Update Everything, and Often

One of the easiest ways to prevent e-mail viruses from exploiting flaws in your programs and hardware is to download and install the regular updates (sometimes called software patches) that vendors provide. Microsoft's Windows Update site (see FIGURE 2) is a great source for fixes to that company's software. For a roundup of vital patches, as well as directions on downloading and installing them, see " Internet Fixes."

Set the Controls for Security

Once you've updated your software with the latest patches and bug fixes, check the applications' security settings. The programs you use every day often offer little-known features that can block viruses, stamp out cookies, and keep snoops off your computer or network.

Block it in the browser: You can download and install a zillion different utilities that corral your cookies and prevent Web sites from doing things on your computer that they shouldn't. But your browser also gives you lots of control over Web content. In my August 2002 column (" Listen to a World of Radio Stations on the Internet"), I offered cookie-crushing tips for Internet Explorer 6, Netscape 6.2, and Opera 6. x, and in the January 2003 column (" Protect Yourself--Clear Your Cookies and History"), I provided instructions for deleting cookies. Here's a brief recap of the steps for IE 6, plus updated directions for Mozilla 1.1 and Netscape 7:

In Internet Explorer, choose Tools, Internet Options and click the Privacy tab. To reject or accept an individual site's cookies, click the Edit button, enter the site's address, then click either Block or Allow. When you're done entering site addresses and settings, click OK to close the dialog box. To block third-party cookies (which are usually related to advertising or marketing), click the Privacy tab's Advanced button, check Override automatic cookie handling, select Block under 'Third-party Cookies', and click OK twice. To view and delete stored cookies, select Tools, Internet Options, then click the General tab, the Settings button, and the View Files button. In the resulting window, right-click a cookie and choose Delete. To remove all cookies stored by IE, select Tools, Internet Options, then click the General tab and the Delete Cookies button.

If you use Mozilla 1.1 or Netscape 7, choose Edit, Preferences, double-click Privacy & Security to open its subcategories, and select Cookies. To block all third-party cookies, look in the right pane and click Enable cookies for the originating web site only. To view and delete cookies, click the Manage Stored Cookies button, select a cookie in the list, and click the Remove Cookie button. Choose Remove All Cookies to wipe the entire cookie sheet clean. If you want to banish an individual site's cookies in perpetuity, check Don't allow removed cookies to be reaccepted later, and then delete the cookie. (Note that the site-by-site cookie controls that you would expect to find when you click the Cookie Sites tab in Mozilla 1.1 and Netscape 7 appear to be under construction.)

Derail e-mail threats: If you prevent your e-mail program from executing scripts and attachments in the messages you receive and keep your program updated to repair newly discovered security flaws, chances are good you'll keep viruses and Trojan horse programs off your PC. The latest versions of Outlook and Outlook Express wisely block all scripts and dangerous attachments by default, by placing any incoming HTML mail in the Restricted security zone (to see your security settings in either program, choose Tools, Options and click the Security tab).

In the June 2002 Internet Tips column (" Stop Those Sneaky E-Mail Viruses in Their Tracks"), I suggested that readers disable their e-mail program's message preview pane to doubly ensure that viral mail remains inert. To disable Outlook Express's preview pane, choose View, Layout and uncheck Show preview pane. In Outlook, click View and deselect Preview Pane. To hide the preview pane in the Mail & Newsgroups program in Mozilla 1.1 and Netscape 7, choose View, Show/Hide, Message Pane.

But several readers wrote to say that they still needed a way to peek into messages with attachments to see what kinds of scripts or files they contain. To do that in Outlook Express without opening the e-mail, right-click the message, choose Properties, click the Details tab, and then click the Message Source button. Now you'll see the exact text of the entire missive, including the names and encoded content of any binary attachments. Maximize the window to make it easier to read. To safely view files attached to a message in Outlook, right-click the e-mail and choose View Attachments (see FIGURE 3). To view a message's plain-text contents (to see the names of attached files) in Mozilla or Netscape, select the e-mail, and then choose View, Message Source.

Use MAC filtering on your wireless LAN: If you have a wireless network, you may want to use multiple security features for maximum protection. In the November 2002 issue (" Lock Out Internet Pests, Lock In Network Security"), I discussed several ways to keep drive-by network hackers at bay. One more security option your wireless router or access point may offer is media access control (MAC) address filtering.

Each network adapter on a LAN--wired or wireless--has a unique physical address that operates at a lower level than its IP address in the hierarchy of network protocols. Many routers, including wireless ones, let you restrict wireless network access to a limited set of hexadecimal MAC addresses. You'll need to get out the router or access point's manual to set it up, then drill down into the network card properties for each connected computer to find and jot down its MAC or physical address (see FIGURE 4). Like IP addresses, MAC addresses are easy to spoof, or falsify. And because it doesn't encrypt traffic, MAC filtering alone won't make your network secure. But it's one more roadblock that could send a hacker elsewhere in search of an easier network to crack.

• See more like this:
• security,
• e-mail,
• antivirus,
• firewall,
• update,
• MAC addresses,
• Streamripper