PDA

View Full Version : Personal Security on the Net


Geck-o-Lizard
15-10-03, 04:24
After reading John's post, I've realised just how vulnerable we all are. So I've decided to give a rough guideline as to how you can improve your safety on the net.

The golden rule is NEVER, EVER UNDER ANY CIRCUMSTANCES REVEAL YOUR REAL NAME OR ADDRESS. This also goes for when you're signing up for something like a Hotmail account. Use a fake name - MSN doesn't look at your details, but it's only too easy for hackers and other unauthorised intruders to gain access to your details. Use a fake name, this is why hackers use handles, it means you will be a LOT safer than if ou use your real name. For example, you could say "First name: Lamp Surname: Post" and the MSN guys wouldn't give a damn, but it would be much harder for anyone peeping at your details to see who you are. This is the same for your address. You could say "Lamppost Street, Lamppostville, Lamppostland" for all they care. If you have to give a post code/zip code, make one up that is almost 100% likely not to exist but will be counted as valid.

Don't disclose your phone number or other details anywhere that has public access, like a forum or a website.

Never, repeat NEVER, tell anyone any personal details, passwords for anything, user names etc. as these can be used against you! Once someone has your login name, a dictionary attack may be run to access your account; if you give them the password it is not unlikely that they will get your login name first try!

Don't use the same password more than once on different things, because that way it will be harder for an attacker to guess. A strong password should ideally be 8-12 characters long with a mix of letters, numbers and other symbols, without any words in it. But this is hard to remember, so another strong password would be a madeup pronounceable word with alternating consonants and vowels eg. CVCVCVCVCV. You could end up with a password like HOVIDENAMI or COLUNIFODA. Password crackers would be unable to crack this because it will not appear in any common wordlist unless that wordlist is one heck of a lot longer than is practical. And there are si many combinations that you can be quite sure that it will withstand near any attack.

A note on forums: Whatever you post in a forum will remain there forever unless you edit it out. Also, if you edit a detail out, you can't ever be sure that no one's seen it, specially not if someone's vigilantly watching your every move. Sometimes they may even get a recording program to watch everything posted by a particular person, and to keep a copy of it.

Don't panic! There are VERY few people like I'm describing, but the safety and security precautions should be followed. I care for you all, I don't want you at risk! http://www.tombraiderforums.com/images/smilies/smile.gif

PSone
15-10-03, 04:41
Good tips Geck-o-lizard
A note on passwords - always try and use a mix of UPPER and lower case letters with some numbers thrown in for good measure.

chocco
15-10-03, 09:33
Hi Geck-O-Lizard http://www.tombraiderforums.com/images/smilies/smile.gif
Thanks for the information. I usually keep the same password with most but after reading your post I think that I will make some alterations.
Good advice! http://www.tombraiderforums.com/images/smilies/smile.gif

jitte
15-10-03, 09:55
You neglected to mention broswer security, the possible hazards of visiting "untrusted" sites with ActiveScripting and/or ActiveX enabled.

There are such things as Script trojans, dialers, and malicious ActiveX controls, not to mention homepage hijacking, spyware, etc. that can all be "acquired" or happen just from visiting someone site. You don't always have to click a button for it to happen either.

mmm, did I mention I had a new Lara Croft site???

lol jk ;)

But I never enable Scripting or ActiveX when I'm just surfing around. Neither should anyone else IMO.

You're welcome to visit my site, and I hope you do, but I wouldn't blame anyone if they tightened up their browser security settings first.

Geck-o-Lizard
15-10-03, 13:19
Thanks Jitte! http://www.tombraiderforums.com/images/smilies/smile.gif

AndrewII
15-10-03, 23:09
And the purpose of this thread is? Y'know, its easy for anybody to identify you even if you give a fake identification. BTW, my personal info (http://users.ign.com/about/impreza). Look me up if your in town ;)

John Falstaff
15-10-03, 23:41
Hi Andrew,

http://www.tombraiderforums.com/images/smilies/wave.gif

Not everyone is as happy as you are to be so easily found! This thread follows on from an earlier post, by myself. I was worried that too much information about people was being made openly available in the forum.

I'm not sure what you mean that 'anyone can identify you'. I was concerned about 'real', rather than 'cyber' identification. I don't know what the IT savvy can find out - but a lot of Joe public need hints.

DragonDan
15-10-03, 23:51
These days it is important to keep our guard up. I just read an article in PC world magazine, that talked about internet security. They suggest simple things like antivirus, firewall - and setting them up properly.
www.auditmypc.com (http://www.auditmypc.com) is a site that helped me figure out what to "tighten up" with my browser. A small ammount of inconvenience in regards to Active X permissions, is a very small price to pay for a secure system.
I would also recommend Adaware version 6 - it's free for personal use, and pretty powerfull.

jitte
16-10-03, 00:31
Not everyone is, shall we say, "comfortable" with their home address and phone# being available to everyone on the web, like yours is Andre.

gonga
16-10-03, 00:36
Originally posted by AndrewII:
And the purpose of this thread is? Y'know, its easy for anybody to identify you even if you give a fake identification. BTW, my personal info (http://users.ign.com/about/impreza). Look me up if your in town ;) I disagree. In fact, it's not that difficult to retain anonymity when posting to a forum.

John Falstaff
16-10-03, 01:03
Thanks Gonga,

The initial worry (at least mine) was to do with the content of posts. (See 'Too much information' thread.)

I was, and remain, worried that some people were giving away far too much personal information (eg: names) in their posts. Maybe if the administrators or mods spot such posts they could simply delete them?

Geck-o-Lizard
16-10-03, 21:02
Yeah, that would be a good idea.

Hey, virtually none of any of you know my first name, my age, my home address, my phone no, my email addresses, my 'puter type, my IP address, my ISP, my surname (unless you're watching my posts like an eagle), what I look like, my login names for stuff, my style of passwords, etc. and I'm gonna keep it that way! ;)

Andrew, it's not as easy as you assume to find out personal details, that is, if you don't put 'em anywhere in the first place.

John Falstaff
16-10-03, 21:21
Isn't that the worry - that some might be watching posts like an eagle (or vulture)! I'd like to see the mods. and admins. p.o.v. on this one.

Geck-o-Lizard
16-10-03, 21:45
Yeah, why don't we ask them? I'm sure they could only say "no" at the worst http://www.tombraiderforums.com/images/smilies/smile.gif

AndrewII
16-10-03, 22:05
Originally posted by Geck-o-Lizard:
Yeah, that would be a good idea.

Hey, virtually none of any of you know my first name, my age, my home address, my phone no, my email addresses, my 'puter type, my IP address, my ISP, my surname (unless you're watching my posts like an eagle), what I look like, my login names for stuff, my style of passwords, etc. and I'm gonna keep it that way! ;)

Andrew, it's not as easy as you assume to find out personal details, that is, if you don't put 'em anywhere in the first place.Trust me, its very easy for someone to find out details about you, especially since your IP addy is constantly broadcasting.

Geck-o-Lizard
16-10-03, 22:12
Not if they can't find your name or anything cos you've never entered it anywhere, not even on your own 'puter http://www.tombraiderforums.com/images/smilies/privateeye.gif

Ok, so they could go to your ISP. But wouldn't it be a bit suspicious if a guy called one day asking "Where does the guy with this IP address live?"

Aargh, let's not start arguing over a stupid thing like this, all I want to do is help you lot stay safe on the net away from pervs, not protect you from Uberhackers and the FBI

John Falstaff
16-10-03, 22:20
I think Geck-o-Lizard has touched the main point, it's not the law or cyber wizards that are the (my) worry.

Geck-o-Lizard
16-10-03, 22:23
Thank-ee, can't argue with that http://www.tombraiderforums.com/images/smilies/hug.gif

AndrewII
16-10-03, 22:32
Originally posted by Geck-o-Lizard:
Not if they can't find your name or anything cos you've never entered it anywhere, not even on your own 'puter http://www.tombraiderforums.com/images/smilies/privateeye.gif

Ok, so they could go to your ISP. But wouldn't it be a bit suspicious if a guy called one day asking "Where does the guy with this IP address live?"

Aargh, let's not start arguing over a stupid thing like this, all I want to do is help you lot stay safe on the net away from pervs, not protect you from Uberhackers and the FBIWell its commendable that your advising people about strangers and stuff,but don't you think its common scense and having some street smarts thats suppose to make a difference on who a someone trust whenever their out in the world or on the net? Anybody without some kind of street smart or common scense about whats going on around them should never be let out into the world or on the net.

Geck-o-Lizard
16-10-03, 22:37
Yes, and I agree, but can we just finish this conversation before we bring out the flamethrowers? http://www.tombraiderforums.com/images/smilies/bash.gif

(Edit: spelling)

[ 16. October 2003, 23:38: Message edited by: Geck-o-Lizard ]

jitte
16-10-03, 22:38
I wouldn't include anyone who posts their real name and town they live in as those with street smarts.

John Falstaff
16-10-03, 23:10
Hi Andrew,

Your point about 'street smart' is well taken. However, some of the younger members of the forum have not been descrete. It's no use saying they should not be loose on the net - they are. I think we have to deal with the reality here - not what should be!

gonga
17-10-03, 09:57
People might also like to know that if you have a router (like with a home network), you are NOT broadcasting your IP address. At my place, we have a VPN router with a software firewall as well, so we're not broadcasting anything.

AndrewII
17-10-03, 18:32
Originally posted by jitte:
I wouldn't include anyone who posts their real name and town they live in as those with street smarts.samohT werdnA
Orlando,FL

Any yes I have "street smarts" ever since I was 10

jitte
17-10-03, 19:22
Originally posted by AndrewII:
</font><blockquote>quote:</font><hr />Originally posted by jitte:
I wouldn't include anyone who posts their real name and town they live in as those with street smarts.samohT werdnA
Orlando,FL

Any yes I have "street smarts" ever since I was 10</font>[/QUOTE]That's debatable, but I'm not going to waste my time at it.

You didn't need to spell your name backwards. I had your street addy and home phone# in 5 minutes.

Don't ask me to post it, because if I decide to use it...it won't be here and there will be no doubt left in your mind.

End of line.