Here's another article I wrote for my paper. Again, the focus was for non-power users and it was submitted to Navy publications, hence the lack of specific product references.

----------------------------------------------------------------

(Note: This article focuses on personal computer safety and security at home and work. A mention of a specific product, service or company name does not constitute U. S. Navy endorsement. They are provided as starting points for readers, who must make up their own minds about how much security they need and whether particular offerings will suit them.)

Computer security is something many people have heard about but may not understand. It involves many different aspects of computers and networking. The media throw out words like viruses, worms, hackers, and spyware nearly everyday. The intent of this article is to inform you about various dangers for computers and ways to protect yourself, both at home and work.

First, some definitions:
· Virus-A computer program that replicates on computer systems by incorporating itself into shared programs and has a “payload.” A virus can be relatively benign, (causing a message to appear on the screen), to very damaging, (deleting files from your hard drive).
· Worm-A virus that spreads via a network but doesn’t cause direct damage; it’s sole purpose is to spread through networks. The most famous one may be the original “Internet Worm” of 1987, which shut down hundreds of computers nationwide and took several days to completely clean out.
· Trojan-A “virus” that appears to be something it’s not (think of the virus emails that claim to be sent by a friend). They are different from true viruses in that they don’t replicate. Much of the malicious software on the Internet are received this way.
· Hacker-Originally hackers were people who learned everything they could about and were skilled at writing tight, concise code. Nowadays the word hacker usually refers to breaking into computers and similar equipment. The overwhelming majority of hackers who are honest professionals do not appreciate this use of the term. Malicious hackers are also called “crackers.”
· Script Kiddie- Slang for people who find tools on the Internet and use those tools to attack systems. Considered by many to not be true hackers since they don’t “do it themselves.”
· Spyware- Software that gathers information about a user as he or she navigates around the Web, it is intended to track surfing habits in order to build marketing profiles. Usually included as part of free software downloaded from the Internet.
· Firewall-A hardware or software solution designed to protect a network or single computer by limiting access into and out of a system. Firewalls are widely used to provide users secure access to the Internet as well as to separate a company's public Web server from its internal network, or one internal network from another.
· Zombie-A computer system that has been covertly taken over in order to transmit phony messages that slow down service and disrupt the network.
· Denial of Service (DOS)-An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. A distributed denial of service (DDOS) attack uses multiple computers throughout the network that it has previously infected. The computers act as "zombies" and work together to send out bogus messages.

What’s the biggest threat to computer systems? Well, it depends on what concerns you. Hackers are generally interested in large computer networks or web servers, but home computers are a target by many script kiddies to create a zombie. These zombies can be used to create a DDOS or send out spam emails. Viruses and worms can overload networks by eating up memory or creating excessive emails. Spyware and viruses can also steal private information like passwords, Social Security numbers, or credit card numbers or they can corrupt data on a hard drive.

There are many different ways to protect yourself. Firewalls can be used to prevent hackers from “snooping” your computer, i.e. sending queries to computers to obtain information about their services and level of security. Firewalls can also prevent spyware from sending your information back to a home server. Firewalls can either be hardware built into network equipment or software installed on individual computers; common software firewalls for home users include Zonelabs ZoneAlarm or BlackICE Defender. Microsoft Windows XP has a built-in firewall, but it isn’t setup by default. Also, it only stops attacks through common ports; it doesn’t block outgoing data (such as from spyware) and some applications won’t be able to access the Internet when it’s active. Many web sites offer programs, most free, to tell you how secure your system is, from telling you how well your firewall works to alerting you to little known Windows holes.

Antivirus (AV) software can range from simple (scanning your files and alerting you to a virus) to complete (automatic hard drive scanning and cleaning, checking incoming and outgoing email, and looking for spyware). Popular AV software includes Symantec Norton Antivirus, McAfee Virus Scan, and Panda Software Antivirus. Most AV companies have a web-based program that can scan your computer via the Internet if you suspect a virus but don’t own AV software. Also, most AV software has a boot disc that can clean out infections that prevent you from booting up your computer.

Safe Internet surfing is one big way to protect yourself. Just use common sense.
· Always check your email and downloaded files for viruses. Use a firewall. Don’t open unexpected email attachments. Don’t use an email preview pane; just viewing them in preview mode can activate some viruses.
· Use a web-based email account. Accounts such as Yahoo or Hotmail have automatic AV scanners whenever you download attachments and, being web-based, many viruses can’t run on your computer.
· Only download software from trusted sites.
· Don’t visit “warez” sites (sites with illegal software, songs, or movies).

Microsoft has so many security breaches announced by the media because they have 90% of the personal computer market. This dominance of the computer industry leads to MS being the largest target for hackers and virus writers. If you use MS products, ensure you have the latest updates, especially critical security patches. Most versions of Windows let you automatically update your operating system for critical updates or you can manually perform updates if you use MS Internet Explorer.

Alternatively, you can use non-MS products. Many alternative operating systems and programs, such as Mac OS X and Linux, are available that have enhanced security features or provide updates and patches more frequently than Microsoft. Unfortunately, some may require you to retrain yourself, or at least learn which items have been changed. Such is the price for security.

However, depending on which solution you choose, the learning curve shouldn’t be much worse than learning the Windows-based products. If you must use Windows software, Windows emulation software is available and allows you to use many Windows-based programs or even the MS Windows OS in a more secure environment.

Hopefully, you have learned a little bit more about what threats exist and how you can protect yourself. Don’t become paranoid about surfing the web, but hesitate before opening the latest email joke; your computer may be the punchline.

__________________
Common Sense v2.0-Striving to make the world a little bit smarter.