Transcript COMPUTER SECURITY

COMPUTER SECURITY
How to achieve total computer security
The best way to do so is to apply
Richards' Laws Of Computer
Security (ca. 1992):
A.
B.
Don't buy a computer
If you do buy a computer,
don't turn it on
Golden Rule
Don’t assume anything!
Learn the risks.
The Ten Commandments of Safer Computing
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Protect your personal information. It's valuable
Make backups of important files
Install and use anti-virus software.
Acquire and use a reliable firewall solution.
Acquire and use AntiSpyware
Apply security software patches and updates
regularly
Use Safe browsing techniques on the internet
Use caution when reading your email
Avoid installing services and applications
which are not needed
Learn what to do when something goes wrong.
1. Protect your personal information.
 Never store sensitive personal information such as your
bank account information, Social Security numbers or
passwords on your computer.
 Do not use the "Remember Password" feature of
applications (e.g., Eudora, OutLook, Netscape Messenger,
Web Browser).
 Never comply with requests for personal information from an
email or phone call unless you initiated the contact. These
are often phishing scams trying to steal your personal
information
 Use strong passwords
 If someone demands a password, refuse to give it.
 Do not write passwords down and store them anywhere in your office.
 Change passwords ( 6 months)
Passwords
The golden rules, or policies for passwords
are:
 Make passwords as meaningless as possible
 Change passwords regularly
 Never divulge passwords to anyone
Weak Passwords











WEAK PASSWORDS
Poor, weak passwords have the following characteristics:
• The password contains less than eight characters
• The password is a word found in a dictionary (English or foreign)
• The password is a common usage word such as:
o Names of family, pets, friends, co-workers, fantasy characters, etc.
o Computer terms and names, commands, sites, companies, hardware,
software.
o Birthdays and other personal information such as addresses and
phone numbers.
o Word or number patterns like aaabbb, qwerty, zyxwvuts, 123321, etc.
o Any of the above spelled backwards.
o Any of the above preceded or followed by a digit (e.g., secret1,
1secret)
Strong Passwords
Strong passwords have the following characteristics:
 • Contain both upper and lower case characters (e.g., a-z, AZ)
 • Have digits and punctuation characters as well as letters
e.g., 0-9, !@#$%^&*()_+|~ =\‘{}[]:";’<>?,./)
 • Are at least eight alphanumeric characters long.
 • Are not a word in any language, slang, dialect, jargon, etc.
 • Are not based on personal information, names of family,
etc.
 • Passwords should never be written down or stored on-line.
Try to create passwords that can be easily remembered.
Use Strong passwords
 Use strong passwords and keep them secret.
 Don’t reveal a password over the phone to ANYONE
 Don’t reveal a password in an email message
 Don’t reveal a password to the boss
 Don’t talk about a password in front of others
 Don’t hint at the format of a password (e.g., "my family
name")
 Don’t reveal a password on questionnaires or security forms
 Don’t share a password with family members
 Don’t reveal a password to others while on vacation
 If someone demands a password, refuse to give it.
2. Make backups of important files
Make backups of important files
•Why Backup?
•What to backup
•When to back up
•Where to backup
•How to backup
Why Backup?
 The Risks - Main Causes of Downtime and Data Loss
No system is completely secure. Systems Crash. It’s not of matter of if, it’s a matter of
when.
 Human Error















Accidental deletion of a file or folder
Accidental overwriting of a file (forget to Save AS!)
Malicious deletion or editing of files
Hard disk or other hardware failure
Data loss due to a virus or other attack
Vandalism
Theft
Fire
Faulty software rollouts
Driver setting conflicts
Lost/locked-out passwords
Power Surges
Weather & Storms
Hackers / Terrorism
And So Many More!
What to backup
Original Software Disks
Boot/ Recovery Disks
Backups









Your e-mail and e-mail address book.
Bank records other financial information
Tax returns
Digital photographs and video
Software purchased and downloaded from the Internet
Music purchased and downloaded from the Internet
Personal projects
Your Microsoft Outlook calendar
Your Internet Explorer bookmarks
When to back up
As soon as possible after you change it.
On a regular basis
Make a schedule – weekly , monthly.
Where to backup
Diskette
Zip Drives
CD-ROM
R/RW
USB FLASH DRIVES
DVD-ROM R/RW
USB EXTERNAL HD
ONLINE BACKUP
1.4 MB
100 to 250 MB
700MB
32 TO 1GB
4.7 GB
40GB AND UP
OFFSITE
Backup Media
How to backup
Copy and Paste
Backup Utilities
Windows XP home – Install from CD
http://www.microsoft.com/athome/security/update/howbackup.mspx
Make more than 1 copy.
Save older copies.
Store offsite.
3. Install and use anti-virus software.
3. Install and use anti-virus software.
The Risk
A virus or worm is a computer program that can
spread across computers and Networks by making
copies of itself, usually without the user’s
knowledge. Viruses can have harmful effects. These
can range from displaying irritating messages to
stealing data or giving other users control over your
computer.
Even a new computer is not protected
If your antivirus program doesn’t have the latest
virus definitions, your computer isn’t protected
against ANY of the new viruses!
Viruses, Trojans and Worms. Oh My!
What to do
Acquire and use a reliable antivirus program. New
virus are discovered every day. It’s important to
keep your Antivirus software updated with the latest
Virus identities.
Select an antivirus that has a consistent track
record. Checkmark, AV-Test.org and TuV are among
the most respected independent testers of antivirus
software.
Install and use anti-virus software.
There is no reason not to have Antivirus
protection
Check with your ISP.
Antivirus protection may be available as part of
your internet service.
Charter
DSL SBC/ATT
AOL
F-Secure
Computer Associates
McCaffee.
Install and use anti-virus software.
Free Antivirus for personal use is available
Free Antivirus




AVG Antivirus
Avast
Trend Micro – Free online scan
Panda – Free online scan
Antivirus Software
CA Eztrust
Norton
McCaffee
Viruses, Trojans and Worms. Oh My!
 Virus
 Program that is self-replicating and attaches to other programs.
 Worm
 Special type of virus that can replicate itself and use memory,
but cannot attach itself to other programs. Uses computer
networks and security holes to replicate itself.
 Trojan Horse
 A computer program that claims to do one thing (such as a
game) but instead does damage when you run it. Trojan Horses
do not replicate automatically
What can viruses do?
Viruses used to play pranks or stop your computer working,
but now they compromise security in more insidious ways.
Here are the things that viruses can do.
Slow down email. Viruses that spread by email, such as
Sobig, can generate so much email traffic that servers slow
down or crash. Even if this doesn't happen, companies may
react to the risk by shutting down servers anyway.
Steal confidential data. The Bugbear-D worm records the
user's keystrokes, including passwords, and gives the
viruswriter access to them.
Use your computer to attack websites.
MyDoom used infected computers to flood the SCO software
company's website with data,making the site unusable (a
denial of service attack).
Let other users hijack your computer. Some viruses place
“backdoor Trojans” on the computer, allowing the virus writer
to connect to your computer and use it for their own
purposes.
What can viruses do?
Corrupt data. The Compatable virus makes changes to the
data in Excel spreadsheets.
Delete data. The Sircam worm may attempt to delete or
overwrite the hard disk on a certain day.
Disable hardware. CIH, also known as Chernobyl, attempts
to overwrite the BIOS chip on April 26, making the
computer unusable.
Play pranks. The Netsky-D worm made computers beep
sporadically for several hours one morning.
Display messages. Cone-F displays a political message
ifthe month is May.
Damage your credibility. If a virus forwards itself from your
computer to your customers and business partners, they
may refuse to do business with you, or demand
compensation.
Cause you embarrassment. For example, PolyPost places
you rdocuments and your name on sexrelated
newsgroups.
How viruses get into
computers:
The origin of the four most common virus
infections:
 File – A virus type that infects existing files on the
computer
 Macro – A virus that runs as a macro in a host
application; i.e., MS Office applications such as
Word or Excel
 VBScript – A virus that uses Windows Visual Basic
Script
 Internet Worm – A virus that is primarily
characterized by its replication across the Internet
How viruses spread
By downloading infected files or programs
from a network. If you download and run
software from the Internet, or receive e-mail
attachments, there is a chance that you can
contract a computer virus.
Once you RUN an infected program, the virus
can spread rapidly, especially on networks.
That is why the Internet, the largest network,
is a fertile breeding ground for viruses.
By inserting infected disks into your computer.
How viruses spread (continued)
Computers do get viruses from e-mail. You must
be aware of the fact that you CANNOT get a
computer virus from simply the text of an e-mail.
The virus will come in the form of some kind of
attachment. Opening the attachment can give your
computer a virus.
Virus Symptoms
Unusual messages or displays on your monitor.
Unusual sounds or music played at random times.
A file name has been changed.
A change in dates against the filenames in a
directory.
Programs or files are suddenly missing.
Unknown programs or files have been created.
Virus Symptoms (continued)
Reduced memory or disk space.
Unexpected writes to a drive.
Bad sectors on your floppy disk.
Your entire system crashing.
Some of your files become corrupted – meaning
that the data is damaged in some way – or
suddenly don’t work properly.
Programs take longer to load, they may hang the
computer or not work at all.
Basic virus defense
Don’t open files that you are not expecting.
 Many viruses automatically send files without the email account owner’s knowledge.
 Ask the sender to confirm unexpected files.
If you don’t know who the message is from,
don’t open it.
Messages that appear more than once in your
Inbox can be suspect for a virus.
If you receive a suspicious message, delete it.
Don’t use or share floppies without scanning
with anti-virus software first.
Basic virus defense (continued)
Learn file extensions.
 Your computer will display both an icon and a file
extension for files you receive. Open only file extensions
you know are safe.
 If you are not sure, ask your Technical Support person.
Never double-click to open an attachment that
contains an executable that arrives as an e-mail
attachment.
Basic virus defense (continued)
Regularly back up your files.
Do not install pirated software, especially
computer games.
Make sure your computer runs anti-virus
software. If you don’t have it, buy and
install it immediately.
If you have anti-virus software on your
computer, it has to be updated at least
weekly, as new viruses appear daily.
Scan the entire hard disk twice a month.
Examples of potentially
unsafe file types
The following file types should not be
opened unless you have verified the
sender and the reason sent:





.EXE
.PIF
.BAT
.VBS
.COM
Microsoft Office
Microsoft Office files are mostly data with
some program code.
Office macros are programs, which can be
viruses.
Office will prompt you to enable macros.
 Enable macros only when you know why Office is
asking. Never run macros in a document unless
you know what they do.
Anti Virus Software
Free Antivirus
 AVG Antivirus
 Avast
 Trend Micro – Free online
scan
 Panda – Free online scan
CA Eztrust
Norton
McCaffee
4. Acquire and use a reliable
firewall solution.
4. Acquire and use a reliable
firewall solution.
The Risk
A firewall is a security measure that protects a computer or a computer
network from unauthorized access. Unfortunately in today’s computer
world, there are a lot of devious hackers working diligently to access
computer information. Where previously, the targets were large
institutions, today hackers seek out all sorts of personal information
including information from everyday home computer users.
If you use a broadband connection to the Internet, like DSL or cable, you
should definitely get a firewall. Such broadband connections are always
on, shared connections. It is easier for an intruder to break into your
computer if you are using one of these connections. So it is essential to
have a firewall on a computer that uses DSL or cable to connect to the
Internet. Firewalls don't prevent virus attacks but in some circumstances
they can stop viruses from sending information from an infected
computer.
Firewalls
Hardware Appliance (Router)
Software
Personal Firewalls – Your options
If you have XP, install XP SP2 and enable the firewall that
comes with it. Biggest plus, it’s now part of the OS. Biggest
negative, it doesn’t guard against outbound attacks.
ZoneLabs www.zonelabs.com offers a variety of options from
free and up. Biggest plus, they’re a respected name in the
business Biggest negative, you have to do some reading if
you want to learn how to effectively manage your settings.
Security Suites
Most antivirus vendors are getting into this area as well, and
are offering bundled products .
For more information and guidance see:
http://www.firewallguide.com/software.htm
5. Acquire and use AntiSpyware
Spyware
Spyware is software that enables advertisers
to gather information about a computer user’s
habits
Spyware programs are not viruses
(They don’t spread)
How you get Spyware
Spyware is typically placed on your system
by visiting websites and installing software.
Symptoms of Spyware
Typical signs that you have spyware
 You have a lot of popup windows when visiting the web or
just logging on to your system.
 Your homepage has changed to a different site.
 You notice a major drop in system performance.
 Your antispyware or antivirus utility stops working.
 You go to search for things and your search page has
changed.
 New Items appear in your favorites.
 In many cases there are no signs and it is running silently
recording your actions.
Antispyware
Scanners
Real Time
Protection
Protect Yourself from Spyware
 Use a popup blocker like Google Toolbar, or the one that
comes with FireFox and Internet Explorer.
 Install AntiSpyware utilities.
 Recommended - Ad-aware, Spybot - Search and Destroy,
Microsoft Defender (beta). and Spy Sweeper.
 These can be found for free
AdAware SE personal http://www.lavasoftusa.com
Spybot Search and Destroy http://www.spybot.info
 Windows Defender
http://www.microsoft.com/athome/security/spyware/software/
default.mspx
 Spy Sweeper is available by annual subscription at
www.webroot.com
Spybot – Search and Destroy
Spybot - Updating
Always Update the software before scanning or
immunizing the system.
Spybot - Immunize
Immunizing the system protects it from getting
certain types of Spyware.
Spybot - Scanning
 Click the Search and Destroy Button to scan the system.
 This will clean off existing Spyware.
LavaSoft’s Ad-Aware
Ad-Aware - Update
 Use the Check for Updates Link on the Main screen or
the Web update Button.
Ad-Aware - Scanning
 Click the Scan Now Button
 Choose to do a Full System Scan
Ad-Aware – Scan Results
 You will get Critical Objects (Clean)
 You will get Negligible Objects (Can Leave Alone)
 Mostly MRU (Most Recently Used)
Ad-Aware – Clean Objects
 When you clean objects they go to the Quarantine.
 You can leave them or delete them.
6. Apply security software
patches and updates regularly
Closing the Holes
With relatively few exceptions, when software
manufacturers find a security hole in one of
their products, they release a patch that
closes that hole.
If your computer doesn’t have ALL these
patches, it isn’t protected … and your
computer is completely vulnerable to all the
nasty stuff we talked about three slides ago.
WMF vulnerablity
http://www.microsoft.com/technet/security/bulletin/ms06001.mspx
Windows Update
Built into every PC since Windows 98 and
into every version of Microsoft's Internet
Explorer since version 4.0 is something
called “Windows Update.”
Windows Update is an easy-to-use tool
that helps you ensure that your PC is
running the absolute latest Microsoft
software patches and drivers.
If you use Windows XP you should be on
Service Pack 2
Patching and Updating
One of the best things that you can do to
protect your system is to Patch it.
Most people believe that their system got
infected because of a failed AntiVirus
product, but they are wrong.
Most infected systems become infected
because of poorly patched systems.
Patching is a simple, easy, and free way to
protect your system.
How you patch a system
 To do it manually,
use the windows
update Icon on
your start menu.
 To do it
automatically got to
Start – Settings –
Control panel and
choose Automatic
Updates.
7. Use Safe browsing techniques
on the internet
Set your browser security to High
Add safe Web sites to trusted sites
Read e-mail messages in plain text
Block pop-up windows in your browser
Check Ecommerce Sites
 Secure Server - https
 Lock is closed on IE
 http://hacker-eliminator.com/safebrowsing.html#settings
Trusted Sites
Browser Security Settings
Active X and Java
Trusted Zones
Browser Security Check
http://security.symantec.com/sscv6/home.asp
?langid=ie
http://www.verisign.com/advisor/check.html
Using public computers and wireless security
Be careful about typing your password into a
strange computer.
 Is the owner trustworthy or are they perhaps
running a keyboard logger recording your
keystrokes? (It has happened).
 Who was the last person to use it and what did
they run on it?
8. Use caution when reading your
email
Viruses
 Email attachments
Spam
 Junk email
 Virus Hoaxes
 Phishing
Email Security - Viruses
DO NOT
 open email attachments that you aren’t expecting.
Especially avoid attachments ending in .exe,
 .vbs, .pif, .scr, .com, or .bat, and don’t unzip files you are
not expecting. Don’t open the attachment
 even if it looks like it is sent from someone you know—
many viruses can forge, or spoof, the sender’s
 name from names found in address books.
Spam
The chances are that you have had emails
offering you drugs without a prescription, or
loans, or get-rich-quick schemes –
sometimes cleverly disguised to look like
personal email. This “spam” mail accounts for
more than half of all the email sent worldwide,
cluttering up inboxes and distracting users
from more important messages.
SPAM
Legitimate Business Offers
Viruses and Virus Hoaxes
Phishing
SPAM Prevention
Don’t give out email address
Filters
 Internet Service Provider
 Email Client ( Outlook, Eudora)
 Spam Filters
 Rules
 Third Party Software (SpamKiller, Mailwasher)
You can report violators
Beware of email attachments
Spam
Tips for preventing spam:
 Do not reply to spam!
Some junkmail messages urge you to send an
“unsubscribe” reply to get off their list. This is a common
ploy for harvesting email addresses. Instead of getting
off their lists, you’ll be added to others (your email
address may even be sold to other direct marketers), and
you’ll find yourself getting more spam than before.
 Don’t use complete email addresses on web
pages or newsgroup postings.
 Setup additional email accounts as aliases when
giving out a valid email address.
Hoaxes and Scams
Hoaxes and scams
If you have had an email that warns you
about an unlikely-sounding new virus, offers
you a free mobile phone, or asks you to
update your bank account details, you have
been the victim of a hoax. Hoax mail can
interrupt work, overload mail systems, or
even trick you into giving personal credentials
and passwords to criminals.
Virus hoaxes
 Virus hoaxes are reports of non-existent viruses. Usually
they are emails which do some or all of the following:
 Warn you that there is an undetectable, highly destructive
new virus.
 Ask you to avoid reading emails with a particular subject
line, e.g.Join the Crew or Budweiser Frogs.
 Claim that the warning was issued by a major software
company, internet provider or government agency,e.g. IBM,
Microsoft, AOL or the FCC.
 Claim that a new virus can do something improbable, e.g.
The A moment of silence hoax says that “no program needs
to be exchanged for a new computer to beinfected”.
 Use techno-babble to describe virus effects, e.g. Good
Times says that the virus can put the PC’s processor into “an
nthcomplexity infinite binary loop”.
 Urge you to forward the warning.
 Phishing
 Phishing is the use of bogus emails and websites to trick you
into supplying confidential or personal information.Typically,
you receive an email that appears to come from a reputable
organisation, such as a bank. The email includes what
appears to be a link to the organisation’s website. However,
if you follow the link, you are connected to a replica of the
website. Any details you enter, such as account
 numbers, PINs or passwords, can be stolen and used by the
hackers who created the bogus site.
 You should always be wary about following links sent to you
in emails. Instead, enter the website address in the
“Address” field, or use a bookmark or a “favourite” link, to
make sure that you are connecting to the genuine site. Antispam software will also help to block phishing email.
Phishing and Pharming
 What is Phishing and Pharming?
 Uses both social engineering and technical subterfuge to
steal consumers' personal identity data and financial account
credentials.
 Social-engineering schemes use 'spoofed' e-mails to lead
consumers to counterfeit websites designed to trick recipients
into divulging financial data such as credit card numbers,
account usernames, passwords and social security numbers.
Hijacking brand names of banks, e-retailers and credit card
companies, phishers often convince recipients to respond.
 Technical subterfuge schemes plant crimeware onto PCs to
steal credentials directly, often using Trojan keylogger spyware.
 Pharming crimeware misdirects users to fraudulent sites
Phishing and Pharming
Phishing and Pharming
How to Avoid Phishing
Scams
 Be suspicious of any email with urgent requests for personal financial
information
 Don't use the links in an email to get to any web page, if you suspect
the message might not be authentic
 Avoid filling out forms in email messages that ask for personal financial
information
 Always ensure that you're using a secure website when submitting
credit card or other sensitive information via your Web browser
 Consider installing a Web browser tool bar to help protect you from
known phishing fraud websites
 Regularly log into your online accounts
 Regularly check your bank, credit and debit card statements to ensure
that all transactions are legitimate
 Ensure that your browser is up to date and security patches applied
This taken from http://www.antiphishing.org/consumer_recs.html
Keylogging and Pharming
 The financial services industry continues to be the main
focus of scammers, with 78 percent of attacks targeting the
customers of banks and other types of financial institutions,
according to the group.
 There was also a rise in the number of reports of keylogging
and pharming,
 Keylogging involves using software to record keystrokes
made on a computer and is commonly used to steal
passwords. Pharming involves interfering with DNS (Domain
Name System) servers to direct people to counterfeit
banking or e-commerce sites when they think they are
visiting a legitimate site.
 The country hosting the most phishing Web sites in February
was the U.S., followed by China.
9. Avoid installing services and
applications which are not needed
Uneeded programs take up computer
resources and can open up security holes
Free programs can contain viruses or
spyware
10. Learn what to do when something goes wrong.
10. Learn what to do when something goes
wrong.
Unfortunately, there is no particular way to
identify that your computer has been infected
with malicious code. Some infections may
completely destroy files and shut down your
computer, while others may only subtly affect
your computer's normal operations. Be aware
of any unusual or unexpected behaviors.
10. Learn what to do when something goes wrong.
What you should do if you notice symptoms of
infection

If you notice that your computer is functioning
erratically Don't panic! This golden rule may
prevent the loss of important data stored in your
computer and help you avoid unnecessary
stress.

Disconnect your computer from the Internet.
Computer Virus
If your computer gets hacked or infected by a
virus:
immediately unplug the phone or network line
from your machine. Then scan your entire
computer with fully updated anti-virus
software, and update your firewall.
take steps to minimize the chances of
another incident
Spyware/Adware
If your computer gets infected by spyware:
immediately unplug the phone or network line
from your machine. Then scan your entire
computer with fully updated anti-spyware
software, and update your firewall.
take steps to minimize the chances of
another incident
Hacking
alert the appropriate authorities by contacting:
 Your ISP and the hacker's ISP (if you can tell what it is).
Often the ISP's email address is [email protected]
or [email protected]. You can probably
confirm it by looking at the ISP's website. Include
information on the incident from your firewall's log file. By
alerting the ISP to the problem on its system, you can
help it prevent similar problems in the future.
 The FBI at www.ifccfbi.gov. To fight computer criminals,
they need to hear from you.
Internet Fraud
If a scammer takes advantage of you through
an Internet auction, when you're shopping
online, or in any other way, report it to the
Federal Trade Commission, at ftc.gov. The
FTC enters Internet, identity theft, and other
fraud-related complaints into Consumer
Sentinel, a secure, online database available
to hundreds of civil and criminal law
enforcement agencies in the U.S. and
abroad.
Deceptive Spam
If you get deceptive spam, including email
phishing for your information, forward it to
[email protected]. Be sure to include the full
Internet header of the email. In many email
programs, the full "Internet header" is not
automatically included in forwarded email
messages, so you may need to take
additional measures to include the full
information needed to detect deceptive spam.
For further information, go to
http://getnetwise.org/action/header.
Divulged Personal Information
If you believe you have mistakenly given your
information to a fraudster, file a complaint at
ftc.gov, and then visit the Federal Trade
Commission's Identity Theft website at
www.consumer.gov/idtheft to learn how to
minimize your risk of damage from a potential
theft of your identity.
Identity Theft
BBB survey 2005
The most frequently reported source of
information used to commit fraud was a lost or
stolen wallet or checkbook. Computer crimes
accounted for just 11.6 percent of all known-cause
identity fraud in 2004
Among cases where the perpetrator's identity is
known, half of all identity fraud is committed by
a friend, family member, relative, neighbor or inhome employee - someone known by the victim.
A wide variety of metrics confirm that identity
fraud problems are NOT worsening, with the
total number of victims in decline.
The majority of identity fraud crimes are selfdetected
Resources
 Home Computer Security
 http://www.us-cert.gov/
 http://www.us-cert.gov/cas/tips/
 http://www.microsoft.com/athome/security/default.mspx
 http://www.staysafeonline.org/
 http://computer.howstuffworks.com/virus.htm
 http://www.cert.org/homeusers/HomeComputerSecurity
 http://www.microsoft.com/athome/security/default.mspx
 http://www.bbb.org/alerts/article.asp?ID=565
 Product Reviews
 http://www.pcmagazine.com




Virus Information ( also see Antivirus software )
http://www.virusbtn.com
https://www.icsalabs.com/icsa/icsahome.php
http://www.viruslist.com/





Antivirus Software
eTrust www.ca.com
Norton Symantec Corp.http://www.symantec.com
Avg http://www.download-it-free.com/avg/
Mccafee http://mccafee.com/
Resources























Antispyware Software
AdAware SE personal http://www.lavasoftusa.com
Spybot Search and Destroy http://www.spybot.info
Windows Defender
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Spy Sweeper www.webroot.com
Software Firewall
Zone Labs, Inc.http://www.zonelabs.com
Phishing
http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm
http://www.phishinginfo.org/
http://www.antiphishing.org/phishing_archive.html
Report Phishing http://www.us-cert.gov/nav/report_phishing.html
Anti-Phishing Working Group (APWG)
http://www.antiphishing.org/
Federal Trade Commission, Identity Theft
http://www.consumer.gov/idtheft
Password checker
http://www.microsoft.com/athome/security/privacy/password_checker.mspx
Strong Passwords
http://www.cert.org/homeusers/HomeComputerSecurity/#6
http://www.microsoft.com/athome/security/privacy/password.mspx
Online Storage
http://www.iomega.com/istorage/
http://www.connected.com/quicken05/