The Twenty Minute Guide to PC Security: 20 Tips to Secure your Box[PART-1]

We've all seen the geek squad commercials on TV where some woman calls BestBuy, and within 5 minutes this friendly 18 year-old kid pulls up in a VW bug and works "miracles" by cleaning and securing her virus infested computer all within about 10 minutes.

For those of you that have tried to hire help to clean the malware out of your PC, however, you've likely found out what the commercial never mentions, that within a month you're right back where you started, with an infested and almost unusable computer.

With over 140,000 known computer viruses and 85,000,000 spam emails sent out each day, the likelihood of your PC coming into contact with malware such as viruses, worms, and spyware is almost guaranteed. And once your computer becomes infected with malware, simple tasks such as browsing the web can be very frustrating as your computer's speed is drastically decreased -- that is if you can still connect to the internet at all. Given the prevalence of malware, the only real long-term solution is preventing it from infecting your computer altogether, but how?

In this article we cover 20 of the most basic PC security steps, from installing essential safeguards to tailoring your own Internet behavior, which will together help you dramatically reduce the odds of your computer being infected by malware. Thus, by implementing these 20 simple and straightforward steps you can dramatically decrease the chance you'll ever have to call up your local PC repair shop for a cleaning ever again.

 

The Basics: Spotting and Eliminating Threats

As the saying goes, before you can run, you must learn how to walk. And you can consider your first baby step into computer security installing the basic software needed to detect and eliminate threats.

1. Use a firewall
   You can think of a firewall as a sort of shell around your computer that identifies and filters out threats, while letting secure information pass through it and reach your computer. Because a firewall serves this all-important filtering role between your computer and the internet, using a firewall is the very first step on the path to computer security.
   
   Suggestions:
   • If you're using Windows XP, thankfully you already have a firewall installed. So the only thing you need to check to make sure that you have it activated. To enable the firewall, navigate to the Control Panel, and select "Network Connections". From there right click your active internet connection, and select the "Properties" menu. Finally choose the "Advanced" tab and check the "Internet Connection Firewall" box.
   • If you don't have Windows XP or you simply want to upgrade beyond the standard protection it provides, there are a host of third-party software firewall options out on the market, among the best of which is Norton Personal Firewall. Or for those of you who want to save some money, a good free third-party firewall option is PC Tools Firewall Plus 1.0.
   
    
2. Install and update anti-virus software
   A good firewall will filter out many of the threats facing your computer, however, some malware is always going to find its way onto your PC. For example, viruses, worms, Trojan horses and other forms of malware can find their way onto your computer by various means a firewall cannot detect, including downloading malicious email attachments and files from the internet. So to protect your PC you'll also need strong regularly updated anti-virus software. While a firewall protects your computer from the outside, an anti-virus program will work from the inside of your computer, hunting down hidden viruses and deleting them, while also scanning attachments and downloads before they can infect your computer.
   
   Suggestions:
   • For those of you that don't mind spending a few dollars on security, CA, offers one of the best products in the personal anti-virus market. They also offer a free 30-day trial for their anti-virus software, so you may want to give it a try even if you don't plan on ordering, just so that you can clean your computer out and start fresh.
   • If you're looking for a highly regarded free anti-virus alternative, try PC Tools Anti-Virus Free Edition.
   
    
3. Install and run anti-spyware software
   Even though firewalls and anti-virus programs are more well-known when it comes to basic security steps than installing anti-spyware software, it may actually be your anti-spyware program that provides your computer with the most significant increase in security.
   
   Today, the most common form of malware that internet users encounter is spyware. In fact, a recent study estimated that 9 out of 10 computers connected to the Internet are currently infected with some form of spyware. Spyware can take a variety of forms, however, some of the most common effects are that it causes unsolicited pop-ups to appear, steals personal information, monitors internet activity for marketing purposes, or routes your website requests to other spammy advertising sites.
   
   Suggestions:
   • Perhaps the most popular spyware removal program is Lavasoft's Ad-Aware. Ad-Aware comes in a variety of packages including the Professional edition, available for purchase on the Lavasoft website, and the Personal edition,which is free of charge. Because running an anti-spyware program can tend to slow your computer down and use up computing resources, try running the spyware scan in the background of your computer.
   • Another popular anti-spyware tool is Spy Sweeper. Spy Sweeper is offered as shareware and comes equipped with both anti-spyware and anti-virus features, which means that you can get more complete protection even faster.
   
    
4. Install additional basic threat counter-measures
   In addition to the three universally needed security software programs discussed above, there are a couple of other software installations which can be basic necessities for you, depending upon your particular computer usage.
   
   Suggestions:
   • If you do a lot of surfing on gaming, gambling, or pornographic sites, you are particularly vulnerable a type of malware called Rootkits. If this is the case, it is absolutely essential that you install anti-rootkit software to secure your PC, and even if you don't fall into one of those vulnerable categories it is still a good idea. A well-reputed option is Sysinternal's Rootkit Revealer to help you identify and remove rootkits from your PC.
   • Parental Control: For parents, installing parental control software isn't just about determining what sites your child has access to, it is also an important step in keeping your computer malware free. Often children spend lots of time surfing on gaming sites, or enjoy making downloads of free software or screensavers. Unfortunately, however, these are all very dangerous activities when it comes to picking up malware. One of the strongest parental controls comes as a part of the ZoneAlarm Internet Security Suite which also includes several types of firewalls, as well as virus and spyware protection.

 

Tweaking Settings and Making Usage Adjustments

Now that you have installed the most basic PC security software, there are a number of more specific weak points in your computer's armor that need to be shored up either by making some personal behavior adjustments to compensate for the particular security weakness or by making the necessary upgrades to minimize its vulnerability.

1. Strengthen your web browser security
   You connect to the internet through your internet browser. And whether you use Firefox, Internet Explorer, Opera or anything else, this is a point of major weakness in any computer's defenses. Hackers often target their attacks on your computer by focusing on flaws in browsers or their plug-ins and using drive-by downloads, to get your computer to download malware through the browser without you even knowing that something was downloaded. Because of this threat, web browser security upgrades are an important early step in your PC security overhaul.
   
   Suggestions:
   • The easiest browser security upgrade is simply to switch internet browsers. Microsoft's Internet Explorer is subjected to the largest number of security threats, so switching to a popular safer alternative such as Mozilla's Firefox or Opera will dramatically improve your PC security right away.
   • For those dead set on using Internet Explorer, you should raise the security level from the default to high setting and specify which websites are trusted enough to bypass the browser's security filter. You can do this by opening up a new browser window, selecting the "Tools" menu, followed by "Internet Options." From there choose the "Security" tab and finally drag the bar to the "High" level.
   
    
2. Install the latest OS service pack
   Hackers are constantly developing new types of malware, some of which try to exploit weaknesses in an operating system to get into your computer. Therefore, it is important to always install the latest Windows OS Service Pack (SP) updates in order to keep your computer secure. Microsoft releases patches and updates for their Windows operating systems once a month on "Patch Tuesday."
   
   Suggestions:
   • Currently the safest Windows XP operating system uses Service Pack 2 (SP2). How do you know you have SP2? Open up your PC's control panel and look for the icon called "Security Center." If you see it, you have SP2. If not, make sure to download it right away.
   • Download patches only directly from the official Windows site and never from anywhere else, no matter how official the site looks. Spammers often cleverly create fake infected patches and post them on their own or other people's websites in order to trick people into infecting their own computers by downloading them. Thus, by downloading your patches exclusively from the official Windows site, you can minimize the chances of ever encountering a fake patch in the first place.
   
    
3. Select secure software and update it regularly
   You've probably seen those funny Mac and PC commercials on TV where the PC talks about the huge number of viruses and exploits Windows is exposed to relative to Macs. Unfortunately, it is true that the operating system and software that you select plays a big part in how many threats your computer faces. Though the number of threats that affect Mac OS X programs is expected to grow in 2007, for now at least, viruses are concentrated on Microsoft's programs. Consequently, if you are running a Windows OS, or another Microsoft application, it is extremely important that you frequently update your application with all the new patches that Microsoft puts out. Stated simply, the longer a critical internet-dependent application goes without an update, the higher the probability your computer will have a security threat. So to avoid unnecessary breaches in security, keep your important software up to date.
   
   Suggestions:
   • Run automatic updates for Windows XP patches and your web browsers. While using automatic updates is not the safest solution for a lot of applications, when it comes to fighting new viruses that threaten your operating system and key programs, the risk of using automatic updates is far outweighed by the benefits of quickly updating.
   • Educate yourself on the differences in the levels of threats facing different operating systems and applications. While it probably doesn't make sense for you to select an entirely different operating system on the basis of increased threats, it might make sense for you to choose an alternative program where a similar product is offered by a competitor that faces far fewer security attacks.
   
    
4. Disable file sharing on your hard drives
   While securing your wifi router will help keep hackers from getting access to your network, what about the potential for harm from people who already have legitimate access to your network? Having a firewall will certainly help, but it may not be enough.
   
   One of the best ways to limit your exposure to intra-network harms is by prohibiting file sharing access from foreign machines. This is especially important if you are on a large scale or open wifi network, such as at a college library or in an office building, where you do not know who could be potentially browsing through your PC.
   
   Suggestions:
   • Use the AllPeers plugin for Firefox web browser to enable secure sharing over the internet.
   • Use secure sharing via one of the VoIP (Skype) or VoIM (Google Talk, Yahoo Messenger, Windows Live Messenger) clients as an alternative option.
   
    
5. Be cautious when downloading
   While not all freeware is bad, the old saying that nothing worthwhile in life is free is generally true when it comes to free internet downloads. Spammers often hide dangerous malware in computer programs that they then offer for free on the internet. When you choose to download these free programs, not knowing they are infected, you circumvent your firewall and anti-virus protection, and as a result often open yourself up a serious malware infestation.
   
   Suggestions:
   • If possible, find a trusted Web site such as ZDNet or VNUNet to download your desired files from.
   • If you download via torrent or peer-to-peer programs, make sure to scan the files you receive for viruses and other malware, as many file servers do not check the integrity of the documents they host.

 

Safely Emailing

Email was originally designed to enable academics and scientists to communicate with one another. And because it was created with the thought that only trusted individuals would send files back and forth, email's security weaknesses were never a concern while the technology was being developed. Unfortunately, spammers and hackers came along with the popularity of email, but by then the technology was far too popular to redesign. As a result of its inherent security weaknesses, it is very important to take the necessary steps to strengthen your email security through add-on protections and by tailoring the way you use your email.

1. Use a first-rate email client
   Just because all email clients deliver your email, does not mean they are equally effective when it comes to PC security. An effective email client should provide your computer with another layer of protection by effectively filtering out all the unwanted email messages bound for your inbox, as well as providing some basic email attachment virus scanning.
   
   Suggestions:
   • Google Mail (GMail) is one of the best web-based email clients, providing you with top of the line spam filtering that will keep your inbox free of almost all unwanted messages. Unfortunately, however, its virus scanning capabilities leave a lot to be desired, so you'll want to manually scan all email attachments using your personal virus scanner before you download.
   • Mozilla's Thunderbird is a highly regarded, award winning, spam-fighting standalone email client. Thunderbird has to be configured for a POP or IMAP based email server just like Microsoft Outlook. But once you setup Thunderbird, you'll be well on your way to keeping your inbox free of spam.
   
    
2. Handle email attachments carefully
   When you download an attachment, your computer presumes that you know what you're doing. Consequently, your firewall won't check the attachment to make sure that its safe, which leaves just a cursory scan by your email client as the only protection between an attachment and your computer. Given the low level of security surrounding attachments, it's no surprise that hackers often try to hide their harmful programs in spam email attachments. In fact, an estimated 90 percent of viruses enter computers this way. Given those stats, it is important to always follow best practices when handling all email attachments in your Inbox.
   
   Suggestions:
   • Do not open attachments from strangers, or even from well-known companies, no matter how official or familiar the email appears to be. Spammers often use very creative techniques to make their emails and their attachments look legitimate, and they are getting increasingly good at it. So simply closely examining emails with attachments before downloading is no longer a sufficient security strategy. Instead, you should adopt a strict no attachment policy from strangers or companies, and go to the company website directly to get the needed information instead.
   • If a friend's computer is infected, it's possible that you'll receive email with virus-infected attachments that appears to be (or actually is) from them. Thus, a familiar sender alone is not enough to ensure that an attachment is safe. If you're not expecting an attachment, call, IM or VoIP the person to verify that they intended to send it before you open the attachment.
     
     
     
     
     Other tips in next part