How users of Microsoft Windows should protect themselves online.
Free software summary.
The following programs are all without cost, and have proven themselves to be just as useful as their expensive brothers. You can run more then one Anti-virus and Anti-spyware tool, but you should not run more then one software firewall. (For a brief comment or summary of each product, hold your mouse curser over each link.)
Free Anti-Virus Programs.
Free Online Virus Scanners.
Free Firewall Software.
Free Spyware Removal Tools.
Free Secure Web Browsers.
Free Secure Email Client.
To find out why you should be using the above programs, please read below for details on the various problems and their solutions.
These suggestions are for people using Microsoft Windows, be it Windows 95/98/98SE/ME/2000/XP/2003 or Vista. Linux and Apple Mac users need not worry to the same extent as Windows users, because all common major Worms, Trojans and Viruses only affect the Windows platform. (hey, blame Microsoft not me. :-) ) For each suggestion, I will offer a free and if possible Open Source program that can fulfill the requirements, so this need not cost you any money.
Why you need to do this.
The average time it takes for an unprotected Windows computer to become infected on the Internet, has been reported at 20 minutes. Only twenty minutes after you first connect to the Internet, you are likely to have fallen victim to a Virus like CodeRed or Nimda.
UPDATE: A recent test has shown that the compromise time of an unpatched Windows XP SP1 Machine is now 4 minutes.
What are Viruses, Worms and Trojans?
There is nothing mysterious about Viruses, Worms and Trojans, they are just small programs that use infected computers to try and spread to other computers. They can also perform any number of tasks in the background, most of which are counter to your wishes and hidden from view. They also usually open a back door to your PC that anyone with the know how and inclination can use to gain total remote access to your computer. If you use your computer for online banking or other such private matters, you really need to ensure that nobody else is listening in.
1. Use an Anti-Virus application on your machine and keep it up to date.
One of the most important things you can do to protect your computer online is to use an Anti-Virus application, but since over a thousand new Viruses come out each and every month, if your Anti-Virus application is not updated regularly it will not know about new Viruses and will be no protection at all. So the idea is to install the application and then either set it up to update automatically, or update it manually once or twice a week (at least).
An excellent and totally free Open Source Anti-Virus program for Windows is ClamWin and you can find and download it at http://www.clamwin.com. Just follow the download link and it will bring up a SourceForge download page with hosts down the left side, and the file down the right side. Choose the host closest to you and click on the file name on the right had side corrosponding to the host you have choosen.
Another excellent free (for personal use.) Anti-virus application is AVG, it isn't Open Source, but it's free and it's very good. You can find it at
I run both of these Anti-virus applications because ClamWin is very small and fast and sometimes catches things that other Anti-virus programs miss. There is no problem running both programs.
If you suspect you have been infected by a Virus, there are a few things you can do. First head over to Trend Housecall online Virus scanner.
http://housecall.trendmicro.com and run an online scan of your PC, this will help by
telling you the name of the Virus (if any) and in some instances will remove it for you.
If your Anti-Virus application and Trend Housecall are unable to remove the Virus for you, then it is time to try a Virus specific tool. Head on over to the extremely handy "Symantec Security Response Virus and Hoax database" http://securityresponse.symantec.com and enter the name of the Virus in the search box. In most cases you will be sent to a page detailing the Virus in question, and offered a downloadable tool and instructions on how to remove it. (users of Windows ME and XP will need to turn off "System Restore" before the tool can properly remove the Virus, the instructions on how to do that will be available with the tool itself.)
2. Install and/or enable a software firewall.
If you connect to the Internet using a dialup modem, or an ADSL/Cable modem that plugs directly into your computer, this is MOST important.
If you are using an ADSL/Cable router to connect, then you are likely to be protected to some degree by the routers firewall, but it can still be a good idea to install
and run a software firewall as well.
Users of Windows XP already have a firewall that was supplied with Windows, to enable it, go to "start"->"Control Panel" and select "Network and Internet Connections". In there you will find all of your existing network connections, and right clicking on one, then selecting "properties" and then "advanced" will allow you to access that connection's firewall settings. If you have installed Service pack 2 for Windows XP, then you will already have the firewall enabled as it runs by default after installation.
For everyone else, (And XP users that want more protection then the built in firewall can provide) you might want to try the free Sygate Personal firewall available at: http://www.sygate.com/.
Once you have installed your new firewall, it's time to test it out. Open your browser and head over to http://scan.sygate.com and run the online scanner against your computer. This will tell you if you have been successful in blocking all of your internet ports to unauthorized access.
3. Run Windows Update regularly.
All versions of Windows contain massive amounts of programming code that was written by large teams of programmers. As such there have been many errors and bugs found since
every version was released. Many of these errors and bugs can cause instability and even worse they can allow malicious crackers access to your computer and its files.
The reasons for them (crackers) wanting access to your computer vary, but some of the worst are to collect your usernames and passwords to online banking and other private login information, your credit card numbers, or to use your computer to send SPAM, (so the authorities will trace the SPAM to you instead of them because in many places, spamming is now illegal.) or to use in conjunction with thousands of other compromised computers to attack business or government web sites. (An example is the recent attacks on Authorize.Net.)
Windows Update, is where Microsoft puts the bug fixes and security patches that they have made to fix Windows and close the security problems after they are found. If you don't install these patches, you will not be protected, it's as simple as that. To start Windows Update, simply start Internet Explorer, and go to the "Tools" menu, and select "Windows Update" from the menu. Then simply follow the prompts. (You must be connected to the Internet before running Windows Update.)
4. Watch out for SpyWare.
Spyware is a serious and growing problem for Internet Users. Many times I have been called out to fix a computer that was either running very slowly, or wouldn't
boot at all. Once I get there, I often find that the problem is that the machine has so much Spyware running on it, that it had used up all memory and
system resources starting hidden Spyware applications during startup that there was nothing left for the user. (The record for me so far is a computer I fixed that I found
to have over 430 Spyware items and 2 Viruses running every time they turned it on.)
Slowing down or stopping your computer is not the only problem with Spyware, it is also used to track your activities online and the information collected is usually sold to advertisers. Some Spyware also comes very close to the line and could be called a Virus or Trojan horse. It is usually to be strongly avoided if you can.
I have two suggestions regarding Spyware, one is to avoid installing it in the first place, and the second is to remove it once it is installed. To avoid installing Spyware, be very careful about downloading free applications from the Internet. Some programmers make money by giving their software away for free and then selling the information it collects from you to advertisers. There are many examples of such software. One is a purple talking ape called Bonzi buddy and another is Hotbar. The worst of all the common ones though, is probably CoolWebSearch as it changes your homepage to porn sites as well as adding bookmarks, both of which can't be changed until you remove the program. There are however, many more out there. Unless you know an application is not Spyware, you should avoid it.
(None of the applications I suggest here are Spyware.) One of the reasons I suggest Open Source applications where possible, is because Open Source software makes the human readable code that creates the program available to anyone that wants it, the result is that many people other then the creators have read the code and it would be widely known if it did anything untoward very quickly. With non open source free software, it is much harder to tell exactly what it does and can do, so you are essentially placing your full trust in an author you don't actually know.
Protecting yourself from Spyware is much like protecting yourself from Viruses and Trojan Horse programs. You need to run an application specifically designed to find and remove Spyware, and I know of two great applications for that task. One is "Adaware Personal" http://www.lavasoftusa.com, and the other is "Spybot Seach and Destroy" http://www.safer-networking.org. Both programs are free, and both need to be regularly updated just like an Anti-Virus application. I actually have both installed on my Windows machines because sometimes one will find things that the other misses. There is a nice tutorial about installing and using Spybot here.
5. Avoid Internet Explorer and Outlook Express/Outlook.
This suggestion is a bit more controversial as many people are addicted to Internet Explorer and Outlook Express/Outlook.
My reasoning is pretty simple, These programs (or bugs in them) have caused the spread of more Viruses and other malicious programs then any other applications anywhere, ever! Virus writers know this, and they know that 90+ percent of their targets will be running at least one of these applications. so you can bet they can and do take advantage of that when writing Viruses designed to compromise your computer. The best defense against this is simply to use alternative programs, and the second best defense, (which you should do regardless) is step 3, running Windows Update to keep them patched and as secure as they can be.
Alternative programs for web browsing and e-mail need not have less features or functionality then IE/OE and they need not be harder to use either. My favorite applications are Open Source, meaning that thousands of programmers look though the code to find and fix bugs, and they are totally free. As an added bonus, they have many features that both Outlook Express and Internet Explorer are missing. Such extras are tabbed browsing, configurable popup blocking, SPAM filtering, and much more. Best of all, because they are not the "default" web and e-mail applications for Windows, they avoid being the primary target of Virus and Spyware writers.
The program I suggest for web browsing is called Mozilla and it is small, fast, full of cute eye candy and has a ton of features that are missing from Internet Explorer. If you add the Google toolbar, you get the benefit of Google Safe Browsing which will tell you if the site you are on is dodgy and trying to steal your details. For your e-mail needs, I suggest Firefox's companion program called "Mozilla Thunderbird" http://www.mozilla.org/products/thunderbird/, it has SPAM filtering, as well as all the features you are used to with Outlook Express. Both Firefox and Thunderbird will import all your favorites, settings, address book etc from Internet Explorer and Outlook Express, so you will not lose anything by changing.
Both Firefox and Thunderbird are Open Source and are designed to look and work much like Internet Explorer and Outlook Express in order to be easier for new converts to use. So you have no excuse not to give them a try. In my humble opinion, the only time people should use Internet Explorer now days is to run Windows Update.
I should also add that since I have put all of the above into place on all my clients computers, I have not been called out to fix a Virus or Spyware infection, and they have been happy and productive. That generally means less money for me, but I can always find more interesting ways of making a living then fixing Virus or Spyware trashed computers so at the end of the day everyone is happy.
6. Learn good password habbits.
All the protection in the world for your PC is of no use at all if you leave the front door unlocked. Bad passwords are one of the most common causes for security compromises.
Firstly, a password should NEVER be a dictionary word, there are many free password crackers that begin by running a dictionary attack against the target. That means the program will basically go though a dictionary and try each word. Because computers are much faster then humans, this doesn't take as long as you might think.
Secondly, a good password is at least 8 characters long and contains a mix of upper case, lower case, numbers and possibly symbols as well.
Lastly, a password has less chance if being cracked if the user changes it regularly. Every 3 months should be considered a good time frame for the life of a password, but really the more important a password is the more often you should change it.
A good trick to creating a decent password, is to think of a verse from your favorite song, and then use the first letter (or second, or last etc) of each word, make every second character a capital and put a symbol or number combo of some sort on the end (or at the start). It isn't perfect, but it is better then trying to remember gibberish.
There is absolutely no way that you can connect to the Internet and say you are 100% safe. Anybody that tells you that there is, is either lying, or trying to
sell you something, and that applies not only to Windows, but EVERY operating system. The only difference is degree of safety (or lack thereof).
The steps above however, if followed to the letter, will significantly reduce your chances of becoming a victim of Internet crime. Security is not a program, it's a process and you must be vigilant about keeping your Anti-Virus application, your Spyware applications, and Windows itself (Windows Update) up to date. And remember, we don't trust strangers we just met in real life to provide us with anything potentially dangerous. The same principles apply online. Be Safe! and happy computing.
There is another very interesting article that covers many of the same points here, for those of you that would like more information.
Franki & Don.