Defending against viruses, crackers, spyware, Trojans and so forth is essential for anyone using the Internet. The number of security problems continues to escalate and this article discusses the measures that everyone should take to defend their computer. (Since this article was written, I have added a whole new Web site, surfthenetsafely.com, that is devoted entirely to Internet safety.) It may seem repetitious to keep writing about computer security but, quite frankly, an awful lot of people either don't understand the problems or just ignore the subject. If the only damage that resulted was to those who took no precautions, that would be one thing. However, all of us are affected. For example, the whole Internet suffers from the much heavier load caused by all the traffic generated by worms being spread from those who get infected from carelessness or ignorance. I have seen one estimate that on some days half of all e-mail is worm related. Everybody has to waste time getting rid of the worm-carrying messages that pile up in the mail boxes. (And that is in addition to all the spam, which is another subject.) I get tired of receiving virus mail from infected people who happen to have my name in their address book and from their friends and friends of friends who got infected in turn. Even more irritating is the mail that goes out from these infected systems purporting to be sent by me, some of which is then bounced to me as undeliverable. For a while I was appearing to be a big tout for a Japanese porno shop. It can be virtually impossible to find out who the infected people are without having access to ISP logs. Sometimes these machines stay infected for months and keep on mailing out one virus-laden message after another under many different names. Somebody with a dial-up account at the now defunct ISP Nerc bombarded me (and many others no doubt) for months using a host of faked names. From the e-mail headers, I could get a time stamp and their various IP addresses (which of course were temporary) but Nerc refused to do anything about it. Another problem to us all is that sometimes important web sites are brought down by malicious attacks that make use of Trojan horses planted on the machines of unwitting PC users. Even those who are careful can get caught because new worms and Trojans seem to come out every day and the malware authors are getting more and more clever at using tricks to get people to open infected mail. In addition, hackers are using Internet connections that are poorly guarded to plant Trojan horses directly on machines through open ports. That was the bad news. The good news is that a typical home user can defend his or her computer with some straightforward precautions. The first line of defense is common sense. It utterly baffles me why otherwise intelligent people click on e-mail attachments from strangers who write in broken English. In fact, these days you should never click on any attachment, no matter what the source, unless you know for sure what it is. The source of e-mail is easily faked. That attachment from Aunt Matilda may be something she doesn't even know has been sent. She may have a Trojan horse. Send her an e-mail asking about it before opening. Or call her on your cell phone. Maybe you can help her clean up her computer. If dear old straitlaced Dad who is 85 years old suddenly sends you an e-mail about pictures of nubile young girls, alarm bells should go off and I don't mean about Dad. Anything that is out of character should be treated as a possible worm or Trojan. Also note that Microsoft and other software companies never send patches or updates by attaching them to e-mail. In a related area, never give account numbers, passwords, or other sensitive personal information in reply to any e-mail. Such information should only be entered on secure web sites. Internet service providers, banks, stock brokers, and the like do not ask for personal information to be sent by e-mail. A scam technique called "phishing" is growing whereby various e-mail tactics are used to inveigle credit card numbers and account passwords out of gullible PC users. More information on "phishing" is available on another page. Anti-virus programs Vigilance and good judgment will avoid many problems but we also need to have some software guardians. Most people know that anti-virus software is a necessity and most computers come with some form of anti-virus program already installed. (By the term "virus" I will be referring to any type of malware including viruses, worms and Trojan horses.) All the major programs check e-mail as well as scanning your system. However, new viruses appear every day and anti-virus programs are only as good as their database or definitions of viruses. A program can't recognize a new virus unless it has been kept up to date. Anti-virus programs contain update features and these are automatic in the newer major programs. However, the big vendors like Symantec and McAfee no longer give unlimited free updates but start to charge after some initial period ranging from 3 months to 1 year. Very often people do not subscribe to the new updates and let their protection lapse. This leaves the computer open to any new virus that comes along. Personally, I am not keen on having to pay $15 or $20 a year to Symantec either but all things considered it is a relatively small operating cost. An alternative is one of the free programs like Grisoft's AVG. In the past, Symantec's Norton has always seemed to get much better reviews for efficacy against infection than the freebies but a recent review by the magazine PC World indicates that there are several free programs that now provide acceptable levels of protection. PC World also has a download site. I have no personal experience with it, but I have seen quite a few favorable comments about the AVG program. One way or another, however, it is essential to use an updated anti-virus program. Firewalls The second piece of defensive software that everybody should have is a firewall. Firewalls keep uninvited visitors from the Internet from accessing your computer. They also keep an eye on which programs on your computer try to make Internet connections. Unless they had a broadband Internet connection, I used to tell people that they probably did not need a firewall. However, hacking has reached the point where everyone, even those with dial-up connections, needs a firewall. My firewall keeps a log of attempts to probe my computer and once in a while I check it out of curiosity. The attempts are unceasing and come from all over the world. (I know because I look up some of the IPs.) Even my wife's dial-up AOL account is probed all the time. Many of these probes are not malicious but I see no reason to take chances on the good will of all these strangers. The present version of Windows XP has half a firewall built in. Unfortunately, it monitors only incoming traffic and therefore is of no help in warning about programs on your computer that call up Internet sites without telling you. Also, note that that you have to specifically enable it. (Service Pack 2 turns it on by default.). I recommend a more robust program. If you want to, you can go for one of the commercial suites that include a firewall together with a variety of other programs. However, there are several very good free programs. I like and use ZoneAlarm but there are other good choices. The magazine PC World has a good discussion of firewalls. Spyware and Trojan removers Previously not quite as important but becoming more and more necessary is separate software specifically for removing spyware and other Trojans. This function is included in the better commercial suites. Good anti-virus programs should stop most Trojans but won't help with spyware. A firewall will warn you if something on your system tries to call out and alert you to many Trojans and spyware. However, if you download and install a lot of programs or you want another line of defense, you should get a separate program specifically for detecting and cleaning out Trojans and spyware. There are at least two good free programs, AdAware and Spybot Search and Destroy. For additional information on spyware go here. Proper defense of your computer also involves some configuring of the system and regular application of security patches. I will discuss these measures next. Windows Update For a variety of reasons the Windows operating system has been far from optimum in the area of security. A large number of security holes have been found over the years. As time goes on, Microsoft plugs these holes but new ones keep being discovered. Microsoft has been issuing patches with numbing frequency. Windows XP comes with a feature that provides for downloading and installing this constant flow of updates but it has its problems. There is no room here to go into all the details but Window Update does not always work correctly (for just one example, see this link). Nor is it always as current as it should be. Not only that, but sometimes the patches break things and have to be re-patched. Another problem is that dial-up connections can be too slow for practical downloading of some patches. Microsoft has made a free CD available that contains the new service pack 2 for Windows XP. Windows Update problems or no, there really isn't a good alternative for the average PC user. All critical updates should be applied, either from a CD or by downloading. To guard against problems from installing a patch, be sure to create a System Restore point before any installation. If something goes awry with an installation, then you can at least get back to where you started. The update feature has settings that will allow downloads to be automatic but dial-up users should probably configure the system to ask first before downloading. They can then be prepared for a long process if the file is large. Windows Update can be configured by going to Control Panel-Performance and Maintenance-System and clicking the tab "Automatic Updates". You can then choose from these options: - "Notify me before downloading any updates and notify me again before installing them on my computer" (best for dial-up)
- "Download the updates automatically and notify me when they are ready to be installed"
- "Automatically download the updates and install them on the schedule that I specify"
(Note: Installing SP2 modifies the above procedure for configuring updates.) Configure System Settings One line of defense against malware attachments in e-mail is to watch the file extensions carefully. So once more, I urge that the setting be made that allows file extensions to show. If you can see the extension, you can be aware when a file is of a type that is potentially dangerous. Depending on what software you use for reading e-mail there may be other settings that help with guarding against attachments. If you use Outlook Express as your e-mail client, a tutorial showing how to make a variety of security settings is here. Internet Explorer has a variety of security settings. Unfortunately, the defaults are not always the safest and some tweaking can make your system more secure. There are too many possible settings to go into here but here is a step-by-step procedure that gives many details. Computer experts also suggest that you not use an account with administrative privileges for your routine activities. Rather, they suggest that you set up and use a separate account with limited rights. Then if a virus does get into your system, the damage it can do is limited. Is the Internet Safe? There are so many warnings and alarms about malware and other problems that some people wonder if it is safe to use the Internet at all. If the average PC user takes the precautions we have been discussing, there should be little cause to worry. Common sense alone will keep you out of many problems and the other measures we have discussed will protect you against the more subtle ones. The Internet is a wonderful thing and should be used to its fullest. Just don't be careless. If enough people take proper security measures, the chain reactions that we get from malware won't get started. |