A keylogger is a program that runs in your computer’s
background secretly recording all your keystrokes. Once
your keystrokes are logged, they are hidden away for later
retrieval by the attacker. The attacker then carefully
reviews the information in hopes of finding passwords or
other information that would prove useful to them.  For
example, a keylogger can easily obtain confidential emails
and reveal them to any interested outside party willing to
pay for the information. 

Keyloggers can be either software or hardware based.
Software-based keyloggers are easy to distribute and
infect, but at the same time are more easily detectable.
Hardware-based keyloggers are more complex and harder to
detect.  For all that you know, your keyboard could have a
keylogger chip attached and anything being typed is
recorded into a flash memory sitting inside your keyboard.
Keyloggers have become one of the most powerful
applications used for gathering information in a world
where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect
them becomes more difficult. They can violate a user’s
privacy for months, or even years, without being noticed. 
During that time frame, a keylogger can collect a lot of
information about the user it is monitoring.  A keylogger
can potential obtain not only passwords and log-in names,
but credit card numbers, bank account details, contacts,
interests, web browsing habits, and much more.  All this
collected information can be used to steal user’s personal
documents, money, or even their identity. 

A keylogger might be as simple as an .exe and a .dll that
is placed in a computer and activated upon boot up via an
entry in the registry. Or, the more sophisticated
keyloggers, such as the Perfect Keylogger or ProBot
Activity Monitor have developed a full line of nasty
abilities including:

· Undetectable in the process list and invisible in
   operation
· A kernel keylogger driver that captures keystrokes even
  when the user is logged off
· A remote deployment wizard
· The ability to create text snapshots of active
  applications
· The ability to capture http post data (including log-
   ins/passwords)
· The ability to timestamp record workstation usage
· HTML and text log file export
· Automatic e-mail log file delivery

All keyloggers are not used for illegal purposes.  A
variety of other uses have surfaced.  Keyloggers have been
used to monitor web sites visited as a means of parental
control over children. They have been actively used to
prevent child pornography and avoid children coming in
contact with dangerous elements on the web.  Additionally,
in December, 2001, a federal court ruled that the FBI did
not need a special wiretap order to place a keystroke
logging device on a suspect’s computer. The judge allowed
the FBI to keep details of its key logging device secret
(citing national security concerns). The defendant in the
case, Nicodemo Scarfo Jr., indicted for gambling and loan-
sharking, used encryption to protect a file on his
computer. The FBI used the keystroke logging device to
capture Scarfo’s password and gain access to the needed file.

Clearing Your Browser’s Cache
Often referred to as the cache, the Temporary Internet
Files folder contains a kind of travel record of the items
you have seen, heard, or downloaded from the Web, including
images, sounds, Web pages, even cookies. Typically these
items are stored in the Temporary Internet Files folder.

Storing these files in your cache can make browsing the
Web faster because it usually takes your computer less time
to display a Web page when it can call up some of the
page’s elements or even the entire page from your local
Temporary Internet Files folder.

Your browser’s cache stores the contents of all the Web
pages that you have visited during a session. To safeguard
your information and prevent another user from viewing what
you have entered, you should clear the cache memory after
you have completed the application. To clear your browser’s
cache, follow the instructions below:

All those files stored in your cache take up space, so
from time to time, you may want to clear out the files
stored in your cache to free up some space on your
computer. This is called clearing the cache.

You can adjust your Internet Explorer 6 settings to
automatically clear the cache whenever you close Internet
Explorer 6. Go to the Tools menu, and click Internet
Options. Click the Advanced tab. In the “Settings” box,
scroll down to the section labeled “Security,” and click to
check the box next to the “Empty Temporary Internet Files
folder when browser is closed” option. Click OK to finish.
This option does not delete cookies, but it will clear your
cache of other files when you close your browser.

If you tend to go online a lot and have ample space on
your computer, you might want to increase the size of your
Temporary Internet Files folder. Why? Because Internet
Explorer 6 will read already-viewed files from the cache
first rather than take the time to download the same page
from the Web, thus saving you time and money.

Adjusting How Often to Update
While it’s true that the more files you can load from your
hard disk, the faster your browsing speed, it’s also true
that those pages on the Web might have changed since being
stored on your computer. You might not want to miss fresh
content just to save a little time. Fortunately, in
addition to the size of the cache, you can also customize
how often Internet Explorer 6 checks the Web for updated
content.

First you will need to go to the Internet Explorer 6
Settings box:

1.
 On the Tools menu, click Internet Options. The Internet
Options box should open to the General tab.
 
2.
 On the General tab, in the Temporary Internet Files
section, click the Settings button. This will open the
Settings box.
 
3.
 In the Settings box, there are four ways to check for
newer versions of pages that are stored in the Temporary
Internet Files folder:

• Every visit to the page: You’re assured of the most
current content, but it’s slower to browse previously
viewed pages.
 
• Every time you start Internet Explorer 6: On your first
visit to a page, Internet Explorer 6 will check for new
information, but not on subsequent visits in the same
browsing session.
 
• Automatically: Internet Explorer 6 will check
automatically for any new content.
 
• Never: This option is fastest, but you could be viewing
old content from the cache. To refresh the page, press the
F5 button on your keyboard—this will connect you to the
page on the Web and download new information to the
Temporary Internet files folder. 
 

Try several combinations of these options and cache size
to find the best fit for your needs. You may need to use
the settings for a few days to fully gauge how they are
working.
Netscape 6.x, 7.x and 8.x users:

Select Edit, then Preferences.
Select Advanced from the Category listing.
Select Cache.
Select the Clear Disk Cache button then the Clear Memory
Cache buttons.
Select OK.
Internet Explorer 7.x:

Select Tools, then Internet Options.
Select the General tab at the top.
Under Browsing History, select the Delete button.
Select the Delete Files buttons next to Temporary Internet
Files.
Internet Explorer 5.x and 6.x users:

Select Tools, then Internet Options.
Select the General tab at the top.
Select the Clear History button.
Select Yes to confirm.
Select Delete Files.
Select OK.
Select OK to close the Internet Options Screen.
AOL 9.0:

Select Settings.
Select the Essentials tab.
Select the Internet (Web) option.
Select the General tab.
In the Temporary Internet Files area, select the Delete
Files button, and select OK.
AOL 8.0:

Select Settings.
Select Preferences.
Select the Properties option.
In the Temporary Internet Files area, select the Delete
Files button, and select OK.
AOL 5.0-7.0 and AOL Explorer 1.2 users:

Select System Information.
Select the Utilities tab.
Select the Clear Browser Cache.
Mozilla Firefox 2.0 users:

Select Tools.
Select Options.
Select the Advanced option.
Select the Network tab.
Select the Clear Now button.
Mozilla Firefox 1.5 users:

Select Tools, then Clear Private Data.
Select the Browsing History, Saved Form Information,
Cache, and Authenticated Sessions options.
Select the Clear Private Data Now button.

Use a “wipe” utility program, which overwrites the entire
hard drive and makes the files unrecoverable.  Use Ccleaner
available for free at
http://www.filehippo.com/download_ccleaner/ and when
installed select ‘Options’ then select ‘Settings.  Under
the heading ‘Secure Deletion’ click the ‘Secure file
deletion (Slower)’ radio button and change the setting to
NSA (7 passes).

To your safety and security online
cotojo

Securing Your Browser
The way that your Web browser is configured provides a
front line to secure Web surfing. Though many of the
security features that relate to your browser are described
in other tutorials, these tutorials step you through a
complete assessment of your browser’s security settings.

Important Note:
Make sure you back-up your system or create a Restore
Point before making any changes

Checking IE Connection Types

Step 1:  Open Internet Options
Many of the security features of the Internet Explorer
browser can be set from the Internet Options window. To
open the Internet Options window, click on Tools, Internet
Options from the Internet Explorer window.

Step 2:  Select Advanced Tab
The different types of secure connections that can be used
with Internet Explorer are configured on the Advanced tab
of the Internet Options window. Click on the Advanced tab,
then scroll down to the Security heading.

Step 3:  Check Fortezza Connections
On the Internet Options, Advanced tab, if the Use Fortezza
box is checked it means that Internet Explorer is
configured to allow secure connections to Web sites that
support Fortezza cryptography connections. Fortezza is used
by the U.S. Department of Defense a Fortezza Crypto Card
reader, a Fortezza Crypto Card, and related software
drivers. Needless to say, this is a rather specialized type
of connection, though it doesn’t hurt to have it turned on.

Step 4:  Check PCT Connections
The Private Communications Technology (PCT) protocol is
developed by Microsoft to provide secure connections to
sites that support that protocol. SSL is much more widely
used than PCT, so there is generally no reason to select
this protocol. Click on the Use PCT 1.0 box if you want to
allow secure PCT connections from Internet Explorer.

Step 5:  Check SSL Connections
Because most secure connections on the Web rely on Secure
Socket Layer (SSL) protocols, you should select both Use
SSL 2.0 and Use SSL 3.0 options on the Advanced tab of the
Internet Options window. SSL was a protocol that was
developed by Netscape Communications.

Step 6:  Check TLS Connections
The Transport Layer Security protocol is an open standard
that is much like the SSL protocol. To allow connections
using TLS, click on the Use TLS 1.0 button.

Step 7:  Apply Changes
After you have selected the secure connection types that
your browser supports, click on the Apply button to have
the changes applied to your browser.

Checking IE Cache Settings

Step 1:  Open Internet Options
As you browse the Web, your browser will typically store
the pages you have visited on your hard disk. This can
speed up your browsing by having data ready immediately
when you step backward and forward among the pages you
visit. The potential security risk is that if others are
using your browser they may be able to see the stored
content later. You can clear stored pages by setting an
option on the Internet Options page. From IE, click on
Tools, Internet Options.

Step 2:  Select Advanced Tab
Options for deleting stored Web surfing content in
Internet Explorer are configured on the Advanced tab of the
Internet Options window. Click on the Advanced tab, then
scroll down to the Security heading

Step 3:  Check Save Encrypted Pages
Presumably, data that has been encrypted during
communication between your browser and a Web site will tend
to be more sensitive. For example, data is encrypted during
online shopping and other financial transactions. To
prevent any encrypted data from being saved to your disk,
select the “Do not save encrypted pages to disk” check box
on the Advanced tab of the Internet Options window.

Step 4:  Check Empty Temporary Files
You can have all the Web content that is temporarily
stored on your hard disk be removed when you close your
browser. Click on the “Empty Temporary Internet Files
folder when browser is closed” check box to enable that
feature.

Step 5:  Apply Changes
After you have selected the secure connection types that
your browser supports, click on the Apply button to have
the changes applied to your browser.

Setting IE Security Zones

Step 1:  Open Internet Options
Internet Explorer allows you to set groups of Web sites to
have similar levels of security. These groups are referred
to as “Web Content Zones.” You can set up these content
zones from the Internet Options page. From IE, click on
Tools, Internet Options.

Step 2:  Select Security Tab
Options for setting content zones in Internet Explorer are
configured on the Security tab of the Internet Options
window. Click on the Security tab to begin setting these
options.

Step 3:  Select Web Content Zone
There are four pre-defined Web content zones: Local
Intranet (for sites within your organization), Trusted
Sites (for sites you know are secure), Restricted sites
(for sites that are not secure) and Internet (for all other
Web sites). Click on one of those sites to set the level
and define the sites for that zone.

Step 4:  Select a Security Level
Click on the slider bar on the Security tab to set the
security level for zone you have selected. You can set the
security zone to Low, Medium-low, Medium, or High. Each
level is described when you select that level on the slider
bar. If you try to change to a less secure level than the
default for the zone, you will be warned.

Step 5:  Customize Security Level
If you want to fine tune any of the four preset security
levels, you can do so by clicking on the Custom Level
button. The Security Settings window appears. From that
window, you can select how different types of content are
handled (such as ActiveX controls, plug-ins, cookies, file
downloads, Java, etc.) when you try to download or start
that type of content. Click on OK when you are satisfied
with your settings.

Step 6:  Apply Changes
Click on the Apply button to apply the changes you made to
the Web content zones.

Enabling Content in Netscape

Step 1:  Open Preferences
Some types of content can pose a potential security risk
as you browse the Web. You can allow or disallow certain
types of content from the Netscape Preferences window. To
access this window, click on Edit, Preferences from the
Netscape window.

Step 2:  Select Advanced Preferences
From the Preferences window, click on the Advanced title
in the left column. Preferences that relate to the kinds of
content that can be displayed in Netscape and the ways that
cookies may (or may not) be accepted are displayed

Step 3:  Allow Java/JavaScript
By default, Java applets (small programs) and JavaScripts
(a series of commands) run in your browser when they are
encountered on the Web. Because these scripts can pose some
small security threat (and can also slow your browser), you
can choose to disallow these types of programs. Click on
the associated check boxes to turn off those features.
(Warning: some Web sites will not work with Java disabled.)

Step 4:  Enabling Cookies
Cookies are small files that a Web site stores on your
hard disk so it can identify you (and possibly your
personal information) the next time you visit the site.
Some people dislike Web sites knowing too much about them
and choose to turn cookies off (click on Disable Cookies).
Rather than accept all cookies, however, you can limit a
cookie’s use to the originating server or to be warned
before a cookie is accepted. (Warning: some sites won’t
work with cookies off.)

Step 5:  Applying Changes
Once you have changed the setting the way you want, click
on OK to have the changes take effect.

Setting Netscape Security

Step 1:  Open the Security Window
From the Netscape window, you can open a Security Info
window to find security information about the current Web
page. It can also be used to define how Netscape behaves
when it encounters potentially insecure situations. To open
the Security Info window from Netscape, click on the
Security icon in the toolbar (it looks like a small padlock).

Step 2:  Verify Web Page Security
When the Security Info page first appears, it tells you
two pieces of information about the current Web page. First
it tells you weather or not the page was encrypted and
second it verifies the Web address of the page you have
opened. To view details about the page, click on the Open
Page Info button.

Step 3:  View Page Information
When the Page Info page appears, you can view detailed
security information relating to the current Web page. If
it is a secure Web page, you can see the type of security
that is used with the page and who owns the certificate
that verifies the authenticity of the page. When you are
done viewing this information, close the page by clicking
on the X in the upper right corner of the window.

Step 4:  Set Security Warnings
If you are about to enter information about yourself into
a Web site, you probably want to make sure that the site is
secure. From the Security Info page, you can set Netscape
to warn when you enter or leave a secure site, as well as
when you view a page with some encrypted data or send
unencrypted information. (These features are on by
default.) To check these settings, click on Navigator in
the left column, then check how the values are set.

Step 5:  Apply Changes
To apply any changes you made to the Security Info page,
click on the OK button.

This video tutorial will show you how to install AVG Anti-Virus.
If you have Norton or McAfee I personally wouldn’t pay their
fees especially when you can have this protection for free.
If you have any other Anti-Virus and intend to install AVG,
please uninstall any other Anti-Virus program that you may
have.
AVG Anti-Virus Free Edition is one of the most popular
solutions to provide basic security protection on home and
non-commercial PCs and is used by millions of people worldwide.

Important

Create a backup of your system or a restore Point before making any changes

Can also be viewed in Windows Media Player by clicking:
AVG Installation

Advancements in Antivirus Software Suites

Protecting your computer from a virus is getting harder
and harder each day.  While it may border on the paranoid,
it goes without saying that you can’t leave your guard down
for one second.  Even corporate giant Microsoft has found
its own systems compromised on more than one occasion. 

Remember the “good old days”, before the advent of the
Internet and downloadable programs?  Life was simple then
in terms of computer viruses.  With the primary way in
which a virus could be transmitted being limited to floppy
disks, the ability to catch and eradicate the virus was a
lot easier.    By today’s standards, it used to take quite
a while before a virus was able to infect a computer and
slow down the system.  The antivirus software of that time
was typically able to identify and eradicate viruses before
they caused too much damage.  Additionally, computer users
were pretty savvy on how to protect themselves in terms of
scanning all floppy disks before copying them to our
desktop. 

The Internet helped change all that.  The Internet
provided a conduit by which viruses could move from host to
host with lightening speed.  No longer could a computer
user just worry about floppy disks as points of entry, but
they now had to worry about email, email attachments, peer-
to-peer file sharing, instant messaging, and software
downloads.  Today’s viruses can attack through multiple
entry points, spread without human intervention, and take
full advantage of vulnerabilities within a system or
program.  With technology advancing everyday, and the
convergence of computers with other mobile devices, the
potential of new types of threats also increase. 

Protecting Your Computer
Luckily, the advancement of antivirus software has kept
pace with current virus threats.   Antivirus software is
essential to a computer’s ability to fend off viruses and
other malicious programs.  These products are designed to
protect against the ability of a virus to enter a computer
through email, web browsers, file servers and desktops.
Additionally, these programs offer a centralized control
feature that handle deployment, configuration and updating.
A computer user should remain diligent and follow a few
simple steps to protect against the threat of a virus:

1. Evaluate your current computer security system.
With the threat of a new generation of viruses able to
attack in a multitude of ways, the approach of having just
one antivirus software version has become outdated.  You
need to be confident that you have protected all aspects of
your computer system from the desktop to the network, and
from the gateway to the server.  Consider a more
comprehensive security system which includes several
features including antivirus, firewall, content filtering,
and intrusion detection.  This type of system will make it
more difficult for the virus to penetrate your system.

2. Only install antivirus software created by a well-
known, reputable company. 
Because new viruses erupt daily, it is important that you
regularly update your anti-virus software.  Become familiar
with the software’s real-time scan feature and configure it
to start automatically each time you boot your computer.
This will protect your system by automatically checking
your computer each time it is powered up. 

3. Make it a habit to always scan all new programs or
files no matter from where they originate.

4. Exercise caution when opening binary, Word, or Excel
documents of unknown sources especially if they were
received during an online chat or as an attachment  to an
email. 

5. Perform regular backups in case your system is
corrupted.  It may be the only way to recover your data if
infected.

Recommended Antivirus Software
There are numerous applications available to consumers.
With a little research, you can pick the program that is
right for you.  Many programs provide a trial version,
which allows you to download the program and test its
abilities.  However, be aware that some anti-virus programs
can be difficult to uninstall.  As a precaution make sure
to set up a System Restore point before installing. 

Here are a few programs, which typically receive high
marks in terms of cost, effectiveness, ease of use, and
customer service.

The Shield Pro 2005™ provides virus protection and hacker
security through ongoing support and updates. When a virus
breaks out, The Shield Pro 2005™ promises to provide a
patch within 2-3 hours and a fix for the virus within 5
hours. You can set your computer to update viruses weekly
and run a complete virus scan.

BitDefender 9 Standard provides antivirus protection, as
well as Peer-2-Peer Applications protection, full email
protection, and heuristics in a virtual environment.  This
provides a new security layer that keeps the operating
system safe from unknown viruses by detecting malicious
pieces of code for which signatures have not been released
yet.

Kaspersky Anti-Virus Personal 5.0  program is simple to
install and use. The user only needs to choose from three
levels of protection.  It allows updates as frequently as
every hour while promising not to disrupt your computer.
The program also offers a two-tier email protection feature
and round-the-clock technical support.

PC-cillin Internet Security  combines antivirus security
and a personal firewall-for comprehensive protection
against viruses, worms, Trojans, and hackers. It also
detects and removes spyware and blocks spam. It even guards
against identity theft by blocking phishing and pharming
attacks.

AVG Anti-Virus Free Edition is a free downloadable
antivirus program that has received high marks for its
reliability.  In the past, free downloadable antivirus
programs have been viewed skeptically because of issues
relating to its reliability.  However, AVG from Grisoft,
remains one of the best-known free anti-virus programs
available.  While AVG cannot be installed on a server
operating system and there is no technical support, it
still makes a good choice for many home computer users.
The best part is that since it is free, you can try it with
no further obligation necessary.