Skip to content

Computer Security 101 - Parts 1 thru 5 - FAQ

Using the outside-in approach to computer security, we are now at a point to begin covering the actual computer systems. Before we get to that, I thought it prudent to put up a simple FAQ covering the common questions and/or concerns from parts 1 thru five 5. Well, really 2 thru 5, seeing as part 1 was the introduction.

This FAQ mostly covers home network security and does not replace reading the actual articles in this series, or getting help from a professional if you are completely inept in the field of computers.

1. Why are passwords important?
Passwords provide a means of proving your identity to a computer system. Without having this method of identification, everyone could pretend to be anyone they wished and the world would quickly fall into chaos, until someone finally pretended to be the guy with permissions to launch nuclear missiles; at which point the world would just end. This is all very bad.

2. How do passwords help protect me?
As mentioned in item 1, passwords provide a means of identifying you as you, rather than someone pretending to be you. Secondly, passwords are used in some systems to encrypt data so that if someone were to look at a file without the password it would appear as gibberish.

3. What is a complex password?
While the exact measurement of a complex password is system specific, the general rule requires that a password contain at least eight (8) total characters. Of those eight characters at least one must be an uppercase letter, at least one must be a lowercase letter, and one must be a number or other non-alphabetical character. This is the base guidelines, and to be honest are quite antiquated. Realistically, a password should contain at least 13 characters, with the other rules staying the same.

4. How often should I change my password?
Passwords should be changed at least once every three months, depending on what the password is for. Passwords used for more sensitive information should be changed more often than passwords used for nonsense; as an example the password to your online bank account should be changed at least once every two months, while the password for your Netflix account would not be as critical and could be changed every three months (unless you save credit card information in your Netflix account at which time it becomes more critical). Your passwords should also be changed anytime you suspect any of your accounts to have been hacked or your computer becomes infected with a virus/spyware (once the virus has been completely removed).

5. Can I write down my passwords?
Do you leave the keys to your car dangling from the door handle in the bad section of town? That was a rhetorical question. The answer is NO.

6. How do you expect me to remember all these complex passwords that change so often?
I don't. I expect you to use passphrases instead.

7. What is a passphrase?
Passphrases are sentences, phrases, exclamations or questions that are used in place of complex passwords. Passphrases are easier to make complex and are generally much easier to remember. "My6catsareallSiamese!" Often passphrases can include spaces, making them even easier to type. "My 6 cats are all Siamese!"

8. What is a firewall?
A firewall is a device (hardware or software based) that restricts certain types of traffic from entering or leaving a network.

9. Why do I need a firewall?
There are bad people in the world who think it is fun to screw up other people's lives. There are also people who want to steal from you. And then there are people who are just nosey and want to snoop. If these people can get to your computer they can do all sorts of bad things such as deleting all your files, stealing your bank account and credit card information, stealing incriminating files from your computer (nude photos, etc), or just using your computer to send out spam email messages. Firewalls can help keep these people from getting to your computer from the Internet.

10. Why should I restrict outbound traffic on my firewall?
There are many ways for bad people to get to your computer and firewalls do not stop all of them (i.e. malware and viruses). Once your computer is infected with a simple piece of malware it can be used to download more dangerous software from the Internet. The malware can also turn your computer into a tool for the bad guys, such as by using your computer to send out spam email messages or attack other computers. If you have ever wondered why it is so hard to catch the bad guys on the Internet, it is because they use "innocent" people's computers to do their dirty work. Restricting outgoing traffic across a firewall can help stop these things from happening.

11. What ports do I need to allow for email?
Some ISPs use alternate, or nonstandard, port numbers for their email, but for most you will need to allow outbound traffic on port 25 for SMTP and port 110 for POP3 (both are used, the first to send, the second to receive emails). You should also restrict which external Internet addresses (IP Addresses) these ports are allowed to connect with, so that you don't inadvertently allow the bad people to use your computer to send out spam emails (see question 9 above).

12. My wireless router came with WEP enabled, isn't this secure?
No. WEP is not secure. WEP is akin to locking the screen door on your house and thinking no one can break in.

13. What security option should I use on my wireless router?
WPA2 (Wi-Fi Protected Access 2) with AES (Advanced Encryption Standard) is currently the most secure wireless option. If you have a very old wireless device that does not support WPA2, your next best option is WPA, although you should check with the manufacturer for firmware updates to bring it up to WPA2, failing that you should replace your wireless device.

14. What is the SSID?
Service Set Identifier. The SSID is a nice friendly name used to identify a wireless network. This allows you to connect to "MrMoms Network" instead of some long convoluted string of hexadecimal characters.

15. Why should I turn off SSID broadcasting?
In order to connect to a wireless network, you have to know the SSID. When the SSID is broadcast, everyone in range is told what it is. By disabling SSID broadcasting you have added an additional level of protection to your wireless network and helped to prevent nosey people from "just browsing" through your network.

16. My son/daughter/niece/nephew/neighbor's kid said I don't need to do X.
Not really a question, but if X is something I said to do above or in one of the related articles: your son, daughter, niece, nephew or neighbor's kid is an idiot. If they happen to be a CISSP and have a better alternative solution to put into place, then by all means listen to them. Otherwise, I stand by my calling that precious little bundle of joy an idiot and adamantly state that you should not listen to them.

Trackbacks

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
Form options