|Posted on March 1, 2009 at 4:41 PM|
Windows Security Checklist: To Do and Do Not (revised)
by Larry Stevenson, aka Prince_Serendip, MVP - Consumer Security
First Published: December 5, 2004
Revised and Updated: Sunday, March 1, 2009
No one application nor technique can protect you at 100%, but you can still get pretty close to that. When these guidelines are followed by Windows users, it can bring their chances of being infected by malwares almost to zero. We have done Firewalls and Antivirus applications. Now we begin our next installment of the Windows Security Checklist: To Do and Do Not.
It is not as complicated as it may first appear, although there is a lot of information to absorb. The experts at Spywarehammer.com can help you if you have questions about any of these techniques and applications. The applications featured here are compatible with all Windows platforms, unless otherwise noted.
Be very cautious if you feel you must use any P2P (peer-to-peer) network service for sharing/swapping files across the Internet. In fact, we would prefer you do NOT use P2Ps such as BitTorrent, BearShare, BitComet, etc at all, as these can be conduits for malware. These programs may not have malware in them, but when you share files with other computers, you also share their dirt. Mud pies anyone?
Do not expose any drive folder other than the one chosen for access by these services. Secure your sensitive files on any computer you use to connect to the Internet. Do not place private files in folders that are configured as shared. Keep your virus scanner and firewall on at all times. Better yet, use a File/Folder Access Protection application to lock access to all other areas of your hard drive. Applications you could use are: WinPatrol: http://www.winpatrol.com/ FileChecker: http://www.javacoolsoftware.com/filechecker.html and WinGuard Pro: http://www.winguardpro.com/
Secure your Instant Messages (IMs). A good idea is to use an IM encryption utility to secure your MSN, Yahoo, or AIM messages. Some encryption utilities require use on both ends. ZoneLabs Extreme Security: http://www.zonealarm.com/security/en-us/zonealarm-extreme-security.htm and
Trillian Pro/Basic: http://www.ceruleanstudios.com/downloads/ provide encryption security for Instant Messaging. Trillian Basic is free.
Disable file transfers in IM programs, as this feature can enable the sharing of more than you intend, unless you're prepared to prevent it. MSN, AIM, .NET Messenger, and others let you disable file transfers from the Preferences or Options menus. If someone wants to send you an image or file, be certain it's a trusted source, otherwise use e-mail to verify that their request is valid.
Do remember that even though only one computer is actually making the internet connection, any other computer sharing that connection, or which is sharing files on a network, needs the same protection.
Do require a login user name and password for every computer connected to your Local Area Network (LAN). For any hard drives that are configured as shared: Windows XP and Vista users - do not configure share permissions to allow "anonymous logon" or any access by groups or users outside your LAN.
Do not let a downloaded application or any downloaded executable to launch on its own unless you're certain it's from a trusted source. Be cautious of downloading files that end in exe, bat, vbs, and com. Scan them with your antivirus or anti-malware applications BEFORE unzipping and opening them. Most anti-malware applications allow individual file scans by right-clicking them. Do not expect their real-time monitors to catch them all.
Do not accept and run an ActiveX Control or Java Class unless it comes signed and from a trusted site. It is best to force your browser to prompt you for permission. If you are using Internet Explorer, these settings are located under Control Panel > Internet Options > Security > Internet - Custom Level. Mozilla, Firefox, and Opera users are prompted by default.
If you are using Internet Explorer disable "Allow software to run or install even if the signature is invalid" so your browser will be forced to prompt you if additional components are needed in order to display certain content. This setting is located under Control Panel > Internet Options > Advanced - Security.
Disable HTML and USE PLAIN TEXT for e-mail. Use an e-mail content filter for web bugs and embedded content originating from a server other than the one belonging to the sender of the e-mail. Current e-mail worms can execute just by your viewing HTML-formatted content. Disable preview panes when accessing your mail. Check here for instructions to turn it off on Outlook and Outlook Express: http://apcsnh.com/vacm/previewpaneoff.html
Always view e-mail attachments seperately and only after they have been scanned for malware. Downloading them won't hurt your computer, if they are infected. It's only when you open them that they deliver their dirt. Even after proper scanning there's still a chance that they can infect your computer if their dirt evades your anti-malware scanners.
Do not submit secure forms (https) on insecure servers. Watch the address bar at the top of your browser when filling out forms online. If it begins with "http:" do NOT fill out and submit the form, if it's asking for private or personal information.
Do not ever use e-mail to send private financial information such as credit card or bank account numbers, or your SSN/SIN (US/Canada). Even if you use encryption and the e-mail is for legitimate business, you cannot be certain that the recipient will protect this information once it is delivered and unencrypted.
Never respond to e-mail asking for private information. Telephone your financial institutions, and ASK them about it. Any e-mail you receive requesting your credit card or bank account numbers, or SSN/SIN either by e-mail or by a web site link is likely to be an identity theft scam. Never click on any links in such e-mail messages. Many banks will NEVER e-mail you about personal banking purposes. If in doubt, check it out!
Be sure your browser is SSL-capable (Secure Socket Layer) and the encryption strength, or cypher strength, is not less than 128-bit. Most secure websites for banking and credit card companies will not accept browsers with less.
As always, keep your operating system (OS) and browser up-to-date, in addition to any service or application that has access to the Internet. Apply updates and patches from Microsoft, as they are released. To learn more about what is being updated on a timely basis please go to Calendar of Updates at: http://www.calendarofupdates.com/updates/calendar.html
Best regards and always take care of your security.
This document is provided "AS-IS" without warranty, and confers no rights.
|Posted on February 14, 2009 at 1:25 PM|
Windows Security Checklist (revised)
By Larry Stevenson, aka Prince_Serendip - MVP Consumer Security
First Published: November 28, 2004
Revised and Updated: February 14, 2009
Firewalls and Antivirus Applications for Basic Protection
No one application nor technique can protect you at 100%, but you can get pretty close to that. When these guidelines are followed by Windows users, it can bring their chances of being infected by malware almost to zero. It is not as complicated as it may first appear, although there is a lot of information to absorb. If you have questions about any of these techniques and applications, the experts at SpywareHammer, and other reputeable security boards will be pleased to help you.
Your computer has 65,536 ports that can share information with the Internet or another computer. A good two-way firewall will monitor all outgoing and incoming traffic. It can alert you to anything out-of-the-ordinary, according to the rules or procedures you decide or ones already enabled by default. It can even close all of your ports at need. Put it at the highest level of security possible for your Internet zone. Set all programs to alert you for access (unless you despise popups like I do). You may also set programs you trust, and use frequently, to automatic (good idea). If you aren't sure about a program wanting access to or from your computer, you can deny it. Firewalls are an absolute must to prevent trojans, hacking attempts and to protect your private information.
Excellent Articles on Firewalls (see also the ElderGeek link below)
Personal Internet Firewalls that really work! http://www.grc.com/su-firewalls.htm
Firewalls and ZoneAlarm Guide and Tips http://www.markusjansson.net/eza.html
How Firewalls Work from HowStuffWorks http://www.howstuffworks.com/firewall.htm
Firewalls You Can Use
http://www.zonealarm.com/security/en/computer-security.htm?cid=W1000281 ZoneAlarm is newbie friendly. The Pro and Plus versions are paywares but it has a stripped-down, freeware version or Basic Firewall which provides optimum protection for most non-commercial purposes. (When you install it, you may need to avoid installing any extra toolbars. See below.)
http://www.sphinx-soft.com/index.html Sphinx Software provides firewalls for Windows Vista only, integrating all of your protections under one umbrella. Not free, but excellent.
Comodo Free Firewall and Antivirus is a nice basic package. It does the job and then some. (When you install it, you may need to avoid installing any extra toolbars.) http://www.personalfirewall.comodo.com/index.html
Online Armor comes highly recommended by Security Experts: http://www.online-armor.com/ It has a totally freeware version, firewall only.
**A word about extra toolbars. Some applications may supply a toolbar at install. Its search engine will cause targeted ads to be presented to you based upon the content of the web pages you visit, any personally identifiable information you have provided to them, or keywords appearing in your search queries. If you do not want these types of toolbars remove the checkmark in the box beside them during installation, or if you have gotten one try to remove it using Add/Remove Programs. If you are unable to remove a toolbar, please consult the experts at http://SpywareHammer.com/ They will help you.
Installing an anti-virus program on your system is the next most essential security measure that you need. When a virus (or trojan) is detected, the program will move the infected file to a quarantine area for disinfection or removal. This prevents the malware file from making contact with any other program. As long as you keep the virus data files up-to-date (check every day or have it setup to do it automatically), configuration is often simple and detection is reliable. Apply all updates and program patches as they are released. Most applications have these tasks automated or you can schedule them yourself.
Enabling the Heuristics feature is important but be aware that this can detect more false positives. This detects possible viruses. Most antivirus companies do provide file analysis should you be unsure if a file is infected or not. Set it to scan all e-mail attachments and downloads before they are opened. If there are settings for scans of ActiveX controls and Java for harmful content, use them. It is important to allow the program to create "clean boot" or "Rescue" disks, as you never know when you might need them for an infected system.
The essential difference between viruses and trojans is viruses propogate themselves while trojans need youhttp://spywarehammer.com/ to download them by clicking a link or by opening an infected email and/or attachment. Remember, no antivirus application is ever 100% accurate. There may be times when your application will not remove a particular threat. If this happens, please come to SpywareHammer, and we will help you. We do it for free.
Free Antivirus Applications You Can Use
AVPE: Avira or AntiVir Personal Edition by H+BEDV Datentechnik, GMBH is free for non-commercial use, offering effective protection against computer viruses, dialers and trojans on individual or private workstations. http://www.avira.com/en/download/index.html
AVG Antivirus by Grisoft. After 10 years and millions of free downloads it has released a completely updated and improved AVG Free version of its industry leading AVG Anti-Virus software. It detects viruses and trojans. AVG is fairly simple to use and you can never turn it off. http://free.avg.com/
Last but not least, the default applications provided for Windows XP and Vista security have come a long ways from their beginnings. Both the Windows Firewall and Windows Defender provide good protection against today's Internet threats. For more info on the Windows Firewall (it's in plain English) go to: http://www.theeldergeek.com/windows_firewall.htm
For Windows Defender info can be found at http://www.microsoft.com/windows/products/winfamily/defender/default.mspx
Best regards and always take care of your security!
This document is provided "AS-IS" without warranty, and confers no rights.