is meant as a general guide only! Please seek professional help if you do not understand any of the following information OR if you have any questions not resolved here!!

INDEX

*If you have a question that is not covered here or in Q & A / Myths leave me Feedback to have it included. Also, a in the first column indicates new or updated items in the past 30 days.**
	Q1.	If you do nothing else, What can you do to protect your data?
	Q2.	How Often should you back up your data?
	Q3.	How do you consider how Critical your data is?
	Q4.	Is your system at HIGH RISK for data loss?
	Q5.	What are Incremental and Master Backups?
	Q6.	How often should you change your password?
	Q7.	What is SPAM and how can you prevent it?
	Q8.	I want to prevent users from dropping to DOS from programs that allow it. How do I prevent it?
	Q9.	I have a PC that several people use. What can I do to prevent them from constantly changing the setup, etc.?
	Q10.	What are the best Security setting for my Web Browser? I keep getting security warnings!
	Q11.	What are Cookies? I hear they can be harmful!
*	Q12.	Is it Safe to enable Java and other Internet Plug-Ins on my browser?
	Q13.

Q1. If you do nothing else, what can you do to protect your data?

A. Make backups of all key files and programs. Ensure you have the original programs that came with your computer. To put it simply, backup, backup, and backup!! (index)

Q2. How often should you back up your data?

A. It depends upon how critical your data is. I basically break it down into three(3) categories which follow with some very basic guidelines. Especially if you fall into the first category, you need to seek some competent help and/or advice! The bottom line is how much are you willing to lose in time and money to reconstruct what you could lose.(index)

Q3. How do you consider how critical your data is?

A. I put data criticality in three categories. These are based upon a 'common sense' approach. Unfortunately, to many people overlook or are unwilling to enforce this common sense until it's to late! Some major factors that must be considered that will affect the following include the type of media you use for backups, the OS, and how much time you are willing to devote. The following represent a reasonable compromise of time, money and resources in most situations. They are for:

1. Mission Critical/Indespensible/Irreplacable Data - This is exactly as it implies. This is data, particularly in a business; homebased or large corporation; that if lost would literally destroy you. You literally can't live without it. A daily incremental backup and a weekly master backup will usually suffice. This scheme allows the loss of no more than one day's worth of new or updated information/data.

2. Critical/Important/Replaceable Data - This is information that can be reconstructed at what you would consider an acceptable cost of money, manpower, and time insomuch that it won't adversley affect your operations. Note the keyword acceptable! This data can usually be reasonably protected using weekly incremental backups and monthly master backups. This scheme allows the loss of no more than one week's worth of new or updated information/data. Altenatively, if weekly incrementals seem to long, try twice a week with a master every two weeks.

3. Non-Essential Data - This is easily replaceable data and/or programs that you can live without if need be. It may be an annoyance to restore the system but the effort will be minimal. A yearly master and a monthly incremental will normally suffice. This scheme allows the loss of no more than one month's week's worth of new or updated information/data. (index)

Q4. Is your system at a HIGH RISK for data loss?

A. The following items will generally put your system(s) at a high risk to computer viruses and/or other malware depending upon your circumstances. This list is not all inclusive and is based upon personal experience.

Not practicing Safe Hex. Namely, not checking new files and/or programs prior to using them on your system no matter what the source.
Using 'pirated' programs! That is using illegal/pirated copies of programs which you did not lawfully pay for. Persons in this situation are a virus writers dream! They will happily provide you with an illicit copy of a high $$$ program that they have embedded with a virus or trojan to trash your system. Since you don't have the legit original, you have no way of knowing! Their typical message is to say 'you got what you deserved'.
Putting employees in key positions without having a proper check done on them. Electronic/Computer vandals typically have a recorded background to this type behavior BUT most employers ignore this because the same person can operate/save their system after the loss of a key employee.
For networked systems, not setting access priviliges correctly! A whole book could be written on this subject alone. Basically, not thinking about who should actually be allowed access to what. For non-networked systems this also applies to a lessor degree. e.g. Are certain key files protected by either software access privildeges and/or passwords or a combination? If not, you are pretty wide open to any attack.
Related to the previous two items, who has total access to everything? Many things need to be looked at! Would you literally trust your life and livelihood in their hands?!?!
There are many others but the above should give you the general gest of things.

(index)

Q5. What are Incremental and Master Backups?
A. First of all, Master backups are the ones that actually take the most time. These are complete, 100% backups of everything on the system. Most people unfortunately think this is the only way to backup a system! They do take time and are the reason most people DO NOT do any backups. However, people are not aware of what is called an incremental backup. That is, backing up only those new or changed files. Virtually all backup software allows this option. These obviously take very little time compared to a master and in the end are worth their weight in gold when properly done.

IF you had to restore a completely wiped system, you simply start at the last master then apply the incremental/updatted info backups in order and they update all the changed info and you are then back to where you were as of the last incremental! Minimal effort in time and effort and not like most people portray. (index)

Q6. How often should you change your password?
A. If it's 6 letters in length or less, immediately. If you believe it may be attacked, possibly monthly, even if it's 8 characters long. See the Password Security page for more detailed info. (index)

Q7. What is SPAM and how can you prevent it?
A. SPAM is that annoying unsolicited mail you receive. A ton being a result of extracting addresses from newsgroups. This is simply done by running programs against the newsgroups and extracting addresses from those that have replied or sent messages. Well you can combat it. Here's a simply technique that you can use depending upon your news reader software and news server since the two work together.
The scheme goes basically like this. Change your reply address setting to something guaranteed to bounce SPAM directed to you. e.g. I'm normally wdirks@sirinet.net. I could change this to wdirks*@*sirinet.net or wdirks@NO_SPAM_HEREsirinet.net. You get the idea. Now the important part if you do this!. You need to modify your Signature you use in your news groups. Make the first line stand out and say what's appropriate. e.g. Remove NO_SPAM_HERE above to send a Reply.
Doing this sends a secondary message. It lets others see how to defeat SPAM. Also, talk with your ISP/News Server Provider. You might even convince them to automagically implement this for all outgoing mail. (index) (30-Mar-97)

Q8. I want to prevent users from dropping to DOS from programs that allow it. How do I prevent it? ?
A. The easiest way is use a menu program of sorts that launches all the apps you are worried about. Launch each app you are concerned about with a .Bat. In the .Bat, immediately prior to actually invoking the application program, set COMSPEC to something invalid. Likewise, in the same .Bat, immediately after the line invoking the application, set COMSPEC back to what it should be so things like housekeeping tasks will work correctly. (index) (4-Apr-97)

Q9. I have a PC that several people use. What can I do to prevent them from constantly changing the setup, etc.?
A. If someone is truely aimed at getting in, there's nothing you can do. However, you can make it a lot harder.

A. First, enable a CMOS/BIOS password regarding changes to CMOS. While it's easily circumvented, it's a start. It'll prevent others from changing the CMOS for awhike. Related to this, in CMOS, change your boot sequence from A: to C: to C: to A:. This will prevent using the floppy as a boot source unless the hard drive crashed which is desired anyway since you'll boot a hair faster *).

B. Next if using Dos 6.0+ put the following switches at the very beginning of your Config.Sys... /n /f . This will effectively disable F6 and F8. Along with this, as the very last line of your Config.Sys add a shell=c:\command.com /p nul and add the line ctty con as the last line in your Autoexec.Bat file. This prevents anyone from bypassing the autoexec.bat. CAUTION/NOTE: Before making these changes, make sure you have a bootable floppy handy in case you make a mistake.

C. Depending upon your situation, you will either want to move to a floppy, rename, or delete the following files as a minimum:

format

fdisk

debug

D. For the truely brave, hack Command.Com. Rename del and erase. I won't explain how to do it here but it'll prevent del *.* or del anything for that matter working from the command prompt.

(index) (4-Apr-97)

Q10.What are the best Security setting for my Web Browser? I keep getting security warnings!

A. It depends upon your situation. It can best be presented in two scenarios and why/what you should set your security settings at. This is only an example and you will need to adjust things to your particular situation.

Scenario 1:

You visit the web to transact business such as ordering items from vendors. In the process you are requested for items like your credit card number, social security number (SSN), or other personal information, etc.

If this is the situation, set/enable all security settings for the visits. If after doing so you are warned that the transaction will not be secure, don't do it!!! This is because a truley secure server/transaction will have been enabled and if not, hence the warning.

You will also be given several hints if it will be a secure transaction. The first being that you are told you will be connecting to a secure server. Also, if it's a web page you are accessing and it goes https: instead of http:, it means a secure web server connection. Mail and FTP along with some other services are also addressed this way

Scenario 2:

You visit the web simply to browse and almost never give away any information you wish to keep private.

Simply turn off/disable all your security settings or set them at a medium level if you visit search engines in particular.

The rational behind this is simple. You won't be annoyed by alerts that aren't relavent. If the only information you are making public is information you don't consider private, them why set the security. However, you may at times connect to servers that are operating secure nevertheless. In this case, reenable the settings for the session, then turn them back off. One concern here is what's called Cookies. That explanation follows.

(index) (14-Apr-97)

Q11.What are Cookies? I hear they can be harmful!

A. Cookies are simply information you have provided to a web site from information YOU provide. Contrary to popular belief, they can not pull information from your system. Some common uses include counters, keeping track of items ordered while online, the last time you visited a site, personalized web pages, and in some cases act as bookmarks to a site. Bottom line is that HTTP (Web) Cookies contain only information that you all ready voluntarily provided to a particular site and nothing more. They're simply being used as a sort of book keeping to make visits to the site easier. (index) (14-Apr-97)

Q12.Is it Safe to enable Java and other Internet Plug-Ins on my browser?
A.This is somewhat touchy subject in some circles. Yet a few common sense rules apply here. Regarding plugin's other than Java, providing the plugin does NOT handle, execute, or automatically launch any incoming executable files, OK. Those files that should never be allowed to execute are any incoming .exe, .com, .sys, .bat and similar files to include any MS Word or Excel documents. These files should always be checked first be running.
Regarding Java I personally go along these lines. If Java is being run on a non-Dos or Windows based system, go for it. This includes OS/2, Linux/Unix based systems and the sort. If on a Windows system using Netscape, you should leave Java off. If using Internet Explorer, you are pretty safe leaving it on but I would keep it off to be safe. This is because of the potential problems under the Windows environment in general. Some Win based browser versions have had exploitable holes that could be used against you to lose data. (index) (3-Jan-98)

Q13. ?
A. (index) ( - -97)

To Bill Dirks

Back to Bill's Home Page

Back to Sirinet Home Page