Home Network Security

Here are some notes I made for various people about network security and combatting SPAM in a home or SOHO situation. It's quite a long list but hopefully it can prove useful.

Personally, I use the anti-SPAM service at www.SpamCop.Net. It's very reasonably priced and highly effective. I also use Norton Internet Security for both anti-virus and firewall solutions, together with a Linksys router.

NETWORK SECURITY MEASURES

0) If you are a Windows user, make sure you also visit www.microsoft.com/security and preferably run through their suggestions.

Make sure you also visit www.microsoft.com/windowsupdate unless you are still using Windows 98 or ME, when you should visit www.microsoft.com/windows98/ or www.microsoft.com/windowsme respectively.:

1) Always use recommended format passwords:

2) Get a router:

3) Get a quality Anti-virus product and maintain a current subscription for automatic updates. (See also next point: the most popular anti-virus products also come packaged with a firewall).

4) Get a quality Firewall product and maintain a current subscription for automatic updates:

5) Keep your system up-to-date:

6) Download and use Firefox, Netscape, Opera, or Mozilla as your default web browser rather than Internet Explorer on Windows:

7) Enable advertisement filtering and pop-up blocking.

8) If you must use Internet Explorer, also use an quality anti-SpyWare product such as Ad-Aware or SpyBot Search And-Destroy regularly.

9) Virus scan your entire system regularly.

10) Regularly back up any data that you do not want to lose, including e-mail logs, and practice how to recover your system.

11) Do not use pirated software.

E-MAIL SECURITY AND ANTI-SPAM MEASURES

0) If practical to do so, only check your mail at your ISP's web site  (most ISPs support this).

1) If you must use an e-mail client program to download messages to your computer, avoid using Microsoft Outlook if possible, and consider using SSL ports to send and receive e-mail if your ISP supports this (most do).

2) Use automatic SPAM-filtering if your ISP supports it (most do), or else use a service such as SpamCop.net.

3) Report SPAM.

4) Disable automatic script handling and opening of attachments in your e-mail client program.

5) Always check the mail headers of any message from a sender that you do not recognize. For example, in Outlook, select the message in the mailbox list, right-mouse click, and review the "Options" to validate the sender.

6) Never open e-mail messages if you do not know who they are from: discard them immediately.

6a) Avoid using Outlook mail preview for unchecked messages.

7) Never open any e-mail attachment unless you have validated and preferably virus-scanned it first.

8) Never click on a link in an e-mail message unless you know it is bona-fide. Instead cut and paste the link into your browser and make sure that it is not redirected or morphed. (In some e-mail client programs you can also "View source" on HTML-format messages in order to check that a link is valid.

9) Never provide any personal information in a web form linked to directly from an e-mail message.

10) Always report any suspected abuse promptly, including suspected fraud.

That's about it for now.  Obviously I can't guarantee to answer questions on the above, nor can I accept any responsibility for damage or losses that might occur.

Document last updated 2005-03-22. Edited 2007-08-25.