PC Prophylactic's

I decided to write this post for those people who have asked my lately how to secure their computers. I am aware that there are already plenty of similar tutorials around web, but I would rather write one that go out and find one that meets my liking.

First of all, I'd like to throw out a disclaimer: I am by no means an expert on computer security. If you don't agree with my recommendations below, leave a comment and let me know why and how it could be done better. This set up works really well for me, and hopefully it will work good for you as well.

The first thing to keep in mind when it comes to keeping your computer secure is that it is a constant process, you cannot just install a few programs and completely forget about security forever. Also, this guide is written with the windows user in mind, although some things will apply to other operation systems (hosts file), it is primarily meant for the windows user.

• Be Smart. Be careful what emails you open, somehow this is still a huge problem for people. If you don't know who it is from, don't open it, be it attachments or even the email for that matter, no matter how intriguing it may be. If your computer starts asking you about opening or running files that you did not tell it to open, be weary. Don't be afraid to say no. In most cases this will not be a huge problem (with the exception of firewalls, see below). Make sure you get your windows updates ASAP. Plain and simple, not to much to say about that. Set it to automatic and let it do its thing. Ok, so the biggest part of being smart is to stay away from P2P sites. If you are going to do it, don't use Limewire and Edonkey or any of those sites. Use newsgroups or torrent sites that you know are relatively clean.
  
• Ok, so your being smart now. Lets get set up with some Adware and Spyware software. If your not familiar with these terms its not to worry. I'm not going to go into what they are, but the link above will get up to speed quickly. For adware what I use and recommend is Ad-Aware SE . Its free for personal use and works great. For sypware grab SpyBot S&D. Same thing, its free and it works great. The thing about these programs that you need to remember is that they need to be updated before ever time you run them. With out updates they will not be able to sanitize your from the latest and greatest threats in the wild. Both are very easy to update, so make sure you do it before running them. I try and run each once a week, but usually end up doing more like once a month. What ever frequency works best for you. If every time you run them you find a bunch of junk on your system, consider running them more ofter.
• Now for Virus protection. If your the only one that uses your computer and you are being smart (see above) realistically you can get away with out using virus protection. It all depends on what your doing with your machine. For example I am constantly on and off torrent sites downloading things, and for this reason I do run virus protection. I am currently using AOL anti-virus because it was free for a year and I like the engine it was based on. When that year is up I will switch to AVG anti-virus because its free and works good enough when used in combination with the other methods discussed here. If you are using Norton or Mcafee and you are on a free trial of any kind, completely uninstall every thing that you possible can that says Mcafee or Norton. I cannot tell you how many problems I have seen people have with those programs. If you want low memory hassle free protection got with AVG.
  
• What about a Firewall? I would go with your standard windows firewall. If you follow all the above steps, and pay attention you should not need anything crazy intense like Zone Alarm or Norton Firewall. Also consider that if you are using a router, chances are that you do have a hardware firewall in there as well.
  
• Now its time to get little more technical and get a modified hosts file. This step alone has done more for my computer health than any of the above methods (aside from being smart maybe). Every time your computer makes a request out to the internet it checks this simple little text file to see if the ip address your connecting to is ok. By default there is not a do not allow list. Making one would take quite a bit of time, and how would you know what ip's on the internet were bad anyways? The good news is, you don't have to. There are plenty of pre made hosts files out there that you can freely download and appropriately place. What is it that these hosts files contain? Some of the biggest and most obnoxious advertising sites on the web are on there, site known to push malware and other evil internet beasts are on there, and what happens is when you hit myspace, and your browser sends out a request from one of those sites, your hosts file says no and you get no advertising. The page will load quicker and you will avoid all kinds of tracking cookies and potentially malicious sites from loading on your browser. There is a great episode of Security Now on the hosts file that you can check out if you want more information. It is really really easy to do get set up with a new host file (as long as you know how to copy and past) but I am not going to go into the whole procedure here. Here is one of the first hits I got off Google, although by no means am I saying it the best. Poke around, the hosts file is great way to beef up security.
  
• What browser do you use? I'm not sure how well the improvements made to IE7 have helped, but to be safe, DONT USE INTERNET EXPLORER TO BROWSE THE WEB unless you absolutely have to (which for me is very rare). I'm not here to get down on Microsoft, its just that its a fact that at the present time there are far more exploits and bugs out there for Internet Explorer.
  
• Use Opera, Mozilla, or FireFox. I use FireFox and as a final kicker, I use the No Script plug in. This in combination with the modded Hosts file works great. This plugin blocks java script from being executed on your machine with out first getting your permission. To some people this is a huge pain in the ass. To me its a small price to pay. After using it for a few weeks, you will have set most of the sites that you frequent and trust to allow. This plugin will make a huge difference in the amount of malware you get.
  
  

So that is my setup. I hope it works for you as good as it works for me. Comments, suggestions, ideas?

Bust a Spammer In The Grill

Heres a good post from Craigslist that a friend of mine made some time ago. The success rate to this method is not 100%, but it will work a good amount of the time. This is written with the average end internet user in mind, but if you read past the part about how to identify spam it gets into the good stuff.

"I have not been on here a for awhile, and I am amazed to see how much spam is flooding this section.

Just quick heads up for those that don't know:

If a posting takes you to a link that has no where to click except for on advertisements then it is spam!

For example this site,
http://www.lowincomebostonapartments.com/portland.htm
which was posted earlier today on portland craigslist IS SPAM!!
There are no apartments at all for rent, what they are trying to do is trick you into clicking on the google advertisement, which intern earns them money for each click you make. Also, try swapping the the /portland.htm to any major city for example, /denver.htm and look what happens! These people are making good money off abusing CL!!

(white hat method)
CL is a great service, and the best way to keep it that way and stop greedy spammers (who are to lazy to make a decent living) is being informed about what you are clicking on, AND recognizing and flagging these posts as SPAM.

(black hat method)
Now, if you are like me, and you dont have any problems fighting fire with fire, there is another way to cripple these spammers and render their scam useless. Now, a little heads up. IF you choose to undertake this, I warn you now that this is may or may not be legal, and it IS NOT the most up and up way to stop this particular kind of spam. Also if you get in trouble, dont blame me because you are on you own with this!!!

Now on to the good stuff:
According to wiki, Click fraud is defined as the following,

"Click fraud occurs in pay per click online advertising when a person, automated script, or computer program imitates a legitimate user of a web browser clicking on an ad, for the purpose of generating a charge per click without having actual interest in the target of the ad's link. Click fraud is the subject of some controversy and increasing litigation due to the advertising networks being a key beneficiary of the fraud whether they like it or not."

So, what you do it take about five minutes of your day, and click on the SAME ad as over and over and over again on one of these sites (make SURE it IS a spamming site) and then just wait. It may take some time, upwards of a day for anything to happen, so be patient.;
Now, what happens is that this sets off red flags with the google people, and the person who owns that account (spammer) will have there google ad sense account frozen. Now for the good part, all the money that they have made and not been paid for up until this point, (which could be a whole lot) will be frozen as well. These ad sense accounts are bound to and confirmed by social security # and other things that are not easily scammed. So, although they may be able to setup another account and get back at it, it will not be easy and it will probably take time. "