I've just purchased a new laptop and want to make it as secure as possible from snoopers, etc. I am running on XP and use the IE browser, and have the McAfee anti-vrius program. I am looking for suggestions to the following:

1. I want to block and clean any spyware applications. What are the better products for this, and do I need more than one product? IE and McAfee both claim to have built in anti-spyware capabilities, but I am not so sure of what these are, and if they are adequate.

2. I want to block any and all types of porn. Both my ISP server for business, and yahoo server for social mail, get porn spam. I delete these on the servers before downloading my mail, but I would like to find a way of keeping the spam from ever hitting my e-addresses at all. I do not know how this has happened, as I do not visit porn sites, and prefer my women in 3D, not 2D. The only connection I can make is surfing on Las Vegas sites which may have linked me to these other sites.

3. I conduct very few e-purchases, but want to make my machine secure so that I can make e-purchases if I so desire. What is the appropriate software for this? I am concerned about key-loggers, credit card theft, etc.

4. I want to delete old files, particularly e-mail messages securely. What are the best kind of shredders for this? I still don't know what happens to an Outlook message when I delete it. My old machine had a shredder on it, but I could never figure out whether it shredded my deleted Outlook messages.

5. I am also interested in encryption. How does this work? Does the recipeint of the e-traffic I send need a compatible decrypter? Or is there an .exe that travels with the message to decrypt after verifying that the message has arrived at the proper location and not at a location that intercepted the message?

Thanks in advance,

M8

Realistic security: Replace IE with Firefox. Replace the Windows firewall with ZoneAlarm.

If you want to block all porn, stay off the web. It's normally not hard to recognize spam from the titles, there's no need to open it. If you do open some by accident it's not going to rot your brain.

I've never felt the need for file shredders or disk encryption so I can't comment on software for such purposes.

1. should have bought a Mac.
2. don't go there
3. should have bought a Mac.
4. should have bought a Mac.
5. should have bought a Mac.

For spyware I have used "Spybot Seach and Destroy" ... freeware

http://www.safer-networking.org/en/download/

I agree that Firefox is the better bet than IE

I have found MailWasher Pro 5.0 a good way to sort the spam from the mail I want. It learns which domains, email titles, and email addresses to blacklist. It sorts your "friends" and "probable spam" into serparate categories and makes it very easy to clean up mail downloads before importing via Outlook. It is avaiable for trial then a cheap purchase.

http://www.firetrust.com/

I will watch this thread for "shredders" since I have the same question.

Best of luck.

another program is called hijackthis
it cleans all the spyware and such it's really good

also mcafee isn't really that great. I use trend pc-cillin
it's less cpu and better imo

also use like safexp it will help turn off what you don't need

I've gotten rid of McAffee and Symantic "bloatware." I use AVG free for virus control and spybot and adaware for spyware.

Re: Questions 4 and 5:

I don't know what Outlook does when you "delete" an e-mail in it, so I can't answer that.

If you want to securely delete actual files, download this PGP Keys freeware program:
http://web.mit.edu/network/pgp.html

It will let you "wipe" files from your hard drive. Typically when you delete a file, the file system simply changes the file attribute to "deleted," which frees up the space, but doesn't actually delete the file (it's like putting a sticker on a physical file cabinet that says "deleted" - the files are still there). This program will "wipe" the files by completely overwriting them with garbage characters. You can select how many times you want it to go over the files, IIRC, 7 times is optimal.

Encrypting files is very complicated stuff, and the Web site above will have much better and longer explanations than I can give. That said, here's a quick summary:
There are two main options for sending messages securely. The first is to encrypt them in a "self decrypting archive." Basically this creates an executable file that will decrypt itself when someone types in the correct passphase. Let's say you created a word document you want to send to me. After installing PGP Keys, you right-click the file and tell the program to create a self decrypting archive. It prompts you to enter a passphrase (they don't call it a password because you should really type something longer in - i.e. a phrase - so that it is more difficult to break via a brute force attack. Somewhere around 100 characters is optimal, but then that's a lot to remember or pass along to someone else.) The passphrase you enter is used as the "key" upon which the file is encrypted. You can then e-mail the file to me and I'll be able to decrypt it by typing the same passphrase in exactly. Of course, you'll have to securely communicate the passphrase to me, which can be trickly. The benefit here is that I don't need to have any special software installed on my computer.

The better way to send secure messages is called public key encryption. In the same example where you wish to send me a message securely, I install an encryption program on my computer and create a key. The longer the better (mine is 4096 bytes). The program creates two different keys - a public key which I upload to a central server and a private key which I store in a secure location and disclose to no one.

You download and install a compatible program on your computer. You then retrieve my public key from the keyserver. After typing a message up - say in Outlook - you tell the program to encrypt the message using my key so that only I can read it. Then you e-mail the message to me. I decrypt it using my private key and my secret passphrase (the passphrase provides an extra level of security in case someone gets their hands on my private key) and am able to read it.

However, with the above, there's no guarantee that you actually sent me the message - someone could be pretending to be you. To protect against that, rather than simply encrypting the message you sent to me, you could have encrypted and "signed" the message. Using your private key, the program would generate a "signature" and appended that to the message. When I decrypted the message, the program would verify your signature by comparing it to your public key, which I would have downloaded from the public keyserver.

This method is more secure than the self decrypting archive and also allows you to communicate with anyone who has a public key on a public keyserver without having to agree upon a passphrase ahead of time in a secure manner, which is difficult. The downside is that you both have to have programs that are able to encrypt and decrypt with compatible encryption algorithms.

There are also ways of verifying that public keys have not been tampered with, but that's a lesson for another time.

Hope this helps.

Thanks for the answers. Especially from Doppy, as that must have taken some time.

Okay, I shoulda' bought a Mac. Uh,...but what's a Mac?

Unfortunately I have to be fully compatible with my clients, so a Mac would not have cut if for me. Now back when I was a hippie...

As for the porn stuff, yes I know I won't go blind, but I would hate to get my webmail off of a client machine, and then have their their corporate snooping software see me as porn recipient. Same goes if my laptop is tied into their system. It is such pesky stuff!

I am also interested in knowing how to track an IP address, and at the same time keep my IP address from becoming known [though I don't why I would want to hide it, since right now everyone can see it]. I guess I am just finding this security and anti-virus stuff interesting. I've only been hit with a couple viruses in the past. The Anna Kournikova one and the I Love You one [which I think was also called Melissa]

Thanks in advance,

M8

I'm not sure what you mean by "track" an IP address. Could you explain?

As for keeping yours hidden, there are some services you can subscribe to that will allow you to do this, e.g.:

http://www.anonymizer.com/

The Firefox browser suggestion is a strong one. Make sure to keep your McAfee definitions automatically updated. Perform full system checks periodically. Another spyware option: Webroot offers a spyware program called Spysweeper. Make sure you secure any wireless connections (WPA/WEP). Use a firewall. And... BACKUP BACKUP BACKUP in case something goes wrong.

I mean see where the IP is coming from, location or who from, etc. Like caller ID?

M8

I'm using Firefox now. Interesting to see who loads cookies, etc. I also downloaded and ran spybot. That's pretty cool stuff!

Have you folks read that thread in the Delta forum? That's the type of stuff I am trying to avoid.

I guess at some point in time we will have a caller ID type system on the internet, as well as a blocker ID, and blocking those who block their ID's I guess it's still like the Wild West in cyberspace with all this snooping, virusing, etc.

As for backups, yes! I'm glad I burned CD's of my critical business stuff just before my laptop crashed. I am also going to purchase an auxiliary hard drive to back up automatically my work station stuff, and also for my laptop stuff [before taking road trips].

M8

Yes, back-ups are GOOD. Perhaps I'm over doing, but I back up to a USB powered hard drive that I take with me when travelling in a different bag than the laptop. And I back up to third which I leave at home. Too many years of notes and planning to risk.

Spyware - I find the Microsoft product does a better job then the others, and run that exalusivly now

Porn - go to most any porn site and they will have a link to two or three of the software products that block them. NetNanny, Cyberpatrol, SurfWatch and CyberSitter are all products that have been around for ages.

Get Safetybar by cloudmark, it will take care of all your spam for you, including the porn.

Key Loggers and the rest rely mostly on physicial security, not letting somebody get to your machine and install something and then coming back to get the file they created. I always run zonealarm, but I see key logging as one of the least things I have to worry about. You can get disposable credit card numbers from many issuers, use them once, then they are no good anymore.

For Outlook, you have to comperss the mail file then shred the disk free space to clean it up entirely. or you can just leave it on the server and not worry about it locally at all.

Greetings,

At some point, you should seriously consider going over to the other side. It is not that traumatic; at times, it can be quite quiet and lovely. (I love Your handle)