It's always a bonus to uncover a shortcut or program enhancement, and here we bring you 100 tips and tricks that we hope will make your computing experience quicker, simpler or more rewarding. From Windows to security, ergonomics to photo-imaging, PC Authority gives you inside information on how to make the most of your IT assets.
Security conscious
1 Don't forget to secure your handheld computers. They may be great for storing the passwords of important systems, but unfortunately they're also easily lost or stolen. At the very least, make sure you password-protect your handheld or use on-the-fly encryption to create encrypted disk volumes. Products are available from SoftWinter ($85) and Pointsec ($20,000 for 100 users). See www.softwinter.com or www.pointsec.com.
2 Get around to doing all those housekeeping chores you know you should have done already. These may include enabling WEP on your Wireless LANs and segmenting them from the internal network with firewalls, changing your passwords and checking firewall rule sets.
3 Foil many password crackers and other hacker tools by including special characters such as extended ASCII codes in your passwords. To set or enter one that includes special characters you need to hold the Alt key and type a number between 128 and 255 on the keyboard's numberpad.
4 FTP isn't a secure way to update files on your Web server unless you tunnel it over SSH. Run the FTP service, but make it accessible only to the local machine (such as localhost or 127.0.0.1). Use a firewall rule to deny outside access to port 21 for added security. Run an SSH service and turn off any unnecessary ones, like Telnet. On your remote computer, run an SSH client such as PuTTY and configure port forwarding by specifying a Source port (21), and a Destination (localhost:21).
Establish an SSH connection with the server and, using your favourite FTP client, connect to port 21 on your own PC. This will create a secure FTP connection to the Web server via the encrypted SSH session.
5 Run more than one anti-virus program on your desktop to increase your chances of intercepting nasty code. This doesn't mean you have to buy more – there are some very effective free utilities available, including Grisoft's AVG (www.grisoft.com).
6 If you use VNC to remotely administer systems, remember that all traffic that passes to and from VNC connections is unencrypted after the initial connection. And VNC passwords are a maximum of eight characters long. Use SSH tunnelling as in tip 4.
7 Use Microsoft's IIS Lockdown Wizard (www.microsoft.com/security) to disable unnecessary settings in Internet Information Server. The latest version of this utility includes another essential Microsoft tool, URLScan, which filters out potentially harmful HTTP requests.
8 Firewalls allow and block connections on specified network ports, but most can't analyse the traffic that passes through. Install a lightweight intrusion-detection system such as Snort (www.snort.org), and place sensors on the outside and inside of the firewall to catch out hackers.
9 Before installing intelligent security measures that rely on USB keys or similar authentication methods, consider the company's culture. One IT manager recently told us that he couldn't depart from a weak, PIN-based scheme because users would leave their tokens at home and always forgot passwords.
10 Think twice before encrypting backups. If the media becomes damaged, you could lose access to the entire archive. Instead, weigh up the advantages of a low-tech approach, such as storing tapes in a safe within a secure server room.
