Greetings from SurfSafely.com! If you enjoy reading this newsletter as much as I do writing it, pass it on to all your friends and family. As always, this newsletter is opt-in only. If you feel you've received it in error, reliable removal instructions are at the bottom. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In this issue: 1. SurfSafely.net is rocking! 2. Upcoming free workshop, Westchester county, NY. 3. Feature article - An ounce of prevention 4. Next newsletter: Reviews of MailWasher and AOL parental controls ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Don't forget, archived copies of all past news letters can always be found at http://surfsafely.com/surfsafety/frameset_news.html and are fully searchable. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1. SurfSafely.net rocking! ========================== Well folks, as you know, we just launched our new pre-filtered Internet service called SurfSafely.net and we're off to a great start! Not only can users switch to our service online but we have just rolled out a software diskette distribution program very similar to the AOL model. We're talking now with major retailers to get our displays on their counters nationwide! I'm not at liberty to say who just now. Suffice it to say, this is going to be big. Very big! If you're looking for a less expensive alternative to what you have now, and parental controls that WORK, here's your chance. Sign up today at http://surfsafely.net/. I promise, you'll be glad you did. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2. Free workshop ================ Thursday evening, May 9 starting at 7:30 pm yours truly has been invited to speak to parents of children in the Chappaqua, NY school district. The event sponsored by the Chappaqua PTA is free and open to the public. The location is West Orchard Elementary School, 25 Granite Road, Chappaqua, NY. Their telephone is (914)238-6250. Also scheduled to speak is someone from the District Attorney's office. More details as they become available. We're expecting it will draw considerable media attention. I will also be posting it at SurfSafely.com and have direct links to driving directions to the school. I hope to see many of you there! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 3. Feature article - An ounce of prevention =========================================== You've all heard the saying. "An ounce of prevention is worth a pound of cure" (For our friends outside the US, substitute grams and Kilos). As it relates to computer security, never has this been more true. Nor is it likely to ever ease up. Anyone with a computer connected to a public network (ie. the Internet) must be made aware, if they do not take at least minimal steps to secure it, it's only a matter time before someone tries to get in and poke around. Some poke for fun, some for profit, some to cause mischief. I don't know about you but I don't want ANY of those types having access to my computer for ANY reason. "Oh..." but they say, "...you're just being an alarmist. Who has the time to seek out my one lonely computer on such a massive network such as the Internet to target just me?" The observation that one person would likely never find your computer if searched for by hand is correct. Even a large group, for that matter. But you underestimate the sophisticated hacker. He has an arsenal of tools at do it for him, capable of randomly pinging hundreds of thousands of IP addresses connected to the Net at any given moment and sniff out the ones that are vulnerable. An IP address is the numeric identifier of your computer any time it is connected to the Internet. Pinging is a normal process of computers when they are connecting to one another. When an IP is pinged, information is returned to the sending computer by the computer that was pinged. Some computers return too much info to the sending computer and this is where the problem lies. For those on dial-up, the IP number is assigned randomly each time they connect and remains the same for that entire online session. A hacker needs only minutes to find you and do his dirty deed. He may never find you again but once was too much. The risk is even greater for those on ISDN, xDSL or Cable Modem. Many of these services assign what is known as a static IP. This means that your IP address never changes, giving new meaning to the saying "I've got your number." If your computer is found by a hacker and identified by his software as vulnerable to attack, he can return to your computer using that same IP address any time he likes. There are other ways ones' computer can be found and targeted for hacking aside from random pinging. The most common is computer viruses or email worms. Some are just pranks. Some probe your computer for more than just other email addresses to send itself to. Some go looking for personal information to send back to the virus author. Some carry destructive payloads and can completely destroy your computer, wiping out and all information previously stored on it. What's the solution? An ounce of prevention. I really mean it when I say it only takes minimal effort and often zero dollars to keep would-be hackers out. There are two keys to staying safe. Be aware and take action. Being aware means knowing where your vulnerabilities are. Taking action is often as simple as changing a couple of settings on your computer. The better approach is to install software that will do it for you. These also fall into two groups - Virus protection and Firewalls. Good anti-virus software is no longer free these days but updates to them almost always are. Most cost around $30 and are worth their weight in gold. The most popular are from Norton and McAfee. I'm partial to McAfee myself but probably only because I'm used to it. I've been using it since long before it became a paid product, back in the days when the only online services available were BBS's, finding files to download sometimes took days and the fastest modems available were 2400 baud. Then, it was free software. Today it's not. It's still one of the best $30 I have ever spent. Many companies still produce free firewall software. I have two favorites. Zone Alarm for the less sophisticated users because it's easy to install and use. The user interface is entirely menu driven and the default settings probably never need be touched for adequate protection. There's also a paid version called Zone Alarm Pro that adds some bells and whistles but they're not really necessary for the protection most people need. The other is Tiny Personal Firewall from Tiny Software. This is a firewall that does it's job very VERY well with a no frills user interface. No pretty colors. No oversized buttons. Just the basic menus and performance good enough for the United States Air Force to rely on to secure their network from intrusion. It too can be installed and used with all default settings and provide adequate protection. This is my choice for Firewall protection. With either of these firewalls, after they are installed they begin looking for software applications that communicate with the outside world, not all at once but one at a time, as they are invoked. Any time it sees a new application communicating that's not on its pre-approved list, it prompts the user to make a decision - Allow or Deny, just this once or add it to the list. It can be a pain to begin with but once it learns which programs to allow and which to deny, that information can be stored on the list and you don't have to repeat the process again. It settles down after only a very short while. I was amazed by all the applications I have on my computer that communicate with the outside world and should have permission to do so. I have 3 email clients, two FTP clients, a press release broadcast program, three browsers (5 versions total), three instant messengers, NetMeeting, PGP, NeoTrace (for tracking down those nasty hackers), Netlab, two Telnet clients, WinIPcfg, and more that I'm SURE I have forgotten to include here that all have the right to connect to the outside world. But that's just me. Most users will only have maybe half a dozen and that's about it. Firewalls also look for external programs attempting to connect to your computer. This is where knowing what to allow or deny is of greatest importance. Some traffic is legitimate. Sometimes you might want to allow it only just that once, sometimes you want to add it to your pre-approved list. Use extreme caution adding incoming communications to your pre-approved list. You could be handing a hacker the golden key to your computer. On the plus side, they're usually very easy to spot, almost always originating from an unknown source. Worst case scenario, if you deny an incoming communication and it interrupts legitimate work, then you know to allow it the next time. Erring on the side of caution is always the best advice. I deny traffic all the time. There are just some applications on my computer that I feel have no business communicating with the outside world for any reason, some of which make me wonder if Mr. Gates himself wants to know more than he is due. I hope this article inspires you to action. I hope it saves you from considerable grief. Learn the lesson well. An ounce of prevention... Here are some URLs worth visiting http://www.mcafee.com/ http://www.symantec.com/nav/nav_9xnt/ http://www.zonealarm.com/ http://www.tinysoftware.com/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4. Next newsletter ================== I've been promising this for a long time but next newsletter I WILL have a full review of the new AOL 7.0 and it's parental controls. I've also been introduced to a program that I guess has been around for a while but I have never seen it before. It's called Mail Washer. It's free and it looks like a great tool to stick pins and needles in the eyes of spammers. There's nothing I'd like better than to make the lives of spammers miserable so I'll be reviewing this software too. If anyone has suggestions for other software you'd like to see reviewed, please send them along to me at news@surfsafely.com. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ That's news for now. Be informed, Be involved, Be well. Sincerely, Mark Brasche Founder and CEO, SurfSafely.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~