Chris Penick is an expert CISSP instructor who has trained every branch of the US Military, written cyber-warfare training and deployment protocols, as well as training hundreds of corporate IT professionals from some of the biggest Fortune 150 companies.

The CISSP Certification is the premier IT Security certification for people looking to move into management or existing managers looking at executive management positions.

Palaestra Training’s President, Christopher Rees said, “I’m extremely proud of the CISSP certification training series, as it’s a step up in production values, content quality and ease of use.  Chris did an excellent job covering the 10 domains in depth, as well as adding some additional content on hacking and social engineering.”

As always, Palaestra’s training comes with high-resolution AVI videos, and also includes iPod versions of the training along with audio-only .mp3 versions as well.  MeasureUp’s award-winning exam prep software is also included as a perfect addition to help the student test their knowledge before sitting to take the real exam.

To view a full-length video on cryptography from the series or for more information visit Palaestra Training’s CISSP Certification Training product page.

The CISSP Certification Training Series contains the following Videos:

1.    Intro and Tips

- Domains introduction
- Study Techniques

2.    Access Control – Part I

- Key Concepts
- Information Classification
- Control Categories
- Control Types
- Passwords
- Biometrics
- Single Sign on
- Access Control Models
- IDS and IPS

3.    Access Control – Part II

- Errors
- Crossover Error Rate
- Fingerprints
- Retina Scan
- Iris Scan
- Hand Geometry and Topography
- Signature Dynamics
- Keyboard Dynamics
- Voice Print
- Facial Scan
- Single Sign On (SSO) Pitfalls
- Kerberos
- SESAME
- Privileged Attribute Certificates
- Federated Identity Management

4.    Access Control – Part III

- Access Control Models
- Discretionary Access Controls
- Mandatory Access Controls
- Rule-based Access Control
- Role-based Access Control
- Constrained User Interfaces
- Access Control List
- Intrusion Detection Systems
- IDS components
- Network Based IDS (NIDS)
- Signature based
- Anomaly-based
- Rules-based
- Denial of Service (DOS)
- Distributed Denial of Service (DDOS)
- Buffer Overflow
- Malicious Software
- Password Crackers
- Password Caching
- Password Hashing
- Spoofing & Masquerading
- Sniffers, eavesdropping & tapping
- Emanations
- Shoulder Surfing
- Object Reuse
- Data Remanence
- Slack Space
- Data Mining
- Dumpster Diving
- Backdoors and Trapdoors
- Logic Bombs

5.    Application Development Security – Part I

- Databases
- Database Interfaces
- Testing
- Programming Languages
- Object Oriented Programming
- Distributed Computing
- Web Security
- Malware
- Patch Management

6.    Application Development Security – Part II

- Waterfall
- Spiral
- Joint Application Development
- Rapid Application Development
- Clean Room
- Computer Aided Software Engineering
- Prototyping
- Unit Testing
- Integration Testing
- Regression Testing
- Acceptance Testing
- Change Control
- Capability Maturity Model
- Software Escrow
- Coding & Programming Languages
- Assembly Language
- Compiled Code
- Procedural Languages
- Objected Oriented Languages
- Cohesion

7.    Application Development Security – Part III

- Database
- Database Interfaces
- Software Development
- Testing
- Programming Languages
- Object Oriented Programming
- Distributed Computing
- Web Security
- Malware
- Patch Management

8.    Business Continuity and Disaster Recovery Planning – Part I

- Objects
- BRP vs. DRP
- Steps in BCP
- Recovery Targets
- Natural Disasters
- Identify Preventative Controls
- Recovery Strategies
- Business Process Recovery
- Hot, Warm, Cold Sites
- Multiple Processing Centers
- Supply and Technology Recovery
- Hardware Backup
- Software Backup
- Software Escrow
- Cut over test
- Executive Succession Planning

9.    Business Continuity and Disaster Recovery Planning – Part II

- Archive Bit
- Full backup
- Incremental, Differential

10.    Cryptography – Part I

- Concepts and Terms
- Key generation and management
- History
- Symmetric encryption
- Asymmetric encryption
- Stream ciphers
- Block ciphers
- Non-encryption ciphers
- Public key infrastructure
- Email security
- Attacks

11.    Cryptography – Part II

- DES
- 3DES
- Advanced Encryption Standard (AES)
- RC5, RC6, RC4
- Blowfish
- Asymmetric Encryption
- Diffie-Hellman
- RSA
- DSA
- EL-Gamal
- Elliptic Curve Cryptosystem
- Collisions
- Hashes
- MD2, MD4, MD5

12.    Cryptography – Part III

- Birthday Attack
- Hash-based Message Authentication Code
- Non-repudiation
- Digital Signatures
- Ciphertext Only Attacks
- Known-Plaintext Attack
- Steganography
- Running Cipher
- Concealment Cipher
- Public Key Infrastructure
- Certificates
- Key Archiving
- Email Security

13.    Legal, Regulations, Investigations and Compliance – Part I

- Overview
- Types of Law
- Legal Systems
- Intellectual Property
- Privacy
- Specific Laws and Regulations
- Legal Concepts
- Investigations
- Forensics
- Evidence
- Compliance
- Ethics

14.    Legal, Regulations, Investigations and Compliance – Part II

- Due Diligence
- Downstream Liability
- Negligence
- Motive
- Incidence Response
- Pre-investigation Steps
- Forensics Process
- Chain of Custody
- Evidence Types
- Admissibility
- Logs as Evidence

15.    Operations Security – Part I

- Management Concepts
- Secure Booting
- System Hardening
- Clipping Level
- Configuration Management
- Media Control
- Network & Resource Availability
- RAID
- Contingency Planning
- Email Security
- Hacking and Penetration Testing
- Attacks
- Secure Booting
- Initial Program Load
- Crash Recovery
- Configuration Management

16.    Operations Security – Part II

- RAID 1, 3, 5
- SAN
- Clustering (Active/Passive, Active/Active)
- Virtualization
- Contingency Planning
- Emails Ports and Protocols
- Hacking Terms
- Penetration Testing
- Salami, Data Diddling
- Emanations Analysis
- Wiretapping, Sniffing, IP Spoofing

17.    Physical and Environmental Security – Part I

- Concepts
- CPTED
- Construction
- Securing the computer room
- Protecting assets
- Power
- Environmental issues
- Fire prevention and suppression
- Perimeter security
- Locks
- Fencing
- Lighting
- Surveillance
- Intrusion detection systems

18.    Physical and Environmental Security – Part II

- Securing the Room
- Protecting Assets
- Types of Safes
- Power
- Electrical Issues
- Power Best Practices
- Environmental Issues
- Fire Prevention and Suppression Systems

19.    Physical and Environmental Security – Part III

- Perimeter Security Controls
- Lock Types
- Lock Grades
- Lock Picking
- Combination Locks
- Cipher Locks
- Switch Lock
- Personnel Access Controls
- Surveillance
- Cameras
- Intrusion Detection Systems

20.    Information Security Governance and Risk Management – Part I

- CIA
- Security Management
- Information Risk Management
- Risk Analysis
- Policies, Standards, Baselines

21.     Information Security Governance and Risk Management – Part I

- Guidelines, Procedures
- Positions and Responsibilities
- Administrative Control Concepts

22.    Security Architecture and Design

- Hardware Architecture
- Processing
- Memory Management
- Operating System Architecture Models
- System Architecture
- System Security Models
- Trust, Assurance and Functionality

23.    Telecommunications and Network Security – Part I

- OSI Model
- TCP/IP Model
- IP Addressing
- Protocols and Ports

24.    Telecommunications and Network Security – Part II

- Networking Terms
- Topologies
- Media Types
- Devices

25.    Telecommunications and Network Security – Part III

- Firewalls & Architecture
- Network Operating Systems
- DNS
- Network to Network Connections
- VPNs
- Authentication Protocols

26.    Telecommunications and Network Security – Part IV

- Wireless
- Wireless Authentication Types
- Attacks & Countermeasures
- SYN Flood
- Ping of Death
- Session Hijacking
- Honey Pots

27.  Introduction to Hacking

- Brief History
- What do Hackers do?
- Hacking Tools & Methodology

28.   Buffer Overflow Attacks

- Overview
- Demo

29.   Social Engineering

- Overview
- Examples
- Methods

30.   Vulnerability Assessments

- Vocabulary / Terms
- Best Practices
- Tools

31.    Subnetting

CISSP Certification Series Released is a post from: Palaestra Training

Aimed at the consumer and small business market, this application really takes aim at the existing free anti-virus solutions out there, and even some of the pay solutions that consumers and small businesses use. 

The application is built on the same engine Microsoft’s enterprise solution (ForeFront) is built on, and integrates nicely into the operating system.  When I’ve tried other applications, including AVG Free, Avira, and Avast! I’ve always noticed the fact it was there in that my OS seemed to slow down to varying degrees when the software was scanning or downloading updates.

With Microsoft Security Essentials I haven’t noticed any impact to overall system performance.  In addition, the software caught a few things that the other applications mentioned above didn’t catch for whatever reason.

As a general rule of thumb I prefer built-in or integrated solutions simply because I feel there’s a better user experience, things are less intrusive and it just seems to perform better.

The big AV companies like Symantec, McAfee, Kaspersky and others surely must have at least a little trepidation over the fact the Microsoft has released a free anti-virus solution that they charge for.  Will Microsoft’s Security Essentials replace full-blown suites that Norton, McAfee and the others provide?  No, and it’s not intended to.  The others have firewall applications, inbound/outbound mail scanning, instant  messaging scanning, etc., that Security Essentials doesn’t have.  In my opinion however, those are all things you don’t really need in the first place and just slow your system down.  XP, Vista and Windows 7 has a firewall built-in, most people these days sit behind a cable, DSL or FIOS router which has firewall capabilities, and their IP address is masked behind the router’s NAT (Network Address Translation) feature as well.

Microsoft Security Essentials offers real-time scanning and virus, malware and spyware detection, so having an inbound/outbound mail scanner on top of real-time protection seems a bit like overkill to me as well.

What do you think?  Does Security Essentials fit the bill for you and your environment or do the added features offered by one of the bigger companies AV “Suites” fill the needs of your environment?

Is Microsoft’s New Anti-Virus Software a Game Changer? is a post from: Palaestra Training

New vulnerabilities are discovered every day that could allow an attacker to penetrate your infrastructure.  Company data, company secrets, account information, financial data and more is at risk if your network is compromised. 

Here are 10 hacking tools that you should be aware of and use on a regular basis to help you see what the hackers see, and to keep your networks more secure.

Packet Sniffers

1. WireShark (http://www.wireshark.org)

Wireshark is perhaps one of the most widely used (and free) network monitoring / packet sniffing tools out there.  When you download and install, it will also install the WinPcap application.  Once your familiar with WireShark, you’ll be able to sniff your corporate network, trace conversations, identify insecure passwords, etc (especially using additional software like Cain & Abel).

This tools runs on Windows, Linux and Mac systems

2. Kismet (http://www.kismetwireless.net)

Kismet is a very powerful wireless sniffer, often used for “wardriving” (driving or walking around, searching for wireless networks to connect to).  A lot of features in this application including the ability to identity non-beaconing networks (networks that aren’t broadcasting their SSID).  Always a good idea to see how secure (or insecure) your wireless networks are if you have them within your company.  Wireless networks are one of the larger security holes in many networks (and home networks).

This tools runs on Windows, Linux and Mac systems

3. Cain & Abel (http://www.oxid.it/cain.html)

One of the most popular “password recovery” tools for Windows operating systems is definitely one you should be familiar with.  Insecure (i.e. weak) passwords offer little to no defense against a fairly knowledgeable hacker.  If they can can physical access to your network (including attaching to wireless networks) chances are they can sniff the network traffic and crack insecure passwords in a matter of seconds to minutes.  Routinely check your network for the existence of weak passwords using a tool like Cain & Abel to identify user’s who need to strengthen their passwords.

This tools runs on Windows, Linux and Mac systems

4. Metasploit (http://www.metasploit.com)

This tool is geared more toward people who do penetration testing (pen testing), patch installation verification, regression testing, etc.  It’s a framework that allows you to develop tools to test and launch exploits against your system to verify patches, defenses, etc., are working correctly.  A little more learning curve here, but if you really want to take your skills to the next level, this is one tool you should add to your skillset.

This tools runs on Windows, Linux and Mac systems

5. Hping2 (http://www.hping.org)

TCP/IP packet injection and manipulation is again a skill that is a little higher on the food chain, but something you should become familiar with.  Using this tool you can send partial ping packets, IP fragmentation, etc., to test firewalls, discover firewall rulesets, remote OS fingerprinting and more.

This tools runs on Windows, Linux and Mac systems

6. Nikto (http://www.cirt.net/nikto2)

If your organization maintains web servers, or you have a hosted solution that you want to ensure is up to snuff, a tool like Nikto might very well fit the bill.  It is a web scanner that can scan for thousands of potential vulnerabilities, and best of all it’s free and open source.

From the cirt.net website: Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

This tools runs on Windows, Linux and Mac systems

7. Nmap (http://nmap.org)

Nmap is a network mapping tool that can be used by security administrators to scan and test their networks for unidentified servers, hosts with vulnerabilities and/or unnecessarily open ports, etc.  Nmap is a popular tool among security administrators and hackers alike, and has been featured in such Hollywood movies as the Matrix: Reloaded and Die Hard 4: Live free or Die Hard.

This tools runs on Windows, Linux and Mac systems

8. Nessus (http://www.nessus.org)

Nessus is one of the most powerful network scanners available, and most serious security administrators tool of choice.  They have moved from offering a free version to a commercial version, which is potential cost prohibitive to some administrators.  However when you factor in the cost of remediating a hack to your network or infrastructure, potential loss of data, critical systems, and/or reputation it’s a small price to pay.

This tools runs on Windows, Linux and Mac systems

9. Snort (http://www.snort.org)

Snort is an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) that is widely used by security administrators to detect intrusions into their networks. It combines the benefits of signature, protocol and anomaly based inspection and is one the most widely deployed IDS/IPS technology worldwide.  There are a few pre-requisites for installing and running Snort, including Libpcap, PCRE, Libnet and Barnyard.

This tools runs on Windows, Linux and Mac systems

10. Retina (http://www.eeye.com/html/Products/Retina/index.html)

A commercially available network and security scanner from the folks at eEye Digital Security, Retina is a full-featured network monitoring application.  While not free nor open-source, it’s a popular tool used by many corporate and government security administrators.  Retina can also report on compliance with many corporate policies including SOX, HIPAA, GLBA, PCI and others.

10 Hacking Tools to Make Your Network More Secure is a post from: Palaestra Training

Over 15 million PCs have reportedly been infected, and all of these suspected infections are supposed to kick in and “phone home’” on April 1st.  What happens when all these machines start phoning home?  No one knows for sure since it hasn’t happened yet, but the general consensus is that one goal may be to create a giant distributed computing environment that can be used for many different purposes; from spamming to snooping, collecting data, logins and passwords, sensitive information and so forth.  Another potential use would be a large-scale Distributed Denial of Service attack (DDOS attack).

Most of the Anti-Virus companies out there have been talking about conficker for weeks or more, and offer ways to keep your systems updated.  Make sure whatever anti-virus package you use, you keep updated.  Also install all the latest patches and/or service packs for your operating system (Mac users don’t have to worry about conficker unless you’re running Windows in a virtual machine or dual booting (i.e. bootcamp)).

Another great weapon against worms like conficker is the free DNS service called OpenDNS (www.opendns.com).  We’ve talked about OpenDNS before and how it can keep your browsing safer and more secure.  They’re an excellent service that enables you to fine tune your DNS and control what your users (or children) can and can’t get to.

OpenDNS has been actively updating their blocklist to include all the domains conficker may try to contact.  Worms like conficker, once activated, contact sites on the internet to get further instructions on what do to, where to go, etc.  Conficker.C supposedly generates some 50,000 domain names a day so trying to keep up with your own blocklist by hand would be a daunting, if not impossible task.

That’s one of the beautiful things about OpenDNS, is that they keep those blocklists updated for you.  By blocking access to those domains at the DNS level, you can effectively shut out any possibility (or most possibilities) of the worm actually being able to do anything.

So to protect yourself, some things to consider:

1. Update your anti-virus programs as soon as possible
2. Ensure real-time scanning is enabled on your Anti-Virus programs
3. Install all hotfixes, patches and updates
4. Turn on firewalls if appropriate (at the router or perimeter as well as individual machines – Again, do so where appropriate and make sure doing so doesn’t break any critical applications or connectivity)
5. Utilize a service like OpenDNS that blocks the vast majority of threats like the Conficker worm at the DNS level

Following these steps can go a long way to preventing the spread of worms, viruses and other general nuisances.

If you have a method or tool you use to keep your networks safe, please feel free to share!

Protect Against the Conficker Worm is a post from: Palaestra Training

Koren has been training and consulting in the most dynamic environments for over 10 years. She has worked and trained people across a wide spectrum of industries including government, commercial, secure, and extremely large network infrastructures. Koren is also a Microsoft Certified Trainer and consultant with a remarkable ability to convey information clearly and creatively in a technical environment.

She is the president of Wise Technical Innovations in Norfolk, Virginia and her company specializes in the following:

• Creating Cisco secure environments
• System Center Configuration Manager 2007
• SMS
• Project Server 2007 deployments in multi-site environments.

She is well-known for providing tailored solutions that are a perfect blend of training and consulting and Palaestra Training is excited to be able to provide that perfect blend of technical expertise and engaging presentation skills to our students and customers.

Other certifications Koren holds:

• Cisco Certified Systems Instructor #30837
• Cisco CCNA
• Cisco CCNP
• Microsoft MCSE on 2003, 2000 and NT 4.0
• Microsoft Certified Trainer (MCT)
• MCTS Windows Server 2008 Active Directory & Applications Infrastructure
• MCTS Windows Server 2008 Network Infrastructure & Windows Vista
• MCTS Microsoft Office Project 2007
• IT Project+
• Network +

New Trainer – Cisco Security Expert is a post from: Palaestra Training

There are a multitude of ways to connect to the internet these days, from internet-enabled cell phones, online games, gaming consoles (xbox, xbox360, Wii, PS3, etc).  Additionally, it doesn’t necessarily protect you simply because you have strict rules in your house or you monitor what your children do. 

For example, you might have strict internet usage polices at home, but that doesn’t mean the neighbor’s do as well.  That doesn’t mean your child wont be able to access the internet unrestricted at a friend’s house.  With WiFi hotspots practically everywhere, a child with a laptop can connect virtually anywhere if they exhibit a little persistence.

What does this mean as parents?  It means you have to go the extra mile to stay informed, educate your children to obvious (and not so obvious) dangers, and take the steps necessary to stay ahead of the curve.

Online services such as Family Watchdog help keep you informed about predators in your neighborhood, or surrounding areas.  These types of tools are invaluable and I highly recommend them.  However, use them for what they are:  tools in the arsenal, not the entire weapon’s chest.  Just because Family Watchdog or similar service doesn’t report a sexual predator in your area doesn’t mean they don’t exist.  It simply means they haven’t been caught, or perhaps they are passing through the area.  Always keep a watchful eye, and understand that there are dangers out there that we all need to be aware of.

A Parent’s Guide to Internet Safety is a great way to get informed and stay educated with regard to the dangers children face both online and offline.  Everything from hackers to scam artists, cyber-bullies to online predators are covered and explanations on how to use tools like Family Watchdog are covered in detail.

It’s up to each of us to protect our families, so no matter where you decide to get educated about the online dangers our children face; get educated somewhere.  

Internet Safety and Family Watchdog is a post from: Palaestra Training

Called Chrome, Google’s browser is sleek, very fast, and takes a new approach at browsing the web (from the ground up).

There are a number of technical advancements under the hood, which Google describes in typical Google fashion.

This browser has a number of features that really differentiate it from the other major players (Internet Explorer, Firefox and Safari), including the ability to run each tab independent of one another.

What this means basically is that if one tab hangs it doesn’t hang the whole browser.  This, coupled with a new java virtual machine, V8, combine to make the whole browsing experience very pleasant.

Even though it uses the same rendering engine as Apple’s Safari (webkit) it seems faster and has, in my opinion, a better overall interface.

Simple things like search within a document (ctrl-f) has a nice “built-in” feel that doesn’t get in the way. 

In IE, it pops up a totally separate window which has always annoyed pretty much anyone who’s ever used.  Firefox got it right with bringing a little search box up at the bottom of the screen, but Chrome’s implementation just seems much more polished.

Browsing in Stealth Mode

Another interesting feature that I’m sure will draw attention is incognito mode. 

By enabling this feature, you’re able to surf the web without having the traces of your surfing saved to the computer.  The sites you visit aren’t saved in any session or history logs, and any cookies or temporary files downloaded during the session are deleted once the browser is closed.  You can run incognito mode side-by-side with regular mode, by opening a new “incognito window”.

This allows you to “go shopping for your significant other” without them being able to see where you’ve been.  Right… 

There a few sites or applications that aren’t working quite right on Chrome, but that’s to be expected with any new player in town.  For the most part the vast majority of sites we’ve visited displayed faster, the interface is slick and almost transparent, and we’re certainly glad to see another player in the market space to further drive competition and innovation.

As for privacy concerns, Matt Cutts of Google is doing a great job answering the majority of questions around this.  If your curious, definitely check out his blog for more information.

Is it water-tight and super-secure?  No, not entirely.  No browser, especially one that is highly popular and in the cross-hairs, will be totally invulnerable.  In fact, there have already been a few chrome security holes identified.  I’m sure there will be more, and hopefully they’re fixed just as quickly.  We’ll have to wait and see.

All in all, so far so good and it seems Chrome is already making a bit of an impact on the browsing community.

Google Chrome – Browsing Just Got Stealthier is a post from: Palaestra Training

You’ve also more than likely searched for a way to do all this while blocking access to various categories of websites (i.e. pornography, video streaming, etc) without having to constantly monitor, update and tweak.

If you’re technically savvy there are servers and applications you can setup in-house, but they require upkeep and updating, not to mention hardware and other resources.

This is where the beauty of OpenDNS comes in.  This free service is proclaimed as the world’s largest and fastest growing DNS service. 

Best of all it’s free, takes very little configuration to set up, and you can instantly start taking control of your network.

Why Block Access to Certain Sites?

Why would you want to block user’s access to certain types of sites?  A great question indeed!  If you are responsible for a business network (or a parent looking to keep their children safer) it only makes sense to block access to things that are deemed inappropriate. 

In a work setting, this is typically adult content sites, streaming video sites, chat or social networking sites, etc.  While these types of sites certainly have their place in the world at large, in a work environment they can open the business up to liability, decrease network performance and at the very least waste a lot of time.

OpenDNS is very easy to setup, and once you’ve created a free account you simply define your network or networks, point your upstream DNS to use them instead of your ISP and you’re instantly able to control what is accessible. 

You can block by category, by specific site, and even create custom messages that appear on a user’s screen when they attempt to access a site that is not allowed.

Easy to Configure and Manage

OpenDNS has a lot of great features, and we recommend you check them out for yourself.

One that I particularly like is the ability to set up shortcuts (like the old days of putting names in host files). 

With a shortcut, you can set up short pointers that direct you to your favorite website.  Then you only have to enter the shortcut into your browser’s address bar and your taken to the site.

The list of features goes on, and for a free services there is lots to be happy about.  Check out OpenDNS for yourself and see if it’s right for you home, small office or business.

Need a Safer and Faster Browsing Experience? is a post from: Palaestra Training

Lots of websites collect personal information – some are just more obvious when doing it.

There are those sites that ask for personal information up front before granting the user access. Often, site visitors are asked for their name and e-mail address before gaining access. The Internet is a public place, so how anonymous are you? When you visit any web page, you leave traces of where you’ve been. Worse, if you share a computer, someone can see what you’ve been up to online in just a few clicks.

But there is a way to maintain your privacy through erasing the digital footprints that remain after you close your browser.

What’s important? When you want to cover your online tracks, consider removing the following: browser histories, cookies, cache files, AutoComplete information, e-mail trash, and log files created by chat programs and your internet connection. You can delete these items yourself, or install a program to do it for you.

Here are the 8 best ways to cover your online tracks:

1. Remove Most Recently Used (MRU) list

Most programs keep an MRU list showing the last used items. The most recently opened documents list is one of the ones you might be interested in, as it shows the last documents you’ve opened. You can remove or clear the list in one of several ways.

In Windows XP, you can right-click on the Start Menu, choose Properties > Start Menu > Customize > Advanced > Clear List. You can then uncheck “List my most recently opened documents” to prevent it from keeping a list in the future. Another method would be to manually remove it from the registry. Any time you tweak the registry, you run the risk of damaging your system so do so at your own risk.

If you want to remove the MRU from the registry, the key is found at HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer and then remove the key for “Recent Docs”. Again, back up your registry before you make any changes, there is always the risk of damage to your system.

2. Your identity

Most websites you visit log your IP address and activities, including the pages you view, the files you download, and the transactions you make. Your IP is also recorded in e-mail headers, discussion boards and mail servers. If you really want to keep your IP information private, you can install software that masks your IP, such as MMIP or Anonymous IP.

3. Cookies

Leaving a trail of crumbs with your cookies? Cookies make it easier for companies to identify visitors to their site and can be programmed to track your movements as you flit from site to site. Cookies allow websites or marketing networks to create a profile of you based on the information you have provided and your browsing patterns, and before you know it, ads are popping up on your screen. To clear them, go to your internet options and clear the cookies periodically.

4. The Cache
Empty the cache, also known as the Temporary Internet Files in Internet Explorer. The folder contains previously visited web pages and images, allowing anyone to click a link and see where you’ve been.

To clear it:

• In Internet Explorer- Choose Tools > Internet Options and click Delete Files.
• For Firefox or Netscape Choose Tools > Options, pick Privacy and click the Clear button next to Cache.
• To avoid doing this every time you surf the internet, you can disable the cache so nothing is documented.

5. Turn off AutoComplete

People can also detect where you’ve been if you have AutoComplete switched on. How do you know if it’s active? Type a few letters of a URL into your web browser and you’ll see previous entries of other searches appear. To turn it off, go to your Internet Options tab and navigate to the option that allows you to turn off AutoComplete.

6. Take out the trash

Keep the trash from getting into your inbox. Your email provider may have anti-spam software to screen spam for you. You can filter the trash by installing a program that filters out spam automatically.

Sometimes, it’s ok to keep secrets! Obviously, the best way to maintain your privacy is to use your own common sense, but pair that with a few good practices and you’re well on your way.

7. Clear Toolbar Data

If you use the Google toolbar, or Yahoo, Alexa, or any of the thousand other browser toolbars out there, make sure you clear the search data there as well. If not, when someone types something into the toolbar’s search area, it brings up your history which shows things you’ve searched on before that begin with the same letter or same word.

Clearing the toolbar will vary from one to another, but in Google’s toolbar for example, you’d click on the search box drop down and click “clear history”.

8. Anonymous Proxies

If you are ultra-concerned with privacy, you can browse the Internet through anonymous proxy servers. An anonymous proxy strips off your identifying information and replaces it with bogus information, so when you visit a website, it doesn’t show your IP address.

While this is again one of those things sounds great in theory, most of the free anonymous proxy servers are painfully slow and will make surfing too frustrating for most. The option is there however, for people who absolutely need to ensure their tracks are covered.

8 Best Ways to Cover Your Online Tracks is a post from: Palaestra Training

It’s great to have a tool that complements your shrewd set of eyes, but you still need to teach your children to be cautious when surfing the internet.

Tools to enhance your children’s protection

IamBigBrother is available for both homes and business. You’ll know exactly who your kids chatted with last night and be able to read the full conversation!

Features:

• It runs in the background and remains undetected by the user. It captures chats and instant messages, email, websites…etc.
• It takes screen captures periodically.
• You can view recorded activity from any computer via a secure server.
• It monitors everything on your computer.
• Logs all visited websites.

The benefits:
You can enter in keywords and anytime they appear, they’ll be flagged as a problem. You can also click on a day in the calendar and pull up all the activity for that day.

SpectorPro has some interesting features to enhance your protection on your home computer. A Top 10 Summary Report logs a report of the most frequently used keywords, most visited websites and email and chat conversations.

Features:

• View the text of both incoming and outgoing email plus both sides of chat/IM conversations.
• The program activity records the actions of programs on your computer so you’ll know if your kids played games instead of doing homework.
• Screen captures allow you to visualize what your kids are looking at every few minutes.

The benefits:

With SpectorPro, The lists are organized for easy scanning. You can view the domains for websites visited by date. Then if you want to look at more, you can view each individual page. It also allows you to view the content of email and chat messages.

WebWatcher is simply designed to make it easy to protect your children from harmful areas of the internet. Completely invisible, it stands up to the most computer savvy of children. The best part, you don’t have to be an expert to use it.

Features:

• Blocks websites
• Records visited websites
• Screenshots
• Records Instant messages and emails

The benefits:

Once the program records what happens on your computer, it uploads the information to an account online that you can access from anywhere. You can also block websites your children visit based on the information you provide, using keywords or URLS. WebWatcher is also in real time, so you can see what your kids are doing while they are doing it.

Safe Eyes allows you to decide how much internet usage is appropriate for your child. It also allows you to specify what websites are appropriate, so when your children get distracted from homework they’ll be playing games or surfing websites that you approve of.

Features:

• Web and email blocking
• Time limits
• Program blocking
• Instant alerts

The benefits:

With Safe Eyes, you can control the amount of time your child is online, as well as when they’re granted access. You can also monitor instant messaging and categorize and flag over 35 categories of harmful websites.

Net Nanny not only made our 15 Top Software Solutions in 2008 but because of its overwhelming success and recognition it made this list as well for top monitoring tools for parents. Net Nanny provides protection on the World Wide Web, and less known dangerous parts of the Internet like the Usenet, peer to peer networks, and FTP forums. Updates happen automatically over the internet, so you’ll always have the latest version.

Features:

• Total customization
• Blur technology
• Customized restrictions
• Integration with popular search engines

The benefits:

With Net Nanny, you can implement blur technology to blur out the view of questionable material. You can hold suspicious items in quarantine until you review or delete them. The content clean up mode suggests files you may want to delete, and you can classify different warning levels to classify risks of different websites.

Minimize and be aware of dangers

Remember, it is still important to set some ground rules for your children when surfing the net so they are aware of the dangers lurking sometimes just a click away. Here are some tips to consider:

• Define a clear set of guidelines on using the computer and make sure your children know your expectations.
• Talk to your children about chat rooms and bulletin boards. Teach them to never give out personal information to people they meet online.
• Keep the computer in a central location in your home and know the other places your children may be granted access online.

Top 5 Tools to Protect your Children Online is a post from: Palaestra Training