Many companies now sell USB drives that act like a portable hard drive for carrying data or programs with you wherever you go. People use them for swapping data between computers at work and home, but thieves can use those same USB drives to steal and transport information.

While Windows Vista can block USB drives, other versions of Windows cannot. To prevent anyone from plugging a USB drive into your computer and copying your data, use a program such as Sanctuary Device Control (www.securewave.com), USB Port Protector (www.portprotector.com), or DeviceWall (http://devicewall.centennial-software.com). With one of these tools installed, your computer won’t recognize an unauthorized USB drive and thieves won’t be able to copy any data off your computer using one, even if they have physical access to your computer.

An alarm can act as a deterrent because the last thing a thief wants is anything that draws attention to his activity. Many companies make motion detection alarms that plug into a computer’s ordinary expansion slot and run off their own power so they can work whether the computer is on or off. When the alarm detects abnormal motion that suggests someone is moving the computer, the alarm lets out a high-pitched wail.

Barracuda Security Devices (www.barracudasecurity.com) sells another motion detector that arms itself when it senses changes in internal ambient light, indicating that the case has been opened. If a valid PIN isn’t entered, the device sounds an ear-piercing alarm and dials a pager or digital cell phone number to alert the user of the theft attempt. An optional exploding dye capsule will also spray ink all over the computer (and the thief), making the parts easy to identify (and harder to sell).

Laptop computers are even more vulnerable to theft. Laptop alarms, such as those sold by Trust (www.trust.com), consist of two parts: a sensor attached to the laptop and another one carried by the user (attached to a keychain or kept in a pocket). The moment your laptop gets separated from you by a fixed distance (such as 15 feet), an alarm goes off. If this doesn’t cause the thief to drop the laptop right away, you can follow the piercing whine and, hopefully, retrieve it yourself.

If the thief does get away with your laptop, the motion detection alarm can password-protect and encrypt your hard disk, essentially preventing him from copying any data.

Another protective mechanism is a tracing or monitoring program that buries itself on your laptop’s hard drive. Every time you connect to the Internet, the tracking program contacts a special server and sends the IP address of the laptop’s current location. If you report your laptop stolen, the server waits for your laptop to contact it again and update its new location. Then, the tracking-software company contacts the authorities to help track down the missing computer.

For this the tracking program to work, you must make sure you configure your firewall to allow the tracking program to access the Internet. Otherwise your own firewall could defeat the tracking program and wind up helping out a thief.

For added security, the server can also command the remote tracking software to encrypt your hard disk to prevent the thief from accessing your data.

For more information about various remote tracking programs available for laptop computers, visit Advatrack (www.absolute-protect.com), CompuTrace (www.computrace.com), CyberAngel (www.sentryinc.com), or zTrace (www.ztrace.com).

If your hard disk crashes, your office catches on fire, or a thief steals your computer, you’ll want a second copy of the valuable data you no longer have access to. Perhaps the simplest way to back up your data regularly is with an external hard disk, which typically plugs into a USB port. Just run a program such as Retrospect Backup (www.dantz.com) and schedule it to copy your files to your external hard disk automatically.

Of course, if a fire, flood, or other accident wipes out your entire home or office, chances are good you’ll lose data stored on an external hard disk too. For more security, store your data offline with a subscription service, such as @Backup (www.backup.com), which copies your data to the company’s computers. Now, if anything happens to your machine, you can conveniently retrieve all your data from @Backup via the Internet.

Streamload (www.streamload.com) offers 25GB of storage for free, which makes it another option for copying your files securely to an off-site server. Unlimited storage costs extra and varies by subscription plan, and there are limits on how much data that you, or other authorized users, can download from your account each month.

The most secure operating system available is OpenBSD (www.openbsd.org), but unless you’re willing to switch to it, your best choice is to keep your current operating system updated with the latest security patches. (Keep in mind that no operating system is completely secure and that, sometimes, installing a security patch will actually make your computer less secure, due to bugs in the patch itself.)

The latest version of Microsoft Windows can download and install updates automatically, but you should also keep abreast of the latest news about operating system flaws and holes that hackers might exploit. You can read more from NTBugTraq (http://ntbugtraq.ntadvice.com), Security Focus newsletters (www.securityfocus.com/newsletters), Symantec Security Response (http://securityresponse.symantec.com), and The Security News Portal (www.securitynewsportal.com).

No matter how secure your computer and operating system may be, you must still defend yourself against hackers trying to break in or install malicious software.

Many operating systems are inherently insecure. Patches and updates eliminate most flaws but do nothing to close ports that have been deliberately left open for valid purposes. For example, the default installation of Windows 2000/XP opens a port to run the Windows Messenger Service, which was originally designed to let network administrators send messages to users. However, this open port also provides a doorway straight into your computer for less welcome visitors.

To take advantage of this gaping hole, many unethical vendors scan ranges of IP addresses to find Windows 2000/XP computers with the Messenger Service port left open. Then they send pop-up ads through this open port advertising anti–pop-up software that will prevent additional pop-up ads from coming through this very same hole, essentially using extortion to convince you to buy their product.

Rather than waste your money on anti–pop-up ad programs, you can just turn off the Messenger Service for free.

To turn off Messenger Service in Windows 2000, follow these steps:

To turn off Messenger Service in Windows XP, follow these steps:

Figure 23-1. You can turn off the Messenger Service in Microsoft Windows by choosing the Disabled option in the Startup type list box.

Manually shutting down open ports isn’t difficult, but you have to know which ports to close. As an alternative, consider using something like the Computer Security Tool (www.computersecuritytool.com), which can scan a Windows computer for insecure default settings and fix them for you, as shown in Figure 23-2. Linux and Mac OS X users can secure their operating systems using Bastille (www.bastille-linux.org).

Figure 23-2. A computer security program can identify weaknesses in your operating system’s default settings and correct them automatically.

Just remember that when you close a port, either manually or through a security program, you could accidentally prevent legitimate programs from working.

With your operating system patched and unnecessary holes shut down, your computer is as safe as can be—until you connect to the Internet. Before you even consider going online, you absolutely must get a firewall. Different firewalls have different features, but you can only use one firewall at a time, so it’s important to choose one that provides the most protection while requiring minimal configuration by you.

What distinguishes a good firewall from a poor one is the firewall’s technical capabilities, along with its default settings. Just because you’ve installed a firewall doesn’t mean you’re protected against all types of attacks. To test your firewall’s capabilities and see how many open ports it neglects to close, visit LeakTest (http://grc.com/lt/leaktest.htm), HackerWatch (www.hackerwatch.org/probe), AuditMyPC (www.auditmypc.com/freescan/scanoptions.asp), OutBound (www.hackbusters.net/ob.html), or Firewall Leak Tester (www.firewallleaktester.com).

Although most firewalls offer comparable technical capabilities, they fall apart when it comes to default settings. Few people bother to configure a firewall once they’ve installed it, so it’s important that your firewall’s default settings provide maximum protection with no extra effort.

Firewalls can’t tell the difference between legitimate programs trying to access the Internet and spyware or Trojan horse programs trying to do the same thing. So every time a program tries to connect to the Internet, the firewall may ask if you want to grant it permission, as shown in Figure 23-3.

Figure 23-3. Some firewalls ask (annoy) you every time an unfamiliar program tries to access the Internet.

Unfortunately, lots of people can’t tell the difference between a legitimate program and spyware, rendering such firewall notifications virtually useless. To avoid confronting users with choices they may not understand, some firewalls compile a list of acceptable programs and only annoy you with an alert when an unknown program tries to access the Internet. This still leaves room for ignorance, however. Firewalls offer a technical solution for protecting your computer, but you, the user, must furnish the intelligence to train what the firewall allows and what it blocks.

Internet Explorer is the most popular browser because it comes with every copy of Microsoft Windows. As a result, its popularity makes it the biggest target for spyware. To prevent rogue websites from automatically installing spyware on your computer, either modify Internet Explorer’s settings for using Active X controls (see Chapter 20) or switch to a browser that doesn’t use ActiveX controls, such as Opera (www.opera.com) or Firefox (www.mozilla.com). These alternatives also have built-in pop-up ad blockers and privacy controls for cleaning out your browser’s cache and history, which reveal the websites you’ve visited recently, as shown in Figure 23-4.

Figure 23-4. Firefox offers a feature for clearing out your browsing history at the click of a mouse.

Apple customers tend to be smug about security; the vast majority of reported flaws have been on Windows systems. But Macs may not be as safe as their owners think. In 2006, a hacker released a proof-of-concept worm that exploited a flaw in the Safari browser. So if you want to keep your Macintosh secure, stop using Safari (which most hackers will attack because it’s used by default on every Macintosh computer), and start using an alternate browser such as Firefox, Opera, or Camino (www.caminobrowser.org). Just remember that every program has flaws that can be exploited. As alternate browsers like Firefox become more popular, expect hackers to start exploiting Firefox flaws as often as they target Internet Explorer flaws.

If your browser doesn’t offer a cache-cleaning feature, try a separate (and free) program such as CoffeeCup Privacy Cleaner (www.coffeecup.com) or Crap Cleaner (www.ccleaner.com)

Most Internet service providers (ISPs) now offer free antivirus scanning and spam filtering, but you’ll want to make sure you turn those features on. (If your ISP doesn’t offer these services, consider switching to a different vendor.) No matter how wonderful your ISP may claim its spam filters are, chances are they still won’t be enough, so consider using a separate spam filter as well.

For a free spam-filtering program, try CoffeeCup Spam Blocker (www.coffeecup.com) or Ella for Spam Control (www.openfieldsoftware.com). Both can block spam that your ISPs filters might miss.

Even then, spam is still likely to slip past, so make sure you turn on the spam-filtering features of your email client too. Microsoft Outlook comes with a spam filter, but many worms know how to exploit Outlook to email copies of themselves to everyone in your address book. Instead, consider switching to the free Thunderbird email program (www.mozilla.com/thunderbird), developed by the same people who brought you the Firefox browser. Not only can Thunderbird foil mass-emailing worms, it can also filter out spam at the same time. By running spam through your ISP’s spam filter, a separate spam filter, and finally your email program’s spam filter, even though you still won’t eliminate all unwanted mail, you’ll reduce the flood to a mere trickle.

Phishing occurs when online con artists use unsolicited email (spam) to direct victims to a bogus website masquerading as a legitimate one (see Chapter 13). As soon as a phishing victim types her credit card number, password, or bank account number on the website accessed by clicking a link in the email, the thief can gain access to the victim’s personal accounts and money.

To foil phishing attempts, never trust unsolicited email from any bank or credit card company. (If you still can’t determine whether an email is legitimate or not, call the bank or credit card company directly and ask them to verify the message’s authenticity.)

For additional help identifying phishing attacks, download a copy of SpoofGuard (http://crypto.stanford.edu/SpoofGuard) for Internet Explorer. SpoofGuard examines a website’s address and uses a variety of criteria, such as unusual letters or numbers mixed into the website address, to assess a site’s validity, as shown in Figure 23-5.

Figure 23-5. SpoofGuard uses different criteria to identify bogus websites.

For another way to identify bogus websites, download the Earthlink ToolBar (www.earthlink.net/software/free/toolbar) or the Netcraft Toolbar (http://toolbar.netcraft.com). Both compare website addresses against a list of known phisher sites, warning you when it finds a match.

Because phishers create new bogus sites all the time, both the Earthlink and Netcraft toolbars allow users to submit addresses to a central database, which helps keep it up-to-date and comprehensive.

Other sites that offer anti-phishing tools are PhishGuard (www.phishguard.com), SiteAdvisor (www.siteadvisor.com), and PhishFighting (www.phishfighting.com). Both programs rely on user contributions to stay effective. When someone finds a phishing website, she can forward the URL address to everyone else using the program to warn them about the bogus site, proving the old theory that there’s safety in numbers.