Securing your computer
Many people are under the delusion that it is possible for them to secure their computer against all
attacks, and that they can therefore safely behave as they wish when they are online, clicking on anything they want, and visiting any sites they wish, secure in the knowledge that they have a firewall and an anti-virus program that will save them from all ills.Sorry to disillusion you, but that is not, nor will it ever be true.
The purpose of installing protective programs on your computer is to minimise
the number of online threats you will be subject to, and they generally do a very good job as long as you appreciate their limitations.
I think it might be helpful at this point to give a simplified overview of how your defensive systems work so you can understand what some of these limitations are ....
The average home computer has approximately 64,000 ports through which it can communicate. By default these ports are open and can be used by any program which cares to access them, either from within the computer or from without. If you were to go online with a computer in this condition you would quickly be attacked and your computer would be infected.
To prevent this you install a Firewall. A firewall will close all open ports and you then open the ones you need by setting "rules" for them according to the instructions supplied with the Firewall program. Usually you will have ports open for your Internet Browser, your e-mail client, and the update functions for various programs.
These "open" ports will not be fully accessible, in that they will only allow a communication if it was instigated from within your computer. Any unsolicited communications from outside are blocked.
However if you are tricked into starting the communication, then as far as your Firewall is concerned it is a legit transaction and it will open the port. So by clicking on malicious links, replying to unsolicited e-mails and attachments, and downloading from unsafe sources, you are effectively bypassing any protection your Firewall supplies.
At this point your Anti-Spyware and Anti-Virus programs take over. The real-time-protection in these constantly scan the data stream in your open ports looking for things that match with items in the database they have within them. If they find something then they will alert you, or quarantine it, or delete it, according to the rules set within the program.
However as you can see, if the database does not contain details of the infection that's attacking you, then your Anti-Virus or Anti-Spyware programs will not protect you. There are new infections (or new variations of old infections) created every day, which is why it's vital to keep your programs up to date. Even with a fully updated database though, you are still playing catchup, which is why your Firewall, Anti-Virus and Anti-Spyware programs cannot ever give you 100% protection.
Adding more and more programs will not
give you more and more protection, it's up to you to take some responsibility for your online actions, and modify them to give your programs the best chance of protecting you.
Please read the section .... Types of threat
.... to see how you can modify your online browsing habits to give yourself a better chance of not contracting an infection.So now you realise that your protection can never be absolute, let's look at what you can do to make it as effective as possible .....
- Follow safe online browsing habits.
- Keep Windows and your programs up to date.
- Use a firewall.
- Use an Anti-Virus and an Anti-Malware program.
- Minimise your chances of visiting infected sites.
- Control the sites that can use scripting on your browser.
- Use a Sandbox when browsing.
- Follow safe online browsing habits - browsing with caution is the single biggest thing you can do to reduce your chances of contracting an infection. You can fit every protective system under the sun, but if you act like an idiot online then sooner or later you will contract an infection. So take some responsibility for your behaviour and give yourself a much better chance of staying uninfected.
- Keep Windows and your programs up to date - once a month on the 2nd Tuesday of the month Microsoft release a series of "patches" to resolve problems and security vulnerabilities that have been found for the various versions of Windows. It is important that you install any security related patches. For most people the simplest way to do this is to enable Automatic Updates in Windows. Alternatively experienced computer users can opt to have Windows prompt them when patches are available.
Below are links to guides for how to set up Automatic Updates for the various versions of Windows.
As well as Windows it is important to keep your other programs up to date as well. Old versions of java, flash, your browser, and a whole lot of others, can be exploited, so it is important you have the latest versions installed on your computer.
To make the job easier for you Secunia have an online scanner which will scan your computer for any out-of-date programs and notify you which they are so that you can update them.
Alternatively a free program named SCars can be used to help "remind" you to update your computer. You can use it to set up automatic notifications and updates for your security programs, as well as various routine maintenance processes.
FileHippo also have an update program that can be used to check for the latest versions of the programs on your computer.
- Use a firewall - all the later versions of Windows (XP, Vista, Windows 7) come with a firewall, so make sure it is switched on. Most people now also connect to the internet via a modem or router which will also act as a hardware firewall.
However most people leave their router with the manufacturer's default settings. This is not secure. The default SSIDs (Usernames) and Passwords for a great many routers are well known to hackers, and many can be looked up online at sites like THIS.
THIS article gives some good advice on how to make your Wi-Fi connection more secure. I recommend you read through it, and that at the very minimum you should change your router's password. There is a step by step example of how to do so HERE.
For advice on how to create a strong password read THIS article.
Generally the combination of a hardware firewall and the inbuilt Windows firewalls will be sufficient to guard your ports, however you can expand the functionality of your firewalling by installing a 3rd party firewall and using that instead of the inbuilt Windows firewalls. There is a list of free 3rd party firewalls in the section .... Links to free security applications and online scanners.
Vista and Windows 7 also have UAC (Universal Access Control) fitted. UAC is what is known as a process firewall. UAC only allows processes to run on your computer if they have been given permission, it is a really valuable addition to your computer's security and should never be switched off. Yes the pop-up requests for permission can be a little irritating sometimes, but believe me they shade into insignificance compared to the irritation and inconvenience you will suffer having to deal with a full blown infection.
Most UAC alerts will be as a result of something you are doing, they are expected and it is a simple matter to allow them, but if one flashes up that you were not expecting, then read carefully what the alert says and if you're not sure then disallow it. You may just have saved yourself a whole bundle of grief.
- Use an Anti-Virus and an Anti-Malware program - viruses and malware are not the same thing, and the programs used to detect and protect against them operate in significantly different ways, so it is important that you have one of each installed on your computer.
Installing more than one of each will cause conflicts and will result in less not more protection.
Because viruses and malware are constantly evolving it is essential that you keep your anti-virus and anti-malware programs updated to the latest definitions. You are much more likely to contract one of the newer infections that is "doing the rounds" than an older infection variety. An out-of date AV or AS program, or a program using out-of-date definitions is not going to protect you. Most of the reputable programs have settings to allow them to update automatically, use them. If the program you use does not allow auto-updating, then you should update it manually on a daily basis.
There is a list of free Anti-Virus and Anti-Malware programs in the section .... Links to free security applications and online scanners.
- Minimise your chances of visiting infected sites - you will greatly reduce your chances of getting infected if you do not visit sites that are known to spread infections.
There are two ways of doing this ....
- Block access to those sites using a HOSTS file.
- Get notification of sites with a dubious reputation using one of the various "site evaluation" programs.
There are links to HOSTS files and site evaluation programs in the section .... Links to free security applications and online scanners.
- Control the sites that can use scripting on your browser - by disabling the use of scripts within your browser you can significantly reduce the chances of contracting a "drive-by" infection. Unfortunately this also has the effect of disabling the functionality of a great many legitimate website applications, and for this reason it is not an option that most people would choose to use.
For users of Firefox however there is a compromise.
NoScript is an add-on extension to Firefox, which permits you to allow or deny the use of scripts on a site by site basis. The default condition for all sites is to block scripts, and you then add sites you know and trust to a "whitelist" so that scripts are allowed when you visit those sites.
The advantage of this method is that when browsing to an unknown site you are protected from scripting exploits, but once you have determined that the site is safe, with a couple of clicks or so you can enable scripts and access the full functionality of the site.
- Use a Sandbox when browsing - sandboxing is a system in which your browser (or other programs) runs within a virtual environment. Any changes made while using the sandbox are confined within the sandbox. So if you come across something malicious when browsing, then any alterations it may make to your computer are restricted within the sandbox environment, and when you close the sandbox those alterations are deleted.
Sandboxes are not 100% secure, and it is possible for some infections to "break out" of them, which is why it is important not to rely on them as your sole means of protection. However if used sensibly they can significantly add to your protection when browsing.
There are links to sandboxing programs in the section .... Links to free security applications and online scanners.