Desktop PC Security and ShopSite / Order Manager

This is an archive of old posting to the User Forum

Desktop PC Security and ShopSite / Order Manager

Postby Larry Bohen » Sat Dec 28, 2002 7:45 am

We (www.audiobooksonline.com) host our ShopSite SC Pro 6.1 Web store with
Lexiconn.com and added ScanAlert's "HackerSafe" service recently. The
"HackerSafe" icon at our Web store shows visitors that ShopSite and the host
server are secure. Presumably, the "HackerSafe" icon may make some visitors
more comfortable with providing their credit card information and turn them
into customers.

What customers likely don't realize is that their order information
(including credit card) is downloaded to my desktop PC and imported into
Order Manager. My desktop PC is not certified by ScanAlert as "HackerSafe"
therefore I am very concerned that my PC may be "hackable."

My PC is on a LAN which is connected to the Internet by a DSL router. I was
told by our telephone company (provides the DSL service) when I had the DSL
line and router installed, that our PCs would be "invisible" to the Internet
and therefore NOT "hackable."

I have had security checks done by the free services at www.pcpitstop.com
and www.symantec.com and passed, however I am still not completely
comfortable.

I'd like to know how other ShopSite / Order Manager users are addressing
this security issue.
Larry Bohen
 

Re: Desktop PC Security and ShopSite / Order Manager

Postby Rob » Sat Dec 28, 2002 9:08 am

Here are a few things that I do on my home PC to make sure it is as secure
as possible:

1. If you are using a router (That has a built-in NAT based firewall), make
sure that the firmware is up to date. The firmware is the software that is
in the router that controls how it runs and blocks intruders. You can update
the firmware by downloading the latest firmware release from the website of
the company that makes the router (Usually in the support -> downloads
section of a website). There should be instructions on the website on how to
do this.

2. I run a software firewall on each of the PC's I have attached to the
network. I use Symantec's Norton Personal Firewall. This adds another layer
of protection to the the computer. A software firewall can also be
configured to detect when any program on your PC tries to send data out onto
the Internet, and warn you of this. This is good for detecting a trojan
horse program on your PC that may be trying to send personal information out
to its destination.

With the software firewall, you will want to keep the program up to date by
downloading the latest releases and patches. One thing to check on your
firewall is that you are not blocking "Referrer Info", as this can cause you
many problems with using other websites that need this information to
properly log you in, or take you to a previous page. (In Norton, it is under
Options -> Advanced.)

3. Make sure you are running Virus protection software and that the software
and virus definitions are always kept up to date. A virus on your computer
can help hackers identify a possibly compromised computer.

4. If you are using Microsoft Windows, make sure you download and install
ALL critical updates as soon as they are released. With later versions of
Windows (Me, XP, etc...) you can enable Windws Update to run automatically
and check for updates that are available. Having your operating system up to
date will help patch any holes in your web browser or computer that could be
exploited.

5. If you are sharing files and folders between computers, make sure you are
only sharing certain files/folders that you want, and not the entire hard
drive. This limits access to your network if someone was to break in. If you
do share information on the LAN, make sure you have a router/firewall
installed to prevent unauthorized users from gaining access to all of your
PC's.

6. If you are using a Wireless laptop and router on your LAN, make sure you
are using WEP (Wireless Equivalent Privacy) at all times. WEP basically
encrypts all of the data being sent over the wireless network, so someone
cannot intercept that transmission and view the data. It might not seem like
a big deal now, but as wireless LAN's become more popular, it will become
more popular for "hackers" to point their laptop to a local WLAN and log
onto the wireless network of others in their area.

7. Never open an attachment in an e-mail from someone you do not know or
trust. Just delete it right away. If it contains a new virus that your
software cannot detect, running it will install that virus on your computer.

Here is a good link to a good site about security for networks and PC's:
http://compnetworking.about.com/cs/networksecurity/

HTH

Rob

My PC is on a LAN which is connected to the Internet by a DSL router. I
was
told by our telephone company (provides the DSL service) when I had the
DSL
line and router installed, that our PCs would be "invisible" to the
Internet
and therefore NOT "hackable."

I have had security checks done by the free services at www.pcpitstop.com
and www.symantec.com and passed, however I am still not completely
comfortable.

I'd like to know how other ShopSite / Order Manager users are addressing
this security issue.
Rob
 

Re: Desktop PC Security and ShopSite / Order Manager

Postby Daves Discount Motors » Sat Dec 28, 2002 9:49 am

At the very least, you should use a software firewall on your desktop PC
such as Personal Firewall from Mcafee.com.
A better solution would be to place a hardware firewall between your LAN and
the DSL router.

"Larry Bohen" <lbohen@audiobooksonline.com> wrote in message
news:auk9ug$on7$1@support.shopsite.com...
We (www.audiobooksonline.com) host our ShopSite SC Pro 6.1 Web store with
Lexiconn.com and added ScanAlert's "HackerSafe" service recently. The
"HackerSafe" icon at our Web store shows visitors that ShopSite and the
host
server are secure. Presumably, the "HackerSafe" icon may make some
visitors
more comfortable with providing their credit card information and turn
them
into customers.

What customers likely don't realize is that their order information
(including credit card) is downloaded to my desktop PC and imported into
Order Manager. My desktop PC is not certified by ScanAlert as "HackerSafe"
therefore I am very concerned that my PC may be "hackable."

My PC is on a LAN which is connected to the Internet by a DSL router. I
was
told by our telephone company (provides the DSL service) when I had the
DSL
line and router installed, that our PCs would be "invisible" to the
Internet
and therefore NOT "hackable."

I have had security checks done by the free services at www.pcpitstop.com
and www.symantec.com and passed, however I am still not completely
comfortable.

I'd like to know how other ShopSite / Order Manager users are addressing
this security issue.


Daves Discount Motors
 

Re: Desktop PC Security and ShopSite / Order Manager

Postby Phil Spinelli » Sat Dec 28, 2002 2:05 pm

I use
http://www.zonelabs.com/store/content/home.jsp

Works with your local network and the internet.


Phil

Daves Discount Motors wrote:

At the very least, you should use a software firewall on your desktop PC
such as Personal Firewall from Mcafee.com.
A better solution would be to place a hardware firewall between your LAN and
the DSL router.

"Larry Bohen" <lbohen@audiobooksonline.com> wrote in message
news:auk9ug$on7$1@support.shopsite.com...
We (www.audiobooksonline.com) host our ShopSite SC Pro 6.1 Web store with
Lexiconn.com and added ScanAlert's "HackerSafe" service recently. The
"HackerSafe" icon at our Web store shows visitors that ShopSite and the
host
server are secure. Presumably, the "HackerSafe" icon may make some
visitors
more comfortable with providing their credit card information and turn
them
into customers.

What customers likely don't realize is that their order information
(including credit card) is downloaded to my desktop PC and imported into
Order Manager. My desktop PC is not certified by ScanAlert as "HackerSafe"
therefore I am very concerned that my PC may be "hackable."

My PC is on a LAN which is connected to the Internet by a DSL router. I
was
told by our telephone company (provides the DSL service) when I had the
DSL
line and router installed, that our PCs would be "invisible" to the
Internet
and therefore NOT "hackable."

I have had security checks done by the free services at www.pcpitstop.com
and www.symantec.com and passed, however I am still not completely
comfortable.

I'd like to know how other ShopSite / Order Manager users are addressing
this security issue.


Phil Spinelli
 


Return to User Forum Archive

Who is online

Users browsing this forum: No registered users and 58 guests