The Symantec Guide To Home Internet Security

r3lody writes "There are many households that have high-speed Internet connections, yet most people are simply not doing enough to protect themselves from the many exploits that exist. The Symantec Guide to Home Internet Security by Andrew Conry-Murray and Vincent Weafer was written to speak to those people. Symantec Press is the publisher, yet it remains reasonably vendor-neutral. This book is for non-technical people. Its ten chapters cover a relatively slim 240 pages, so it should not intimidate someone who is not a computer professional. Also, you do not really have to read the book front-to-back, but you can focus in on the chapter or chapters that interest you and have fairly complete information." Read on for the rest of Ray's review.

The first chapter gives the reader a basic overview of the risks of using the Internet without some steps to protect yourself. Fraudsters, those who ply you with get-rich-quick schemes and other spam-delivered scams, are distinguished from hijackers who compromise your machine for local data or to make it part of a “bot farm”. The remaining chapters discuss various aspects of security exposures, how to protect yourself from them, and conclude with a checklist of high points and “Helpful Resources” that contain web sites, phone numbers, and occasional additional side-bars with more in-depth examples.

The next chapter is a very informative chapter on preventing identity theft. This part of the book is worthwhile, even if you don’t use the Internet for financial transactions. The authors mention how your personal data can be stolen from company databases, despite precautions you yourself have taken. There are discussions on social engineering and dumpster-diving, as well as phishing scams and keyloggers. The best part of the chapter is the “Recovering from Identify Theft” section. Hopefully you will never need the information there, but it’s very helpful to see it collected in a simple bulleted list. The second side-bar at the end discusses a personal account of a brush with identity theft.

Chapter 3 covers firewalls, which most people think is the only protection they need. It discusses the basics of Internet Protocol (IP), and what firewalls can and can’t do. Lists of both free and commercial firewall products are provided. It wraps up with a few sites that can test your firewall settings to see if you are really protected or not. There were a couple of minor errors (for example, 192.101.432.156 is offered as an IP address, but the third number can’t be more than 255), but most non-technical people need the product lists provided.

The following two chapters cover the various forms of “malware” (viruses, worms, adware, spyware, and Trojans). Conry-Murray and Weafer provide several preventative actions you can take to avoid infection — the most important involves using your common sense (e.g. “Use a firewall” and “Don’t Open Strange E-Mail”) They wrap up by describing how to remove malware via the available anti-spyware programs.

The final category of unwanted Internet debris is spam. The authors state that for most people “spam is an annoyance rather than a plague.” However, they go on to disclose figures that estimate anywhere from 50 to 90% of the 30 billion e-mails sent each day are spam. To explain why spam works, a side-bar talks about Jeremy Jaynes, who was convicted in November 2004 for spamming. He generated about 10,000 credit card sales per month. Two-thirds of those were returned, yet he still netted more that $100,000 a month.

Chapter 7 covers securing Windows XP. At the time of publishing, Microsoft had come out with XP Service Pack 2, with the Windows Security Center. A large section deals with installing SP2 and configuring the Security Center. It’s kept at a level that most users can comprehend and follow, making it another very worthwhile chapter. The following section describes securing Internet Explorer 6 in great detail. The authors do suggest, however, that you might want to use a different browser, such as Firefox or Opera. The thinking is that Firefox and Opera will be more secure because fewer exploits are targeted towards them.

Locking down Windows and IE is not enough to keep your family safe. That’s why they devote the next chapter to “Keeping Your Family Safe Online.” Pitched mostly to parents of younger kids, chapter 8 starts by talking about blocking objectionable content using IE’s Content Adviser. Sexual predators is the next topic, and the authors give the reader good information on how to monitor your children’s online activities, as well as how to report solicitations to the authorities. The final topic revolves around file-sharing software. While they mention the prospect of downloading viruses, the legal ramification of potentially housing illegal downloads is the most important lesson to take away from this section.

Many homes are now using wireless access points. Unfortunately, poor configurations open them up for eavesdroppers and bandwidth hijackers. The simple precautions of changing and hiding the network name (SSID) and changing the password will do a lot, but encryption using WEP, WPA, or WPA2 will help a lot more. They also go into the security issues of public hotspots, including the prospect of “Evil Twins” (user computers that offer a look-alike access point just to steal your personal information).

The book wraps up with a chapter on “Privacy and the Internet.” Anyone who conducts any transactions over the Internet has their personal data stored on a computer that might be accessed online. The key precaution is to not divulge any information you don’t absolutely have to. Data Brokers collect amazing amounts of information on each of us. Three major companies, Acxiom, ChoicePoint and LexisNexis are individually described, with information on how to get reports on what information they’ve recorded, and possibly how to opt-out of having it stored.

Andrew Conry-Murray and Vincent Weafer conclude the book by giving the reader five basic steps to protect themselves online. However, I prefer their final, single simple rule: Use Your Common Sense.

The Symantec Guide to Home Internet Security, though a slim book, is packed with a lot of valuable information pitched to the non-technical user. I believe that anyone with a computer connected to the Internet would benefit from reading this book.

You can purchase The Symantec Guide to Home Internet Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Hmm...

[by Anonymous Coward]

The Symantec Guide to Home Internet Security

Oxymoron?

Re:Hmm...

[MightyMartian (840721)]

Indeed. I'd have a hard time trusting anything about security from a company that has put out some of the worst anti-virus and firewall software I've ever seen.

Re:Hmm...

[holyspidoo (1195369)]

Install norton and the computer becomes too slow to run anything, thus making it safe. Flawless. Next week, Norton Car Safety: how filling your tank with cool aid and your oil tank with mountain dew will keep you from crashing your car.

Re:

[headwick (247433)]

It is absolutely horrendous. We just uninstalled symantec endpoint 11 and obtained a refund for our entire enterprise. There are numerous bugs with the product that cause it to render various servers useless for no valid reason. Our choice was reboot 3 times a day, or uninstall. We had 4 major errors that symantec had open and were waiting for a fix, all of which caused us considerable pain. I used to be a big supporter of symantec for the corp side, and somewhat of a supporter on the home user side.

Re:Hmm...

[Sancho (17056)]

Norton used to be really hot stuff. Their products were fantastic, and even as replacements for tools supplied by the OS (chkdisk and later scandisk, and defrag) they were worth the price of admission because they worked so much better. It was like night and day.

When they were bought by Symantec, they maintained their quality for a while, but eventually, they just didn't work. Antivirus was really the last utility to fall, but even it finally did. I used to wholeheartedly recommend Norton (and later, Symantec's Norton line) products to anyone who ran Microsoft OSs. Now, my recommendation is unquestionably to uninstall it, download the full removal tool, and run that, too.

Re:Hmm...

[by Anonymous Coward]

Seriously, you want security just go mac. I mean mac can do pretty much anything a PC can do but sleeker and nicer. I have an iphone and it can play movies. I don't know what the deal is with people who buy DVD/HDDVD/BluRay players. You have to go buy the disc, which is bigger than the iphone (that tells you how obsolete they are) and you have to manually insert it into the player. I'm not a manual laborer, I am an artist and I don't want to have to waste space on having a green-unfriendly post consumer waste Disc case plus the disc itself which I suspect isn't biodegradable and probably has carbs (I have a carbon footprint of 0 btw). I mean you get itunes and your iphone and you have your movies. Iphones do more for world peace and the environment than any ugly PC and obsolete technology. Al Gore has an Iphone and he won a nobel prize.

Re:

[PopeRatzo (965947)]

Al Gore has an Iphone and he won a nobel prize.

Ah, so that's what he won for.

I have a carbon footprint of 0 btw

Son, I want you to re-read that line you wrote, then smack yourself in the head. Hard.

Someday, you'll understand, and thank me.

Re:

[pandrijeczko (588093)]

Actually, this could work, you know...

Have Symantec do your home security & if it's anything like their PC products, the speed of any burglar's passage through your house will be reduced to an absolute crawl plus your house windows will keep popping open in order to distract him...

Nothing about PEBKAC?

[1_brown_mouse (160511)]

This is incomplete.

Whats a BOFH to do?

Re:

[Wingnut64 (446382)]

Whats a BOFH to do?

# iptables -A INPUT -j DROP
No service, therefore no denial!

I bought a Mac...

[EchoD (1031614)]

There are many ways to secure yourself, and one of the easiest is to use an operating system that doesn't fill a huge percentage of the market.

I'm not a blind Mac Fanboy, but I have sight enough to see Apple offers computers that are more than sufficient for average home use. The flaws they had have disappeared. Admittedly, Windows has its place as well. I still keep a Windows box for gaming, I use Windows at work, and I troubleshoot it for friends and family who haven't made the switch.
But, for me, secur

The Short, SHORT version...

[R2.0 (532027)]

Buy our stuff.

(Apologies for the title to the Bishop in "Spaceballs")

They won't read it

[CranberryKing (776846)]

Non-technical users don't want to read a book. That's why they are non-technical and that's why they give Symantec money to ostensibly keep them safe.

Re:

[explosivejared (1186049)]

So, basically the whole book is a scam to educate a user enough to where they think they need security software ($ymantec), but not enough to where they can actually understand that throwing money at the problem of security doesn't make it go away. Safe practice is the only way. Using reliable systems, ie Linux, helps, but still it comes down to being educated.

All in all, I'm gonna go ahead and call this a worthless read.

Re:

[zappepcs (820751)]

That is exactly the attitude that I see in the world around me. People install Symantec and then think (without regard to whether the software license is up to date or not) that it should stop any kind of malicious software or hacking attempt ever.

That kind of thinking is the FAULT of Symantec et al. Yet, these same people would not drink old milk, or trust an aging condom? Go figure.

Wireless security

[paulius_g (808556)]

I personally simply hate the fact how router vendors don't put enough emphasis on how important wireless security is! The only thing that most router manuals say about encryption is that it will slow down the speed of the wireless network. Without further ado, let me bash a bit about this book:

Many homes are now using wireless access points. Unfortunately, poor configurations open them up for eavesdroppers and bandwidth hijackers

You got that right!

The simple precautions of changing and hiding the network name (SSID) and changing the password will do a lot

No it will not! Changing your SSID doesn't do anything in terms of security. All of the data transferred via the network is in the clear. Changing the admin password of the router helps a bit, but there exploits out there which can crack some of these passwords. The goal here is to prevent the bad guys from getting onto your network in the first place. Hiding? In Kismet, you press one button to reveal the hidden APs in the area. Hiding it pointless.

but encryption using WEP, WPA, or WPA2 will help a lot more.

WEP is useless. It can be cracked in less than 60 seconds these days. In fact, it's easier to crack a WEP key than to write it in! WEP is BROKE, and let's make sure that people get the message. WPA and WPA2 are, if you're using a nice and long non-dictionary password, uncrackable. The only attack that can be done on WPA or WPA2 is a dictionary attack. In addition, make sure that you're using AES with WPA, and not TKIP. TKIP is an implementation which uses less CPU, but is very similar to the way how WEP works. It's weak.

They also go into the security issues of public hotspots, including the prospect of "Evil Twins" (user computers that offer a look-alike access point just to steal your personal information).

Very true, but let's be honest here for a second... Am I the only one who's paranoid of entering my PayPal or CC info on an unencrypted public access point? I don't care if it's an AP ran by some mega-trusted corporation, the signal is still out there and anyone can get it.

There. My 2 cents are deposited.

Re:

[ettlz (639203)]

WPA and WPA2 are, if you're using a nice and long non-dictionary password, uncrackable.

Don't be lazy, set up a RADIUS server.

Re:Wireless security

[XorNand (517466)]

WEP isn't useless. It will keep 99.99% of freeloaders off a wifi network. And 99.99% of people trying to connect to a wifi network that isn't theirs is just a freeloader. Path of least resistance, man... WEP will continue to be at least marginally useful until Windows ships with Clippy that pops up with "The network you're trying to connect to is WEP-enabled. Would you like to crack it?"

Re:

[edashofy (265252)]

Am I the only one who's paranoid of entering my PayPal or CC info on an unencrypted public access point? I don't care if it's an AP ran by some mega-trusted corporation, the signal is still out there and anyone can get it.

Um, do you really enter your PayPal or CC info on a non-HTTPS connection? Because if you're on an HTTPS connection, there shouldn't be an issue. Your browser and the site itself have done a key exchange with RSA and are communicating with a very secure block cipher at that point. It does

Re:

[Sancho (17056)]

There have been attacks on web sessions that go over http (not https), even when some parts of the session were protected using SSL. The idea is that sensitive information may be encrypted, but non-sensitive information will just go over http in for speed and ease of use. However if you can hijack the session through the non-encrypted requests, you can log in as the user without ever knowing their passwords, and then you might be able to do all sorts of nasty things.

The attack was famously performed again

Re:

[MikeBabcock (65886)]

I personally simply hate the fact how router vendors don't put enough emphasis on how important wireless security is! The only thing that most router manuals say about encryption is that it will slow down the speed of the wireless network.

I just opened my new D-Link DI-724GU [dlink.ca] wireless router and gigabit switch today and was honestly impressed at the warning posted inside that pointed out how any wireless networking product can leave your network exposed to third parties and insecure and that proper security

Re:Wireless security

[Vellmont (569020)]

WEP is useless.

Hardly. While WEP isn't very secure, it's enough to say "this is my network, don't connect to it". The lock on my door is probably pickable in 60 seconds too, with about as much skill involved.

It's true that WPA and WPA2 are a lot more secure, and there's little reason not to use them.

make sure that you're using AES with WPA, and not TKIP. TKIP is an implementation which uses less CPU, but is very similar to the way how WEP works. It's weak.

Not everyone agrees that security of your network is the MOST important thing. Compatibility, speed, etc is important too. TKIP is more than secure for the vast majority of people, and I'm unaware of any viable attacks on it.

Re:

[Tom (822)]

In addition, make sure that you're using AES with WPA, and not TKIP. TKIP is an implementation which uses less CPU, but is very similar to the way how WEP works. It's weak.

There is more trouble than that out there. Try running a wireless network with WPA2 and a number of different devices. You'll soon find out that your favorite Linux distro doesn't support the same options as your Mac, and let's not even get me started about windos broken support (which provides you absolutely no helpful error messages to tell you what the problem actually is). Oh, did I mention that it sometimes depends on your wireless card and the driver version?

So I run TKIP, because it happens to work

Re:

[Braino420 (896819)]

Am I the only one who's paranoid of entering my PayPal or CC info on an unencrypted public access point? I

What about SSL?

Re:

[Sancho (17056)]

The simple precautions of changing and hiding the network name (SSID) and changing the password will do a lot

No it will not! Changing your SSID doesn't do anything in terms of security.

Be wary of going to one extreme when fending off another.

Changing your SSID can, in fact, help with security, in the proper context. It's true that just changing it doesn't really help, however if you're using WPA with a PSK, changing your SSID may well keep you safe from a rainbow table crack.

Changing the admin password of the router helps a bit, but there exploits out there which can crack some of these passwords.

I don't know of any exploits which do this, but I don't know of any wireless routers which reject logins attempts after too many failures, either. However, this mostly implies that the user has access to the netwo

Irresponsible ISPs

[MichaelCrawford (610140)]

One ISP I used to be with - I don't remember clearly which one now, but it was a big national ISP - said that all you needed to do to keep secure on their connection was to disable Windows filesharing. That's it.

Now, some people really need to use it, if they have more than one computer in the house. And there was no mention of protecting yourself from attacks coming from the Internet.

Simply irresponsible, I say, and by rights the ISP ought to be liable for it.

But...

[MSTCrow5429 (642744)]

...can you remove it from your bookshelf without sending all of the other books aflame, and causing the shelf itself to collapse into shavings?

That's the whole trouble

[Tom (822)]

"a slim 240 pages"

That's the whole problem. If we need that much space to explain people how to be online without being owned, 90% of 'em won't read it, and will get owned.

Until we've solved that problem - and it's not a technological one, there is no geeky solution here - there is no real security for the average computer user.

Re:

[Tom (822)]

Good point, yes.

And still, cars are a lot less dangerous than they used to be, while simultaneously easier to use.

Computers? Hardly.

The point is still that as long as it is difficult to set up some basic security, few people will do it. And it isn't that terribly difficult, really.

One example: I have sudo or the equivalent on any system available now, even something similar on windos. And yet, there is absolutely no feedback whatsoever if the current window or app is running with elevated privileges or not.

Symantec Guide

[FrostedWheat (172733)]

The first rule of Symantec Home Internet Security, is don't install Symantec Home Internet Security.

Re:

[RockedMan40 (1130729)]

The second rule is.... ...Oh..this is way too easy and cheap..nevermind...

Re:

[tloh (451585)]

Well...yes.
Haha and all that.
What about us poor suckers who have the unenviable task of supporting systems with Symantec preinstalled? My father was given an HP a year ago running this piece of crap on XP and it has given me no shortage of headaches. The fucker takes ages to boot up and more than half the time it refuses to acknowledge the network. I got so tired of wasting time with the damn thing I gave him a lesser box running Ubuntu. Not a word of complaint since. Still, I keep the HP around becaus

Re:

[Andy Dodd (701)]

To anyone who might reply, "Just uninstall it" - Easier said than done.

In my opinon, most Symantec products are more difficult to clean from a system than the malware they're supposed to protect against. The only way to get rid of it is to nuke and repave Windows.

Re:

[jotok (728554)]

Symantec, just like all the corporations, should listen to their customers and work to improve their software.

On the other hand, I have to ask myself why I should listen to a guy who is stuck supporting software he hates, rather than really doing anything about it. You're basically irrelevant so long as the corporation has made management happy. Management is happy because the consultants took care of some hair-on-fire issue worth $1m in revenue and then took them out to lunch (and billed them for it). M

Re:

[pandrijeczko (588093)]

The second rule of Home Internet Security, is don't let Symantec talk about Home Internet Security.

It's an old book

[by Anonymous Coward]

The book was published in September of 2005. So don't expect much of anything to be current.

I was wondering why there wasn't any mention of Vista in the review.

Misread the title

[argmanah (616458)]

When I looked at the title of this /. article, I read "The Symantec Guide to Homeland Security." Given how Homeland Security has performed since its inception, it sounded very believable that Symantec would be writing a guide to it.

AOSS is the way for the general public.

[binaryspiral (784263)]

As an experienced IT professional, I'm comfortable setting up WPA2-PSK (AES) on my laptops, desktops, and other wireless bits like my Wii and Smartphone.

But for the average schmuck who just stolled home with a new "link-sees" wireless box and new wireless laptop 'puter - they won't bother setting up security, they'll stop when the lights are blinkin' and the porn is streaming.

AOSS seems to be the way to go if more manufactures supported it. Push a button on the access point, and it goes into training mode f

Target audience

[owlnation (858981)]

This book is for non-technical people.

No Kidding! No-one technical uses Symantec products. Well... never more than once...

My guide

[Wowsers (1151731)]

Having tried this firewall for myself when I eventually got XP (before going on to Linux), is that their new firewall was the fastest way to get my brand new clean install of WinXP on a dual core computer to it's knees in it's speed of use. I did another clean install just to get the speed of a dual core machine back, the computer ran like it was on a 486 with that firewall. Wasted my money.

Re:

[Captain Splendid (673276)]

Dude, those cheat sheets are all over the web. Or, you could always hit up a forum and ask nicely (that's how most of us learned what we know).

If you really want, post a JE. Plenty of us here with nothing better to do than help a brother out.

Re:

[word munger (550251)]

Yes, I'd definitely like to know how well Macs are covered. If all the book does is list PC-only security apps, it doesn't do me much good.

That last step's a doozy...

[billstewart (78916)]

Too many people find that last step too difficult...

I've been using Kaspersky as my anti-virus, and while it's usually rated as one of the most effective, it's gotten really annoying. At first it was just the hundreds of megs of log-files, though I've mostly limited those. But some time in the last six months, its virus tables added some pattern that's in most of my Eudora mailfile backups, and it'll tell me file names but not position in the file. AFAICT, I received some email that either contained a vi

Re:Symantec? Uh, anyone else have an opinion?

[TheRaven64 (641858)]

Once upon a time, there was a guy called Peter Norton. He wrote a load of really neat software. The Norton Utilities were essential on any DOS system (and navigating a filesystem without Norton Change Directory still feels clunky to me). Another piece of software his company wrote was an antivirus package. More on this later. At the same time, he wrote some really great technical books.

In 1990, he sold his company to Symantec. Since then, their products have been gradually rebranded and have consistently sucked. Symantec seem under the delusion that their brand is now worth what the Norton brand was worth in the '80s (which, if you ignore inflation, it might be...).

Re:

[orclevegam (940336)]

Symantec is crapware. It's not much better then a lot of the spyware floating around the internet, a certain competes with it for annoying popups and resource hogging. That being said, the reason you should listen to what this book has to say, is because a fellow slashdot reader read it and says they did a good job. The review however points out that this isn't a book for the likes of your typical slashdot reader, but rather one that you might want to pick up so next time an annoying relative asks you a que

Re:

[$RANDOMLUSER (804576)]

I read this as "Symantec Guide to Homeland Security" and got very frightened! :P!

Actually, even Symantec could do a better job than the TSA.

Re:WTF

[orclevegam (940336)]

$20 for information that can be quickly gleaned in 5 minutes from a couple of big sites like about.com? Oooookay.

Nice review. No idea why you posted it here though.

Maybe because some of us have clueless relatives and being able to hand them a relatively simple (and authoritative in their eyes) book to read, rather then spend 3 hours trying to pound common sense into their heads is an attractive concept. Yes pretty much everyone on slashdot knows all this stuff, and further knows how to research anything we don't know, but trying to impart that information to others is often a trying experience, particularly in the case of relatives that often as not are not particularly inclined to listen to someone they don't view as an authority figure. We know Symantec is crap, but for a large portion of the population it's what they think of when they think about AV and Firewall software, and recommendations coming from them will most likely be given more thought and consideration then the same coming from "that one cousin that's into that computer stuff".

Re:

[roystgnr (4015)]

We know Symantec is crap

That may be true for values of "we" that are Windows power users, but what about those of us whose solution to avoiding Windows viruses is "open all files in a different OS"? We've got clueless relatives to support too, you know, and that's hard when we're equally clueless. My dad's job requires him to open Office documents from "high virus risk" senders (so a book that educated him alone would be insufficient), yet the Norton virus scan on those documents is so slow that he's look

Re:

[orclevegam (940336)]

And good luck trying to convince someone to read that. I don't know why, but it's often easier to talk someone into reading a book about something then it is to get them to go to a website about it. Another factor is how well laid out the information on about.com is. Will the person doing the research have to know to search for certain terms? Is there a single "page" with links to all the information provided, or is it divided up into different sections. If it's not all available without having to do any se

Joe SixPack's Computers for Dummies

[The Angry Mick (632931)]

Chapter One: The Computer

The "computer" is the rectangular box with a few buttons on the front. The "monitor" is the box with the pretty pictures. These two terms are not interchangeable.

Chapter Two: The Internets

Also known as the "web", this is where porn comes from.

Chapter Three: Computer Security

Both the computer and the Internets are very dangerous - Terrorists use both. To keep your computer absolutely secure, DO NOT CLICK ON ANYTHING, EVER.

THE END