Forgot your password?
typodupeerror
Book Reviews Books Media

The Symantec Guide To Home Internet Security 139

Posted by samzenpus
from the protect-ya-neck dept.
r3lody writes "There are many households that have high-speed Internet connections, yet most people are simply not doing enough to protect themselves from the many exploits that exist. The Symantec Guide to Home Internet Security by Andrew Conry-Murray and Vincent Weafer was written to speak to those people. Symantec Press is the publisher, yet it remains reasonably vendor-neutral. This book is for non-technical people. Its ten chapters cover a relatively slim 240 pages, so it should not intimidate someone who is not a computer professional. Also, you do not really have to read the book front-to-back, but you can focus in on the chapter or chapters that interest you and have fairly complete information." Read on for the rest of Ray's review.
The Symantec Guide to Home Internet Security
author Andrew Conry-Murray and Vincent Weafer
pages 240
publisher Symantec Press
rating 8/10
reviewer Ray Lodato
ISBN 0321356411
summary A slim volume packed with valuable information for non-technical Internet users.
The first chapter gives the reader a basic overview of the risks of using the Internet without some steps to protect yourself. Fraudsters, those who ply you with get-rich-quick schemes and other spam-delivered scams, are distinguished from hijackers who compromise your machine for local data or to make it part of a “bot farm”. The remaining chapters discuss various aspects of security exposures, how to protect yourself from them, and conclude with a checklist of high points and “Helpful Resources” that contain web sites, phone numbers, and occasional additional side-bars with more in-depth examples.

The next chapter is a very informative chapter on preventing identity theft. This part of the book is worthwhile, even if you don’t use the Internet for financial transactions. The authors mention how your personal data can be stolen from company databases, despite precautions you yourself have taken. There are discussions on social engineering and dumpster-diving, as well as phishing scams and keyloggers. The best part of the chapter is the “Recovering from Identify Theft” section. Hopefully you will never need the information there, but it’s very helpful to see it collected in a simple bulleted list. The second side-bar at the end discusses a personal account of a brush with identity theft.

Chapter 3 covers firewalls, which most people think is the only protection they need. It discusses the basics of Internet Protocol (IP), and what firewalls can and can’t do. Lists of both free and commercial firewall products are provided. It wraps up with a few sites that can test your firewall settings to see if you are really protected or not. There were a couple of minor errors (for example, 192.101.432.156 is offered as an IP address, but the third number can’t be more than 255), but most non-technical people need the product lists provided.

The following two chapters cover the various forms of “malware” (viruses, worms, adware, spyware, and Trojans). Conry-Murray and Weafer provide several preventative actions you can take to avoid infection — the most important involves using your common sense (e.g. “Use a firewall” and “Don’t Open Strange E-Mail”) They wrap up by describing how to remove malware via the available anti-spyware programs.

The final category of unwanted Internet debris is spam. The authors state that for most people “spam is an annoyance rather than a plague.” However, they go on to disclose figures that estimate anywhere from 50 to 90% of the 30 billion e-mails sent each day are spam. To explain why spam works, a side-bar talks about Jeremy Jaynes, who was convicted in November 2004 for spamming. He generated about 10,000 credit card sales per month. Two-thirds of those were returned, yet he still netted more that $100,000 a month.

Chapter 7 covers securing Windows XP. At the time of publishing, Microsoft had come out with XP Service Pack 2, with the Windows Security Center. A large section deals with installing SP2 and configuring the Security Center. It’s kept at a level that most users can comprehend and follow, making it another very worthwhile chapter. The following section describes securing Internet Explorer 6 in great detail. The authors do suggest, however, that you might want to use a different browser, such as Firefox or Opera. The thinking is that Firefox and Opera will be more secure because fewer exploits are targeted towards them.

Locking down Windows and IE is not enough to keep your family safe. That’s why they devote the next chapter to “Keeping Your Family Safe Online.” Pitched mostly to parents of younger kids, chapter 8 starts by talking about blocking objectionable content using IE’s Content Adviser. Sexual predators is the next topic, and the authors give the reader good information on how to monitor your children’s online activities, as well as how to report solicitations to the authorities. The final topic revolves around file-sharing software. While they mention the prospect of downloading viruses, the legal ramification of potentially housing illegal downloads is the most important lesson to take away from this section.

Many homes are now using wireless access points. Unfortunately, poor configurations open them up for eavesdroppers and bandwidth hijackers. The simple precautions of changing and hiding the network name (SSID) and changing the password will do a lot, but encryption using WEP, WPA, or WPA2 will help a lot more. They also go into the security issues of public hotspots, including the prospect of “Evil Twins” (user computers that offer a look-alike access point just to steal your personal information).

The book wraps up with a chapter on “Privacy and the Internet.” Anyone who conducts any transactions over the Internet has their personal data stored on a computer that might be accessed online. The key precaution is to not divulge any information you don’t absolutely have to. Data Brokers collect amazing amounts of information on each of us. Three major companies, Acxiom, ChoicePoint and LexisNexis are individually described, with information on how to get reports on what information they’ve recorded, and possibly how to opt-out of having it stored.

Andrew Conry-Murray and Vincent Weafer conclude the book by giving the reader five basic steps to protect themselves online. However, I prefer their final, single simple rule: Use Your Common Sense.

The Symantec Guide to Home Internet Security, though a slim book, is packed with a lot of valuable information pitched to the non-technical user. I believe that anyone with a computer connected to the Internet would benefit from reading this book.

You can purchase The Symantec Guide to Home Internet Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
This discussion has been archived. No new comments can be posted.

The Symantec Guide To Home Internet Security

Comments Filter:
  • Hmm... (Score:5, Funny)

    by Anonymous Coward on Monday January 28, 2008 @03:38PM (#22211490)
    The Symantec Guide to Home Internet Security

    Oxymoron?
    • Re:Hmm... (Score:5, Insightful)

      by MightyMartian (840721) on Monday January 28, 2008 @03:40PM (#22211522) Journal
      Indeed. I'd have a hard time trusting anything about security from a company that has put out some of the worst anti-virus and firewall software I've ever seen.
      • Re:Hmm... (Score:5, Funny)

        by holyspidoo (1195369) on Monday January 28, 2008 @04:20PM (#22212130)
        Install norton and the computer becomes too slow to run anything, thus making it safe. Flawless. Next week, Norton Car Safety: how filling your tank with cool aid and your oil tank with mountain dew will keep you from crashing your car.
      • by headwick (247433)
        It is absolutely horrendous. We just uninstalled symantec endpoint 11 and obtained a refund for our entire enterprise. There are numerous bugs with the product that cause it to render various servers useless for no valid reason. Our choice was reboot 3 times a day, or uninstall. We had 4 major errors that symantec had open and were waiting for a fix, all of which caused us considerable pain. I used to be a big supporter of symantec for the corp side, and somewhat of a supporter on the home user side.
        • Re:Hmm... (Score:4, Informative)

          by Sancho (17056) on Monday January 28, 2008 @05:16PM (#22213092) Homepage
          Norton used to be really hot stuff. Their products were fantastic, and even as replacements for tools supplied by the OS (chkdisk and later scandisk, and defrag) they were worth the price of admission because they worked so much better. It was like night and day.

          When they were bought by Symantec, they maintained their quality for a while, but eventually, they just didn't work. Antivirus was really the last utility to fall, but even it finally did. I used to wholeheartedly recommend Norton (and later, Symantec's Norton line) products to anyone who ran Microsoft OSs. Now, my recommendation is unquestionably to uninstall it, download the full removal tool, and run that, too.

          • by Nazlfrag (1035012)
            I can remember recovering source code from a crashed disk using their sector recovery tools back in the day. Saved me at least a week of work. It's sad how far they've fallen.
          • by gaspyy (514539)
            Just to reinforce: Norton tools were for DOS what Sysinternals are for Windows, and more.

            Norton Commander's interface has been copied by almost every file manager.
            Disk Editor helped me learn how file systems work (FAT/FAT32, but still);
            There were many incredibly useful apps (Norton Disk Doctor), even partititon-encryption (DiskReet) plus a ton of command-line utils.
          • by weicco (645927)

            Norton 2003 Internet Security was in imo pretty good package. It worked well, didn't grind computer to it's knees etc. 2005 version was almost as good as 2003 but if I remember correctly I had to actually delete one .exe file so that it wouldn't eat all my CPU time. I think that EXE's purpose was to filter email messages but since I don't use rich email clients I didn't need it. I don't know why it ate my CPU though.

            Now-a-days I suggest people to install free Avast! AV software and use Windows own firewall

        • The network I'm administering had been using Norton Antivirus Corporate, with its supposedly wonderful centralized server software, and I could never get the updating on workstations to work correctly. What a pile of junk. With the annual subscription up a couple of weeks ago, I recommended we drop this steamy pile of monkey droppings, and we went with F-Prot. It's pretty simplistic as far as distribution, but that's fine by me. It has a significantly lower footprint that Norton's garbage.
          • What about Norton vs. Symantec? I was always under the impression that Symantec is the corporate-use version, and Norton is the home-use version, but apparently they have a Norton Antivirus Corporate? My systems have always been bogged down and running slow if I run Norton utilities, but I haven't had nearly the same issues with Symantec. Is it just the Norton line of products people have issues with? As far as I've seen, Symantec isn't so bad. I use Symantec Endpoint Protection at home and it's been w
      • Indeed. Symantec's memory leaks keep bringing our servers down. Maybe that's a security feature; you don't get spam if you don't get mail, and you don't get viruses if nothing runs.
    • Re:Hmm... (Score:5, Funny)

      by Anonymous Coward on Monday January 28, 2008 @03:46PM (#22211640)
      Seriously, you want security just go mac. I mean mac can do pretty much anything a PC can do but sleeker and nicer. I have an iphone and it can play movies. I don't know what the deal is with people who buy DVD/HDDVD/BluRay players. You have to go buy the disc, which is bigger than the iphone (that tells you how obsolete they are) and you have to manually insert it into the player. I'm not a manual laborer, I am an artist and I don't want to have to waste space on having a green-unfriendly post consumer waste Disc case plus the disc itself which I suspect isn't biodegradable and probably has carbs (I have a carbon footprint of 0 btw). I mean you get itunes and your iphone and you have your movies. Iphones do more for world peace and the environment than any ugly PC and obsolete technology. Al Gore has an Iphone and he won a nobel prize.
      • Re: (Score:2, Redundant)

        by PopeRatzo (965947) *

        Al Gore has an Iphone and he won a nobel prize.
        Ah, so that's what he won for.

        I have a carbon footprint of 0 btw
        Son, I want you to re-read that line you wrote, then smack yourself in the head. Hard.

        Someday, you'll understand, and thank me.
      • Regina: Is Blu-Ray a carb?

        Cady: YES. [imdb.com]

      • Seriously, you want security just go mac.

        Mac computers are not necessarily more secure. They are just less targeted by security exploits because they have a smaller user base. Don't fool yourself. You make a statement like that without backing it up at all. The rest of your comment has absolutely nothing to do with Mac security. Perhaps Mac is better designed with security in mind than Windows is. I really don't know as I've never really used Mac OS X. Linux is certainly better designed for securit

    • Exactly my thoughts on it upon seeing the title. I was once explaining to a friend how to configure port forwarding on his computer, and he had Norton Internet Security. Needless to say I didn't manage to make any rule work in that damn firewall.
    • Actually, this could work, you know...

      Have Symantec do your home security & if it's anything like their PC products, the speed of any burglar's passage through your house will be reduced to an absolute crawl plus your house windows will keep popping open in order to distract him...

    • by v1 (525388)
      The Symantec Guide To Home Internet Security

      I'll file that on my bookshelf right between the Jeffery Dahlmer's Table Manners and Sensitivity Training by Hitler.

    • Re: (Score:2, Insightful)

      by Bruce Dawson (1079221)
      Why is slashdot reviewing a book that was published almost 2.5 years ago (September 3, 2005 according to Amazon.

      The threats on the Internet and the responses available have changed significantly since then.

  • "Cheat Sheets" (Score:1, Redundant)

    by webword (82711)
    Are there any cheat sheets available in the book? I'd be happy to shell out some cash to get the quick and dirty tips inside the book. Step 1, Step 2, Step 3, etc.

    Also, how well does this cover Mac topics? I'm curious about the (ugh!) integration sometimes required to connect PCs and Macs, especially for individuals and small businesses.
    • Dude, those cheat sheets are all over the web. Or, you could always hit up a forum and ask nicely (that's how most of us learned what we know).

      If you really want, post a JE. Plenty of us here with nothing better to do than help a brother out.
    • Yes, I'd definitely like to know how well Macs are covered. If all the book does is list PC-only security apps, it doesn't do me much good.
  • by 1_brown_mouse (160511) on Monday January 28, 2008 @03:41PM (#22211534)
    This is incomplete.

    Whats a BOFH to do?
  • I bought a Mac... (Score:2, Interesting)

    by EchoD (1031614)

    There are many ways to secure yourself, and one of the easiest is to use an operating system that doesn't fill a huge percentage of the market.

    I'm not a blind Mac Fanboy, but I have sight enough to see Apple offers computers that are more than sufficient for average home use. The flaws they had have disappeared. Admittedly, Windows has its place as well. I still keep a Windows box for gaming, I use Windows at work, and I troubleshoot it for friends and family who haven't made the switch.
    But, for me, secur

    • Re: (Score:1, Troll)

      by Tibor the Hun (143056)
      I was once like you too.
      But then I coverted the rest of my family (parents, brother in law +sis, mother in law, sis in law) and a couple of friends to Macs, so I no longer need to do tech support for them. (Nothing worse than cleaning up spyware during a Christmas break over a 56k connection while everyone else is sipping cider..)
      And then I replaced my gaming windows machine since Enemy Territory Quake Wars plays natively on Linux, so I don't even have to worry about the critical updates any more.
      Good job,
    • Re: (Score:2, Interesting)

      by letchhausen (95030)
      This is so odd to me because I have a bunch of computer illiterate relatives and they never have security issues with Windows. In fact, the questions I get are from the Mac users in the family who can't figure out how to do something or want me to turn off something. Usually related to the retarded IPod/ITunes interface and library and the confusion that it spawns for them. That or asking me how to hide that goddam dock waving at them all the time.....of course if the MacBook Air hadn't been such a stupid p
  • by R2.0 (532027) on Monday January 28, 2008 @03:43PM (#22211570)
    Buy our stuff.

    (Apologies for the title to the Bishop in "Spaceballs")
  • by Anonymous Coward
    NO, book on security, technology, etc, that is anything more than a couple of pages long is going to interest is going to be anything Joe SixPack buys and reads to teach themselves what they need to know. Joe SixPack or my grandmother is not interested in knowing or learning about the technology, they just want it to work.

    Just like driving a car, they don't care how it works, just how to use it and that they need to take it in for maintenance at regular intervals. Joe SixPack or my grandmother should take
    • by The Angry Mick (632931) on Monday January 28, 2008 @06:38PM (#22214298) Homepage

      Chapter One: The Computer

      The "computer" is the rectangular box with a few buttons on the front. The "monitor" is the box with the pretty pictures. These two terms are not interchangeable.

      Chapter Two: The Internets

      Also known as the "web", this is where porn comes from.

      Chapter Three: Computer Security

      Both the computer and the Internets are very dangerous - Terrorists use both. To keep your computer absolutely secure, DO NOT CLICK ON ANYTHING, EVER.

      THE END

  • Personal firewalls suck, it has been proven that they usually can be penetrated from both sides.
    They also confuse the user and teach him to "click accept or nothing will work", which is barely something you want your user to do.

    It's a much more sensible advise to tell your user to turn off unnessesary services, especially since there are now simple applications which do that work for you.

    http://www.dingens.org/index.html.en [dingens.org]
    • Personal-firewall software running in Windows isn't perfect, and it's running on Windows, so if something else breaks Windows then it can break through the firewall. They're still not a bad thing (except as you noted, teaching users to always hit "ok".) And one long-term usefulness is that they do make it harder to install some kinds of malware that you might do by naively clicking some web link.

      More important, though, is having an external firewall that keeps the riff-raff attacks off your computer, at l

    • "Personal firewalls suck..."

      Speak for yourself, it depends on the firewall. I use Sunbelt kerio firewall and I wouldn't go back to a 'non-firewalled' existence. It has an application monitor which allows to gracefully disable and block 'phone home' or other 'ping/contact company server' on applications and to see what your apps are really doing behind your back.

      Many apps these days try to communicate to a company server if just to ping it and/or send data back. All behind your back. No one can be truste
      • by Casandro (751346)
        You do realice that a piece of software on your own computer cannot stop any of that. Simply put, how should that programm find out if you are surfing the web or if a programm is controlling your browser to phone home?
        • "You do realice that a piece of software on your own computer cannot stop any of that. Simply put, how should that programm find out if you are surfing the web or if a programm is controlling your browser to phone home?"

          Yes I do realize it's not perfect. But FYI it definitely works for some programs. You're thinking of extremely malicious programs that will try anything, I'm just trying to catch the basic ones, and yes you can stop programs: Disabling the network card temporarily for instance or using sai
          • by Casandro (751346)
            Well as long as the average user still doesn't do anything, or constantly clicks 'accept' everywhere there might not be much 'extremely malicious' software around. (Althought I have to say some ways of controlling a web-browser are simpler than opening TCP/IP connections.)

            Temporarily disconnecting a computer won't do much good, as the software could just wait, or refuse to start without an internet connection.

            Then there are the holes created by 'personal firewalls'. Not only have there been dozens of buffer
            • I agree with what you are saying but the vast majority of phishers are non-technical people. Let's face it in the end though, that nothing is 100% secure and we all take risks, it's just a matter of how risky and what you do with your computer.

              The average user for certain doesn't understand much, but that's a failing of the industry itself and the engineering versus an economic challenge.

              If we think of it in terms of traffic, the only way we'd ever remove traffic congestion and stop accidents (mostly barri
  • They won't read it (Score:4, Insightful)

    by CranberryKing (776846) on Monday January 28, 2008 @03:46PM (#22211620)
    Non-technical users don't want to read a book. That's why they are non-technical and that's why they give Symantec money to ostensibly keep them safe.
    • So, basically the whole book is a scam to educate a user enough to where they think they need security software ($ymantec), but not enough to where they can actually understand that throwing money at the problem of security doesn't make it go away. Safe practice is the only way. Using reliable systems, ie Linux, helps, but still it comes down to being educated.

      All in all, I'm gonna go ahead and call this a worthless read.
    • by zappepcs (820751)

      That is exactly the attitude that I see in the world around me. People install Symantec and then think (without regard to whether the software license is up to date or not) that it should stop any kind of malicious software or hacking attempt ever.

      That kind of thinking is the FAULT of Symantec et al. Yet, these same people would not drink old milk, or trust an aging condom? Go figure.
    • by anthw27 (1101749)
      Saying people wont read is hitting the nail on the head. Two of the biggest problems I see when people ring for help is they fail to (1) Listen to what they have been told (2) Dont read the content on the screen. This alone proves the point that people want the technology without the responsibility of having to learn. Some comments here say "just use a Mac" but thats not the solution becuase serious attacks are appearing againt Macs and Linux. I use both Windows and Linux, and prefer Linux for ssecurity re
  • Wireless security (Score:5, Informative)

    by paulius_g (808556) on Monday January 28, 2008 @03:48PM (#22211652) Homepage
    I personally simply hate the fact how router vendors don't put enough emphasis on how important wireless security is! The only thing that most router manuals say about encryption is that it will slow down the speed of the wireless network. Without further ado, let me bash a bit about this book:

    Many homes are now using wireless access points. Unfortunately, poor configurations open them up for eavesdroppers and bandwidth hijackers
    You got that right!

    The simple precautions of changing and hiding the network name (SSID) and changing the password will do a lot
    No it will not! Changing your SSID doesn't do anything in terms of security. All of the data transferred via the network is in the clear. Changing the admin password of the router helps a bit, but there exploits out there which can crack some of these passwords. The goal here is to prevent the bad guys from getting onto your network in the first place. Hiding? In Kismet, you press one button to reveal the hidden APs in the area. Hiding it pointless.

    but encryption using WEP, WPA, or WPA2 will help a lot more.
    WEP is useless. It can be cracked in less than 60 seconds these days. In fact, it's easier to crack a WEP key than to write it in! WEP is BROKE, and let's make sure that people get the message. WPA and WPA2 are, if you're using a nice and long non-dictionary password, uncrackable. The only attack that can be done on WPA or WPA2 is a dictionary attack. In addition, make sure that you're using AES with WPA, and not TKIP. TKIP is an implementation which uses less CPU, but is very similar to the way how WEP works. It's weak.

    They also go into the security issues of public hotspots, including the prospect of "Evil Twins" (user computers that offer a look-alike access point just to steal your personal information).
    Very true, but let's be honest here for a second... Am I the only one who's paranoid of entering my PayPal or CC info on an unencrypted public access point? I don't care if it's an AP ran by some mega-trusted corporation, the signal is still out there and anyone can get it.

    There. My 2 cents are deposited.
    • Re: (Score:3, Informative)

      by ettlz (639203)

      WPA and WPA2 are, if you're using a nice and long non-dictionary password, uncrackable.
      Don't be lazy, set up a RADIUS server.
    • If you use unencrypted public access points, I'd strongly recommend setting up a VPN at home and tunneling whenever you use them. This provides you with encryption and also prevents the owners of the access points from eavesdropping, to an extent.

      If you've got a crappy connection at home, it may suck, but it beats being out in the open.

      At my university, ever since WEP was broken, most access points on campus have required users to log into the school's VPN to secure their connections in lieu of wireless enc
      • by nahdude812 (88157) *
        Anyone with a trusted SSH server they can get access to can do this to a certain extent with nothing more than an SSH client on the computer they're using at the public access point.

        ssh -D 1080 [<someuser>@]<somehost>

        Now set your programs to use a SOCKS proxy of localhost:1080, and you're done. My macbook has Little Snitch, and I have it configured to deny all outbound traffic which isn't going to one of my trusted SSH servers, and only on port 22. This way I don't even have to worry about acc
    • by XorNand (517466) * on Monday January 28, 2008 @04:21PM (#22212146)
      WEP isn't useless. It will keep 99.99% of freeloaders off a wifi network. And 99.99% of people trying to connect to a wifi network that isn't theirs is just a freeloader. Path of least resistance, man... WEP will continue to be at least marginally useful until Windows ships with Clippy that pops up with "The network you're trying to connect to is WEP-enabled. Would you like to crack it?"
    • by edashofy (265252)

      Am I the only one who's paranoid of entering my PayPal or CC info on an unencrypted public access point? I don't care if it's an AP ran by some mega-trusted corporation, the signal is still out there and anyone can get it.

      Um, do you really enter your PayPal or CC info on a non-HTTPS connection? Because if you're on an HTTPS connection, there shouldn't be an issue. Your browser and the site itself have done a key exchange with RSA and are communicating with a very secure block cipher at that point. It does

      • Re: (Score:3, Informative)

        by Sancho (17056)
        There have been attacks on web sessions that go over http (not https), even when some parts of the session were protected using SSL. The idea is that sensitive information may be encrypted, but non-sensitive information will just go over http in for speed and ease of use. However if you can hijack the session through the non-encrypted requests, you can log in as the user without ever knowing their passwords, and then you might be able to do all sorts of nasty things.

        The attack was famously performed again
    • I personally simply hate the fact how router vendors don't put enough emphasis on how important wireless security is! The only thing that most router manuals say about encryption is that it will slow down the speed of the wireless network.

      I just opened my new D-Link DI-724GU [dlink.ca] wireless router and gigabit switch today and was honestly impressed at the warning posted inside that pointed out how any wireless networking product can leave your network exposed to third parties and insecure and that proper security

    • Re:Wireless security (Score:5, Informative)

      by Vellmont (569020) on Monday January 28, 2008 @04:33PM (#22212394)

      WEP is useless.

      Hardly. While WEP isn't very secure, it's enough to say "this is my network, don't connect to it". The lock on my door is probably pickable in 60 seconds too, with about as much skill involved.

      It's true that WPA and WPA2 are a lot more secure, and there's little reason not to use them.

      make sure that you're using AES with WPA, and not TKIP. TKIP is an implementation which uses less CPU, but is very similar to the way how WEP works. It's weak.

      Not everyone agrees that security of your network is the MOST important thing. Compatibility, speed, etc is important too. TKIP is more than secure for the vast majority of people, and I'm unaware of any viable attacks on it.
    • You should write a book, and I'm completely serious about that. Hell, write a pamphlet. These are things that we know and the masses don't and industry isn't doing a very good job of getting that information to the end-user and simple things like a guide on what dropdown to choose are hugely helpful. The average user doesn't know what AES is or what TKIP is. Thank God that A comes before T in the alphabet because thats their default choice because that was what was already in there first!
    • Re: (Score:3, Informative)

      by Tom (822)

      In addition, make sure that you're using AES with WPA, and not TKIP. TKIP is an implementation which uses less CPU, but is very similar to the way how WEP works. It's weak.

      There is more trouble than that out there. Try running a wireless network with WPA2 and a number of different devices. You'll soon find out that your favorite Linux distro doesn't support the same options as your Mac, and let's not even get me started about windos broken support (which provides you absolutely no helpful error messages to tell you what the problem actually is). Oh, did I mention that it sometimes depends on your wireless card and the driver version?

      So I run TKIP, because it happens to work

    • by Braino420 (896819)

      Am I the only one who's paranoid of entering my PayPal or CC info on an unencrypted public access point? I
      What about SSL?
    • by Sancho (17056)

      The simple precautions of changing and hiding the network name (SSID) and changing the password will do a lot

      No it will not! Changing your SSID doesn't do anything in terms of security.

      Be wary of going to one extreme when fending off another.

      Changing your SSID can, in fact, help with security, in the proper context. It's true that just changing it doesn't really help, however if you're using WPA with a PSK, changing your SSID may well keep you safe from a rainbow table crack.

      Changing the admin password of the router helps a bit, but there exploits out there which can crack some of these passwords.

      I don't know of any exploits which do this, but I don't know of any wireless routers which reject logins attempts after too many failures, either. However, this mostly implies that the user has access to the netwo

    • by illumin8 (148082)

      WEP is useless. It can be cracked in less than 60 seconds these days.

      Hardly. With 128-bit or 256-bit WEP, you still need to capture a few hundred MB of packets before you'll get the WEP key. This means an attacker needs to leave their laptop on capturing packets for a few hours to a few days, given the average home network's traffic. This is enough of a deterrent for most casual attackers.

      Very true, but let's be honest here for a second... Am I the only one who's paranoid of entering my PayPal or CC info

  • Irresponsible ISPs (Score:3, Interesting)

    by MichaelCrawford (610140) on Monday January 28, 2008 @03:48PM (#22211654) Homepage Journal
    One ISP I used to be with - I don't remember clearly which one now, but it was a big national ISP - said that all you needed to do to keep secure on their connection was to disable Windows filesharing. That's it.

    Now, some people really need to use it, if they have more than one computer in the house. And there was no mention of protecting yourself from attacks coming from the Internet.

    Simply irresponsible, I say, and by rights the ISP ought to be liable for it.

  • But... (Score:5, Funny)

    by MSTCrow5429 (642744) on Monday January 28, 2008 @03:51PM (#22211706)
    ...can you remove it from your bookshelf without sending all of the other books aflame, and causing the shelf itself to collapse into shavings?
  • by Tom (822) on Monday January 28, 2008 @03:55PM (#22211764) Homepage Journal
    "a slim 240 pages"

    That's the whole problem. If we need that much space to explain people how to be online without being owned, 90% of 'em won't read it, and will get owned.

    Until we've solved that problem - and it's not a technological one, there is no geeky solution here - there is no real security for the average computer user.
    • "a slim 240 pages" You have plenty of time to read it TWICE while Norton security suite is installing.
    • by Tikkun (992269)
      I hate to say this, but there isn't a 240 page book you can read that will prevent you from getting ripped off. When you sign a contract, you need to read the fine print. If you cannot read the fine print, you need to hire a lawyer to do so.

      When you use a computer, you need to understand what you are doing. If you cannot do this, you need to consult with a professional who can tell you if you're doing something that will get you pwned.
      • by Tom (822)
        Wrong train, Tikkun.

        You don't need to read a 240 page book to operate a car. You need a few driving lessons, but after that you can drive most cars without reading the manual first. Why's that?

        And no, computer security isn't a terribly complicated beast that can never be "dumbed down". The fact that we believe that today is a sign that we're still at the beginnings - 100 years ago, cars were terribly complicated beasts, too. Starting one up was a tricky thing that required a series of steps made in precise
  • by FrostedWheat (172733) on Monday January 28, 2008 @03:56PM (#22211778)
    The first rule of Symantec Home Internet Security, is don't install Symantec Home Internet Security.
    • Re: (Score:2, Funny)

      by RockedMan40 (1130729)
      The second rule is.... ...Oh..this is way too easy and cheap..nevermind...
    • Re: (Score:1, Funny)

      by Anonymous Coward
      Damn you're right. The title sounds like "50 Cent's guide to quantum mechanics"
    • by tloh (451585)
      Well...yes.
      Haha and all that.
      What about us poor suckers who have the unenviable task of supporting systems with Symantec preinstalled? My father was given an HP a year ago running this piece of crap on XP and it has given me no shortage of headaches. The fucker takes ages to boot up and more than half the time it refuses to acknowledge the network. I got so tired of wasting time with the damn thing I gave him a lesser box running Ubuntu. Not a word of complaint since. Still, I keep the HP around becaus
      • by Andy Dodd (701)
        To anyone who might reply, "Just uninstall it" - Easier said than done.

        In my opinon, most Symantec products are more difficult to clean from a system than the malware they're supposed to protect against. The only way to get rid of it is to nuke and repave Windows.
        • Norton can be a real bastard. I had one of the version 11 corporate edition workstations just give constant errors. There's a utility on the Norton site that will do something (modify hokey registry entries???) and then you can uninstall it.

          I'm not afraid, of course, to just go into the registry, and simply wipe out an offending program from system services. That's the fastest way to kill Norton's Internet Security crapola.
        • by tloh (451585)
          Thank you for understanding the gravity of my problem. I'm only able to reinstall from the restore partition that comes with the computer. Which puts me back at square one since the thing is preinstalled
        • I agree with you. It completely hosed my XP when i tried to uninstall.

          I did a reinstall of XP,drivers,games, etc., and i went out and bought Kaspersky Suite.

          Kaspersky does a better job and second its russian, so no danger of DHS NSA trojans.
      • Re: (Score:3, Informative)

        by jotok (728554)
        Symantec, just like all the corporations, should listen to their customers and work to improve their software.

        On the other hand, I have to ask myself why I should listen to a guy who is stuck supporting software he hates, rather than really doing anything about it. You're basically irrelevant so long as the corporation has made management happy. Management is happy because the consultants took care of some hair-on-fire issue worth $1m in revenue and then took them out to lunch (and billed them for it). M
        • by tloh (451585)
          dude, I think you are in the wrong thread. I was talking about helping my dad at home. I don't do PC tech support for a living. Maybe what you say makes sense, I don't know. It remains to be seen if any of us are Einsteins, but at least I think *you* should at least read /. before posting.
    • The second rule of Home Internet Security, is don't let Symantec talk about Home Internet Security.
  • It's an old book (Score:5, Informative)

    by Anonymous Coward on Monday January 28, 2008 @03:56PM (#22211796)
    The book was published in September of 2005. So don't expect much of anything to be current.

    I was wondering why there wasn't any mention of Vista in the review.
  • When I looked at the title of this /. article, I read "The Symantec Guide to Homeland Security." Given how Homeland Security has performed since its inception, it sounded very believable that Symantec would be writing a guide to it.
  • As an experienced IT professional, I'm comfortable setting up WPA2-PSK (AES) on my laptops, desktops, and other wireless bits like my Wii and Smartphone.

    But for the average schmuck who just stolled home with a new "link-sees" wireless box and new wireless laptop 'puter - they won't bother setting up security, they'll stop when the lights are blinkin' and the porn is streaming.

    AOSS seems to be the way to go if more manufactures supported it. Push a button on the access point, and it goes into training mode f
    • by igb (28052)

      As an experienced IT professional, I'm comfortable setting up WPA2-PSK (AES) on my laptops, desktops, and other wireless bits like my Wii and Smartphone.

      Likewise. Indeed, I'm starting to write a simple security policy for the house, which I'll agree with my wife as the other stakeholder, so that I have a canned basis to agree or disagree to things other users (wife, kids, visitors) may want to do. Consider is ISO27001 for small companies. I've built firewalls, hardened Unix boxes, and indeed was pro

      • As someone else said upthread, WPA2 is actually surprisingly tweaky to get working

        Hmm, perhaps that's the issue I'm having with my Wii's wireless being flaky.

        I actually moved it to a hidden 802.11b WAP11 sitting on my DMZ... I got so sick of it flaking out that I left it running unencrypted for a while to see if it was my 802.11g AP or my firewall causing problems. Next up, as recommended by a friend of mine, tcpdump to see wtf the wii is doing.

  • Today, in a bold move, Symantec Inc. has re-branded their renowned Internet Security software package. "Our research shows that customers relate better with hybrid names and acronyms." Said a Symantec representative. "We feel that our new product, Symantec InSecurity captures the uneasiness customers have with our product and the internet in general."
  • This book is for non-technical people.
    No Kidding! No-one technical uses Symantec products. Well... never more than once...
  • My guide (Score:2, Insightful)

    by Wowsers (1151731)
    Having tried this firewall for myself when I eventually got XP (before going on to Linux), is that their new firewall was the fastest way to get my brand new clean install of WinXP on a dual core computer to it's knees in it's speed of use. I did another clean install just to get the speed of a dual core machine back, the computer ran like it was on a 486 with that firewall. Wasted my money.
  • which eliminates Symantic's.
  • Anything relying on the home user doing or not doing something is bound to fail. Click here [ubersoft.net] to have all your bank account details sent to the Russian mafia and your computer reduced to a doorstop.
  • 'Fraudsters .. are distinguished from hijackers who compromise your machine for local data or to make it part of a "bot farm"'

    Would this machine be a Microsoft Windows machine or any other kind of 'computer'?

    "Chapter 3 .. discusses the basics of Internet Protocol (IP), and what firewalls can and can't do"

    Does it say they don't work, especially the software ones. They are ineffectual as things like RPC over HTTP and SOAP are designed to - bypass the firewall.

    'The following two chapters cover the

You are in the hall of the mountain king.

Working...