(Originally Posted Wednesday, February 28, 2007 )
There are a few things you can do to protect yourself when using social networking sites like MySpace (and the rest of the internet).
#1 – Don’t use your MySpace account on a wireless connection while away from home(if you can help it.) If wireless within the home, SECURE THE ROUTER AND GET A GOOD FIRELWALL! Use WPA2 at a minimum with AES encryption and set up MAC Address filtering. This can be defeated, but its the best choice at this time for wireless connections next to 3G or cellular technology.
#2 – If possible, set up an SSH tunnel for all wireless traffic, wether at home or on the road. If you don’t have your own web server with ssh access that you can tunnel your traffic through, then it’s best to use ethernet, and avoid wireless all together.
#3 – If on an a dedicated ethernet connection through your cable or dsl provider, buy a small hub or router to put between you and the modem. This can help secure your traffic a bit further, because it should mask your pc’s open ports on the pc using the routers NAT and firewall settings. Be sure to change any passwords on the router itself, as well as upgrade to the latest firmware! Disable any uPnp settings built in to the router as well!! If you leave the uPnp open, your routers DNS settings can become compromised. I suggest manually configuring your DNS settings on both the router and your PC under TCP/IP settings. OpenDNS is a great choice for DNS services as well!
#4 – Get a good FIREWALL, software or hardware(or both) and learn how to set it up properly. This is probably the most important thing you can do. DO NOT RELY ON THE ONE BUILT INTO WINDOWS XP as the end all be all firewall! If you want a really decent software firewall, I suggest Zone Alarm Pro, or their suite which has built in anti-virus, spyware and spam blocking tools by Kaspersky.
#5 – Disable all file sharing and server services running unless you need them for your home network to share files from one pc to another. Under services.msc(for windows users) disable the “computer browser”, “server”, “Windows Firewall/Internet Connection Sharing”, and “Workstation” services. Unless you are using something that requires one of these services, you DO NOT NEED THEM RUNNING ALL THE TIME!
# 6 – Password protect your Administrator account. Here is a good way to see if it is already setup under XP(and later). Hold the “WINDOWS KEY + L” to bring up the login dialog box. Change the name from owner or whatever is listed to Administrator and hit enter with no password. If it logs you on, then you are giving the whole world admin access to your pc! This is VERY dangerous. Especially if you allow any remote connection services to run, like workstation and terminal services, remote registry, remote assistance etc. Disable the guest account as well.
#7 – Learn to use the “HOSTS” file and block advertisements, spyware, and adware! It is critical that you make sure that no rouge programs have setup your hosts file to redirect you to a site of their choosing. Example: You type in Yahoo.com, but you get something like Search.com instead. This is one of the oldest hacks there is for redirecting you to adware sites. Under windows XP, navagate to the “C:\windows\system32\drivers\etc” folder and open the “HOSTS” file with wordpad or any text editor of your choosing. The format to block a site is always start with “127.0.0.1 (tab key) then the website or ip address you want to block”. ex:
127.0.0.1 ads.doubleclick.net
Each site should be on its own line. You can also download custom HOSTS files from the internet, where others have done most of the work for you in blocking advertisements and popups using this method. A good site that updates their hosts file for downloads: http://www.mvps.org/winhelp2002/hosts.txt You will want to copy this and paste it into your HOSTS file. Do not save it as is, since this file ends in .txt and the HOSTS file itself should have NO FILE EXTENTION. If your text editor saves it with any extention of .txt or .doc, be sure to rename it of it will not work!!!!
#8 – READ up on the latest security threats. Knowing what threats are out there when vulnerabilities arise can help prepare you to defend your system. One site I like to check often is http://isc.sans.org/
This one site alone is not enough to stay aware of the threats out there, but its as good a place as any to check on a daily basis.