home pc security

 

Most home PC's are not secured.  If you are on Juno, that's a problem, because they have their own dialler, browser, email, and internet setup that doesn't look like normal dialup.

If you understand what's happening, you might know best how to circumvent the security problem. Intercepted email is beyond the dialup user's control - it is the ISP's problem. You may have a virus scanner & a personal firewall, but it doesn't prevent someone from looking at packets of data at the mail server (unless you are using SSL on your mail transfers). Your machine probably has no viruses, and even though it may be blocking probe attempts, there isn't a back door anyone can really get to on most PC's.

Here is a diagram of the problem:

diagram

If the problem is more of preventing people from logging in via the keyboard, that can be fixed with the Windows 98 Resource Kit (if you have Windows 98). Windows 95 and 98 and Windows XP Home by default have no keyboard security. On 95 & 98 the login can always be cancelled and you still get in anyway. The Resource Kit's policy editor allows you to turn off the ability to cancel-and-drop-through.  I think there is also a registry entry for this.

actually, cancel-and-dropthrough eliminates your ability to get on the internet too (only affects win9x/me). If your machine is in the condition where it never asks for a login, go into control panel|users and create a new user account and make sure it has all the same programs that your other account has (copy the environment). This should fix your internet. remember your new username and password or write it down if you have to.

If you have a firewall (even software) or a router, block ports 137-139 (netbios), 447 (file and printer sharing), and if you are not using MSN Messenger, port 1900. Both TCP and UDP. turn off File and Printer Sharing on your internet connection - it is on by default. also turn off NETBIOS. it is also on by default. The only exception is if you need to share files between your computer and your laptop or another computer (but you are probably not using your internet connection for this are you?). some newer routers don't allow blocking these ports, but you can set up your software firewall to block these ports. If you want to share files with your laptop, get a wireless card or another NIC (wired Network Interface Card).

If your router is wireless and you are using 128-bit WEP for security, and you are only using computers, you should set up the router to only allow the MAC addresses of your wireless devices on the wireless side, and set your SSID to some name rather than leave it blank. Turn off SSID Broadcasting (or whatever your router company calls it) if your wireless cards allow it (probably not). If SSID Broadcasting is on, you are telling everyone out there how to connect to your router and/or break in. If you leave the SSID blank, anyone can connect to your internet connection. if you don't lock down the router to your specific MAC Addresses, again, anyone can connect to your router and use it from the inside.

WEP and WPA:TKIP have been cracked. WEP is easily crackable.

wireless security