Skip to main content

The Perils of Home Computing (What you need to do to make your computer more secure)

I can't remember a day in the last three years when I wasn't asked at least one security related question. Security has become the biggest problem in the computing world and it's only going to get worse. This blog entry is aimed at the "average" home-PC user, and will hopefully help you to secure your own computer.

Why is this relevant to me - I haven't got anything on my PC that I want to keep or hide?

Yep, that's the biggest excuse I hear for having no security on your home PC. Let's bust this myth right now.

If your computer is unprotected, people can take things off it (like credit card details) but people can also put things onto it - like child pornography.

There are numerous cases of trojan programs installing child-porn websites on unprotected computers. People have gone to jail for this... People have died for this. Don't let it happen to you.

Have a look at these articles.

    Ok... now that we have your attention, lets look at what you can do to toughen up your home PC.

    If you're not using Windows XP
    I'm afraid that I'm going to have to limit my comments to Microsoft Windows XP. Many of the suggestions here will work with older versions of windows, but some will not. When I suggest obtaining software, please check the system requirements before you install the software.

    Is this article still valid?
    This article was written on Thursday 6th October 2005. By the end of today, some things in it may no longer be valid. That is the nature of the computing world. For the most part, the concepts in this article should be valid for a number of years to come.

    What if I still use a slow modem
    If you have a modem, you might find that it's a bit difficult to download all of these files (some are really quite big). You should look around to see if you can find a cover CD on a computer magazine - or ask your IT person at work to put them on a CD for you.

    Anti-Virus Software
    If you don't have anti-virus software, then do not use the internet. You can download freeware anti-virus from the internet, and can sometimes get it from Cover CDs on Computer Magazines. The best of the freeware Anti-Virus products is AVG Freeware Edition. Of course, the freeware Anti-Virus software is never as good as a commercial product, such as Symantec Anti-Virus. Unless your budget is really, really tight. Buy a commercial one.

    Which version of Windows XP should I be using???
    No, I'm not talking about the differences between XP Professional and XP Home (though the former seems to have better security). I'm talking about updates to the software. These updates are free so there is no excuse for not applying them.

    • Win XP Service Pack 2 - The current version of Windows XP is "service pack 2" you should at least be running this. You can get Service pack 2 from the Windows Update site. Note that Service Pack 2 is a Massive update - if you're using a modem, find a cover CD or expect a long, long wait.
    • All other Windows Updates - Once you have service pack 2, you should go to Windows Update and keep running the update until there are no more updates to be run. Note that you may need to reboot more than once - don't forget to go back to Windows Update after those reboots.
    • Application Software Updates - If you have recent version of Microsoft Office, Visio or other Microsoft applications, you should run the updates from their specific sites (you can get to this via the help menu in Word 2003 - click Help, then Check for Updates). After running all of these updates, you will be able to update these applications via windows update.
    The Other Anti-xxx Software
    • Firewalls - Windows XP SP2 ships with a servicable firewall, but you really should try to do better. If you're looking for a free product, I'd recommend Zone Alarm. The Zone Labs web site tries to make it difficult to find, but if you click Download and buy, then ZoneAlarm (extreme right tab), you will get there.
    • Microsoft Malicious Software Removal Tool - This will look for spyware and other bad stuff on your computer and remove it.
    • Microsoft Anti-Spyware - This stays in your task bar and watches for malicious things on your computer - it's like a super-firewall and is very good software. It can also erase all of your tracks (computer history etc).
    • Google Toolbar - This blocks those popup annoying web advertisments very well.
    • Microsoft Baseline Security Analyser - Download this and run it. It will look for weaknesses in your computer (including silly passwords etc). It will create a list that explains the problems it finds and how to fix them. Fix all the problems that you find.
    • Startup Control Panel - This application allows you to find out what starts up when your computer is turned on. Use it, and check it once or twice a month. Not only will you be able to stop malicious applications, but you will also be able to stop genuine applications from hogging memory. For example, remove: Quicktime, Adobe Acrobat & RealNetworks from startup - you can start them yourself when you need them. There are lots of other applications that fall into this category.

    Anti-Spam

    This is a difficult one. Anti-Spam software is generally ineffective against web-based mailboxes, such as hotmail and gmail - you need to rely on the providers for protection here. The other thing about anti-spam software is that it generally works for only a single application.

    If you have Microsoft Outlook or Microsoft Outlook Express, try SpamFighter.

    If you have Mozilla Thunderbird, the anti-spam function is built-in.


    Replacement Software

    A lot of people are advocating the replacement of Internet Explorer with Firefox (and Microsoft Office) due to security issues. At this stage, I don't think you need to worry about these.

    Outlook express however is a different story. This software is a virus deployment system which also does email... Get rid of it. If your ISP has an online mail reader, or if you have some other web-based service, such as hotmail or gmail, then use it. If you need to use a mail reader, use Thunderbird.

    There are a few other reputable security applications that you might want to use...

    • AdAware Personal - Which prevents adware (but only after it has been installed) - you need to scan regularly.
    • Spybot Search and Destroy - Which primarily targets spyware. This software can be used to scan for new spyware (if run regularly), but it also can install a preventative mechanism.
    • PGP Freeware - If you need to encrypt email for people, use this - but remember that the recipient needs a copy of the application too.

    There's a lot more security applications and utilities available... but we don't want to go overboard do we?

    Comments

    Popular posts from this blog

    How to Change Your Notification Options for New Lotus Notes Mail in version 8.x

    Don't worry, I'm not patronizing you (my readers), I just decided to re-document this for one of our internal users and thought you might want to be able to use it in your own user documentation. WHAT IS THIS DOCUMENT ABOUT? Some people who don't get a lot of mail, like to be notified when such an event occurs. Notification can be; via a sound via a pop-up box via the system tray (where the computer clock is) The pop up box looks like this; Other people, who like myself, get too much mail would rather not be notified. The aim of this document is to tell you how (and where) to turn these options on and off. CHANGING YOUR SETTINGS To change your settings from the Notes 8.x client; On the Menu, click File , then Preferences... On the left hand side , click on the little plus sign to the left of Mail to expand the options. Click on the option marked Sending and Receiving . In the middle section, under receiving, you can control your notifications. If you untick the box mark

    How to Create an Auto-Response Mail Message in Lotus Notes 8.5.3+

    Why would you do this? Suppose that you have an externally accessible generic email address for your company; support@mycompany.com or info@mycompany.com. You might expose this to the web and allow people to send messages to you. Setting up an auto-response email will tell the senders that their message reached its destination and that it will be dealt with accordingly.  It's also good practice to include links to FAQs or other useful information. Why 8.5.3 The techniques we'll be using here work in older versions of Notes but some of the options seem to have moved around in 8.5.3.  I figured it was a good time to show you where they've moved to. The Procedure Start Domino Designer and open the Mail file to be modified.  A really quick way to do this is to right-click on the application tab and choose "Open in Designer". In the Left hand panel of designer, expand Code and then double-click Agents.  A new window should appear. Click the action

    How to Do a Mail Merge to Email using Lotus Notes

    Why do one? In today's "green" world, it makes much better sense to send out emails than letters but you still want to personalize them. Sadly, by itself Lotus Notes doesn't support mail merge to email. Of course, we know that outlook does (but then it lets anyone and anything send emails for you - even when you don't want them to). So, how to do it in Notes? OpenNTF The first port of call is OpenNTF ( http://www.openntf.org/ ). This place is full of great things but most of them are really badly documented. Still, these guys give things away for free and they develop in their spare time, so we should be grateful for what we get. There's a great little project there called MailMerge Excel to Notes . Go there, click on releases and download the ZIP file. Getting to the Code The installation is tricky though I've noted that since I asked the author about the install, it's been updated (so maybe these steps are less necessary). Unzip the files to somewher