cayi
asked on
email security
does hardening windows will make sending of email less likely to be intercepted when using free webmail like yahoo and others?
Can i make it more secure by tweaking some security settings?
Can i make it more secure by tweaking some security settings?
Like b0lsc0tt said, usually mails are not encrypted so basically anyone who can monitor data on your network or the Internet can read the mail.
You can protect your mail messages using S-Mime (built into most E-Mail clients) or PGP (http://www.openpgp.org) however the former requires the recipient of the message to have an S-Mime certificate (you can get one for free at http://www.thawte.com) and the latter requires the PGP software to be installed on both machines, and is a bit less secure.
Please also note that mail encryption is not supported by any webmail service (as far as I know), only E-Mail software.
You can protect your mail messages using S-Mime (built into most E-Mail clients) or PGP (http://www.openpgp.org) however the former requires the recipient of the message to have an S-Mime certificate (you can get one for free at http://www.thawte.com) and the latter requires the PGP software to be installed on both machines, and is a bit less secure.
Please also note that mail encryption is not supported by any webmail service (as far as I know), only E-Mail software.
ASKER
>Like b0lsc0tt said, usually mails are not encrypted so basically anyone who can monitor data on your network or the Internet can read the mail.>
how do i avoid this. there must be something i could do like locking down my computer, turn off some services so no one can easily gain access to it.
how do i avoid this. there must be something i could do like locking down my computer, turn off some services so no one can easily gain access to it.
Use MIME and Digital Signatures.
BR Dushan
BR Dushan
cayi - What are you talking about? There are two different situations here.
1) Someone reading your mail as it goes from or to you on the network - Except encrypting the mail there is absolutely NOTHING that can be done (see above).
2) Breaking into your computer and reading your mail from it - Using a firewall and keeping up with the security updates for the mail software would (almost) always prevent that.
1) Someone reading your mail as it goes from or to you on the network - Except encrypting the mail there is absolutely NOTHING that can be done (see above).
2) Breaking into your computer and reading your mail from it - Using a firewall and keeping up with the security updates for the mail software would (almost) always prevent that.
I agree with the items mentioned in Chatable's last comment. What did you mean by "locking down [your] computer"? Is your concern someone sitting at your computer and reading your email? If so, then what operating system do you use? What email program? Are you asking about a specific service?
Most likely Chatable's last comment covered what you asked in your follow up but part of that follow up was confusing.
bol
Most likely Chatable's last comment covered what you asked in your follow up but part of that follow up was confusing.
bol
ASKER
by "locking down" I meant in terms of security.
i'm talking about webmail service not email software
i'm talking about webmail service not email software
Webmail generally offers the same level of security as software based E-Mail. If someone is somehow able to sniff your Internet connection, he will be able to read your mail (when connecting from home this is not likely but if you connect from your office then it's another thing).
About someone breaking into your mailbox - The good thing about webmail is that its security is unrelated to your computer's security. The rules to good security are - choose a complex password, change it frequently and don't give it to anyone. If you do so you should generally be safe.
About someone breaking into your mailbox - The good thing about webmail is that its security is unrelated to your computer's security. The rules to good security are - choose a complex password, change it frequently and don't give it to anyone. If you do so you should generally be safe.
ASKER
i'm concern about someone remotely seeing my yahoo mail.
so i'd like to know if i could configure security settings in windows, if that can minimize that risk
so i'd like to know if i could configure security settings in windows, if that can minimize that risk
ASKER
the above came a little late
cayi,
Did Chatable's last comment answer your question about configuring Windows security. It seems like it should but I want to make sure. Just to emphasize the point Windows security settings won't have an effect on a web mail account. If you think about it the nature of a web mail account is in some ways unsecure. The best way to protect is strong password that is regularly changed, like Chatable suggested, and never use a public computer.
Let us know if you still have questions.
bol
Did Chatable's last comment answer your question about configuring Windows security. It seems like it should but I want to make sure. Just to emphasize the point Windows security settings won't have an effect on a web mail account. If you think about it the nature of a web mail account is in some ways unsecure. The best way to protect is strong password that is regularly changed, like Chatable suggested, and never use a public computer.
Let us know if you still have questions.
bol
It is simple - if someone knows your yahoo password they can enter you mailbox. Choose a password that will not be guessed easily.
One thing I should note (that I forgot to mention earlier) - You should still protect your own PC to prevent someone from hacking to your computer and installing various spyware, keyloggers, etc, which might give away your password. And as b0lsc0tt mentioned - Do not connect from public computers.
One thing I should note (that I forgot to mention earlier) - You should still protect your own PC to prevent someone from hacking to your computer and installing various spyware, keyloggers, etc, which might give away your password. And as b0lsc0tt mentioned - Do not connect from public computers.
ASKER
>Did Chatable's last comment answer your question about configuring Windows security.
as he says keyloggers could get my password and that's when windows settings matters beyond the security on the webmail's end and my strong password . so on that regard, which windows services do i enable or disable, any registry hacks etc. can you giveme a security checklist
as he says keyloggers could get my password and that's when windows settings matters beyond the security on the webmail's end and my strong password . so on that regard, which windows services do i enable or disable, any registry hacks etc. can you giveme a security checklist
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I believe that in order for a computer to be considered secure it should have an Anti-Virus, a Firewall and an Anti-Spyware installed. Also the firewall should be properly configured.
ASKER
but besides having those sofware installed. I'd like to complement that with some tweaking to windows for an overall protection. no need to give an exhaustive list just point me to some links, they are so many information around hardening windows that i need to sift through that . could you give me hand.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I'm glad that I could be one of those that helped you. Thanks for the grade, the points and the fun question.
bol
bol
As far as email being "intercepted" it will make no difference. Neither option transmit a secure or encrypted message. If you are concerned about something getting your contacts and misusing the info or sending mass emails then make sure you get the latest updates especially if you use Microsoft email programs. Non microsoft programs (e.g. Eudora or Mozilla's Thunderbird) are less likely to be hacked.
Let me know if you have any questions or need more information.
b0lsc0tt