SECTION 2: How to not get hacked:
(written by
kennyj)
1. Do NOT download any hacking programs.
You never know what is included with them, or even if they will do what they advertise (which they usually don't.) See the Common Myths and Misconceptions thread, here:
http://new.battleforums.com/showthr...&threadid=10122
If you want maphack, go here:
http://forward.to/mousepad
Bots, the best and safest place is here:
http://www.d2jsp.org
I'd rather just give you the right place to look than have you look in the wrong place...
Note that neither of these will do anything that's really "hacking," Maphack just gives you information that the game normally doesn't, while D2JSP is a framework for bots and scripts (the popular ones are usually safe.) If you want real hacking utilities, you're asking for trouble.
2. Keep an antivirus installed and updated.
I recommend the lastest version of Norton; its great because it'll always allow you to update it. Once a week is a good idea.
Avast! is also a nice personal antivirus that has come into its own since I wrote the above. A few false alarms may show up on occasion, but it's also picked up a few things that Norton and McAfee glossed over. Overall, it's a very nice little utility and you can't beat the price of $0.
3. Get a firewall.
A - If you have broadband, you may have considered a home broadband router/gateway. These are the simplest firewalls, so to speak, as their very nature will stop most incoming attacks such as port scans, trojan probes, et al. If you have one or are planning to get one, it'll provide decent security for your purposes. They ARE the most limited type of firewall as well, more on the limitations of there and other firewalls below.
B - If you have broadband or a home network, see about getting a real firewall set up between your computer and the outside world to protect you. There are appliance (also known as hardware) firewalls that can be purchased to do the job, or you can make a firewall from a computer (anything from a Pentium or K6 and faster will suffice, and it'll need to have two network cards - one for the connection to the outside world and one that connects to your computer or network.) There's information on this if you search at Google, basically you'll want to install a product like Freesco, Smoothwall (recommended) or something similar. Smoothwall will do a good job especially if you don't know what you're doing with firewalls; if you do know what you're doing then you probably don't need this guide. "TYPE=PICT;ALT="
It should be noted that a system like Smoothwall running on an old computer will allow you to firewall a dialup connection as well, assuming your ISP is not AOL and uses PPP connections (research this if you're not sure.)
C - Install a personal firewall. There are programs you can install on your computer that will act as firewalls. They aren't as effective as a standalone firewall from a security perspective, but they have the added advantage of being able to control exactly what programs can and can't access the internet - this, alone, can stop many hacks dead in their tracks (but not all.) There are two good free firewalls for Windows, the first (for new users) is ZoneAlarm (search for it) which is free but will mention it's commercial verson when you use it, and Tiny Personal Firewall for those who know what they're doing with a firewall. There are other firewalls that you can pay for like BlackICE (so shitty I wouldn't use it if it were free) and Norton (not bad, but not worth paying for. Last I heard, Zonealarm was more secure anyway.) If in doubt, install Zonealarm or Tiny Personal Firewall which is (IMO) better than ZoneAlarm because it is A. less bloated B. more stable and C. offers finer-grained control. Although, the reverse can be said due to ZA's IDS feature (where it bans access from IPs that attempt known cracks) but this isn't a big deal for home users. Then again, in a corporate environment, I'd favor a well-configured *nix firewall over ZoneAlarm Pro, at least at entry points. This aside, I have found that TPF is more stable in some configurations, such as finnicky SMP hardware, but most people here aren't likely to even see such a computer anytime soon.
Now, it also seems there are a few new players in the free personal firewall market. I haven't tested these, but they look interesting:
www.kerio.com/kpf_download.html
www.bart-ware.net/fw2/
Bart-ware Personal Firewall includes some spam filtering in the free version (though you're better off using the Bayesian filtering built into Thunderbird) while Kerio's personal firewall is more fully-featured, comparing to ZoneAlarm. This is as far as I am able to comment, as I have not tested either application.
It's worth pointing out that you can use multiple firewalls if you want. A personal firewall will never hurt unless you're on a VERY slow computer (around 300mhz or so) and the ability to control program's internet access is a nice thing to have. Excellent security when that's doubled up with a standalone firewall or a broadband gateway.
Note on the limitations of broadband gateways: they are not all created equal; it's a good idea to research them first to see how good the ones available at your local computer store of choice (or internet store of choice) are. Those that have features like actual firewall technology, and things like port forwarding, are more desirable. Some approach the security of standalone firewalls as well.
Of course, whatever route you take, make sure that you keep up to date on software updates. Even hardware firewalls and appliance home broadband gateways get updated, through firmware patches. No code is ever perfect, and these updates make sure that the firewall will keep chugging along with as few problems and as much security as possible. This is especially important for software firewalls, and of course applies to any software you run on your computer as well.
4. Use some common sense.
I once had a Database Management Systems teacher (also a hardened unix admin) who told me, "You can make it idiotproof, and they'll build you a better idiot." Don't blindly download and install anything - read up on it first. Make sure that you know what's going onto your computer. Make sure you got it from the right place (since anyone can take a program, put a virus in it, and then offer it for download.) Don't go the sites that people spam in Diablo chat rooms (they almost always are packed with trojans.) Don't listen to people that tell you to download something to make or change an item (see well above.) Don't rely on anything that you do to protect your computer to save it from the stupidity of anyone that uses it. No firewall will stop a virus, no antivirus program will catch every virus, and many hacker programs like keyloggers (which steal passwords) and Diablo-specific hacking trojans will pass right by antivirus programs since they're not really viruses in the first place. The measures I outline here will protect you from random chance, but not against an outright mistake. Watch what you're doing and exercise some common sense, and don't be afraid to ask about something if you think it might cause any damage. I'd rather field newbie questions about whether or not programs X Y and Z are safe than field questions about how to get a stolen account back.
It should be noted that you can get a virus by simply accessing a web page when your web browser has a security vulnerability. Bugs in a browser's rendering engine can allow someone to take control of it by using the right Dirty Little Tricks, which are usually very specific to a single browser and even specific versions of said browser. Running the newest version of your browser of choise helps. Not running Internet Explorer helps even more, as it has more known flaws than every other modern browser combined (and likely will for the forseeable future.) I highly recommend Mozilla Firefox, available at
http://www.mozilla.org/products/firefox as a fast, reliable browser that actually gets updates and bug fixes on a regular basis.
Email clients work the same way. Always use the most up-to-date version possible, and stay the hell away from Outlook and Outlook Express. Mozilla Thunderbird, at
http://www.mozilla.org/products/thunderbird is a decent alternative.
And make sure that whoever else uses your computer isn't a moron, and if they are, take a moment to teach them how NOT to screw it up. Supervise if necessary.
While I'm at it, if you're serious about protectiong your computer, search Google for information on how to secure and tweak whichever operating system you're using. Disable programs that don't need to be running, keep an eye on what IS running, close up what holes you can. Do keep in mind that Microsoft has one of the worst reputations for security in the industry and that when they say something is secure, it's cause for you to double-check that everything is kosher. Apple is better but far from infallible, if you're on OS X then there's almost certainly some room for improvement depending on how your computer is set up. You probably don't need to be running Apache and ftpd on a home system, after all.
A special thanks goes to Kennyj and HipHopHobo