Debbie Parker Wayne Wayne Research P.O. Box 397, Cushing, TX 75760-0397     Phone: 936-326-9101

Home

Lectures

Services & Fees

Sample Work

Research Authorization

Computer Work Authorization

Debbie's Bio

Contact Us

Protecting Yourself on the Internet

NOTE: There's a LOT of detail in this document. DON'T LET THAT SCARE YOU. We are NOT going to cover all the details in the class. We will use the diagrams and cover the information a basic computer user needs to know to understand more about how the internet works. The details will be good reference material for you as you learn more.

I. HOW THE INTERNET WORKS

The internet is made up of components owned and shared by 1000's of private companies and public / government organizations

• NAP - Network Access Point - very large, fast computers owned by big companies like IBM, AT&T MCI, etc.
• BACKBONES - high-speed connections NAP to NAP and NAP to regional networks
• Regional Networks - spread out from the NAPs through high-speed connections
• ISPs and private networks - connect via the regional networks
• Individual PCs - connect via ISPs and private networks
• Connections between these entities are made by dial-up (common) phone lines, DSL and ISDN phone lines, cable modems, satellite, fiber-optic, high-speed lines (T1, T2, OC1, OC3)

Data being sent over the internet is broken up into packets by the sending system

• Routers in the network decide which route a packet should take to get from source to destination - each packet of a block of data may go a different route depending on how busy one route is at any given time
• Once all the packets arrive at the destination they are re-assembled in order and displayed to the user/browser

HTTP Request Sequence:

1. You open your browser and enter a URL
   http://www.rootsweb.com/~txnacogd/CIGTIPS/index.htm
2. Request is sent to your ISP
   HTTP GET www.rootsweb.com /~txnacogd/CIGTIPS/index.htm
3. System/Domain Name is translated into an IP address
   63.92.80.33
4. Request is then routed to that server/system
5. Server may check to see if you have a cookie from it and gets it if there is one (or may set a cookie)
6. Server determines what web page you want (and adjusts according to cookie values if needed)
   /~txnacogd/CIGTIPS/index.htm
7. Server system breaks it up into packets, sends the packets out to the internet where routers decide the path to take to get it back to your ISP
   (see TRACE ROUTE (tracert) SHOWS PATH TO A SERVER below)
8. Server separately sends graphic images referenced in the page
9. Server logs the activity into a log file (see section III. A. INTERNET LOGS)
10. Your ISP then sends the packets to your system
11. The packets are re-assembled and the web page is displayed by your browser

      

TRACE ROUTE (tracert) SHOWS PATH TO A SERVER

tracert can be used to see how many systems your request passes through before it reaches the destination.

DOSprompt: tracert www.rootsweb.com >somefile.txt

Tracing route to www.rootsweb.com [63.92.80.33]
over a maximum of 30 hops:

  1   ...  NAC-TCM-1.inu.net [63.151.1.247] 
  2   ...  nacogdoches.inu.net [63.151.1.254] 
  3   ...  lufkin.inu.net [63.151.3.254] 
  4   ...  iah-edge-04.inet.qwest.net [63.149.128.21] 
  5   ...  hou-core-02.inet.qwest.net [205.171.23.53] 
  6   ...  hou-core-03.inet.qwest.net [205.171.23.6] 
  7   ...  iah-core-01.inet.qwest.net [205.171.5.3] 
  8   ...  wdc-core-03.inet.qwest.net [205.171.5.185] 
  9   ...  wdc-core-01.inet.qwest.net [205.171.24.10] 
 10   ...  chi-core-03.inet.qwest.net [205.171.5.227] 
 11   ...  chi-brdr-03.inet.qwest.net [205.171.20.142] 
 12   ...  s5-2.edge1.chi-il.us.xo.net [207.88.50.49] 
 13   ...  ge9-0.tran1.chi-il.us.xo.net [64.220.0.177] 
 14   ...  p0-0.tran2.scl-ca.us.xo.net [64.0.0.17] 
 15   ...  ge9-0.tran1.scl-ca.us.xo.net [64.220.0.49] 
 16   ...  64.0.0.134 
 17   ...  65.105.237.10 
 18   ...  40326A12.ptr.dia.nextlink.net [64.50.106.18] 
 19   ...  205.158.184.30 
 20   ...  205.158.184.54 
 21   ...  www.rootsweb.com [63.92.80.33] 

Trace complete.

II. THINGS TO DO TO PROTECT YOURSELF

A. EDUCATE YOURSELF and Everyone who uses your computer
(All should know these rules!!!!!)

Useful URLs with privacy and protection info:

• http://www.PrivacyFoundation.org/
• Cindy's list has a number of references to privacy issues:
  http://www.cyndislist.com/internet.htm#Privacy
• Useful URLs Privacy Section
• http://www.pcworld.com/heres_how/winsecurity
• http://www.pcworld.com/how_it_works
• http://www.pcworld.com/dec2000/homeoffice

B. BASIC INFO

• Read the sites privacy policy - and remember they could change it at ANY time
  • opt-in - must select to receive email, etc. or they WILL NOT send it
  • opt-out - must select NOT to receive email, etc. or they WILL send it
• Also remember even if a site has good intentions of protecting your data the site could be hacked and then unsrupulous people could have access to your info
• Don't reveal anything about yourself that isn't really necessary to complete a transaction - what will happen to this info if the company goes out of business or just needs some extra income?
• Some sites require you to fill in certain fields but if it isn't something they need to know you can fill in any value
• Be extremely careful with SSN, credit cards numbers, bank account numbers, debit card numbers, medical-legal-financial info, times when you will be away from home, salary/income, contents of your home (this also applies to info about your friends) (but credit card is safer than ATM/debit card since your liability may be limited to $50.00 on credit card)
  • SECURE SITES
  • look for the s after the http in the URL. If it shows https, you're secure.
  • look for the key or padlock icon in the lower left-hand corner of your browser window. If it's open, you're not in a secure location
• Don't allow sites to store credit card info so you won't have to enter it again next time (Amazon's One-Click purchasing keeps your credit card number)
• Just because a site asks for mother's maiden name doesn't mean you have to use her real maiden name - just remember what fake name you use

C. SCAMS

Any con or scam that worked before the internet will also work on the internet plus many new ones

NEVER give money or financial info to ANYONE on the phone or internet unless you are POSITIVE they are who they say

Genealogy SCAMS are listed at http://www.ancestordetective.com/watchdog.htm

D. PASSWORDS

• Don't let sites store your password for you (NS6 has a password manager built in - the info is saved on your computer and not the external site - but if someone gets access to your computer they can then get your passwords)
• Use hard-to-guess passwords - not words from a dictionary, birthdays, or any information someone could easily find and relate to you Don't use the same password for all sites you visit

E. DOWNLOADS AND E-MAIL AND MESSAGING SERVICES

• Don't download software from untrusted sites
• Don't load software from floppies or CDs from untrusted persons
• Don't click on unexpected email attachments or links in email you aren't sure of
  • verify the sender was sending an attachment prior to opening it
  • save the attachment and run the Anti-Virus Scan software of the saved file unless you are VERY sure your anti-virus software scans all email as it is downloaded
• Use one email address for the internet - web sites, mailing lists, etc. and use another JUST for trusted friends
• Don't unsubscribe when you get SPAM email - this just lets them know your email address is a good one and they can get more money when they sell it
• Turn off JavaScript in HTML messages (see III. B. JavaScript below)
• Turn off Instant Messaging when you aren't using it
• Use encryption for really sensitive email

F. FILE EXTENSIONS

• Show file extensions (attachments to email sometimes can appear to be harmless when you can't see the file extension - there are 50 or so extensions that can be executable and possibly harmful such as .exe, .vbs, .doc WORD macros, .xls Excel macros, and LOTS more)
• • View a Folder with Explorer
  • View / Folder Options / View Tab
    
        
  • Unclick "Hide file extensions for known file types"
    
              
• File Extension Meanings are found at:
  http://filext.com/

G. FILE SHARING

• Turn off file and printer sharing unless you really use it
  • Start
  • Settings
  • Control Panel
  • double click Network Icon
  • Configuration Tab
  • File and Print Sharing
  • uncheck boxes
  
  
         
• If you use file and printer sharing be sure to assign a password
• Get the latest bug fixes from MicroSoft (fixes problem where passwords were easily crackable with one character)

H. VIRUSES, WORMS, TROJAN HORSES, WEB BUGS

http://www.wildlist.org/ - List of Viruses "In The Wild"

Check with a trusted web site as shown in Useful Virus Site URLs before spreading virus warnings - lots of email/virus hoaxes get forwarded and it just creates unnecessary net traffic and fears

Nowadays viruses are typically spread via email attachments but can also be spread by files downloaded from the internet, on floppy disks and infected CDs, etc. (even vendor software has been known to have a virus when released)

• VIRUS PROTECTION
• get latest program patches (executable)
  This should be done EVEN after you bring home a brand new computer or buy anti-virus software - the latest updates are probably NOT on the computer or on the CD
• get latest DAT files - check weekly or set computer up to auto update
• HAVE A BOOT DISK WITH ANTI-VIRUS SOFTWARE

WORM

a program that spreads automatically through the network
- usually malicious

VIRUS

like a worm but usually requires the user to do something such as copy files, open attachments, etc.

• NIMDA virus doesn't require attachment opening - just go to a web page or view the HTML mail - also uses lots of techniques to infect sites (IIS vulnerabilities plus 15 others)
• viruses usually replicate and send themselves out before doing damage
• newer viruses that use email address books will randomize access to names to be able to execute on system where the !0000 email user trick is used

TROJAN HORSE

a piece of CODE attached to a useful utility

• while you use the utility the trojan installs itself as a server in the background and offers itself as a backdoor to a hacker to access and maybe control your computer
• doesn't replicate itself
• most Anti-Virus scanners will catch trojans
• http://www.simplysup.com/ Simply Super Trojan Remover
• use a firewall
• don't open attachemnts or links unless you know they are safe

WEB BUGS

a 1 pixel GIF image on a web page and can send info back to the company

• could tell your browser to accept a cookie (unless you have cookies disabled)
• act like banner ads - site gets your IP address and what pages on the site you are looking at
• use web proxy sites (they load pages to their server so the web bug gets their IP address then the web proxy gives you the page - makes for slower but safer connection)

I. BROWSER CACHE AND HISTORY

Your browser saves copies of the pages and images you have looked at in its cache to allow pages to be quickly redisplayed when you use the BACK button. This is only a problem if someone else obtains access to your computer or if you use a computer in a public place.

1. Clear cache periodically
   • NS
     • Edit
     • Preferences
     • Advanced
     • Cache
     • Clear Memory Cache click OK
     • Clear Disk Cache click OK
     
   • IE
     • Tools
     • Internet Options
     • General
     • Delete Files in the 'Temporary Internet Files/ section
     
2. Clear History periodically
   • NS
     • Edit
     • Preferences
     • Navigator
     • Clear History
     
   • IE
     • Tools
     • Internet Options
     • General
     • Clear History and follow instructions on the screen
     
3. IE5+ = saves user queries so they don't have to be re-entered (browser persistence)

J. COOKIES

Only you can decide whether or not to accept cookies and which ones to accept. Acceptance of cookies is based on options you must set in your browser. You have to decide how paranoid YOU are about information about you being saved.

Some web sites won't work unless you accept their cookies. They keep track of online shopping carts.

Cookies are not inherently bad BUT can be used to track you - click-by-click. Cookies let web sites recognize you when you return (each new web page you access is a "return" so this could be one session not necessarily spread across many days). Cookies can be used to track you as you surf the web and report on what you view. Cookies can track what resolution, etc. your monitor uses

Cookies are located:

• IE = C:\Windows\Cookies folder
  - just delete the files BUT be sure you don't use a site that requires you to keep the cookie to get back in
• NS 4 = C:\Program Files\Netscape\Users\xxx\cookies.txt
  - just edit the file with wordpad, etc. BUT be sure you don't use a site that requires you to keep the cookie to get back in
• NS6 = Don't edit the files - use the cookie manager in
  
  • Edit
  • Preferences
  • Mail and Privacy
  • Cookies
  C:\Windows\Application Data\Mozilla\Profiles\username\xxx\cookies.txt
  (cookperm.txt tells which sites you accept cookies from and which you don't)

# HTTP Cookie File

#sitename   true / false
#expiration? cookie-name cookie-value
.ancestry.com   TRUE    /   FALSE   
2051222412  BIT 6nb-kk9QsO7VzmotzPX_HD

.ancestry.com   TRUE    /   FALSE   
1609401412  ANCUUID EgC97mpUpQ1niiC

www.vmyths.com  FALSE   /   FALSE   
2137622391  CFGLOBALS   HITCOUNT%3D6%23
LASTVISIT%3D%7Bts+%272001%2D09%2D13+10%3A42%3A36%27%7D%23
TIMECREATED%3D%7Bts+%272001%2D08%2D10+18%3A06%3A03%27%7D%23

.google.com TRUE    /   FALSE   
2147368445  PREF 
ID=06715f3722ed:TM=998409409:LM=998409409

www.glorecords.blm.gov  FALSE   /   FALSE   
1033099675  zipcode 75760

• (Note: Some of the following info is from Netscape's Privacy Help Text in Netscape 6.1.)
• A site has to get permission to save a cookie
• A site can read that cookie in the future without having to get permission
• A site can read only the cookies that it has stored, not cookies stored by other sites BUT ad sites can try to set cookies (called foreign cookies) when they are embedded on useful web pages AND sites can band together in groups to share information
• Once a site stores a cookie, it can keep track of all the things that you've done by simply writing these things into a cookie which it keeps updating. This can be good or bad depending on what the site intends to do with the information and whether you WANT targeted ads or customized information from that site.

Cookie Managers (Built in to NS6, less control with IE but can get third-party products also such as CookiePal, CookieCrusher, Cookiewall)

• allow selective acceptance of cookies
• refuse cookies from sites you don't want to be able to track you (or delete the cookies after leaving the site)

BEWARE OF DoubleClick and similar sites:

• always refuse their cookies
• they had plans to gather personal info online and match it with other info in the database of Abacus Direct to target people with ads, etc.

K. OTHER INFO YOUR BROWSER PASSES TO SITES

What browser sends	What it means
GET /x/ne.dll?qg0diq1u HTTP/1.1	The web page I want to get
Referer: http://grc.com/su/earthlink.htm	The URL I came from (the page I was at when I asked for the page in the GET command - used to tell who referred you to a site that pays when you "click through" their banner ads)
ONLY IF I allow a cookie to be set: Cookie: (This can be any text the server wants)=(And so can this)	See cookie file above
Host: nanoprobe.grc.com	The host for the web page I want to get
User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; m18) Gecko/20010131 Netscape6/6.01	The browser, OS, language, ?? I use
Accept: */*	The kinds of files I will accept
Accept-Language: en	The language I accept files in
Accept-Encoding: gzip,deflate,compress,identity	The encoded files I will accept
Keep-Alive: 300 Connection: keep-alive	Keepalive time

---