Internet & Computer Security 101

For Windows-based computer labs

Presenter: Rebecca Shuler

July 28, 2006

Internet & Computer Security 101

Security is a real problem, and not just for home users. Billions of dollars are spent by people every year on computer security programs and the aftermath of security threats.
Dont believe it cant happen to you.

Internet & Computer Security 101

What I hope you get by the end:

Increased awareness of free security programs Increased ability to use these programs Increased confidence in your abilities to maintain a computer lab without the need for pricey programs or Geek Squad

Internet & Computer Security 101

First things first Why should I care about computer security?

Time is money, and those are two very limited things for a non-profit. Your entire system might have to be taken offline. Each computer would have to be scanned, possibly multiple times. In a worst case scenario, every computer in your building might have to be reloaded from scratch. It could take hours. It could take days. But you lose productivity in any case.

Internet & Computer Security 101

Why do computers get viruses and spyware?

Windows Updates not done Virus definitions not updated Opening e-mail attachments haphazardly Clicking free offers on pop-up windows Peer-to-peer file sharing Computer not scanned regularly for viruses or spyware Lack of firewall

Internet & Computer Security 101

START WITH THE BASICS!

Otherwise known as the foundation for a secure computer.

Internet & Computer Security 101

THE BASICS

Number One:

WINDOWS UPDATES
(Repeat this ad nauseam)

Internet & Computer Security 101

THE BASICS

Number One: Windows Updates

Windows XP is a computer program created by humans. Humans make mistakes. In terms of XP, these little mistakes are called vulnerabilities. Vulnerabilities occur when a piece of the code that makes up XP can be altered by an outside program, such as a virus, in a way that makes XP do bad things.
Microsoft can discover these vulnerabilities through testing or, unfortunately, when a large number of computers get affected by a virus. To solve the problem, patches are released that fix the hole in the code so it cant be affected anymore. These patches are called updates, and Microsoft lets you know if any are available with the shield or globe icon, which is located in the system tray. In many cases, these updates are downloaded and installed without your knowledge.

How to configure Windows Update:

Internet & Computer Security 101

1. Move the mouse over Start, then Control Panel and click it. 2. If your Control Panel looks like the picture on the left, click on Switch to Classic View located on the left panel. Double-click on Automatic Updates

3. If you see the green dot next to Turn off Automatic Updates you are going to want to change that. For the sake of easiness, you can just click the circle next to Automatic (recommended) and it will do all the work for you. You can choose when to download and install them by clicking on the drop-down button (arrow button) and choosing how often and what time of day. You can also have the updates automatically download but not install until you choose, or have Microsoft notify you when updates are available and download and install them yourself. Click the OK button to make changes.

10

Internet & Computer Security 101

THE BASICS

Number One: Windows Updates

The Last Word: Service Pack 2
Service Pack 2 is a combination of Service Pack 1 plus every update up until Service Pack 2 was created. It also contains enhanced security features like a pop-up blocker, better support for wireless networking, and an enhanced embedded firewall. Do you need Service Pack 2? The short answer is no, but you had better make sure you check for updates every day (manually install them), have a working firewall, and DONT USE INTERNET EXPLORER. Its just a lot easier to use the service pack than to work around it. If youre concerned that some of your programs may not work after you install it, check their websites for compatibility information.

11

Internet & Computer Security 101

THE BASICS

Number Two:

1: Windows Updates

FIREWALL

12

Internet & Computer Security 101

THE BASICS

Number Two: Firewall

So what is a firewall? Think of a firewall as a very protective bouncer and your computer as the club. The bouncer controls what comes into the club, but he also controls who leaves as well. You create a list of programs, IP addresses, etc., that are allowed access to your computer. If something isnt on the list, the firewall will block whatever is requesting access. Depending on the program, the firewall will notify 1: Windows Updates you of what is trying to gain access, and you can either permit it or deny it. If you have Service Pack 2 installed, chances are you have a firewall installed without knowing it. Windows Firewall is good for basics, but doesnt allow the user to configure many variables. So what can you use other than Windows Firewall? Try out Zone Labs Zone Alarm. But first, a little bit of info on Windows Firewall.

How to configure Windows Firewall:

Internet & Computer Security 101

1. Move the mouse over Start, then Control Panel and click it. 2. If your Control Panel looks like the picture on the left, click on Switch to Classic View located on the left panel. Double-click on Windows Firewall.

3. If you have no firewall at all, you should probably turn this on by clicking the circle next to On (recommended), even if you plan on putting a different firewall program on the computer. You can always turn Windows Firewall off when the new program is installed. Unlike anti-spyware and anti-virus programs, having too many firewalls is not generally a good thing, because the settings tend to conflict and then you cant get online at all. If you have a hardware firewall, which looks like a router, you dont need to have Windows Firewall on.

13

How to configure Windows Firewall:

4. Click the Exceptions tab. If you have the firewall turned on, you can use this section to specify programs that are allowed through it. Click Add Program to, well, add a program. You can also add a port, a virtual location where data is exchanged, by clicking the Add Port button. Ports are sometimes program specific, and if a port is blocked the data cant get through. Dont worry about this unless youve added a program to the list and it still cant communicate over the internet. By clicking the Edit button, you can change which ports a program is already set up to use. Unless you know what youre doing, dont feel the urge to mess with the port settings. You probably wont need to anyway, and Windows Firewall isnt the most user friendly when it comes to telling you what things are. Moving along, certain programs can be deleted from the exception list easily by clicking the Delete button, which will be grayed out if you cant delete a program. Finally, if you want Windows Firewall to tell you when a program has been blocked, click the checkbox next to Display a notification

Internet & Computer Security 101

14

How to configure Windows Firewall:

5. Click on the Advanced tab. There are a bunch of fun things to mess around with, and they call it advanced for reason. You can change network connection settings, which will allow or disallow services like FTP or HTTP to work. You can change the settings of your security log, which can be used for troubleshooting. You can also change the settings of the Internet Control Message Protocol, which allows computers on a network to share information about errors and status. Lastly, by clicking Restore Defaults, you can get Windows Firewall back to the way it was initially.

Internet & Computer Security 101

15

16

Internet & Computer Security 101

THE BASICS

Number Two: Firewall

Windows Firewall is nice, mostly because it is built in, but unless you know what youre doing, its somewhat difficult to configure. If you dont have a hardware firewall, you may want to find a different software firewall, one thats a little more user-friendly. Lucky for us there is Zone Alarm, a free firewall program that is both powerful and user-friendly. And it is much less problematic than the firewall programs that come with Symantec or McAfee products. Plus, it will tell you when the program needs updating.

1: Windows Updates

Zone Alarm by Zone Labs

Website: http://www.zonelabs.com

17

18

Internet & Computer Security 101

THE BASICS

Number Three:

1: Windows Updates 2: Firewall

ANTI-VIRUS

19

Internet & Computer Security 101

THE BASICS

Number Three: Anti-Virus

Telling you that you need an anti-virus program running on your computer is like telling a surgeon that he needs to wash his hands before entering the operating room: its common sense. As long as humanity has a twisted sense of humor, there will be some teenager in Sweden trying to get a Windows-based operating system to do unexpected things, steal your credit card information, shut down the Internet for a few hours, or whatever it takes to get some kicks. Bottom line: you need an antivirus program running whenever you turn on your computer, not just when you connect to the internet. If you dont, you probably have no business owning a computer. And if you have one but dont get the virus definition updates, youre just as bad. The same is true for a computer lab.

1: Windows Updates 2: Firewall

20

Internet & Computer Security 101

THE BASICS

Number Three: Anti-Virus How to Avoid Viruses

1. Install at least one anti-virus program. 2. Update the virus definitions regularly. 3. Use real time protection (program runs in the background.) 4. Schedule scans at least once a month. 5. Keep up with Windows updates.
1: Windows Updates 6. Dont open e-mail attachments from senders you dont know. 2: Firewall

7. Manually scan e-mail for viruses if your program doesnt do so automatically. 8. Use a firewall. 9. Avoid using peer-to-peer file sharing programs like Kazaa. 10. Avoid clicking on free offer pop-up windows. 11. Avoid websites that offer illegal product keys for otherwise expensive programs, like Windows XP or Adobe Photoshop.

21

Internet & Computer Security 101

THE BASICS

Number Three: Anti-Virus

When it comes to choosing a program, there are a LOT of options out there, some from companies you havent heard of, and some big names like Symantec and McAfee. The problem with big names is big prices and annual subscription fees to the tune of $30 per year per computer. There are alternatives, namely free ones. While they dont do quite as good a job as the big ones, they do outperform some non-free programs, and offer the cost-conscious an alternative. Three more popular choices are Avast Home Edition by Alwil Software, AVG Anti-Virus by Grisoft, and AntiVir Personal Edition Classic by Avira.

1: Windows Updates 2: Firewall

Avast! 4 Home Edition by Alwil Software

Website: http://www.avast.com/eng/avast_4_home.html Feaures: Standard Shield Real time file protection IM shield Instant Messenger protection P2P shield P2P protection Internet Mail E-mail protection Outlook/Exchange Microsoft Outlook/Exchange protection Web Shield HTTP protection (localtransparent proxy) Script blocker script checker Network Shield basic protection against well-known network worms. Acts as a lightweight Intrusion Detection System Audible alarms vocal warnings such as "Caution, a virus has been detected!"
Scan removable media Scan local drives

Treasure Chest

Scan Define test areas Update virus database Resident scanner sensitivity

PC WORLD SCORE: 77/100 GOOD

http://www.pcworld.com/reviews/article/0,aid,124475,00.asp#

22

AVG Anti-Virus 7.1 Free Edition

Website: http://free.grisoft.com/doc/2/lng/us/tpl/v5

Feaures: AVG Resident Shield Real time file protection Internet Mail E-mail protection Scheduler Update Manager Shell Extension - Scan objects through Windows explorer

PC WORLD SCORE: 73/100 GOOD

http://www.pcworld.com/reviews/article/0,aid,124475,00.asp#

23

AntiVir Personal Edition Classic 7 by Avira

Website: http://www.free-av.com/

Feaures: Real-time File Protection Internet Mail E-mail protection Scheduler Update Manager

PC WORLD SCORE: 78/100 GOOD

http://www.pcworld.com/reviews/article/0,aid,124475,00.asp#

24

25

Internet & Computer Security 101

THE BASICS

Number Three: Anti-Virus

The Last Word: Why Paying is Good
The biggest problem free programs have is that there is no technical support most people are willing to use. If you dont mind forums, you can usually find answers to your problems, but many just arent willing to put the effort scouring a website. Plus, it is a LOT easier to manage keeping the virus definitions up to date with a server that handles updating all the computers connected to it. If cost 1: Windows Updates is a very big issue, consider getting your software from 2: Firewall www.techsoup.org. The folks there have managed to get VERY GOOD rates on Symantec programs. For example, a 50-license copy of Norton AntiVirus Corporate Edition 10.0 costs only $130 (thats $2.60/license), and the corporate edition doesnt require one to pay for updates year after year. Plus, you do get much better technical support, even if you pay $30/call. And if youre set on using Symantec, DONT use the non-enterprise software. Trust me on that one.

26

Internet & Computer Security 101

THE BASICS

Number Four:

1: Windows Updates 2: Firewall 3: Anti-Virus

ANTISPYWARE

27

Internet & Computer Security 101

THE BASICS

Number Four: Anti-Spyware

Do you like having your homepage changed without your permission? Do you like porn pop-ups? Do you enjoy having your CPU maxed out at 100% for five minutes? If you answered Yes! to any of those questions, you too dont deserve to have a computer. Spyware is everywhere, in surprising places. Not all spyware is bad. Some just tracks where you go on the internet. Most is not good. Lab computers 1: Windows Updates are especially vulnerable, especially when subjected to new computer users. Younger children are horrible perpetrators of 2: Firewall 3: Anti-Virus unintended spyware installation, but you can cut them a break because they really think they can get a Playstation 2 for free. Regardless, spyware is a problem than can cripple even the most powerful computers if no action is taken to remove the infection.

28

Internet & Computer Security 101

THE BASICS

Number Four: Anti-Spyware How to Avoid Spyware

Many of the same rules for avoiding viruses apply for avoiding spyware, but here are some additional things. 1. Install at least one anti-spyware program.

2. Update the program on a regular basis.

3. Scan for spyware once a week.
1: Windows Updates 4. When installing a free program, read carefully. Some free 2: Firewall programs require you to install spyware in order to use them. 3: Anti-Virus

5. Avoid AOL.

6. Install some sort of pop-up blocker (included with Service Pack 2). 7. Dont believe the pop-up offers. You will not get a free computer, or video game, or whatever they are offering without suffering.

29

Internet & Computer Security 101

THE BASICS

Number Four: Anti-Spyware

There are many options available for free anti-spyware programs. Like free anti-virus programs, they dont offer live technical support. But unlike the anti-virus programs, they offer just as many features and better protection. The problem is that they are a dime a dozen, really. And ironically, if you arent careful that program you think is helping you is actually spyware itself.
1: Windows Updates 2: Firewall Probably the best trio of free anti-spyware programs consists 3: Anti-Virus

of Spybot Search & Destroy, Ad-Aware, and Microsoft Defender (formerly Anti-Spyware Beta 1). And yes, you will want to install them all. Unlike anti-virus programs, its OK to have more than one anti-spyware program running on your computer.

Spybot Search & Destroy 1.4

Website: http://www.safer-networking.org/en/index.html

A free program that offers real-time setting protection, browser tweaking, HOSTS file locking, advanced blocking, and much more.
30

Ad-Aware SE Personal by Lavasoft

Website: http://www.lavasoft.de

A free program with an easy-to-use interface.

31

Windows Defender Beta 2 by Microsoft

Website: http://www.microsoft.com/downloads/details.aspx?FamilyID=435bfce7-da2b-4a6a-afa4-f7f14e605a0d&displaylang=en

A free anti-spyware program that offers real-time protection and integrates seamlessly into Windows XP. You must have a validated copy of XP to use this program (through Windows Genuine Advantage).

32

33

Internet & Computer Security 101

THE BASICS

Number Five:

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware

CONFIGURE WINDOWS

34

Internet & Computer Security 101

THE BASICS

Number Five: Configure Windows

No long-winded explanation needed here. In our final bit on the basics, well talk about two components of Windows that are relatively simple to configure but do a decent job for safety and 1: Windows Updates security: user accounts and content advisor.
2: Firewall 3: Anti-Virus 4: Anti-Spyware

35

Internet & Computer Security 101

THE BASICS

Number Five: Configure Windows User Account Rules

1. NEVER EVER make the administrator account, which is default, the main account. Always make at least one different account with administrative rights. 2. Password protect administrator accounts, even the default one, but WRITE EVERYTHING DOWN, especially if you put one on the default account. Only by logging in as the default administrator can you delete passwords without having to know them.

1: Windows Updates 3. If children are going to be using the computers, create an account for 2: Firewall them with limited rights. 3: Anti-Virus 4. Turn off fast user switching and make people log on using 4: Anti-Spyware CTL+ALT+DEL. 5. If you expect to have many different accounts, it is best to let that be handled by a server, and you will be able to specify more advanced rights options.

How to configure User Accounts:

Internet & Computer Security 101

1. Move the mouse over Start, then Control Panel and click it. 2. If your Control Panel looks like the picture on the left, click on Switch to Classic View located on the left panel. Double-click on User Accounts.

3. If you have no firewall at all, you should probably turn this on by clicking the circle next to On (recommended), even if you plan on putting a different firewall program on the computer. You can always turn Windows Firewall off when the new program is installed. Unlike anti-spyware and anti-virus programs, having too many firewalls is not generally a good thing, because the settings tend to conflict and then you cant get online at all. If you have a hardware firewall, which looks like a router, you dont need to have Windows Firewall on.

36

37

Internet & Computer Security 101

THE BASICS

Number Five: Configure Windows Content Advisor

There are a number of web browsers available for use today. Avoiding the ones that come from ISPs (and are S-L-O-O-O-W), there are five popular choices, with Internet Explorer, by proxy of being included with Windows, being the most popular. Now Internet Explorer is known to have a number of vulnerabilities, which have to be patched through Windows Update. Because of this, someone might tell you to use an alternative, such as Mozilla or Firefox, both of which arent as popular 1: Windows Updates but are thought to be more secure. They are certainly options, but in a 2: Firewall lab-type setting you want to keep what is familiar to most users. The 3: Anti-Virus other browser alternatives certainly have advantages and more features, 4: Anti-Spyware but some have a learning curve. Assuming you arent planning on putting a different browser on your lab computers, you can use a tool in Internet Explorer to restrict access to websites and content you dont want children to see by configuring Content Advisor, which is essentially a free nanny program.

How to configure Content Advisor:

Internet & Computer Security 101

1. Open Internet Explorer. In the main menu, click on the word Tools, and then click on the words Internet Options in the drop-down menu.

2. Click on the Content tab.

3. Click the Enable button.

38

How to configure Content Advisor:

Internet & Computer Security 101

4. The first tab youre on will be Ratings. This is where you set the level of restrictions for websites. There are four categories: language, nudity, sex, and violence. To change the restriction level for each category, you have to click on the word and it will be highlighted. Below the categories is a slider. By moving the slider to the left or right, you set the restriction level from 0 to 4, with 0 being the MOST restrictive and 4 being the LEAST restrictive. When you move the slider, it will tell you what level you are on and give you a short description of what a person is allowed to see. Remember, on Level 0, a person will be able to see pretty much nothing, and on Level 4 a person will be able to see pretty much everything.

39

How to configure Content Advisor:

Internet & Computer Security 101

5. Click on the Approved Sites tab. Here you have the ability to type in websites that a person is always allowed to see or never allowed to see. To do this, type an address in the box under Allow this Web site: and the Always or Never button will become available. To always allow the site, click Always and to never allow the site, click Never. When you do so, the site will appear in the box under List of approved and disapproved Web sites: with a green checkmark (approved) or a red dash (disapproved). To remove a site from the list, click on it and then click the Remove button.

40

How to configure Content Advisor:

6. Click on the General tab. There are a number of things you can do on this page. You can allow users to see sites that have no ratings (it is up to each site as to whether or not they want to supply a rating) by clicking the checkbox next to User can see By default, you can allow someone to see restricted content if an administrator types in a password, but if you dont want that that happen, uncheck Supervisor can type by clicking the checkbox. Click Create Password to create a supervisor password. You will be asked to type it twice, and you can create a password hint. You will not be able to use Content Advisor without a password. The last two options are a bit defunct, but you do have the ability to use other rating systems that have the file extension .rat if you dont like the current one. Dont click the Find Rating Systems button as it doesnt actually help you find a different one. If you search Google and find one that is compatible with Content Advisor, save it somewhere on the computer and click Rating Systems to pick and choose the system you want to use.

Internet & Computer Security 101

41

42

Internet & Computer Security 101

THE BASICS

Number Five: Configure Windows

The Last Word: Foolproof? Umm No!
Part of the problem with these tools for configuring Windows is that they can be a bit more hassle than you want, and they dont exactly do what you expect them to. Creating limited accounts doesnt restrict a users ability to harm a computer as much as you hope. And Content Advisor is at times more restrictive than you want it to be. For example, depending on how low you set the level, you might not be able to see sites that have recipes on them if they call for chicken breasts, and you can probably guess why. Some sites, such as Disney, get blocked because 1: Windows Updates they dont have a rating system, or at least not one that Content Advisor 2: Firewall knows. Lastly, forget surfing the internet if you forgot the password and 3: Anti-Virus had all the levels set to zero. The only way to reset a forgotten password 4: Anti-Spyware in Content Advisor is to edit the registry files, and thats not something you can do as a limited user (so dont forget the administrator password either). It can not be said enough, but DONT LOSE PASSWORDS. Windows passwords are not something that can be e-mailed to you, and are not recovered easily (doing a repair install on Windows XP is not what most people call easy) or cheaply.

43

Internet & Computer Security 101

THE BASICS

The basics are covered. Now is time for.

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows

The NotSo-Basics

44

Internet & Computer Security 101

THE NOT-SO-BASICS Before we start counting again, perhaps a definition is in order. What are the not-sobasics? These are things that anyone can do, with a little practice, but may not know about unless some research was involved. But when it comes to running a computer lab, they are things that should be known, since you cant always count on having someone else doing the computer work for you. Some of these have a steeper learning curve than others.

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows

45

Internet & Computer Security 101

THE NOT-SO-BASICS

Number Six:

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows

HOSTS FILE & PROXY AUTO CONFIG

46

Internet & Computer Security 101

THE NOT-SO-BASICS

Number Six: HOSTS File & PAC

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows

These are the kind of things Average Joe most likely wouldnt know about unless they had a virus or were searching the internet for a cheap way to block porn sites. Most people probably wouldnt mess with them, but knowing about them and the role they play when connecting to the internet is actually quite important.

47

Internet & Computer Security 101

THE NOT-SO-BASICS

Number Six: HOSTS File & PAC The HOSTS File

Ahhh.. Theres no place like 127.0.0.1! And if you got that joke, then you know what the HOSTS file is, dont you? If you dont get it, lets start with what the HOSTS file is and why it is important. The file is a simple text file that isnt in an obvious place, and for good reason too. As simple as it is, it plays a very big role in your ability to connect to the internet. Why? Well, the HOSTS file is used by Windows to determine the IP address of 1: Windows Updates the website you type in. It looks at the file first. If the website 2: Firewall you type is in the list, it will direct to the IP address in the list. If 3: Anti-Virus it isnt there, it then uses your ISPs domain name server. 4: Anti-Spyware 5: Configure Windows Generally, there are no IP addresses in the HOSTS file, except for 127.0.0.1, which loops back to your computer, otherwise known as home. If you tell a website to direct itself to your computer it wont find it. Confused? Lets take a look at the file.

How to use the HOSTS file:

Before you begin, you will need to be able to view hidden folders and files. To do this, go to My Computer, then Tools, Folder Options and click the View tab. Click the circle next to Show hidden files and folders if the green dot isnt already there, and click the checkbox next to Hide extensions for known file types so there is no green check in the box. Then click the Apply button.

Internet & Computer Security 101

1. Open My Computer, then doubleclick on your hard drive (C:). Open the Windows folder, then the system32 folder, then the drivers folder, then the etc folder, then open the hosts file.

2. Your computer might not know what program to open the file with. If it doesnt a new window will open with a list of programs to choose from. WordPad is the easiest choice. Click the OK button to continue.
48

How to use the HOSTS file:

Internet & Computer Security 101

If youve never tweaked the HOSTS file before, then you wont see much of a list. Some programs, like SpyBot, actually have a list of bad websites that can be written to the file. If you tried to go to a website in this list, you will get the This page can not be displayed error because the file is looping those websites back to your computer. Remember, when type an address to go to, your computer checks here first before anything else. People who write viruses know this, and some will add good sites to the list, like Symatec or McAfee, so you would be unable to access the site to download updates or check on how to remove it. It is wise to use a program, like SpyBot, to lock the file so that new entries cant be added unless you specifically put them there.

49

50

Internet & Computer Security 101

THE NOT-SO-BASICS

Number Six: HOSTS File & PAC Proxy Auto Configuration (PAC)
Technical jargon, right? Lets skip the long winded description. What you need to know about PAC is that it is a file that can be used to block access to websites. It is similar to the HOSTS file in how it blocks access, but the big difference is rather than using the actual website it looks for keywords in the address itself. In a way, this is easier than using the HOSTS file, since 1: Windows Updates you dont actually have to know the address to block it. The flip 2: Firewall side? Configuring a PAC is a little more work, probably a little 3: Anti-Virus too much work for the novice computer user. However, with a 4: Anti-Spyware good HOSTS file and using a PAC (as well as using the content 5: Configure Windows advisor), you can effectively block access to most porn sites as well as sites that can infect your computer with spyware and viruses.

How to set up Proxy Auto Configuration (PAC):

(Portions taken from www.erichelps.com)
1. The PAC file should be named "proxy" with no file extension and it should be in the same folder as your "hosts" file. Why? This puts it in a folder normally reserved for system files (which is good, because this is a system file), the lack of a file extension makes it look like all the other files there (so it won't attract attention), and the lack of a file extension makes it difficult for kids to open. You can cut & paste or copy and paste the file to the same folder where the HOSTS file is located. The folder we are discussing is located here: XP C:\Windows\system32\drivers\etc\ 2000 C:\WINNT\system32\drivers\etc\ 98/ME C:\Windows\

Internet & Computer Security 101

51

How to set up Proxy Auto Configuration (PAC):

(Portions taken from www.erichelps.com)

Internet & Computer Security 101

2. As it stands, the file is good to go. However, if you want to tweak it, open the file in WordPad.

3. There is a lot of information here, but its easiest to just skip to the important parts. Using Find search for the words pass list. Here you can enter sites that will always be allowed.

When you want to add a site to the list, its important to follow the format. The best thing to do is copy a line and paste it below the bottom one in the group, then change the part of the site listed in quotation marks.

52

How to set up Proxy Auto Configuration (PAC):

(Portions taken from www.erichelps.com)

Internet & Computer Security 101

4. Now, using the Find command, type the phrase blocked wordlist a and hit the enter key.

5. Directly above that is all the a words on the blocked list. Scroll down and you will see a rather large list of words commonly linked to explicit material, in alphabetical order. Just a warning: some of these words are pretty bad. Save and close the file when you are done.

If you want to add more keywords to the list, just follow the form. Its easiest to just copy a line, paste it, and change the keyword in quotes. Asterisks need to be included.

53

How to set up Proxy Auto Configuration (PAC):

(Portions taken from www.erichelps.com)

Internet & Computer Security 101

6. In the Internet Explorer menu, select "Tools", then "Internet Options", then go to the "Connections" tab. Click the "Settings..." or "LAN Settings..." button depending on whether you have broadband or a dialup connection. 7. Check the "Use automatic configuration script" box and enter the location of your PAC file. You must use the "file://" protocol when specifying your file location. When you get done, you should have something like this:

XP file://C:/Windows/system32/drivers/etc/proxy 2000 file://C:/WINNT/system32/drivers/etc/proxy 98/ME file://C:/Windows/proxy Click the OK box when you are done.
54

How to set up Proxy Auto Configuration (PAC):

(Portions taken from www.erichelps.com)

Internet & Computer Security 101

8. In the Internet Explorer menu, select "Tools", then "Internet Options", then open the "Security" tab. Select the "Local intranet" icon, then hit the "Sites" button. Remove the check from the "Include all sites that bypass the proxy server" box. 9. Next run IE-auto-proxy-cache.reg (which is included on the take-away disc) to disable proxy caching. If you dont do this, you wont be able to look at any website. You will need to do this for every account on the computer.

10. Empty your browsers cache. Select "Tools, then "Internet Options. On the "General" tab in the "Temporary Internet files" section, click the "Delete files..." button.

55

56

57

Internet & Computer Security 101

THE NOT-SO-BASICS

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC

VIRUS REMOVAL EDITION

58

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

DONT PANIC!!!!!
Despite your best efforts, you get a virus. It happens. But it doesnt mean you have to call Symantec, pay Geek Squad to come over, or replace your computer. Yes, there really are people who get new computers when they get a virus. But you dont have to be one of them. All you need is some patience, know a few little tricks, and your computer will be as good as new in relatively little time, and with all your files intact too (we hope). Of course, no one would blame you if you just wanted to start from 1: Windows Updates scratch. Depending on the severity of the infection and the speed of 2: Firewall your system, it could take a very long time to clean it. If the computer doesnt have a lot of important files, you may want to reload it. If its a 3: Anti-Virus very important computer or you have no way to reload it (lost a disc, 4: Anti-Spyware 5: Configure Windows product key, etc.) then it would be worth the time remove the virus. The point is, whether or not you decide to try and remove a virus, you can 6: HOSTS & PAC do all these things by yourself, including reloading your computer.

59

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Seven:

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC

SYSTEM RESTORE

60

Internet & Computer Security 101

THE NOT-SO-BASICS

Number Seven: System Restore

Some might think that System Restore is a new feature to Windows XP, but it was actually introduced in Windows ME (Millennium Edition). It is a useful tool, and generally considered the first thing to try if a computer stops functioning properly (as in crashes, freezes, randomly restarts). It works by taking a snapshot, of sorts, of your computer at particular times, like right before you install updates, and storing them. These snapshots are called restore points. When you run System Restore, you are given the option of choosing which restore point you want, and XP will revert itself to how it was at that 1: Windows Updates restore point. You dont lose documents or things like that, but you do lose any programs that were installed after the point, including 2: Firewall Windows updates. Hopefully, you can regain some lost functionality 3: Anti-Virus after the restore is complete. The problem with System Restore and 4: Anti-Spyware viruses is that they are more intelligent than ever, and doing a 5: Configure Windows System Restore doesnt really get rid of them. A virus can recover 6: HOSTS & PAC itself since the file that contained it originally doesnt get deleted. You could run Restore after Restore and still keep reinfecting yourself, which is why they recommend turning it off before attempting virus removal.

How to turn off System Restore:

Internet & Computer Security 101

There are a number of ways to get to the location to turn this off. The easiest ways are to: a) Hold down the Windows key on your keyboard, and press the Pause/Break key ORb) Right-click on My Computer and click on the word Properties 1. The System Properties window should be open. Click on the System Restore tab. 2. To turn off System Restore, click the checkbox next to Turn off System Restore. Click the Apply button. You will get a warning message telling you that you will lose all restore points if you continue. Click OK. Depending on how many restore points you have, it may take a while. The status box at the bottom of the window will change from Monitoring to Turned Off.

61

How to use System Restore:

Internet & Computer Security 101

1. Start the System Restore Wizard. This can be done one of two ways. You can find it by going to Start, All Programs, Accessories, System Tools, System Restore. If System Restore isnt in your System Tools menu, then the other way to get there is by going to Start, Help and Support, and typing system restore in the box next to Search and hit the enter key.

62

How to use System Restore:

Now click Run the System Restore Wizard

Internet & Computer Security 101

63

How to use System Restore:

2. On the first screen of the Wizard, you are given the option to restore your computer to an earlier time or create a restore point. If you want to create a new point, just click the circle next to Create a restore point and click next, then follow the instructions. By default, Restore my computer is the first choice. Click the Next button to continue.

Internet & Computer Security 101

3. You will now see a calendar and a list box. To select a restore point, first pick a bold date on the calendar. On the list box, you will see all the restore points made for that day. Select the one you want in the list box by clicking on it, and then clicking the Next button.
64

How to use System Restore:

3. You will then be asked to confirm the restore point, which is in red. You will want to save anything youre working on before you continue, as well as close any open programs. When you are ready to proceed click Next > and the restore process will begin. Depending on how far back of a date you chose, the process may take a couple minutes or upwards of 20 or 30 minutes (the speed of your computer also plays a role in how fast the restore happens). Your computer will restart itself to complete the restore. If you dont like the changes made, you can reverse the restore process by accessing the wizard and clicking on Undo my last restoration.

Internet & Computer Security 101

65

66

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Eight:

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore

SAFE MODE

67

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Eight: Safe Mode

Safe Mode has been around a while. Maybe youve heard of it, but dont know how to get into it. Its probably the only time where youll actually hear someone tell you to button-mash the keyboard. So what is it? Safe Mode is a special operating mode of Windows that is used when it is having problems running normally. It runs only the bare minimums required to make Windows work. You will not have sound, your screen will not look as pretty, and unless you specify otherwise, you will not be able to connect to the Internet. This is one of 1: Windows Updates the first things you should try to use if your computer wont boot 2: Firewall properly, and is absolutely essential to use when removing particularly evil spyware and viruses. It is best to use safe mode in the 3: Anti-Virus administrator account, which has total access to all aspects of 4: Anti-Spyware 5: Configure Windows Windows. And you can only access the hidden Administrator account in Safe Mode. 6: HOSTS & PAC 7: System Restore You can also run System Restore in Safe Mode if you are unable to start your computer normally.

68

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Eight: Safe Mode

How to enter Safe Mode
1. Turn on your computer, or restart it if it is already on. 2. BEFORE you see the Windows logo, press the F8 key on your keyboard. You can press it as soon as the computers power is on, or as soon as it resets itself (hence the button-mashing). If your computer beeps at you for pressing the key too many times, just ignore it and keep pressing anyway. 3. If you did step 2 correctly, you will be taken to a textbased menu, asking you how you want Windows to boot. Use the up and down keys on the keyboard to choose the option you want. In most cases, just choose Safe Mode but if you need network connectivity (dont expect wireless to work), then click Safe Mode with Networking. If you didnt see the text menu and went right into Windows, youll just need to restart the computer and try again.

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore

69

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Nine:

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode

WINDOWS REGISTRY

70

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Nine: Windows Registry

A note of caution: carelessly playing around with the Windows Registry can cause you to have to reload your operating system. With that said, it is important to know what it is, how you get there, and what it means in terms of virus removal. The Windows Registry is a database which stores settings and options for the operating system for Microsoft Windows 32-bit versions, 64-bit versions and Windows Mobile. It contains information and settings for 1: Windows Updates all the hardware, software, users, and preferences of the PC. Whenever a user makes changes to "Control Panel" settings, or file 2: Firewall associations, system policies, or installed software, the changes are 3: Anti-Virus reflected and stored in the registry. The easiest way to access it is 4: Anti-Spyware through the start button. In almost 100% of cases of virus or spyware 5: Configure Windows infection, you will need to delete an entry in the database, called a key, 6: HOSTS & PAC to restore functionality to your computer. The following will show you 7: System Restore how to edit your registry and the most common places a virus8: Safe Mode associated key will hide.

Windows Registry- A Brief Introduction:

1. To access the registry editor, go to Start and then Run. A window will pop up. In the box, type either regedit or regedit.exe and click the OK button. 2. When the window opens, you will see two panes. The left pane, or tree view, lets you navigate through all the various keys. There are five main folders. If there are more folders within the folder, a plus sign will be next to it. Doubleclick a folder to see all the folders contained within the original folder. If you want to see only the keys from the folder, just click on it once. On the right pane, registry entries will appear that correspond with the folder you click.

Internet & Computer Security 101

71

Windows Registry- A Brief Introduction:

Internet & Computer Security 101

3. When you have a virus or spyware, it will many times set itself to automatically run when you log on the computer. Even if you remove a virus, you may still get a message when your computer starts about a program missing a link, which is usually because Windows is still looking for that program since the key about it is still in the registry. The most common locations an entry for this are found is in the following locations. You can get there by doubleclicking on the following folders: HKEY_LOCAL_MACHINE, Software, Microsoft, Windows, CurrentVersion, Run or RunOnce or RunOnceEx. To delete a key, just click on the name and hit the delete key. You will be asked if you want to delete it. Click Yes to confirm.

72

73

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Ten:

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry

RECOVERY CONSOLE

74

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Ten: Recovery Console

If youve never installed Windows 2000 or XP, chances are youve never seen one of the tools that you can use that comes on the installation CD. Whats nice about it is that you can use it even if you cant boot your computer even in safe mode. That tool is called the Recovery Console.

Recovery Console isnt pretty. If you remember computers in the 1980s and working on DOS, this is what it is like. All the commands are text1: Windows Updates based, and there is a limit to what you can do. It may seem a little intimidating, since you arent really given a tutorial on how to use it, but 2: Firewall as long as you can follow directions you can do it. 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows So what does Recovery Console have to do with virus removal? If an infection corrupts files, you can use the console to repair them when 6: HOSTS & PAC nothing else seems to work. It is also useful for deleting a virus-related 7: System Restore file that you cant delete otherwise. But this is just the start of the 8: Safe Mode 9: Windows Registry features.

Recovery Console- A Brief Introduction:

(Images taken from http://www.windowsnetworking.com/j_helmig/wxprcons.htm)

Internet & Computer Security 101

1. Insert your Windows operating system disc. If you are already in Windows, reboot. You should see a message on the screen that asks you press any key to boot from the CD. Press any key you want. Files will be loaded from the CD, and eventually, you should see the Windows XP Professional Setup screen.

2. Press the letter R to continue to the Recovery Console.

75

Recovery Console- A Brief Introduction:

(Images taken from http://www.windowsnetworking.com/j_helmig/wxprcons.htm)

Internet & Computer Security 101

4. After a few seconds, the Recovery Console will appear. You will see a list starting with 1:xxxxx and below it you will be asked which Windows installation you want to log into for. For the most part, all you will see is 1. To enter the installation, type the number (1, 3, etc.) and hit enter. You will then be asked to type the administrator password, the one for the default administrator account. If there is none, just hit enter, otherwise type the password and hit enter to continue.

76

Recovery Console- A Brief Introduction:

(Images taken from http://www.windowsnetworking.com/j_helmig/wxprcons.htm)

Internet & Computer Security 101

4. You will then be at the command prompt, a very plain looking screen that will say something like C:\WINDOWS> with a blinking cursor. At this point, type help and hit enter. You will see a list of commands. Hit enter to see the rest one by one, or the space bar to see the next page of commands. If you dont want to see any more, then just press the escape key (ESC).

77

Recovery Console- A Brief Introduction:

(Images taken from http://www.windowsnetworking.com/j_helmig/wxprcons.htm)

Internet & Computer Security 101

5. To see more information about a command, like how to use it, just type the commands name + /? (ex: del /?) or type help + the command name (ex: help del).

6. When youre done, just type exit at the command prompt to reboot the computer.
78

79

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Eleven:

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry 10: Recovery Console

REPAIR INSTALL

80

Internet & Computer Security 101

THE NOT-SO-BASICS: VIRUS REMOVAL

Number Eleven: Repair Install

This is really one of the last things you can do that doesnt completely wipe out everything on your hard drive. If youve tried everything, even some other tools in the Recovery Console, and you still cant boot Windows from Safe Mode, then a Repair Install may be your last ditch effort. Of course, it is recommended that you back up your files before you do a Repair Install, which is OK if you can actually get into Windows to back things up. The big difference between a Repair Install and a normal install is that a repair install only repairs Windows. It wont delete programs or files. If 1: Windows Updates Windows gets corrupted by a virus, doing a repair install might restore enough functionality to be able to let you run an anti-virus program. 2: Firewall

3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry

Should you decide to do one, there is no guarantee Windows will boot. And if it does, it is very important that you dont get online before turning Windows firewall on. In fact, until youve scanned for viruses, you probably shouldnt connect to the internet at all. If this doesnt work, then a complete reinstall may be your only option.

How to do a Repair Installation

(Images taken from http://www.geekstogo.com/forum/index.php?showtopic=138)

Internet & Computer Security 101

1. Insert your Windows operating system disc. If you are already in Windows, reboot. You should see a message on the screen that asks you press any key to boot from the CD. Press any key you want. Files will be loaded from the CD, and eventually, you should see the Windows XP Professional Setup screen.

2. Press the enter key to set up Windows XP.

81

How to do a Repair Installation

(Images taken from http://www.geekstogo.com/forum/index.php?showtopic=138)

Internet & Computer Security 101

3. The Windows XP Licensing Agreement will be displayed. Press F8 to continue.

82

How to do a Repair Installation

(Images taken from http://www.geekstogo.com/forum/index.php?showtopic=138)

Internet & Computer Security 101

4. Next, Windows Setup will look for existing installations of Windows XP, even if they arent functioning properly. You will be asked to repair the installation, or install a fresh copy. Hit the r key to do a repair install. If you are not given an option, then the Windows data is too corrupted. In any case, just follow the instructions.

83

84

Internet & Computer Security 101

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry 10: Recovery Console 11: Repair Installation

STOP!!!!

85

Internet & Computer Security 101

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry 10: Recovery Console 11: Repair Installation

What if there was a tool that magically reset your computer every night?

86

Internet & Computer Security 101

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry 10: Recovery Console 11: Repair Installation

OK, so maybe there is something like this (DeepFreeze). But is it free? NO!!

87

Internet & Computer Security 101

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry 10: Recovery Console 11: Repair Installation

But what if there was something free? Would you

use it?

I hope so!

88

Internet & Computer Security 101

Microsoft has created a tool for computer labs, or places where more than one person would be using the same computer. This tool is similar to Deep Freeze, but its 100% free.
1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry 10: Recovery Console 11: Repair Installation

And if you run a computer lab, it will make your life SOOOOOO much easier you wont know what to do with yourself.

John Eversole, take it away!

89

Internet & Computer Security 101

1: Windows Updates 2: Firewall 3: Anti-Virus 4: Anti-Spyware 5: Configure Windows 6: HOSTS & PAC 7: System Restore 8: Safe Mode 9: Windows Registry 10: Recovery Console 11: Repair Installation

Questions? Comments?
(Tomatoes to throw?)