| Getting a new computer should be an exciting and | | | | easily fit on a CD or USB drive. |
| gratifying experience. After all, you’ll be able to | | | | 2. Disable File and Printsharing if enabled. |
| do things faster, safer and without having to worry | | | | 3. Go to Start -> Control Panel. |
| that your old hard drive is so full that one more file will | | | | 4. Open "Network and Internet Connections". |
| “break the camel’s back.” | | | | 5. Open "Network Connections". |
| However, there are dangers out there that probably | | | | 6. Right-click on the network connection you wish to |
| didn’t exist when you bought your last computer. | | | | change (e.g., "Local Area Connection"). |
| And there’s the question of what will happen to | | | | 7. Select "Properties". |
| your old hard drive, with all your personal data on it. | | | | 8. Make sure "File and Printer Sharing for Microsoft |
| Let’s deal with your new computer first. This | | | | Networking" is unchecked. |
| information applies specifically to Windows XP, | | | | Connect to the Internet. |
| although it has broader application as well. | | | | Go to |
| Remember: | | | | Follow the instructions there to install all Critical |
| - Many computers' default configurations are insecure. | | | | Updates. However, if you are going to install Service |
| - New security vulnerabilities may have been | | | | Pack 2, READ THIS FIRST! Pay particular attention to |
| discovered between the time the computer was built | | | | “Get the latest PC manufacturer updates for |
| and configured by the manufacturer and you setting | | | | SP2, because you may need to update drivers for |
| up the computer for the first time. | | | | your PC to work properly. |
| - When upgrading software from commercially | | | | Only download software patches from known, trusted |
| packaged media (e.g., CD-ROM, DVD-ROM), new | | | | sites (i.e., the software vendors' own sites), in order to |
| vulnerabilities may have been discovered since the | | | | minimize the possibility of an intruder gaining access |
| disc was manufactured. | | | | through the use of Trojan horse software. |
| - Attackers know the common broadband and dial-up | | | | Staying Secure |
| IP address ranges, and scan them regularly. | | | | Follow the principle of least privilege — don't enable |
| - Numerous worms are already circulating on the | | | | it if you don't need it. |
| Internet continuously scanning for new computers to | | | | Consider using an account with only 'user' privileges |
| exploit. | | | | instead of an 'administrator' or 'root' level account for |
| - It is estimated that 80% of spam comes from | | | | everyday tasks. You only need to use administrator |
| personal computers (known as “Zombies”), | | | | level access when installing new software, changing |
| like yours, that have been compromised with a trojan | | | | system configurations, and the like. Many vulnerability |
| or other malware that the owner is completely | | | | exploits (e.g., viruses, Trojan horses) are executed with |
| unaware of. By protecting your computer you are | | | | the privileges of the user that runs them — making |
| protecting the Internet! | | | | it far more risky to be logged in as an administrator all |
| As a result of these hackers’ efforts, the | | | | the time. |
| average time-to-exploitation for an unprotected | | | | Moving Your Applications and Data |
| computer is measured in minutes. | | | | Unless you’ve never had a computer before, |
| Standard (wrong) advice to home users has been to | | | | you’ll want to move your old data onto your |
| download and install software patches as soon as | | | | new machine. There are several ways to do this |
| possible after connecting a new computer to the | | | | quickly and easily (although there are often a few |
| Internet. However, since the background intruder | | | | glitches). The best article on the subject is [ |
| scanning activity is pervasive, it may not be possible | | | | Protecting Your OLD Data |
| for you to complete the download and installation of | | | | So, what do you do with your OLD computer? |
| software patches before the vulnerabilities they are | | | | Perhaps someone else can use it, maybe a school or |
| trying to fix are exploited. | | | | a retirement center? |
| This Special Report offers advice on how to protect | | | | One of the biggest mistakes people make is thinking |
| your computer before connecting it to the Internet so | | | | that deleting files using Windows Explorer actually |
| that you can complete the patching process without | | | | deletes the files! It DOESN’T! |
| incident.We strongly recommend following all the steps | | | | When you delete files in Windows, all it does is delete |
| when upgrading to a new operating system from | | | | the pointers that show where the files are. Any |
| disc(s) as well as when connecting a new computer to | | | | competent computer whiz can easily find a program |
| the Internet for the first time. | | | | on the Internet that will rebuild the file pointers, and then |
| - Perform these steps before connecting to the | | | | they have access to all your files- your emails, your |
| Internet for the first time. | | | | business information and your financial information. |
| - The links in this document are LIVE LINKS, but we | | | | You can go to any flea market in the country, and |
| recommend that you NOT connect to them through | | | | chances are you can purchase a used hard drive with |
| your new computer. Use the live links on a computer | | | | the old owner’s data still on it! Many professional |
| that is fully updated, virus protected and firewalled, and | | | | identity thieves are doing just that!!!! |
| download the instructions/programs to a CD or a USB | | | | What CAN you do? |
| drive, then transfer them to your new computer. A 128 | | | | Personally, I remove the hard drive from the computer, |
| megabyte USB drive costs less than $20, is | | | | and I keep it (not in a place that it would be found if a |
| “plug and play,” and can be used over and | | | | burglar came into my house). |
| over. | | | | Another alternative is to use a free disk wiping utility or |
| | | | purchase one. |
| 1. If possible, connect the new computer behind a | | | | To effectively remove data from a hard drive, it must |
| network (hardware-based) firewall or firewall router. A | | | | be overwritten completely several times. All of the |
| network firewall or firewall router is a hardware device | | | | temporary files, all of the caches, all of the |
| that is installed between the computers on their Local | | | | “swap files” that are created as you work |
| Area Network (LAN) and their broadband device | | | | may be lurking in some unknown corner of the hard |
| (cable/DSL modem). By blocking inbound access to | | | | drive. |
| the computers on the LAN from the Internet a | | | | Contrary to popular belief, even reformatting the drive |
| hardware-based firewall can often provide sufficient | | | | does not necessarily make file recovery impossible! |
| protection for you to complete the downloading and | | | | Consider this – A recent search of hard drives |
| installation of necessary software patches. A | | | | that had been discarded revealed: |
| hardware-based firewall provides a high degree of | | | | - A disk that had been owned by an Attorney, with all |
| protection for new computers being brought online. If | | | | his case files and confidential information on it. |
| you connect to the Internet before you install a firewall, | | | | - A disk that had been owned by a CPA, with all her |
| it may be possible for the computer to be exploited | | | | clients’ tax information on it. |
| before the download and installation of such software | | | | - A disk that had been owned by a Medical Clinic on it, |
| is complete. XP has a built in firewall that may or may | | | | with hundreds of patients’ medical records still on |
| not be enabled. If Microsoft XP has not had Service | | | | it. |
| Pack 2 installed, follow these instructions to turn on the | | | | There are free programs that will do an adequate job |
| Internet Connection Firewall. If XP is installed WITH | | | | of wiping a hard drive clean – although the data |
| Service Pack 2, then your firewall is enabled by | | | | may still be recoverable by professionals with very |
| default. Microsoft has provided both detailed and | | | | expensive programs, and there are inexpensive |
| summarized instructions for enabling the built-in Internet | | | | programs that will make the data completely |
| Connection Firewall on Windows XP. We strongly | | | | unrecoverable. |
| recommend that you install a third-party firewall | | | | We recommend DBAN (dban.sourceforge.net/)which |
| application and THEN turn off the Windows firewall. | | | | does 5220.22-M-compliant wiping. 5220.22-M-compliant |
| We recommend ZoneAlarm ( which is FREE. Zone | | | | wiping is the Department of Defense secure delete |
| Alarm is the top rated firewall, and protects both | | | | wiping standard. |
| incoming and outgoing data. XP’s firewall ONLY | | | | Be aware, however, properly wiping a hard drive, |
| protects against incoming data. Zone Alarm’s | | | | particularly some of the large ones can take hours, but |
| setup file is approximately 7 megabytes, which will | | | | it is worth it to protect your privacy. |