Must draw a distinction between two types of hackers, the firstaims to do something bad, and the second aimed to create digital solutions more secure and in this sense we will give you a number of tips to avoid falling into the trap of bad hacking,
Use Strong Passwords
In general, the strongest passwords are sufficiently long (Experts recommend using 12 characters minimum according tothe latest studies), randomly generated and contain no words in any language. Most others are weak because of the cracking methods programmed into password cracking tools. The three main methods used are:
weak password attackCommon password weaknesses are exploited, such as blank passwords, the word password, the users' lognames or any other information the cracker may know about the user.
dictionary attack Word lists from various sources, including foreign language and slang, are encrypted and compared to the encrypted password.
brute-force attack Every possible character combination is encrypted and compared to the encrypted password until a match is found.
Have an operating system and software updates: browser,antivirus, office, personal firewall, etc..
Most attacks attempting to use a computer fault (faults of theoperating system or software). In general, attackers are looking forcomputers whose software has not been updated to use the faultis not corrected and thus manage to get inside. Therefore it isessential to update all of its software to correct these flaws.
Perform regular backups
One of the first principles of defense is to keep a copy of his datain order to respond:
- Hardware failure. Disk failure is rare but it does happen.
- Accidental file deletion.
- Theft and natural disaster.
- Catastrophic virus or spyware infections, if you have to erase your hard disk and reinstall everything.
Backing up your data is a requirement of the continuity of your business.
Disable default ActiveX components and JavaScript
Les composants ActiveX ou JavaScript permettent des fonctionnalités intéressantes mais ils présentent aussi des risques de sécurité pouvant aller jusqu’à la prise de contrôle par un intrus d’une machine vulnérable. En dépit de la gêne que cela peut occasionner, il est conseillé de désactiver leur interprétation par défaut et de choisir de ne les activer que lorsque cela est nécessaire et si l’on estime être sur un site de confiance.
Do not click on links too fast
One of the typical attacks to mislead Internet users to stealpersonal information, is to encourage them to click a link in a message. This link may be misleading and malicious. Rather thanclicking on it, it is better to grasp oneself site address in theaddress bar of your browser. Many problems will be avoided.
Never use an administrator account to surf
The computer user has privileges or rights on it. These rightsallow or not to conduct certain activities and access to certain files from a computer. A distinction is usually called administrator rightsand the rights of so-called simple user. In most cases, a simpleuser rights are sufficient to send messages or surf the Internet. Bylimiting the rights of a user are also limits the risk of infection orcompromise of the computer.
Control of Private Information
The Internet is not the place of anonymity and the information thatwe keep it there instantly escape! In this context, good practice isto never leave personal information in forums, to never enterpersonal data and sensitive (such as bank details) on sites that do not offer the necessary guarantees. When in doubt, better to do nothing ...
Never pass on hoaxes
A hoax is a message or warning that is not true. Computer virus hoaxes can cause a lot of confusion and wasted time amoung ordinary computer users, and sometimes quite technical people. Computer virus hoaxes are quite common and they usually warn about a new computer virus that no anti-virus software detects and which can do a lot of damage to files or computers. The biggest give-away is that they ask people to pass on the warning to everyone they know - this is how the hoax spreads.
In general, ordinary users should NEVER pass on warnings, and you should only expect to get warnings from a trusted source: your company's data security officer, or your ISP's technical support. The information in a real warning will be verifiable: if it says the information was released by Microsoft, there will be a link or reference to a Microsoft web page or press release.
If you receive a warning that you do not know whether to believe, contact your data security office, helpdesk, or us to check - we would rather answer your question once than questions from the hundreds or thousands of panicing people you might pass the message on to.
Be careful: the Internet is a street populated by strangers!
We must remain vigilant! If for example a corresponding wellknown and with whom you regularly exchange of letters in French, send a message with a title in English (or any other language)should not open it. If in doubt, it is always possible to confirm themessage by phone. In general, do not rely mechanically on behalfof the sender appears in the message and never meet a strangerwithout a minimum of care.
Use caution when opening attachments to e-mail
One of the most effective methods to distribute malicious code isto use email attachments. To protect yourself, never openattachments with the following extensions:. pif (such as anattachment called "photos.pif). com,. bat,. exe,. vbs,. lnk. AtConversely, when you send files as attachments to emails prefersending attachments in the most "inert"possible, such as RTF or PDF for example. This limits the risk of information leaks
References:
No comments:
Post a Comment