Security
As you use your computer to connect to other computers, either by logging into the MAF server to collect your email or to browse the Internet, you become vulnerable for attacks from the outside. You can protect yourself by taking some simple measures. Attacks can come from different directions. Let's have a look at them.
Viruses
MAF recommends the use of anti-virus software on all Internet-connected and email retrieving computers. Be sure to keep your anti-virus software up-to-date. Many anti-virus packages support automatic updates of virus definitions. We recommend the use of these automatic updates when available.
A good product is AVG Antivirus software that can be downloaded free for personal use at the following link:
http://www.grisoft.com/doc/289/lng/us/tpl/tpl01
Firewall
We strongly recommend the use of some type of firewall product, such as a network appliance or a personal firewall software package. Intruders are constantly scanning home user systems for known vulnerabilities. Network firewalls (whether software or hardware-based) can provide some degree of protection against these attacks. However, no firewall can detect or stop all attacks, so it’s not sufficient to install a firewall and then ignore all other security measures.
Windows XP SP2 has a standard firewall installed which you can use. Another good solution is the free ZoneAlarm firewall:
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
Don't open unknown email attachments
Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs.
If you must open an attachment before you can verify the source, we suggest the following procedure:
- Be sure your virus definitions are up-to-date
- save the file to your hard disk
- scan the file using your antivirus software
- open the file
For additional protection, you can disconnect your computer's network connection before opening the file.
Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.
Don't run programs of unknown origin
Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing -- they might contain a Trojan horse program.
Anti-Spyware and Anti-Adware Tools
Whenever you have your (unprotected) computer connected to the Internet you can be sure that within half an hour your computer will be infected with spyware or adware. These little programmes install themselves on your computer to track your Internet surf behaviour so that people can send you ads, or they look at the passwords you type in and that way steal the passwords to your secure log on websites like your online bank.
Spyware and adware is not the same as viruses, and your anti-virus computer will not protect you. You need specific software to fight these attackers. As these threats are relatively new, no single anti-spyware or anti-adware software package will do the job. You need to install more than one and run them regularly.
The next two links give you access to free anti-spyware packages:
Ad-Aware: http://www.lavasoft.com/software/adaware
Spybot: http://www.safer-networking.org
Not for free but tested as very good is Spyware Doctor from PCTools :
http://www.pctools.com/spyware-doctor
Securing your web browser
Today, web browsers such as Internet Explorer, Mozilla Firefox, and Safari (to name a few), are installed on almost all computers. Because web browsers are used so frequently, it is vital to configure them securely. Often, the web browser that comes with an operating system is not set up in a secure default configuration. Not securing your web browser can lead quickly to a variety of computer problems caused by anything from spyware being installed without your knowledge to intruders taking control of your computer.
Please follow this link for detailed instructions on how to configure your web browser:
http://www.cert.org/tech_tips/securing_browser/
More advise
A lot of the advise above has been copied or summarised from the excellent advise given by CERT. CERT is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. They study Internet security vulnerabilities, research long-term changes in networked systems, and develop information and training to help you improve security.
Please follow this link for more indepth advise: