When you connect to the Internet, you're putting your computer on a major thoroughfare, giving you access to a world of information -- and you give the world access to your system. That's both good and bad, because the bad guys now have a path straight to your door. That's why it's important for anyone who spends any time online to learn the basics of computer security. It's one thing to allow the world to beat a path to your door, another entirely to leave the door wide open for them.

Fortunately, basic security is a simple task. Thanks to Leos Seven Pillars of Online Security.

Pillar 1: Disable all unneeded services
Pillar 2: Apply all operating system updates as soon as they're available
Pillar 3: Don't open e-mail attachments.
Pillar 4: Install an Internet firewall
Pillar 5: Install an anti-virus program, and keep it up-to-date.
Pillar 6: Encrypt private files
Pillar 7: Backup regularly

No one can guarantee you'll never get hacked, but if you follow these seven rules for online security, youll minimize the damage. Don't be afraid of the Internet; it's a marvelous resource for information, entertainment, and communication.

Do be prepared. Remember Leo's Seven Pillars of Online Security, follow these rules, and chances are you'll have a safe, fun, time online.

Let's take them one-by-one, starting with Pillar 1: Disable all unneeded services.


If you run a web server, ftp server, telnet server, and the like, you are inviting people to use your system. We rely on the authors of these programs to keep the invading hordes in check, only giving them access to files you want them to have access to. But as the recent Nimda and Code Red worms have shown, servers often have unexpected vulnerabilities that can leave you wide open to hackers. Unless you really know what you're doing, don't run a server.

Unfortunately, many of us leave our systems wide open to hacking with the most insecure service of all, Windows File Sharing. This service allows you to share files with another computer on your network, but a savvy hacker can also use it to access your date.

If you don't have a compelling need to share files, turn off file sharing. In Windows 95/98/Me, open the Network Control Panel and uncheck the File and Print Sharing box. In Windows NT/2000/XP, open the Network Connections control panel, get the Properties for your online connection, and uncheck File and Print Sharing for Microsoft Networks.
No program (including operating systems) is perfect. Modern operating systems have millions of lines of programming code. There's bound to be a bug or two in there. Some of the bugs make it possible for hackers to break into your system. These "exploits" as they're called are discovered all the time.

In most cases, the security firm that finds the holes notifies the software vendor then keeps quiet about the problem until the vendor can publish a fix. Once the fix is published, however, every hacker from Philadelphia to the Philippines knows about the exploit, and begins writing tools to take advantage of it. That's why you need to apply operating system fixes as soon as they're made public. It's a race between you and the hackers, to see if you can close the holes before they can find a way to exploit them.

Fortunately, both Microsoft and Apple have built automatic update features into their latest OS offerings. In Windows, run Windows Update regularly. I'd recommend checking every day. Microsoft Windows XP will do this for you automatically, and will even download the updates and tell you when they're ready to install. This is more than a convenience, it's a requirement. Apple has a similar capability in Mac OS 9 and X. Tell Software Update to check for updates daily. Install them the minute they're available.
I've been saying this on the show for so long that I wonder that I still need to say it. The number one way viruses and Trojan horses get into your system is through programs attached to email messages. These messages often come from friends who are unwittingly infected. If you receive an unexpected attachment, call the sender and ask if they meant to send you something. Email viruses spread so fast that they often arrive before your anti-virus can be updated to protect against them. Trust no one.

Don't open attachments.
Don't open attachments.
Don't open attachments.

Don't send them, either. If you must use email attachments stick with files that can't spread viruses. That's image file formats like jpeg, gif, bitmap (.bmp) and tiff (.tif), or plain text files (.txt).

Do not send Microsoft Word documents (.doc). They can, and often do, contain macro viruses. Use Rich Text Format (.rtf) instead. Most of the fancy formatting will survive, but harmful macros won't. Nearly every word processor on the planet can read and write Rich Text Format.

Looks that deceive
Beware of files that appear to be image files, however. Virus authors often rename their viruses to appear to be pictures; that's how the Anna Kornikouva virus spread itself. Distinguishing between safe and unsafe files difficult even for experts. It's safest to stay away from attachments entirely.
A firewall restricts traffic into and out of your system, blocking many (but not all) kinds of hacker attacks. These days, running a firewall is a requirement for any machine with a full time connection to the Internet, such as cable or DSL broadband service. You can use a hardware firewall, like those built into most broadband routers, or rely on a software firewall.

For more information about firewalls, read our firewall FAQ.

Mac firewall
Mac OS X has a firewall built-in, but it's not turned on by default. To enable and configure the Mac OS X firewall, I recommend a program from Brian Hill called BrickHouse. It's $25 shareware.

Windwos XP firewall

Windows XP also has a built-in firewall that needs to be activated. To enable the firewall in Windows XP, open the Network and Internet Connections control panel, then click Setup or change your home or small office network. The firewall is enabled when you choose a configuration in the wizard that indicates that your computer is connected directly to the Internet.
To configure it manually, open the Properties of your Internet connection in the Network and Internet Connections control panel, then click the Advanced tab and check the option to Protect my computer and network.
The Windows XP firewall is only half protection, however. It controls incoming traffic, but can't regulate outgoing traffic. For full protection in any version of Windows I recommend the free Zone Alarm firewall.
I like Norton Anti-Virus from Symantec, but there are many good products available. Windows computers can even use the free web-based HouseCall from Trend Micro. HouseCall is automatically updated because it runs from the Trend Micro web site.

If you use anti-virus software, it's important to keep it up-to-date, because new viruses emerge every single day. Look for a program that provides automatic e-mail scanning, since that's the most common way systems are exposed to viruses.
If you store the family data jewels on a computer that's on the Internet, you'd do well to keep those jewels in a safe. The digital equivalent of a safe is encryption. Files that are scrambled with strong encryption are safe from prying eyes. Even if a hacker penetrates your defenses, he can't make use of the stuff he finds on your drive.

There are plenty of free and commercial encryption programs, but Pretty Good Privacy, by Phil Zimmerman has stood the test of time, and the CIA. It's free.
If all else fails, you'll be glad you have a complete and up-to-date backup of your valuable data. Make sure you do it often. Check our three part series listed below on backing up your data for the things you need to know about backing up.

• Overview of Data Backup
• Hardware for Data Backup
• Software for Data Backup