10 Dumb Things Users Do That Can Mess Up Their Computers
(Part 3)
By Debra Littlejohn Shinder, MCSE, MVP
Part 1
Part 2
7. Click on everything
Opening attachments isn’t the only type of mouse click that can get you in trouble. Clicking on hyperlinks in e-mail messages or on Web pages can take you to Web sites that have embedded ActiveX controls or scripts that can perform all sorts of malicious activities, from wiping your hard disk to installing a backdoor program on your computer that a hacker can use to get in and take control of it.
Clicking the wrong link can also take you to inappropriate Web sites that feature pornography, pirated music or software, or other content that can get you in trouble if you’re using a computer on the job or even get you in trouble with the law.
Don’t give in to “click mania.” Think before you click a link. Links can also be disguised in “phishing” messages or on Web sites to appear to take you to a different site from the ones they really point to. For example, the link might say www.safesite.com, but it actually takes you to www.gotcha.com. You can often find out the real URL by hovering over the link without clicking it.
8. Share and share alike
Your mother taught you that it’s nice to share, but when you’re on a network, sharing can expose you to dangers. If you have file and printer sharing enabled, others can remotely connect to your computer and access your data. Even if you haven’t created any shared folders, by default Windows systems have hidden “administrative” shares for the root of each drive. A savvy hacker may be able to use these shares to get in. One way to prevent that is to turn off file and printer sharing--if you don’t need to make any of the files on your computer accessible across the network. This is especially a good idea if you’re connecting your laptop to a public wireless hotspot. You can find instructions on how to do so at http://www.pcmag.com/article2/0,1895,1277222,00.asp.
If you do need to make shared folders accessible, it’s important that they be protected by both share-level permissions and file-level (NTFS) permissions. Also ensure that your account and the local administrative account have strong passwords.
9. Pick the wrong passwords
That brings us to another common mistake that can expose you to attacks: picking the wrong password. Even if you don’t belong to a network where the administrator forces you to select strong passwords and change them regularly, you should do so. Don’t pick passwords that are easy to guess, such as your birthdate, loved one’s name, social security number, etc. Longer passwords are harder to crack, so make your password at least eight characters long; 14 is even better. Popular password-cracking methods use "dictionary" attacks, so don’t use words that are in the dictionary. Passwords should contain a combination of alpha, numeric, and symbol characters for best security.
A long string of nonsense characters may create a password that’s tough to crack, but if you can’t remember it, you’ll defeat the purpose by writing it down (where an intruder may be able to find it). Instead, create a phrase you can remember easily and use the first letters of each word, along with logical numbers and symbols. For example: “My cat ate a mouse on the 5th day of June” becomes “Mc8amot5doJ.”
10. Ignore the need for a backup and recovery plan
Even if you follow all these suggestions, an attacker may crash your system or your data may be corrupted or get wiped out by a hardware problem. That’s why it’s essential that you always back up your important information and have a plan for recovering from a system failure.
Most computer users know they should back up, but many never get around to it. Or they make an initial backup but don’t update it regularly. Use the built-in Windows backup program (Ntbackup.exe in Windows NT, 2000, and XP) or a third-party backup program and schedule backups to occur automatically. Store backed up data on a network server or removable drive in a location away from the computer itself, in case of a natural disaster like flood, fire, or tornado.
Remember that the data is the most important thing on your computer. The operating system can be reinstalled and so can applications, but it may be difficult or impossible to recreate your original data. (See "10 ways to protect your data" for additional suggestions.)
Nonetheless, you can save time and frustration by backing up your system information too. You can create mirror images of your disks using popular “ghost” or “clone” programs. This will allow you to restore the system quickly instead of going through the tedious installation process.
By Debra Littlejohn Shinder, MCSE, MVP
Part 1
Part 2
7. Click on everything
Opening attachments isn’t the only type of mouse click that can get you in trouble. Clicking on hyperlinks in e-mail messages or on Web pages can take you to Web sites that have embedded ActiveX controls or scripts that can perform all sorts of malicious activities, from wiping your hard disk to installing a backdoor program on your computer that a hacker can use to get in and take control of it.
Clicking the wrong link can also take you to inappropriate Web sites that feature pornography, pirated music or software, or other content that can get you in trouble if you’re using a computer on the job or even get you in trouble with the law.
Don’t give in to “click mania.” Think before you click a link. Links can also be disguised in “phishing” messages or on Web sites to appear to take you to a different site from the ones they really point to. For example, the link might say www.safesite.com, but it actually takes you to www.gotcha.com. You can often find out the real URL by hovering over the link without clicking it.
8. Share and share alike
Your mother taught you that it’s nice to share, but when you’re on a network, sharing can expose you to dangers. If you have file and printer sharing enabled, others can remotely connect to your computer and access your data. Even if you haven’t created any shared folders, by default Windows systems have hidden “administrative” shares for the root of each drive. A savvy hacker may be able to use these shares to get in. One way to prevent that is to turn off file and printer sharing--if you don’t need to make any of the files on your computer accessible across the network. This is especially a good idea if you’re connecting your laptop to a public wireless hotspot. You can find instructions on how to do so at http://www.pcmag.com/article2/0,1895,1277222,00.asp.
If you do need to make shared folders accessible, it’s important that they be protected by both share-level permissions and file-level (NTFS) permissions. Also ensure that your account and the local administrative account have strong passwords.
9. Pick the wrong passwords
That brings us to another common mistake that can expose you to attacks: picking the wrong password. Even if you don’t belong to a network where the administrator forces you to select strong passwords and change them regularly, you should do so. Don’t pick passwords that are easy to guess, such as your birthdate, loved one’s name, social security number, etc. Longer passwords are harder to crack, so make your password at least eight characters long; 14 is even better. Popular password-cracking methods use "dictionary" attacks, so don’t use words that are in the dictionary. Passwords should contain a combination of alpha, numeric, and symbol characters for best security.
A long string of nonsense characters may create a password that’s tough to crack, but if you can’t remember it, you’ll defeat the purpose by writing it down (where an intruder may be able to find it). Instead, create a phrase you can remember easily and use the first letters of each word, along with logical numbers and symbols. For example: “My cat ate a mouse on the 5th day of June” becomes “Mc8amot5doJ.”
10. Ignore the need for a backup and recovery plan
Even if you follow all these suggestions, an attacker may crash your system or your data may be corrupted or get wiped out by a hardware problem. That’s why it’s essential that you always back up your important information and have a plan for recovering from a system failure.
Most computer users know they should back up, but many never get around to it. Or they make an initial backup but don’t update it regularly. Use the built-in Windows backup program (Ntbackup.exe in Windows NT, 2000, and XP) or a third-party backup program and schedule backups to occur automatically. Store backed up data on a network server or removable drive in a location away from the computer itself, in case of a natural disaster like flood, fire, or tornado.
Remember that the data is the most important thing on your computer. The operating system can be reinstalled and so can applications, but it may be difficult or impossible to recreate your original data. (See "10 ways to protect your data" for additional suggestions.)
Nonetheless, you can save time and frustration by backing up your system information too. You can create mirror images of your disks using popular “ghost” or “clone” programs. This will allow you to restore the system quickly instead of going through the tedious installation process.
---------
Copyright ©2006 CNET Networks, Inc. All rights reserved.
For more downloads and a free TechRepublic membership, please visit TechRepublic.
Copyright ©2006 CNET Networks, Inc. All rights reserved.
For more downloads and a free TechRepublic membership, please visit TechRepublic.
"How Far We've Come"
Artist: Matchbox Twenty
Album: Exile on Mainstream (2007)
Artist: Matchbox Twenty
Album: Exile on Mainstream (2007)
No comments:
Post a Comment