The Symantec Guide To Home Internet Security 139
r3lody writes "There are many households that have high-speed Internet connections, yet most people are simply not doing enough to protect themselves from the many exploits that exist. The Symantec Guide to Home Internet Security by Andrew Conry-Murray and Vincent Weafer was written to speak to those people. Symantec Press is the publisher, yet it remains reasonably vendor-neutral. This book is for non-technical people. Its ten chapters cover a relatively slim 240 pages, so it should not intimidate someone who is not a computer professional. Also, you do not really have to read the book front-to-back, but you can focus in on the chapter or chapters that interest you and have fairly complete information." Read on for the rest of Ray's review.
The first chapter gives the reader a basic overview of the risks of using the Internet without some steps to protect yourself. Fraudsters, those who ply you with get-rich-quick schemes and other spam-delivered scams, are distinguished from hijackers who compromise your machine for local data or to make it part of a “bot farm”. The remaining chapters discuss various aspects of security exposures, how to protect yourself from them, and conclude with a checklist of high points and “Helpful Resources” that contain web sites, phone numbers, and occasional additional side-bars with more in-depth examples.
| The Symantec Guide to Home Internet Security | |
| author | Andrew Conry-Murray and Vincent Weafer |
| pages | 240 |
| publisher | Symantec Press |
| rating | 8/10 |
| reviewer | Ray Lodato |
| ISBN | 0321356411 |
| summary | A slim volume packed with valuable information for non-technical Internet users. |
The next chapter is a very informative chapter on preventing identity theft. This part of the book is worthwhile, even if you don’t use the Internet for financial transactions. The authors mention how your personal data can be stolen from company databases, despite precautions you yourself have taken. There are discussions on social engineering and dumpster-diving, as well as phishing scams and keyloggers. The best part of the chapter is the “Recovering from Identify Theft” section. Hopefully you will never need the information there, but it’s very helpful to see it collected in a simple bulleted list. The second side-bar at the end discusses a personal account of a brush with identity theft.
Chapter 3 covers firewalls, which most people think is the only protection they need. It discusses the basics of Internet Protocol (IP), and what firewalls can and can’t do. Lists of both free and commercial firewall products are provided. It wraps up with a few sites that can test your firewall settings to see if you are really protected or not. There were a couple of minor errors (for example, 192.101.432.156 is offered as an IP address, but the third number can’t be more than 255), but most non-technical people need the product lists provided.
The following two chapters cover the various forms of “malware” (viruses, worms, adware, spyware, and Trojans). Conry-Murray and Weafer provide several preventative actions you can take to avoid infection — the most important involves using your common sense (e.g. “Use a firewall” and “Don’t Open Strange E-Mail”) They wrap up by describing how to remove malware via the available anti-spyware programs.
The final category of unwanted Internet debris is spam. The authors state that for most people “spam is an annoyance rather than a plague.” However, they go on to disclose figures that estimate anywhere from 50 to 90% of the 30 billion e-mails sent each day are spam. To explain why spam works, a side-bar talks about Jeremy Jaynes, who was convicted in November 2004 for spamming. He generated about 10,000 credit card sales per month. Two-thirds of those were returned, yet he still netted more that $100,000 a month.
Chapter 7 covers securing Windows XP. At the time of publishing, Microsoft had come out with XP Service Pack 2, with the Windows Security Center. A large section deals with installing SP2 and configuring the Security Center. It’s kept at a level that most users can comprehend and follow, making it another very worthwhile chapter. The following section describes securing Internet Explorer 6 in great detail. The authors do suggest, however, that you might want to use a different browser, such as Firefox or Opera. The thinking is that Firefox and Opera will be more secure because fewer exploits are targeted towards them.
Locking down Windows and IE is not enough to keep your family safe. That’s why they devote the next chapter to “Keeping Your Family Safe Online.” Pitched mostly to parents of younger kids, chapter 8 starts by talking about blocking objectionable content using IE’s Content Adviser. Sexual predators is the next topic, and the authors give the reader good information on how to monitor your children’s online activities, as well as how to report solicitations to the authorities. The final topic revolves around file-sharing software. While they mention the prospect of downloading viruses, the legal ramification of potentially housing illegal downloads is the most important lesson to take away from this section.
Many homes are now using wireless access points. Unfortunately, poor configurations open them up for eavesdroppers and bandwidth hijackers. The simple precautions of changing and hiding the network name (SSID) and changing the password will do a lot, but encryption using WEP, WPA, or WPA2 will help a lot more. They also go into the security issues of public hotspots, including the prospect of “Evil Twins” (user computers that offer a look-alike access point just to steal your personal information).
The book wraps up with a chapter on “Privacy and the Internet.” Anyone who conducts any transactions over the Internet has their personal data stored on a computer that might be accessed online. The key precaution is to not divulge any information you don’t absolutely have to. Data Brokers collect amazing amounts of information on each of us. Three major companies, Acxiom, ChoicePoint and LexisNexis are individually described, with information on how to get reports on what information they’ve recorded, and possibly how to opt-out of having it stored.
Andrew Conry-Murray and Vincent Weafer conclude the book by giving the reader five basic steps to protect themselves online. However, I prefer their final, single simple rule: Use Your Common Sense.
The Symantec Guide to Home Internet Security, though a slim book, is packed with a lot of valuable information pitched to the non-technical user. I believe that anyone with a computer connected to the Internet would benefit from reading this book.
You can purchase The Symantec Guide to Home Internet Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Wireless security (Score:5, Informative)
There. My 2 cents are deposited.
It's an old book (Score:5, Informative)
I was wondering why there wasn't any mention of Vista in the review.
Re:Symantec? Uh, anyone else have an opinion? (Score:5, Informative)
In 1990, he sold his company to Symantec. Since then, their products have been gradually rebranded and have consistently sucked. Symantec seem under the delusion that their brand is now worth what the Norton brand was worth in the '80s (which, if you ignore inflation, it might be...).
Re:Wireless security (Score:3, Informative)
Re:Wireless security (Score:5, Informative)
WEP is useless.
Hardly. While WEP isn't very secure, it's enough to say "this is my network, don't connect to it". The lock on my door is probably pickable in 60 seconds too, with about as much skill involved.
It's true that WPA and WPA2 are a lot more secure, and there's little reason not to use them.
make sure that you're using AES with WPA, and not TKIP. TKIP is an implementation which uses less CPU, but is very similar to the way how WEP works. It's weak.
Not everyone agrees that security of your network is the MOST important thing. Compatibility, speed, etc is important too. TKIP is more than secure for the vast majority of people, and I'm unaware of any viable attacks on it.
Re:Wireless security (Score:3, Informative)
So I run TKIP, because it happens to work with the setup I have here.
Re:Hmm... (Score:4, Informative)
When they were bought by Symantec, they maintained their quality for a while, but eventually, they just didn't work. Antivirus was really the last utility to fall, but even it finally did. I used to wholeheartedly recommend Norton (and later, Symantec's Norton line) products to anyone who ran Microsoft OSs. Now, my recommendation is unquestionably to uninstall it, download the full removal tool, and run that, too.
Re:Wireless security (Score:3, Informative)
The attack was famously performed against people using Gmail, but it could work against many websites.
Re:Symantec Guide (Score:3, Informative)
On the other hand, I have to ask myself why I should listen to a guy who is stuck supporting software he hates, rather than really doing anything about it. You're basically irrelevant so long as the corporation has made management happy. Management is happy because the consultants took care of some hair-on-fire issue worth $1m in revenue and then took them out to lunch (and billed them for it). Management haa more pressing issues than whether or not some tech is pissed off at the very INJUSTICE of some customer's box booting in 3 minutes instead of 2. They bought the suite because they had to be compliant with SarbOx or HIPAA or, worst of all, esoteric state & local standards, and they are worried about a 50,000 seat enterprise, not your puny helpdesk.
Until you grasp the bigger picture and understand why, in the grand scheme of things, bloaty software is not the dealbreaker you imagine it to be, then you will be stuck implementing shit you hate for people you think are stupid. If you want to advance, get it in your skull now that being a helpdesk jockey does not make you equivalent to Einstein, no matter how much