Because I liked your article and am slightly insane I have converted it into more readable text so that people are not put off from reading it because of the way it is presented.
This discussion will touch base on some very important topics, to us all, and will go semi in-depth to solutions for common problems that often plague many users. Though this discussion isn't really geared toward server administrators, as they should know (especially if they have that job) how to protect their system(s) on their network.
It was 8am exactly, Jared (fictitious person) walks into work, plugs his super cool USB drive into a running computer and just compromised a $40,000 server network in 10 seconds with malicious code, he unplugs said USB stick and then walks over to the break room. So who made coffee this morning? It's real. Where it really gets scary, is Jared found the USB drive in the parking lot, wanting to check it out, he plugs it in, after seeing the network quickly go down and he quickly and quietly gets ‘lost’.
So how does malicious code effect you? Do you use Bit Torrent clients to download stuff? Of course we all do, don't we? I love the movie Transformers, where they got the computer whiz in the FBI office, he burst out with "I haven't done a thing, nothing! Ok, ok, sure, so I downloaded a few thousand songs, but who hasn't?" After connecting my new computer with windows 7 loaded on it, It was literally compromised with viruses in a matter of seconds. Truthfully, And yes, it really does bite.
So how do we fight? Well, the best solutions are not always easy to implement. Knowing how to properly administrate a computer is the first step in security. Doing your homework about encryption and disc Imaging is probably the second most important topic you can study.
No matter how bad a virus or the malicious code is that ‘gets’ your computer, if you have an image backup, you can wipe the hard drive and reinstall the image back on that computer. Well, what if I have X computers on my network? I cannot legally tell you how to do that on here, but there is a way to protect all your computers as well with the same simple system. Backing up daily, is a horrible waste of time for most server administrators. There has got to be an easier way right?
Karen's Replicator is a good choice for a continuous backup of files and directories. You should always have a disk image of a completely loaded system on a separate hard drive that is not accessible to anyone. Norton Ghost, Acronis True Image, which is my personal favourite, and a few others make dependable stable disc imaging utilities, which I recommend people to use. As cheap as the hard disc drives are today, you can get 1.5 TB for as little as $120-140, so you should be able to store all computer drive images for the OS and boot partition of the drive. Backing up files on a network is rather simple if you have the network setup right. Again, this discussion is not really about servers or networks, though I felt it important to point a few things out about that.
Obviously backup is critical to handle those pesky virus coders, criminals, and countries vying for control of networks, computers, servers, and even Internet Service Providers.
Spyware is probably the number one problem in most systems, unwittingly these things work in low processes, tracking everything, invading computers to steal data, and what have you. Spybot Search & Destroy is very solid software for the fight against spyware, it even puts Windows Defender to shame.
Obviously, once malicious code or serious viruses have done their job, it may be far too late to repair the problem, as often is the case too many files get damaged. Let's not forget, data encryption is a very strong defence against all of the above problems. Not even the OS can alter files that are encrypted, so if it's critical, and now that it's a federal mandate for companies to protect customer data, we should all learn about encryption.
The best solution against problems, once again, is to backup. We know now that backup is the best defence there is against infections and problems that arise from attacks through the internet, well why not just stop it all together eh? This is tough, as evidenced by the recent attacks on Google.
I've heard hackers say, Linux is a great system to hack, and of course, if you’re using Windows XP you’re as good as got. There are many ways to get into a computer, it's very important to disable all plug and play services. Nobody should be able to walk up to a computer and use a port, CD or DVD drive, or any other device unless they have the proper authority to do so; this is where user account controls come in. Anyone can boot a computer from flash drive today if they can get into the bios, so always password protect the BIOS. If you are the sole user of the computer, it wouldn't be a bad idea to put a password on the use of the computer (also set up in the BIOS) this way they have to enter a password just to get passed POST. This is obvious a good way, though not fool proof by any means, to protect the physical security of a computer. When I say physical, I mean the dangers of someone accessing your computer physically, not through the internet or on the network. Data backup means little if someone gets ahold of the information that is not encrypted, this is why encryptions is the largest layer against hackers, spies, criminals and companies. Even your ISP can spy on you, though they would never admit to it, they do do it. Encryption is where Integrity comes in. Though, it would be well beyond the scope of this discussion to talk about encryption in depth, sorry. Getting back to security, and the various aspects of it, we have discussed Physical security somewhat; let's continue on about protecting your computer.
It's a given, though many users don't do this, you should always go into safe mode and set the main administrators’ password. On Windows XP systems, access this by pressing F8 or F9 at start-up before the Windows logo appears, but after POST. Though sometimes it may be another key, what you’re looking for though is Safe Mode, here you need to set a password up for the system. If you don't, anyone can get into safe mode and change or modify or even delete passwords to all accounts. This of course would be a grave oversight in security for any typical computer user without knowledge of computer security. Personally I'm not very experienced with Windows 7, as I've only been using it for a few months now, though I'll get back to you on that one about this particular subject.
Passwords are rather worthless if they are stuck to your monitor. Physical security also involves protecting sensitive material and information, like passwords, vital data and backups etc.
All security for networks and servers begins with a plan, but that is not limited to just those, us users need to have a plan of setup, backup, and security that is impenetrable. Networking and network security is far beyond the scope of this discussion, though hopefully, by now you should be more aware of what security is, what it means to you, and how to utilize some of the newer technologies to protect your computer.
I've read somewhere that, encryption doesn't always work, sometimes it just password protects the file from intrusion and can be stolen by creating a disc image of the partition that the encrypted material sits on. This is true, it's how the computer forensics takes the information off of your hard drive. Deleting a partition or file does not necessarily erase it completely. It is possible to retrieve deleted files or even wiped partitions. If you don't believe me do some research on the internet, you will find out this is all too true. There is software that truly wipes the partition when it cleans it. This is the method that is recommended for removing a partition before you restore a backup, as viruses can still infect your computer unless you completely wipe the drive. Backups, once again, should be encrypted to protect the malicious virus or code from altering, deleting or moving the backups.
Back to the subject of security and the plan, if you do not have a plan, you will never succeed like those who do have a plan. That I believe is a universal truth, as goals are rarely achieved unless they are written down. So take the time, devise your computer setup and security, in regard to all layers of security, not just physical. Hopefully, if you plan well, you will be better protected from data loss, which is one of the worst feelings someone can have should their laptops or disc end up in a thieves hands.
Hopefully I have discussed enough to get you interested in the subject; this is of course the purpose and intent of the article, to direct you toward educating yourself in computer security, data integrity, and helping you avoid disastrous mistakes.
Hope someone liked the article, please provide feedback below.