How to Secure your Windows – with Free Softwares (2)
1. How to Defend Against Penetration Attempts
There are many reasons someone or some organization out in the Internet might want to penetrate your
Windows computer. Here are a few examples –
To secretly install software that steals your passwords or financial information
To enroll your computer as a bot that secretly sends out junk email or spam
To implant software that tracks your personal web surfing habits
To destroy programs or data on your PC
Your goals are to—
Prevent installation of malicious software or malware
Identify and eliminate any malware that does get installed
Prevent malware from sending information from your computer out into the web
Prevent any other secret penetration of your computer
1.1 Act Safely Online
Let’s start with the basics. Your use of your computer — your online behavior – significantly affects how easy it
is to penetrate your PC.
Practice safe web surfing. Handle your email safely. Follow these tips to reduce the chances that outsiders can penetrate your computer:
Don’t download free screensavers, wallpaper, games, or toolbars unless you know they’re safe.
These often come with embedded malware. If you just can’t pass up freebies, download them to a directory where you scan them with your anti-virus and anti-malware programs before using them.
Don’t visit questionable web sites. Hacker sites, sexually explicit sites, and sites that engage in illegal activity like piracy of music, videos, or software are well known for malware. You could get hit by a drive-by — a malicious program that runs just by virtue of your viewing a web page.
Don’t open email or email attachments from questionable sources. These might install malware on your system. Dangerous email attachments often present themselves as games, interesting
pictures, electronic greeting cards, or invoices so that you will open them. (If you get too much junk email, reduce it with these free programs.)
Don’t click on links provided in emails. These could direct you to a legitimate-looking but bogus web site designed to steal your personal information. Companies that protect their customers don’t conduct business through embedded links in emails!
Before you enter your online account name and password into any web site, be sure the web page is secure. The web page’s address should start with the letters https (rather than http). Most browsers display a closed lock icon at the bottom of the browser panel to indicate a secure web site form.
Don’t give out your full name, address, phone number, or other personal information in chat rooms, forums, on web forms, or in social networks. (Section 3 on “How to Protect Your Privacy When Using the Internet” has more on this topic.)
The Appendix links to articles with more safety tips.
1.2 Install Self-Defense Software
To defend Windows, you need to install software that protects against several kinds of threats. This section describes the threats and the software that defends against each.
Some programs provide protection against multiple threats. But no single program protects you from all kinds of threats!
Compare any protective software you already have installed to what I describe here. To cover any gaps, this section recommends free software you can download and install. It provides download links for these free programs.
Firewall – Firewalls are programs that prevent data from coming into or leaving from your computer without your permission. Unsolicited data coming into your computer could be an attempt to compromise it; unauthorized data leaving your computer may be an attempt to secretly steal your data or spy on your activities.
Every Windows computer should run a firewall at all times when it is connected to the Internet.
I recommend downloading and installing a free firewall, such as ZoneAlarm, Comodo Firewall, Sygate Personal Firewall, or Jetico Personal Firewall. ZoneAlarm is especially easy to set up, since it is selfconfiguring.
Windows ME, 98, and 95 did not come with a firewall. XP and Vista do. However, the XP and Vista firewalls have shortcomings.
The XP firewalls (there are actually two versions) do not stop unauthorized outgoing data. This is unacceptable because if malware somehow got installed on your computer, it could send data out
without you realizing it. Vista’s built-in firewall can stop unauthorized outbound data. But it does not do so by default.
I recommend installing a free firewall whether or not you have a Microsoft firewall. (It doesn’t hurt to run two firewalls.) Since the procedures for configuring Microsoft’s firewalls vary according to your Windows version and service pack level, see the Appendix for how to configure them.
Anti-Virus – Viruses are programs that are installed on your computer without your knowledge or
permission. The damage they do ranges from acting as a nuisance and wasting your computer’s
resources, all the way up to destroying your data or Windows itself.
Anti-virus programs help identify and eliminate viruses that get into your computer. Free anti-virus
programs include AVG Anti-Virus, avast! Anti-Virus Home Edition, and PC Tools Anti-Virus Free Edition.
If you don’t already have an anti-virus scanner, download and install one of these, then run it regularly to scan your disk for any viruses. You can schedule the program to run automatically either through its own built-in scheduling facility or through the Windows Scheduler.
Good anti-virus programs like these automatically scan data as it downloads into your computer. This includes emails you receive and any files you download.
Anti-Malware — In addition to viruses, there are many other kinds of programs that try to secretly install themselves on your computer. Generically, they’re called malware. They include:
Spyware It spies on your behavior and sends this data to a remote computer
Adware It targets you for advertisements
Trojans These scam their way into your computer
Rootkits These take over administrator rights and can do anything to your PC
Dialers These secretly use your communication facilities
Keyloggers These record your keystrokes (including passwords) and send this data to a remote computer
Botware This turns your computer into a bot or zombie, ready to silently carry out instructions sent from a remote server.
Since no one program identifies and removes all kinds of malware, you need a couple in addition to your anti-virus scanner. Free programs for this purpose include AVG Anti-Spyware, Ad-Aware 2007 Free, Spybot Search and Destroy, and a-Squared Free Anti-Malware. I recommend running two anti-malware programs on a regularly-scheduled basis.
Anti-Rootkit — Rootkits are a particularly vicious form of malware. They take over the master or
Administrator user rights on your PC and therefore are very effective at hiding themselves.
Many of the anti-malware programs above provide some protection against rootkits. But sometimes a specialized detection program is useful. Rootkit detectors often require technical expertise but I can recommend two as easy-to-use, AVG Anti-Rootkit Free and Sophos Anti-Rootkit. Both require Windows XP or 2000 or newer.
Intrusion Prevention – Intrusion detection programs alert you if some outside program tries to secretly enter Windows by replacing a program on your computer. For example, an outside program might try to replace part of Windows or alter a program such as Internet Explorer.
Free intrusion detection programs include WinPatrol, SpywareGuard, ThreatFire Free Edition, and ProcessGuard Free. Install one of them and it will run constantly in the background on your computer, detecting and preventing intrusions.
By Howard Fosdick
Fosdick Consulting Inc.
No comments yet.