Personal Internet Security

What do you think of when you hear the phrase, "Internet Security"?

Most people only think of Anti-Virus software and maybe a Personal Firewall. Unfortunately, that is not nearly enough to protect you while browsing the web. Most Malware that gets through to computers comes from either email or visiting a website designed to inject something on your computer when you interact with the site. A properly configured Anti-Virus program should help with both of these but new malware is being developed daily so additional layers of security are necessary. In this article I'll talk about four things you can do beyond Anti-Virus software and a Personal Firewall to protect yourself on the Internet and then a couple of things that are perceived by many as protection that are really myths.

I'll try to keep things as simple and direct as I can but you should know that techno-babble is my primary language. If you have any questions or need any clarifications, you can post them to our "Q & A section" (https://www.whatismyip.com/questions/) and someone should be able to provide an answer.

When you visit a website, select information is logged by that site. The information normally collected is your external IP Address, what you were viewing and the browser and version of the browser you are using. This information can not be kept from the website though some more advanced users can manipulate that information. For the average user, the information collected is not critical and will not compromise your privacy or security.

My first suggestion would be a good Hardware Firewall. A Hardware Firewall is different from the Personal Firewall you install on your computer. In most cases, your Router which allows multiple devices to be connected to your Internet connection is a Hardware Firewall. There are many inexpensive units out there that do an adequate job for the average home user. I would suggest staying with the name brands such as Linksys, Netgear, D-link, Trendnet, Belkin, etc. Many of the really inexpensive Routers have flaws that will either minimize their life or do little to filter traffic on your network. When I say, minimize their life, I mean poorly designed causing them to run hotter then they should or not having IPV6 compatibility. I also recommend avoiding the use of Modem/Router combination units. It is my educated opinion that such units represent a potential open door to your private internal network. Your Internet Service Provider (ISP) has direct access to the Router portion of the combo unit from the Internet which in itself is contrary to the point of the Router. If the ISP has access so do others that know the ISP's methods of accessing the Router. If you are using a combo unit provided by your ISP, I recommend putting the unit in Bridge Mode and connecting a stand alone Router. At that point, all the ISP or anyone else can see is that there is a Firewall connected. It effectively prevents all inbound access to your network by closing all ports except the ones you specifically allow to be open. We'll cover securing your Router in another article.


My second suggestion would be a hosts file on each computer. Often times, malicious websites are linked from legitimate websites including places like Facebook. The hosts file is a simple text file that your computer looks at every time you access anything through your internal network connection, either wired or wireless. I use a hosts file that has been compiled by http://winhelp2002.mvps.org. The file redirects traffic trying to go to predefined malicious websites to the localhost which is your own computer. In essence, it prevents the request from leaving your computer to protect you. This hosts file will also block many ads from appearing on your computer. It's important to note that you should disable your DNS Client on your Windows machines to improve performance when running the hosts file. Also note that the hosts file is not a perfect solution, just another layer of protection. MVPS updates the hosts file multiple time per year so you should update it on your computers periodically as well.

My third suggestion would be to be very careful about what information you offer to websites. In general, when you go to the Internet, you are exposing yourself to varying degrees depending on where you go and how you interact with the website. For example, when you interact with social media sites like Facebook. regardless of any precautions you take, anything you post there becomes public information by your user agreement so be very careful what you choose to post, especially personal information such as your real full name, your street address, your home or mobile phone numbers, potentially embarrassing photographs, etc. If you do a search in Google, the information you enter is used to target you by way of the ads that you will see and Google stores your search criteria forever. If you go to a weather site such as the NOAA Weather website, the only information you share is a zip code or city so that's harmless to you. So keep in mind the potential hazards when offering personal information on the Internet. When you do things like online banking or making credit card purchases on the Internet, make certain that https appears in the URL bar, not just http. The "s" means you are on a secure connection.

My last suggestion would be to use strong passwords and never the use the same password for multiple sites. There are four elements to a strong password - Upper Case Letters, Lower Case Letters, Numbers and Symbols. There are 94 characters on the standard computer keyboard. That allows almost endless possibilities for creative passwords. Things like "5" in place of "S" or perhaps "V V" in place of a "W" or if you’re a Linux user, you may know that %20 is equal to a blank space." It's not so much the length of a password that's important but the complexity. Once you get used to using this strategy it gets a lot easier. Maybe you can see the pattern in some of these.

K1cKT|-|ebuck3t - kick the bucket
[email protected]|me - now is the time
[email protected] - can of worms
RweThER3Yet - are we there yet

They're easy enough to remember as long as you remember what characters were substituted.

The myths I mentioned earlier are things such as changing your IP address frequently or using a Proxy or VPN to mask your real IP Address. The websites you visit are almost never the source of malicious attacks on peoples IP addresses. The things that are probing your real external IP address are robot computers looking for vulnerabilities. They will attempt to gain access to your IP hundreds of times every day trying many different ports no matter how often you change the IP or how many proxies you use. The bots systematically probe IPs all day, everyday and they are not going to go away no matter what you do. Within seconds of getting a new IP it will be being probed by another bot. The reality is that the people I see using Proxies and VPN connections are usually the malicious people that are the spammers, trolls and hackers trying to hide their location.

People seem to think that they can be identified by their IP Address. The answers is, not unless you are doing something malicious on the Internet. The only one that can connect your IP Address to your physical address is your ISP and they will not release the information without a properly secured subpena from a legal authority that has jurisdiction. All of the IP searches will only get a city or town name at best and even that is not very accurate. When my personal IP is checked for location, it shows either Blaine or Ham Lake in Minnesota, neither of which are correct.

The point is, hiding your IP does not improve your privacy or security unless your one of those annoying creatures that we call spammers, trolls and hackers.