Terry's Computer Tips - Newsletter
May 18, 2008
Terry's Computer Tips Newsletter
http://www.terryscomputertips.com
A computer tips newsletter for users of PC's.
Volume 3, Number 49 — Sunday, May 18, 2008
IN THIS WEEK'S ON-LINE ISSUE:
1. Security versus the Open Wireless Network
2. My Computer Security Software Recommendations
3. Switching to WPA2 Wireless Encryption
4. Recommend my Terry's Computer Tips Newsletter to Your Friends
Welcome to the on-line edition of my Terry's Computer Tips newsletter.
My emailed newsletter is sent weekly to individuals who have subscribed to the newsletter. Click here to subscribe. It's free!
1. Improving Your Wireless Security
If you've read some of my other articles about having an open, unsecured wireless network versus securing your wireless network so that others can not get into it, you know that I believe in security.
I recommend that everyone secure their wireless network to the extent possible. It's impossible to completely secure a wireless system, but you can block out most users. You can make it difficult for others to use your network.
The point is to make the process hard enough that the visitor — the unauthorized person who is trying to use your network for normal Internet usage or illegal and/or immoral actions — decides to use someone else's network.
So, first, you never use "peer-to-peer" networking — always use the Infrastructure setting, which means that your computer will only connect to a router or access point. You don't want it to connect to someone else's computer directly!
You turn on encryption, set your encryption type to the maximum supported by the wireless equipment you're going to use, you set a unique SSID for your network, you turn off SSID Broadcasting, you use the MAC filter function of the router to limit the router to only communicating with your network devices.
Tech Tip
If you have a wireless printer that does not do WPA or WPA2, get rid of it. Don't sacrifice the security of your network in order to use the very-breakable WEP encryption method.
There have been a number of changes in wireless security during the time that Windows XP has been available. Most of those were incorporated into XP Service Pack 2 or have been pushed down as "high priority" updates.
Unfortunately, Microsoft did not choose to push the update that adds WPA2 as a high-priority update. Perhaps they made that choice because older hardware wouldn't support WPA2. Perhaps they did it because the user would still have to change their network settings to use WPA2 — it could not be set to automatically install and be used. After all, you have to set the encryption type on your computer and you also have to set it on your router — otherwise, you just lose connectivity to the router!).
Regardless of the reason, if you knew that you wanted the increased security of WPA2, you needed a recent router, perhaps a firmware upgrade for it to add WPA2 capability, and you needed to download and install the Windows XP WPA2 patch from Microsoft.com.
By the way, if you install XP Service Pack 3, it will add this patch if its missing from your computer. If you aren't going to add SP3 yet, you can install the patch manually
2. My Computer Security Software Recommendations
I review my security software recommendations and update them, for each weekly newsletter issue, if I think they need to change.
My Philosophy: Many people want to pick their most economical solution and prefer an all-in-one anti-virus, anti-spyware and firewall solution. In concept, that's a great idea. In actual practice, this type of package is not likely to be the best in all the protection categories you need.
Other people want to pick the best of each type program. I'm one of the these folks. Read about my security software choices.
Anti-Virus
I'm often asked about several other popular anti-virus or anti-virus combination packages. Yes, I realize that they are not in my recommendation list. "Enough said..."
My personal choice is the ESET's small, fast NOD32 anti-virus program, which offers a FREE 30-day evaluation license. I consider NOD32 to be the cream of the crop in anti-virus protection. Unlike some of the others, ESET offers multiple-year licenses also, including updates to the program in the multiple-year license.
Many antivirus programs will offer you an anti-virus signature subscription renewal when your subscription renews. I strongly recommend against this option — buy the full program or make sure you get program updates with the subscription renewal (like NOD32 does). Vendors routinely improve the capabilities and speed of the programs, too.
If you update only the signatures, you miss any program improvements. Fortunately, NOD32's subscriptions include both program updates and signature updates.
Read more about anti-virus programs on my web site.
Related articles:
- Anti-Virus Programs and Online Scanners
- Free Online Antivirus Scan
- NOD32 Anti-Virus Review - A Look at NOD32
Firewall Software
While the Windows XP firewall is much better than no firewall at all, don't count on the Windows XP firewall to meet your needs. You need a two-way firewall, which the Windows XP firewall is not!. Microsoft woke up and supplied a two-way firewall with Windows Vista.
The Windows XP firewall does not control outbound communications originating from your computer — and you should want to have control if adware/trojans/spyware or even commercial products want to talk to the Internet. Whether they are calling home or spewing spam, you want to be able to control your computer.
Do you want Windows Media Player to call home every time you play something? It does! Do you use the Search function in Windows Explorer to find things on your hard drive? Did you know that every time you search, Windows Explorer talks to Microsoft?
I didn't know that when I ran ZoneAlarm, but the Sunbelt Personal Firewall flags that to me, and I can stop it or allow it to happen. Many other programs try to call home when you run them, too.
I recommend my choice for a firewall program, which is Sunbelt Personal Firewall.
You can try the full-featured "paid version" of Sunbelt Personal Firewall free for 30 days — after that, you can register it or, if you're using it on a home non-business computer, you can let it revert to the free, lesser-function license.
Sunbelt Personal Firewall is regularly $19.95 (with discounts for multiple computers and/or multiple years!) for a non-expiring license for the program and includes one year of their updates subscription.
Related articles:
Anti-Spyware / Anti-Adware Software
CounterSpy, from Sunbelt Software, has received many kudos from the computer press for its always-running and periodic full system scans. It is also my personal choice for my PC's and my family's PC's.
Sunbelt released their CounterSpy v2 in February 2007 and I promptly updated my computers to it. Version 2 greatly improved CounterSpy's performance and reduced its load on the computer when it was scanning.
In July, 2007, Sunbelt released v2.5 of CounterSpy, which again both improved CounterSpy's performance against malware and reduced its impact on system resources and responsiveness when its scanning.
Sunbelt continues to release updated program versions. Nicely, they do NOT install the updated programs automatically. You have to use the Update process in the program, which means that you'll know that something significant has changed!
Related articles:
Anti-spam Software
In today's Internet world, the question is not "if" you will get spam, but "how much will you get?"
I use and now I recommend POPFile as my first choice for handling spam. POPFile sits on your computer, between your email program and your ISP mailbox, and handles emial as it downloads.
POPFile uses a different approach to handle spam than some other programs do — it does nothing to reduce spam. It is designed as an email classification tool — you train it to recognize spam and any other type of email that you want to classify. These classifications can help you sort your emails into appropriate folders in your email program.
Sunbelt Software, who makes the anti-spyware program CounterSpy (which I use and recommend) and the firewall that I use and recommend (Sunbelt Personal Firewall) also has a well-regarded, award-winning anti-spam program called iHateSpam for Outlook and Outlook Express. Since I don't use Outlook or Outlook Express for email, I haven't tried iHateSpam.
Mailwasher Pro is my first choice to handle spam before it ever gets into your computer's Inbox. Mailwasher Pro uses on-line Realtime Black Lists mail servers sending spam recently, "training" by you of what you think is spam, and your own "friends" and "blacklist" lists.
Mailwasher Pro can even bounce spam messages, as if your email address was not valid, although the usefulness and appropriateness of this is questionable. There is a free version called "Mailwasher," but it omits the functions that I consider critical for this purpose -- such as safely previewing the emails safely before they ever get to your email inbox.
Related articles:
Cable/DSL Router
If you have a cable modem or a DSL modem, you need to have another layer of inexpensive protection between you and the Internet. A cable/DSL router isolates your computer from direct connection to the Internet. Your computer can easily request your email, web pages, etc. through the router. The responses come back to the router and are smoothly routed to your computer. But, someone on the Internet side of the router can not initiate a connection to your computer — they can only respond to your request.
Even if you only have one computer to connect to your cable or DSL modem, I recommend that you purchase and use a cable/DSL router because of the protection it can give you against attempts to attack through some flaws in Windows itself.
A router isolates your local network, whether it is only one computer or several, from the Internet by actually making it a separate network. The router gets the "public" IP address and handles all your outbound communications and the responses to them. But, it blocks computers on the Internet side from being able to initiate communications with your computer! This will prevent you from falling prey to many worms that try to attack security holes in Windows itself.
For a wireless router, I recommend the Linksys WRT54G wireless router. I'm using the relatively new version 6 of this router.
If you don't want wireless, I recommend the Linksys BEFSR41 wired router. Either way, based on my experience, I recommend Linksys routers for price, reliability and Linksys' habit of releasing updated firmware for their products..
Tech Tip
By the way, if you get tempted by the new "802.11n" routers, please pay close attention. So far, the 802.11n specification has not been approved and finalized.
If you buy one, you may be locked into a specific vendor's implementation of a draft of a standard that never got approved. I recommend choosing 802.11g for now.
See these related articles:
Sponsored Advertisement
Swift...Nimble...Relentless...NOD32 Anti-virus
NOD32 has consistently been rated as the best protection against
zero-day outbreaks and attacks. Multi-computer & multi-year discounts.
Click here for NOD32, NOD32 renewals,
and to save 25% on NOD32 Anti-virus
3. Switching to WPA2 Wireless Encryption
OK, after reading the first article, you've downloaded the WPA2 encryption patch for Windows XP — or you've installed XP Service Pack 3, which includes the patch. How do you switch to it? It's easy. First, we need to get to the router to make the change there. The procedure will vary by brand, but should be fairly obvious. The steps are to:
- Use your web browser to log into your router
- Select the Wireless Security settings tab
On the Linksys WRT54G, that's Wireless < Wireless Security - Now, change the Security mode to WPA2 Personal (the name varies by manufacturer —
- Then, change the WPA Algorithm (a specific version of the encryption method). My options with my Linksys WRT54G are AES and TKIP+AES. Which should you use? If you have both WPA and WPA2 devices on your network, pick TKIP+AES.
- Change your Shared Key if you want to (the Shared Key is the codephrase/password that will give access)
- Save the settings
Again, these steps and the data locations in the router will vary by brand, but once you log into the router, just think what you're doing and you should find the right places. If all else fails, go to your router manufacturer's web site (e.g., www.linksys.com)and download the manual for your router. The manuals give good instructions for setting the router security.
Once you've made the changes on the router, it's time to make the corresponding changes in Windows XP.
As you can see below, before upggrading to WPA2 (Wi-Fi Protected Access 2), I was running WPA-PSK (WiFi Protected Access - PreSharedKey) with TKIP encryption.
(click on the image for a larger version)
Interestingly enough, the wording of the Windows options does not match that of the Linksys router. Where the router offers "Security Mode" options of WPA2 Personal and WPA2 Enterprise, Windows XP offers "Network Authentication" options ofWPA2 and WPA2-PSK (PreShared Key).
I picked WPA2 Personal on the router and WPA2-PSK in Windows.
 (click on the image for a larger version)
|
 (click on the image for a larger version) |
Then, for the data encryption setting, I picked AES. AES isn't available if you choose WPA (instead of WPA2).
If your router will support WPA2, pick AES on your Windows computer (it's better encryption than is TKIP) and pick either AES on your router (if all your wireless devices will support WPA2) or pick TKIP+AES on the router if you can only do WPA on your other computer(s) and wireless printers.
If you have wireless devices that will only do WEP, it's time to get rid of them. WEP can not co-exist with WPA and WPA2 on your network. Upgrade that old wireless printer to a new one that does WPA or WPA2. If your wireless network card or built-in wireless only does WEP, it's time to upgrade them.
4. Recommend my Terry's Computer Tips Newsletter to Your Friends
If you like my Terry's Computer Tips email newsletter or the online edition, you can help me increase the number of subscribers to my free emailed newsletter.
Tell a Friend about Terry's Computer Tips!
With my email newsletter, not only do you get notices that the newsletters are available and content that is not in the online newsletter, but subscribing is the only way to get my Special Edition Newsletters which go only to subscribers.
If you get my free Terry's Computer Tips email newsletter, please feel free to forward your copy of the newsletter to a friend or friends that you think would be interested. Be sure to forward the entire newsletter, including my copyright notices and any advertising.
Of course, if you do not get my free email newsletter, I invite you to subscribe, too!
Volume 3, Number 49 — Sunday, May 18, 2008
Copyright © 2008 Terry A. Stockdale. All rights reserved.
|
|
