While every computer user understands the importance of keeping his or her PC secure, many people are simply unsure about the best ways to keep the bad guys out of their systems.

Fortunately there are some simple steps computer users can take to keep their PCs safe from harm.  If you want to stay safe while online you should:

• 1) Always make sure your virus scanning software is up and running, and up to date. Be sure to check the system tray icon to make sure that your virus scanner is running. It is also a good idea to review your virus scanning logs at least once per week.
• 2) Install anti-spyware and anti-adware software and keep it up to date. Spyware and adware can be used to track your movements on the internet and even install malicious programs on your PC.
• 3) Never click on links in emails from unknown sources. If you receive a suspect email just delete it. Even if the email appears to be legitimate it is a good idea to avoid clicking any links. Instead type the web address directly into your browser.
• 4) Do not download programs from suspect sources. These programs can have embedded code that can damage your PC or even record all your keystrokes to steal your passwords.
• 5) Make your passwords complicated and difficult to guess. Do not use the names of your children, your pets or other easily obtainable information. And try to use a combination of capital letters, lower case letters and special characters in your passwords. This will help foil many password guessing programs.

CyberRooT is the name of a very prolific group of hackers who leave their ‘tag’ all over forums and websites on the Internet. They usually leave the tag “Hacked by CyberRooT” and call themselves the Turkish Hacker. They often hack the first page of a website or forum, which can cause understandable concern for people who use the websites.

Hackers

Although the term ‘hackers’ has been adopted by geeks of all kinds, the hackers we’re referring to are nothing more than glorified street taggers. Many people consider them Internet vandals. They can put blocks of text, sound or photos into websites and forums. They insert the text as an SQL injection and no program is completely hacker proof. Hackers like forums in particular because it is easier to work in environments that allow users to upload text. Hackers are particularly fond of Simple Machines Forums (SMF).

Danger for Websites

The biggest risk for websites that have been hacked is losing visitors and therefore their rankings in search engines. Visitors who stumble on a hacked site are understandably fearful of going back. Websites who have been hacked must find out how the hacker accessed their site and fix the code that was inserted. Sometimes the hackers are able to change the entire site by changing one of the templates. They can also put a meta direct into the website’s address that redirects users to the hacked page.

Danger for Users

Luckily, unlike spammers who are gathering email information for evil purposes, hackers generally like to tag and run. They enjoy the shock value of defacing a site, but most hacked sites are relatively easy to fix. In most cases, users who come upon a hacked website are in no danger from their visit. Often, if you check back, the website creators have fixed the problem in hours and the site will be up and running normally.

In your case, I went back to madphilosophers and it looks like they have cleaned up the mess and are functioning normally as a forum. It does look as if they are in the middle of a reorganization, but that doesn’t seem to have anything to do with the hacker problem. I would have no fear going back to your forum and pursuing your interests. I hope this has alleviated your fears.

Security software developers are constantly discovering new threats and creating defenses against them - often on a daily (sometimes even more frequent) basis. When they discover new threats and come up with a valid defense against them, they must add the solution to the “database” or “definition database” and then get these database definitions to the people who count on them for protection.

Generally, these new updates are made available in several ways. First, update downloads are usually made available on the developer’s Web site. However, this requires action on the user’s part. The better approach is some sort of regular, automatic updating feature. Most good security programs provide such a mechanism.

Consider the following scenario. Y head down to the local Best Buy store and buy an anti-spyware or anti-virus program off the shelf and install it on your computer. You’re set, right? Wrong. Ask yourself how current the product’s database is. Chance are good that the software has been sitting on the shelf for a few weeks at least. During this time, all kinds of new threats have been introduced “into the wild.” This means that you may be protected from thousands of threats that have been previously addressed but vulnerable to hundreds of new ones developed between the release of your software and now.

That’s why the software immediately prompts you to connect to the database to retrieve the latest definitions. Do it. Once updated, go back into your anti-spyware or anti-virus program and setup automatic database updates so that you don’t have to worry about this ever again.  In the past, an interval of several days was acceptable. Today, daily updates are a basic minimum requirement. You may even want hourly updates.

Keeping your security products current is just as important as buying the protection in the first place. Fortunately, you can automate the process and most developers include free database updates for the entire term of the subscription.

I suspect what your computer is telling you is that either your existing anti-virus protection has been disabled, expired, or non-existent. Let’s take a look. If the “no protection” message is currently displayed in your Taskbar’s notification area, you can simply click on it to open the Security Center. If not, you can access the Security Center via the Control Panel. Go to Start > Control Panel > Security Center. Likewise, you can go to Start and type Security Center into the Search bar and then click the icon that matches.

You’ll see a main color-coded display of the Vista security essentials including: Firewall, Automatic Updating, Malware Protection, and Other Settings. The coloring coding gives you an at-a-glance snapshot of what needs attention. Like a stop light, green means the settings are good to go while red means you need to stop and pay attention.

Each category shows up as a bar with an On/Off light as well as a drop down arrow for more options. For now, you can ignore the categories that are green (on); later, feel free to explore the drop down arrow to see the additional information. Click the down arrow next to all categories that are red. In this case, Malware Protection is most likely the one generating the “no protection” message though the firewall may also be contributing.

Under Malware Protection, you should see information about the current status of your security software. For example, if you had a trial version of McAfee Anti-Virus that has since expired, the Security Center will tell you that the product has expired. Similarly, if your antivirus program has been turned off, Security Center will tell you so. Most of the time, Security Center provides you with buttons that you can click to turn on the proper settings or solve the problem.

Malware Protection covers both antivirus and spyware settings. Windows Vista comes with Windows Defender built in. You should see Windows Defender in the list and its current status.

Depending on your situation, you may need to simply turn on existing security applications or update them. However, if your anti-virus license has expired or you have no protection installed at all, you will need to purchase a good antivirus application.  

Fortunately, for Windows Vista users, their operating system comes with tools to help keep the computer secure. The Windows Security Center is a collection of security essentials including:

• Windows Update
• Windows Firewall
• Windows Defender
• Internet Options

When you first open the Security Center, you’ll see an overview of your computer’s current settings. Green and red colored bars and dots give you an at-a-glance indication of whether or not your computer is properly secured. For example, if the main display shows all your settings in green bars with green dots, then the settings are acceptable. On the other hand, settings in a red bar need your attention. Click the down arrow next to any setting for more information.

The Security Center gives you options for correcting any detected problem with your computer’s security. For example, if the Windows Firewall is turned off, you’ll see an option that you can click to turn it on.

To go to the Security Center, first go into the Control Panel, which is accessible via the Start button, and click on Security Center. You can also simply go to the Start button and type Security Center in the Search bar and then click the related icon to launch it.

If your computer finds a problem with its security, it will automatically notify you (unless you’ve changed the notification settings). It will also display a red shield in the Taskbar’s tray. Double click this red shield and it will take you to the Security Center where you can learn about what’s wrong and take the necessary steps for securing your computer.

Don’t want to be notified each time? For example, if you prefer not to run the User Account Control utility because you find all of the prompts annoying, you may grow weary of the alert telling you that User Account Control has been disabled. Simply go into the Security Center and click on Change the Way Security Center Alerts me. Choose, “Don’t notify me but display an icon” or “Don’t notify me and don’t display an icon (not recommended” depending on your preferences.

The Security Center isn’t the most comprehensive security solution on the planet, but it is a good place to go to check and see that all of your other solutions, including third party anti-virus programs, are enabled.

Intrusion Detection Systems actively monitor network activity and traffic for signs of suspicious activities. Though this sounds quite similar to a firewall, it is actually quite different. Firewalls block openings but can’t distinguish between “good” and “bad.” If you must open a port in a firewall, the firewall doesn’t know whether incoming and outgoing traffic has good or bad intentions. Intrusion Detection Systems monitor the traffic in search of hostile or suspicious activities that signal an intrusion.

Think of firewalls as doors that you can open or close. Anyone can walk through the open door, right? And if the door is closed and locked, everyone will be shut out. Now, think of the Intrusion Detection System as the security guard at the door. The security guard may let people who work in, or live in, the building but he won’t necessarily let a stranger off the street through the doorway.

Intrusion Detection Systems come in many different forms such as network based, network behavior analysis, wireless, and host based. Each type does its job a bit differently with different ways of gathering information, detecting intrusion attempts, logging, and prevention. Large enterprise networks often use several different types of Intrusion Detection Systems as part of a larger security strategy.

Intrusion Detection Systems are geared for large networks rather than individual home users. If you’re a home user with a small network, for now, focus on basic security such as properly setting up your firewall, wireless network security settings, and security software. With the basics in place and properly secured, your network will protected from most threats.

Here’s a comprehensive list of various Intrusion Detection Products and Tools.

For example, if you are using Microsoft Windows Defender, which comes with Windows Vista, and you want to see what Defender has blocked, you’ll need to first launch the Defender application. Once Windows Defender is open, click on the History icon. From here, you can either view items that you have chosen to allow or those items that are blocked from running on your computer. Your choices are: go to Allowed Items or go to Quarantined Items.

Defender also has different “default actions” which you can adjust. These changes affect how Defender alerts you when alert levels have been detected. For example, you can instruct Defender to automatically remove the offending malware rather than prompting you first.

Different security applications have different options for viewing what’s been blocked. For example, if you use Trend Micro’s Internet Security Suite 2007, you’ll need to open the interface and then click on the Other Settings tab. Next, expand the Logs section and then select the log that you want to view followed by clicking the View Log button. This particular application offers numerous logs that you can view including virus, updates, spyware, personal firewall, spam and fraud attempts, Trojan horse cleanup, and data theft prevention.

Like Windows Defender, Trend Micro’s product also allows you to adjust how you are notified when viruses, spyware, and other malicious attempts are blocked. Simply click the Notification and Tutorial Preferences tab followed by the Settings button.

The same is true of Paretologic’s Antivirus Plus product. Simply go to Active Protection and click on Logged Events. To change the settings, click the Settings tab.

Just about all security software products on the market today have a means for viewing logs, quarantines, and histories as well as customizable settings. Take a few minutes to get familiar with the particulars of the security product that you are using. It shouldn’t take too long to find the logs. If you can’t readily find them, check the Help files.   

Fortunately, there’s a wealth of web sites out there that are more than willing to share lots of tips and helpful advice on how to protect oneself from identity theft and fraud via the computer or Internet use. The most important step that computer users should follow when searching for a website or other source for maintaining the security of their computers is to locate a legitimate site.

When looking for legitimate web sites consider searching using the advance search features that are available with the Google search bar. Open a search window up and then click on advanced search preferences, which is located near the top of the page to the right of the search box. Next, navigate to the bottom left-hand side of the page and click on the words, “date, usage rights, numeric range, and more.” Once the next box opens, click on the words “safe search” for an explanation or click on Yes to enable safe search filtering.

You can also conduct your search by typing your search phrase into the search bar and adding at the end of it inurl:.gov in order to specify that the results returned are from government websites. Many governmental agencies across each of the states have set up web sites that include lots of handy tips for safe web searching and more. You’ll find information to help computer users create secure passwords and much more.

Plus, each of the major manufacturers of computer operating systems has included useful tips for computer users on how to maintain the security of their computers on their web sites. Visit each of them and pick up as many helpful ideas as you can.

Another good source of security tips can be discovered through legitimate companies that offer anti-spyware and anti-virus applications. They also provide article directories where you can pick up lots of tips for maintaining your personal computer’s security.

Your Internet provider probably has some information that you can utilize as well concerning computer security settings and appropriate software applications.

Many manufacturers of computers, laptops, and software applications have incorporated useful web security tips into their web sites. In fact, many companies dealing in modern electronic equipment today understand the importance of Internet security. Therefore, many of these web sites will also have information specific to maintaining the security of your personal data that is stored on your computer.

Certificates

The primary purpose of certificates is to provide an easy, legitimate way to verify or authenticate something or someone. Electronic certificates can be used to verify the identity of individuals, documents, messages, websites, or devices. They can also be used to authenticate services of some type. Plus, certificates can be used to encrypt files to maintain their authenticity.

Generally, certificates exist without our noticing them. This is because valid certificates slip by without our ever seeing them. However, untrusted certificates will make an appearance via a warning that suggests that a specific certificate is not valid or that it is expired.

Untrusted Certificates

Untrusted certificates are generally certificates that have not been identified as valid or authenticated by the certification authority. In most cases, these certificates will end up in the untrusted certificate folder on your computer. In some cases, an untrusted certificate is one that the certification authority has already revoked.

How does a certificate get revoked? If for some reason, the certification authority cannot verify the identification information that has been provided in order to obtain the certificate, its validity becomes questionable. If the information attached to a certificate is not exactly as it was when the certificate was obtained, it sends up a red flag about its validity. If this happens, the certificate is revoked. Once a certificate is revoked, it is sent to the Untrusted Certificate folder. Once this happens, the certificate can never be used again.

Certification Authority

A certification authority is the name of the organization that is set up to issue certificates. In order to do so, the certification authority verifies the identity of the individual asking for a certificate as well as the organization for which the individual claims to be employed by. More than one certification authority exists. These organizations are responsible for establishing as well as verifying the authenticity of any public keys. The public keys that they verify can belong to other certification authorities or to individuals.

Technically, we are placing our trust in the certification authority to properly authenticate certificates. Both public and private networks rely on certificates to communicate sensitive information with a sense of security. Along with sensitive data comes a need to verify that the sender of the information is legitimate and that is where certificates and certification authorities come into play. The use of certificates makes it more difficult for people to impersonate someone, even through the anonymity of the Internet.

Related Articles:
How do I add a digital signature to my Word documents?
Can I encrypt Microsoft Word documents?
Why should I add a digital signature to my Word documents?

Incorporating a few important facets is all that it takes to create strong passwords. One of the most important strategies is to use a lengthy password of 8 to 14 characters in order to make it more difficult to guess.

Combining letters and symbols in a random fashion also makes it more difficult for someone to guess your password. The fewer letters and symbols that you use, the longer your password will have to be in order to be a strong one. Only using letters in your password weakens it. Even adding to its length is not going to strengthen it very much.

While incorporating numbers into passwords is a common practice, incorporating symbols is not quite as widely practiced. Using the shift key to access additional symbols is also a prudent practice.

Incorporate complexity into your password by mixing upper and lower case letters. The more variety you incorporate, the harder it will be for someone to guess your password.

In fact, you can create a password by taking the first letter of every word in a simple phrase and then adding in some numbers or symbols. For example, take the phrase, “I have two daughters and two sons who live with me.” You can then change the phrase into the following password by using just the first letter of each word: Ihtdatswlwm. Let’s mix it up a bit more since this password duplicates two letters which is a definite no-no. Instead of the second ‘t’ for the word ‘two,’ use the number 2. For the second ‘w,’ you can use a slash symbol. Now, your password becomes Ihtda2swl/m.

Writing passwords down often becomes necessary when an individual accumulates too many of them. In fact, it is better to write your passwords down than it is to use the same password over and over again. The only thing that you need to remember is to store your passwords in a safe hiding place, away from prying eyes. I advise against the use of a password manager or other software storage tool since this can easily become compromised through the Internet.

Remember that the strongest password is one that uses length and variety. Some practices to avoid when creating a password are:

• Never use real words that can be found in the dictionary.
• Avoid using duplicate letters, numbers, or symbols.
• Never use letters or numbers in their proper sequence such as abc or 123.
• Never use personal data such as birthdates, social security numbers, or telephone numbers.
• Avoid using the same password for more than one website. If an identity thief does get a hold of this password, then he will have access to all of your online accounts.