In the last 3 weeks we have received more calls per day than we receive in a normal month from people who have pop-ups claiming they are infected or who actually clicked on the pop-up and became infected.

Hacker and @#^&*%$ heads are using news events to spread these fake alerts and infecting computers.

The wild fire stories, the Obama speech in schools, Ted (I can kill and get away with it) Kennedys death, all have sprouted a flurry of fake security warnings, infected e-mail (Phishing attacks), and fake web sites.

Without creating a 3 hour seminar, here are the basics…

1. Quit searching the internet for “fantastic” stories. Within hours of Michael Jackson’s death 212 new web sites that were infected with crap-ware popped up proposing to be Michael Jackson sites. There were also dozens of different emails with links to or pictures of his death, all which were fake.

2. Stop using My Space and Face Book! I know this is going to get me flamed and maybe even a note from one of these “businesses” but they are @$@#$ (I really do dislike using so many language referenced but this is ridiculous). Why are you telling strangers when and where you are going on vacation? To make it easier to rob you? Why are you telling the world about your 4 year old grandchild’s ability to ride his bike down the street? So the local pedophiles know where to pick him up for a little “play time”? Do you just like complaining about the cost of getting crap-ware and infections off your computer?

3. Just stop thinking the world owes you free anything. Free music, programs, data, cheese… in this age of ever expanding socialism in America, you must remember, nothing comes without a price. Limewire is a perfect example of what happens. Hackers get into or create all this “free” content management, take over your computer, infect your computer and more. That is how terrorist in Iran got plans to the presidential helicopter. Turn on the radio or go to your local radio stations web site, go to the local video store or Netflix to get a movie.

4. Stop forwarding junk emails. “Verified by Snopes” – what a crock. Almost daily I “reply all” to the sender of this type of stupidity and give actual links to Snopes and other  sources showing the hype and falsity of their fantasy. Just because you don’t like the current US President does not mean you can hope hatred or that he is not a US citizen will remove him from office. The Democratic Party may be the dumocrats to many but they certainly would not make that mistake, just quit forwarding the email.

If you received it in all capitals or with large colorful letters, underlines bolded et al please for the love of Jesus (I know the one who sent it to you told them Jesus asked them to forward it – He didn’t, I double-checked in person this morning) stop forwarding this junk.

5. Read what you are installing or updating and NEVER accept the defaults. People consistently ask me how they acquired 4, 5, 6 or more toolbars. Yes, you need the Adobe and JAVA updates but please pay attention, you should take the extra 30 seconds of your life and read each screen before selecting “Next”.

Now that I have offended most of you, what can you do if you have already been infected?

1. Update and run your PAID FOR, quality, properly configured anti-virus program (Kaspersky http://www.kaspersky.com and ESET http://www.eset.com).

2. Install, update, configure and run a real copy of Malware Bytes http://www.malwarebytes.org/ and Spybot Search and Destroy http://www.safer-networking.org

The above are excellent programs and many malicious people have created fake sites leading to crap-ware, USE the links I have provided.

There are numerous other good to excellent programs that can be used to clean up an infection, just be sure of the program and then the source where you are getting the program from.

There are several other security basics home users should have and many great hardware and software tools for Micro and Small businesses to use. Just search this site for the many articles on security your computers and network.

Until I cool off, have a virus free week!

Back in July I started on how to secure you computer (Basic Security Tips) and I have been working on Intermediate and Advanced tips ever since then, today I wanted to release a quick checklist.

Securing Your Computers, Network and Servers

Things to do:

1. Turn on Windows Critical Updates – Schedule Auto Update.
2. Install and configure for automatic update (hourly) a current anti-virus program (less than 1 years old).
3. Install a Hardware firewall (router) and update it (quarterly).
4. Install a new Software firewall (XP’s, Zone Alarm, Kerio) and update it (weekly).
5. Configure you e-mail client (Outlook, Eudora, Pegasus) for security.

Configure your browser (Internet Explorer, Opera, Netscape) for security.

6. Install a Pop up blocker.
7. Install and configure a Spam filter.
8. Install update and run a current Anti-Trojan program.
9. Constantly run a Cookie watching program.
10. Install update and run a current anti-spyware tool or two.
11. Properly secure your wireless network or hire someone to do it for you.
12. Install HOST file.

Things NOT to do:

1. Don’t pirate software, music or anything – Software, Music and Video swap sites.
2. Don’t let your kids (grandkids) steal/pirate.
3. Don’t use any file sharing or peer-to-peer internet networks.
4. Do not open “strange” e-mails (My Naked Wife, Anna Kournikova, The IRS wants you, The FBI noticed you). They are infections looking to happen.
5. Never respond to a pop up ad, not even the warnings
6. Never respond to an unsolicited email (SPAM) not to remove or win $2 million.
7. Don’t browse adult or questionable sites – drive by downloads are commonplace in those types of sites.
8. Don’t install a “toolbar” unless you:
1. Know what a tool bar is.
2. Know exactly who made the toolbar.
3. Know what you are going to use the toolbar for.

If you want to be an extremist about security and flaw, buy an Apple computer or laptop and do not use any Microsoft products on it.

Another option is to use Linux as your operating system and once again not use any Microsoft products.

Instead of Microsoft Office use 602 Pro, Easy Office, Open Office or Corel WordPerfect Office.

Instead of using Outlook Express for your e-mail or Outlook for your personal information manager and e-mail, you can use one provided in the above suites, or integrated with Mozilla browser or Opera browser. You can even use Eudora or Pegasus e-mail client programs. Don’t forget about web based programs like Yahoo, Hotmail or the one provided by your internet service provider.

When connecting to the internet don’t use Internet Explorer, some good alternatives I have used are Opera and Firefox there are several others out there also.

Below are some definitions of security terms that you might want to know.

A virus is a program, script or macro that is designed to destroy, modify or damage computer hardware and or software. Viruses are self replicating and commonly spread by e-mail messages, shareware sites (Napster, and KaZzA are the two worst), Instant messengers (chat room software) and pirated software. To reproduce a virus will copy itself on disks put into an infected computer (hard drives, zip drives and floppies). They also go into your e-mail and address book and send themselves to the names listed. Like the influenza some viruses are so complex they morph themselves as needed to continue their spreading. Viruses can hide on a hard drive, in memory or even the BIOS. The newest viruses can be attached to an e-mail that is sent to you and you do not need to even open it, just the act of retrieving your e-mail can activate it. This is why an up to date anti-virus program is so important.

Anti-virus programs are designed to protect a computer or group of computers (a network) from viruses. They are usually reactionary thus they do not prevent viruses, they just catch them before (hopefully) they infect you or your network. Anti-virus programs should always run in the background and always be running on your system.

Trojans (also known as a Trojan horse) are false programs or a program hidden in a “good” program that when activated (by running the “good” program) will open up “doors” (ports) on your computer to allow others (hackers) the ability to access your computer and view, change or add data. Trojans are usually designed to make your computer a Zombie.

Anti-Trojan programs are just that, programs that search for and remove and or prevent trojans. Anti-virus companies are adding more anti-trojan capabilities to their programs however, a separate anti-trojan program is recommended.

A Zombie is a computer that has been taken over to do the dirty work of another program or user. The Blaster worm made zombies of Windows 2000 and XP machines and had them “attack” Microsoft’s update web site. This type of attack is referred to as a Denial of Service (DoS) attack and is intended to block, crash or destroy another computer or network. There are good reason’s you don’t want to become a Zombie.

Malware (malicious software) refers to programs scripts and macros that are designed to do harm. Worms, viruses and trojans are all forms of malware.

Spyware is referred to as software that tracks computer users’ activities with or without the users’ full (or even partial) knowledge of their being tracked. Normally used by advertising agencies to target advertise to the end user, hackers are starting to use this method to steal identities and create targeting worms and viruses. Spyware is installed on a user’s machine when installing free programs such as free music sharing programs (KaZzA), visiting web pages such as adult oriented web pages (drive by downloads that you do not necessarily “voluntarily” accept) and through other downloads and browser add-ons on the Internet. If you have any of them simply delete it per the instructions provided or run a spyware removing tool.

Crapware is a program that lies to you. Normally a crapware program will present itself as a security program that may or may not work but in reality it give you false alerts, tries to convince you to buy more security programs. Most crapware could also fall under Malware.

Bloatware programs may be good but the eat so much of the computers resources that they slow the entire system or parts of the system to a crawl. They are not intentionally malicious but do cause you a pain in the wallet by requiring more RAM, a faster CPU or removing them and buying another valid program. Symantec and McAfee security programs are two examples.

A Firewall can come in two forms, hardware and software. These days you can get hardware that has the software equivalent in it. Originally hardware firewalls kept hackers out. Software firewalls kept information in. To give you an idea, the Blaster worm spread (one way) by searching the internet for certain addresses (like the address on a house) and then checking for open ports (like a burglar checking the doors and windows to see if they are open). A hardware firewall looks for this “sniffing” about and blocks it. On the other hand, if you downloaded a program that had a trojan horse the hardware firewall might miss it because:

1. You initiated the download.
2. The Trojan horse program was not active yet.

A software firewall program would detect that something was trying to access the internet from your computer and block the program and ask you if you knew what was going on. For these reason’s I highly recommend both a hardware and software firewall.

Worm’s, like viruses are malicious programs that gain access to a computer or network through a variety of methods and cause intentional harm to them. Usually a worm will spread through know holes in software programs.

Bug’s in this sense are tracking objects and usually are found in cookies.

A cookie is a small file that is placed on your computer by a web site, or more recently by e-mails, that identifies the computer and user information in a way that can be used to track or identify a person by storing passwords and usernames. In most cases cookies are put to good use, however, some sites, advertisers and hackers use them to study a person and their habits or to retrieve personal information off of a computer system.

Today the threats listed above are not stand alone and are rarely only one of the threats. The vast majority are blended, a Trojan horse that not only has Spyware but also a worm that is set to disable your firewall.

This week we are going to delve into “worms”. No, not night crawlers, that is in the outdoors section of our friendly paper. We are discussing computer worms, which are, by definition, not a virus but act much the same way. They are self replicating, usually by searching not only your email contacts list but for any reference to any email address on your computer, generally they do not cause direct damage like a virus does.

Instead worms are intended to clog up the processor’s time (the brains of your computer) and slow down network traffic (your internet connection) by reproducing so many times that they effective overload the infected systems. This is called a Denial of Service (DoS) attack or a Distributed Denial of Service (DDoS) attack. Worms usually live in active memory and not on the hard drive.

Worms use known flaws in operating systems, internet browsers and email programs to infest a computer and to send itself out of the same system. In the past you have learned how to update Microsoft products and to get a new antivirus program and update it regularly. By following these two steps you will greatly enhance your protection.

One additional piece of security you should put into place is a firewall. I will cover firewalls in more detail in a future episode so stay tuned.

I have already listed the three best ways to keep worms at bay (An updated anti-virus program, updating your software, and a firewall). If you do not use Microsoft’s products (Internet Explorer and Outlook) you still need to update them and the other software brands you use. Some optional browsers are Mozilla, Netscape and Juno. Different email programs are Pegasus and Eudora. You need to check their sites monthly for updates and patches.

If you suspect that you have a worm or want to double check your computer, you can use any of the anti-virus programs free scanning tools that are on the internet. There are rare occasions that one vendor will temporarily miss a worm or virus that another vendor will catch. More…Feel free to give the following sites a once over.

• AVG by Grisoft is located at www.grisoft.com
• F-Prot by Frisk Software is located at www.f-prot.com
• McAfee Anti-virus by Network Associates is at www.mcafee.com
• Panda AV by Panda Software can be found at www.pandasoftware.com
• RAV was created by GeCAD Software and can be found at www.ravantivirus.com
• Symantec is the manufacturer of Norton Antivirus and located at www.symantec.com
• Trend Micro owns PC-cillin located at www.trendmicro.com

These sites can take a while to scan and or download a scan utility, especially if you use a dial-up connection so have plenty of time and do not rush yourself.

In next weeks continuing saga of the internet we will study up on Trojan Horses and their effects on the Greek’s, the citizens of Troy and you, so stay tuned for the next exciting edition of The Weekly Geek.

In this week’s low carb, low sugar and high energy article we are going to go over a few ways to secure Microsoft Outlook. In the last article we went over Outlook Express and its helpful settings.

Now as a quick word, Outlook and Outlook Express are not related. The Express version is for e-mail and newsgroups while Outlook is a full blown personal information manager (PIM). Their coding is not very similar so add-on tools (like SPAM filters) are written differently and thus so are needed security measures.

First of all, to help defend against visual basic virus’s click here and look back at the Outlook Express way, it is identical. Also, refer back to this article on the three different e-mail types for the safest way to send and receive e-mails.

Now let’s move on to that fun filled world that every little boy and girl wants to visit, Outlookland!
To modify the security settings in Outlook 98, 2000 and XP start Outlook and then go to the Menu bar (the text at the top of the Outlook window) and select Tools and from the drop down menu.

Now choose Options, a new window will appear.

In that window you will want to select the Security tab listed across the top.

Now, you will need to look for the Secure content or the Security Zones section depending upon which version of Outlook you are using.

Click one time on the Zone Settings button, this will bring up a warning, simply press OK to continue.

After selecting the OK button you will have a new window appear.
You will need to select the Custom Level button at the bottom of the window to go in and make your personal choices.
Under the .NET Framework section I Disable both choices. If you use a program such as the mortgage industries Point program you will need to select Prompt for the Run components signed with Authenticode.
Under the ActiveX section I set download signed ActiveX controls to Prompt and everything else under this section to Disable.
The Downloads section is next, here I Disable File download and choose Prompt for Font download.
Scrolling down the right hand window you will come to the Miscellaneous security section. In this area I Disable all of the following areas of choice: Access data sources across domains, Allow META REFRESH, Drag and drop or copy and paste files, Installation of desktop items, Launching programs and files in an IFRAME, Navigate sub-frames across different domains, and Userdata persistence while setting Display Mixed Content, Submit nonencrypted form data to Prompt.

The final area I want to cover here is the Scripting section. On my personal machine and the one my wife uses I set everything to Disable. Under a few circumstances and on a couple of less used computers that I have the settings are all set for Prompt, which at times can be a real pain depending upon the web sites you visit.

You will need to experiment with the above suggestions. You may find that if you turn everything under these sections to Prompt your internet viewing experience is way too limited or disrupted.
Well, that’s it for this fun and exciting edition of The Weekly Geek, stay tuned next week for more tips on securing Outlook against more of the internet prowlers. Until then have a virus free week.

Over the next few weeks we are going to go over the basics of securing Microsoft Outlook Express to help reduce the chance of catching a virus, worm or other nasty thing.

In all versions of Outlook Express (OE) comes with the Preview Pane turned on. The preview pane is located in the bottom half of the screen when you open OE and it shows you part of the e-mail. Basically what happens is that OE opens the message (in full or in part) and displays it for you just as if you had double-clicked on the message to open it. Initially this was a good idea, it allowed you to quickly see the contents of a message.

The problem is that e-mails now contain code, normally HTML but not always. This is what allows fancy backgrounds, colored and fancy text and those cute little pictures of a cat waving at you. In order for those items to run code is executed (that is a fancy word for activated).

Now the problem lies in exploits no, not the adventures of Star Trek – Voyager but holes in software programs. These holes are not really intentional and are fixed through software updates of the various programs.

When OE opens part (or all) of the message for you to preview, the code is executed and a malicious program can be run, at this point several things can occur, your computer could be infected with a worm or virus, a “bot” (short for robot – this takes over your computer and makes it a zombie in the classic movie sense doing the will of the hacker) could be placed in your computer so that it could be remotely controlled any of several ways, or a “dialer” could be installed.

Dialers will call foreign numbers of illegitimate phone companies and your local phone company will charge you $3000 for last months calls to Zimbabwe and trust me, they do not take your side or care if you did not intend to make the calls and yes they know these are illegitimate phone numbers but in all honesty they don’t care, that is a discussion for another time.

To turn off the preview pane in OE go to the Menu bar (the text bar across the top of the screen with File, Edit on it) and click one time on View.

On the drop down menu that appears select the word Layout. This will bring a new screen onto your monitor. This window has two sections.

In the lower half under Preview Pane remove the check mark next to Show Preview Pane by clicking one time on it. Select OK to exit and there you have it.

Next week we will go into more on securing OE for your safety and when that is complete we will start going through other e-mail programs and how to do the same, so stay tuned in for another exciting and fun filled adventure of The Weekly Geek, until then have a Zombie less week.