Computer Security Guide

| April 6th, 2009 Fuzzy Posted in Guides | Comments Off on Computer Security Guide

You’re probably familiar with words like Adware, Spyware, Trojans, Viruses, Rootkits, Worms and so on…  All forms of Malicious Software (malware).   Each year they get more deceptive, harder to remove and better at proliferating.  The people who write these programs have different objectives, but the end result for you and I is generally the same, should our computers get infected:  Computers lose performance or functionality and/or we can fall victim to fraud and identity theft.

Are you doing enough to protect your PC?

Before we get into it, it’s important to recognise a few things:

  • There are no “silver bullet” solutions to blocking or curing an infections.  No anti-virus program or internet security suite will protect against 100% of threats and many infections are capable of disabling or bypassing your security software.  However, a little bit of knowledge and awareness goes a long way towards preventing infection.
  • Many fake malware tools will ask for payment to properly clean your PC.  Often they look like they’re a part of Windows.  DO NOT PAY THEM!! Seek expert help.
  • Malware is not exclusive to the internet.  It can also be passed on through USB drives, CD’s and DVD’s and floppy drives.

You can find a list of recommended software applications at this page.


Security Programs:

** Important Note:  There are many bogus or rogue programs on the internet that attempt to mimic legitimate programs or Windows itself.  Before using any program that you haven’t heard of, be sure to thoroughly research it to make sure that it is safe to use.  This guide lists a range of rogue products and is a good starting point.

Anti-Virus Software

One of the most fundamental components of computer security. As a general rule, don’t use the Internet without it.  For it to be effective, anti-virus software must be kept up to date (by default they automatically update).  anti-virus software should have “real-time” or “pro-active” monitoring, meaning that it proactively monitors files that are opened, accessed or created while the computer is in use.  They should also provide scanning of inbound email messages.  It’s a good idea to use the anti-virus program to periodically do a full scan of your hard drive(s).
** Don’t run two anti-virus programs with real-time monitoring on the same system.  They will interfere with each other.

Anti-Spyware Software

Another fundamental part of computer security, these programs usually target spyware, adware and a selection of viruses and trojans.  Like anti-virus software, it’s imperative to keep anti-spyware software upadated.  Some of the best anti-spyware tools available are free, but at the expense of some features, such as real-time monitoring.  Those programs rely on the user to manually update and run the program on a regular basis – but that’s not to say they lack effectiveness.

Hardware and/or Software Firewall

One of the best security tools available:

  • Hardware Firewalls can be found in almost all broadband routers and in some broadband modems.  These are an inbound filter that hides and protects your network ports from (some) unsolicited internet traffic.
  • A software firewall is a program that’s installed on your computer.  Usually these perform both inbound and outbound filtering and require some level of user intervention.  They can be handy if you want control over which programs are allowed to access the network.  On the other hand, it’s possible to accidentally block your computer from the interne if you block the wrong things.  These days software firewalls are getting much more intuitive, taking most of the guesswork out of the equation.

Internet Security Suites

These are a combination of security tools bundled into one package.  The typical components are antivirus, anti-spyware, software firewall and anti-spam.   Often they have a range of other functions  as well (eg. anti-rootkit, parental control, etc).  The downside is that they tend to use more resources than using just the basics, but the upside is that they provide a broader scope of protection along with paid technical support.  A worthwhile trade-off.  There is a difference in the effectiveness and peformance between different suites and for that reason I recommend avoiding Trend Micro and Symantec (Norton) products.  Please refer to this page for programs that I recommend.


Securing Windows

Windows Updates

Many infections are designed specifically to exploit vulnerabilities in Windows’ code.  Some of the most famous and potent infections have been exploits of poorly written software code (MyDoom, Conficker, Sobig, Melissa, Sasser, Blaster).  The best way to protect yourself from these infections is to ensure that Windows Automatic Updates is on and working.  For the same reason, it is also important to update many other programs such as MS Office, Firefox, Java and chat clients (Live Messenger, Yahoo Messenger, etc).

User Passwords

Each user account on your PC should have a password to help prevent hackers or malware from gaining access to your account.  Many security authorities also recommend using only limited accounts so that if someone/something does gain access to your account, it’s movements are heavily restricted.  The downside is that in Windows, your own functionality can also be restricted.  XP Home users should also be aware that there is a hidden Administrator account.  You can change the password on this account by booting your computer into Safe Mode.  To do this, you need to press the F8 key before you see the Windows loading bar appear.  This should be immediately after you see the first screen(s) listing hardware information.

Use a HOSTS File

A HOSTS file is a lookup table designed to redirect traffic, commonly used to stop computers accessing malicious websites and also commonly used by malware to block access to legitimate sites.  By default, computers translate web addresses that we can understand into IP addresses that it can understand, but first it will check to see if that web address is listed in the HOSTS table.  We might type in “www.google.com.au“.  The computer translates that to 66.102.11.147.  If we want block Google, we can tell the HOSTS file to point it to 127.0.0.1, which is a loopback address to your own computer.  The request never leaves your computer.  You can download a ready-made HOSTS file from here.  If you have a software firewall or internet security suite, check if it has the ability to lock the HOSTS file (prevents malware from changing it).  Spybot Search & Destroy‘s Immunisation feature includes maintaining a HOSTS file for you, but it’s best not to lock it if you choose to do it this way, otherwise Spybot won’t be able to update it.

Avoid Peer to Peer networks (LimeWire or Torrent Downloaders)

Using peer to peer networks puts your computer at very high risk of infection.  With the vast majority of files circulating on these networks, you can’t be sure of the origin of the files and as such, you can’t be sure that they’re clean from infection.  These days just about any file type can be infected, including music files and pictures.  Torrent programs can be used to download legitimate programs, but if you do use them for this purpose, be sure to acquire the files directly from official torrent links.

Use an Alternative Web Browser and Email Client

Internet Explorer is the most common browser and Outlook Express is the most common email client.  Malicious software is directed at the most popular programs to achieve maximum exposure. By using alternative software, you can reduce the risk (or impact) of an infection.

  • Popular alternative web browsers include Firefox and Opera.
  • Popular alternative clients include Thunderbird or EudoraIncredimail is another popular alternative, but it severely lacks in it’s ability to export messages, making migration to other email clients a potential nightmare.

Wireless Security

If you use a wireless network on your broadband account, you should at least have wireless encryption enabled.  Preferably WPA2 or WPA encryption.  Unlike using network cables, wireless signals can be intercepted without your knowledge.  If they’re encrypted, it’s much harder for a prospective hacker to obtain personal information.  Your wireless network name (SSID) should also not reflect your name, location or the brand/model of your router.  Having this information can make it easier for a hacker to access your network.  Your router should have a strong password and “remote administration” should be disabled (meaning that a network cable is requred to modify the router settings).

Online Gaming Security

This refers to games that you install on your computer and then play online (car racing, shooters, etc).   Typically they open a range of network ports for online access.  If these ports are unprotected, it’s easy for someone to hack your computer or for infections to spread between computers – as such, it’s a common source of infection.  The best way to protect your PC is to use a hardware firewall (eg. broadband router).  The game’s manual or online FAQ’s will have details on specifically which ports to unblock.  The router’s manual will have instructions on how to manipulate the ports.  PortForward.com is also an excellent resource for finding router instructions and specific game ports.


Tags: , , , , , ,


AddThis Social Bookmark Button

Comments are closed.

«
»