Saturday, February 19, 2011

Security Tips for Browsing at Cyber Cafes

  • Restart your PC if this is already turned ON
  • If the machine that already was ON, there could be running background applications that jeopardize our security, such as keyloggers or trojan. We do not know if the person using the machine had previously installed virus inadvertently or deliberately, especially if the machine does not have a reliable antivirus.
  • Access the Programs from Windows Start Menu
  • It is not recommended to start an application by double clicking the desktop shortcuts and other executables that can reference and does not necessarily indicate its icons. Yahoo! Messenger icon on the desktop may be a Trojan left by the previous user. The best practice is accessible from the Windows menu: Start-->> All Programs.
  • Do Not Type Your Password Continuously
  • While typing in your password in public computers do not type in your password continuously, if your password is "roottomail" then first type "root" then type some random letter "feythuca" anywhere else again come back to the password field and type in the rest letters "tomail". By doing that the keylogger will log your password as "rootfeythucatomail" and you can easily fool the hacker.
  • Do not save your passwords or usernames in login pages.
  • By default, AutoComplete is enabled in Web browsers to store entries on webpages and suggest matches for you in next time. It will list possible matches from entries you have typed before.
  • Don't click on the unfamiliar alert messages.
  • Maybe the antivirus / antispyware you use on the machine is very good, but unless we have sufficient knowledge of threats on the Internet, clicking on the unknown alert messages may enable the implementation of a malware or spyware that tries to take our information.
  • Do not use it for banking or sensitive information
  • Ultimately, a public computer is never going to be anywhere close to completely secure, so there are some things you just shouldn’t use them for. If you are to make any bank transfer/ RLY ticket booking, it is not appropriate to use these public systems, as the implicit danger that may exist in the system, perhaps infected PC can be catastrophic. For such transactions use a trusted machine.
  • Take precaution while typing your passwords.
  • Shoulder surfing is the name of the hacking technique that involves spying on the victim physically. As its name implies, this practice tends to make watching over his shoulder. So, you should be especially careful and always watch your backs when you type your passwords.
  • Beware of the physical information that you discard
  • When we use cabins, sometimes we need to make temporary notes, which may be discarded in the trash cans of the same booths. If it's something sensible, such as personal information (names, addresses, phone numbers or worse, passwords) it is best to take the paper dispose it at home or other place where we have more certainty that no one can be misusing it. In fact there is even a kind of hack that is to review in the trash cans of the individual victim, or target, called dumpster diving.
  • Delete your Browsing History
  • When you’ve finished browsing, it’s a good practice to delete your cookies, form data, history, and temporary Internet files. In Internet Explorer 8, you can do this all at once under Tools | Delete Browsing History. In Mozilla Firefox, go to Tools | Options, click the Privacy tab, and click clear your recent history. By default, this erases your browsing history, download history, saved form information, cookies, cache, and authenticated sessions.
  • Always Logout of Web Pages and Instant Messengers and reboot
  • Many users have the habit of directly closing the browsers and messengers without properly logging out from their logins. Their sessions are still retained in the server and attackers can try Man-In-The Middle or Session Hijacking Attack. Even browsers can be set to retain the sessions. So always logout of webpages and IMs, then close the browsers and finally reboot your system.

No comments:

Post a Comment