07 February, 2007

Is Your Windows XP Computer Internet Safe?

It is extremely easy to have your computer compromised if it is not setup to protect you before going on the Internet. Here are the steps to validate against your own Windows XP computer to make sure it is secured.
  1. Install a router. Even if you only have one machine connected to your Internet Service Provider (ISP), the router provides incoming firewall protection.
  2. Install a software firewall. Use this to protect your machine from having applications access the Internet without your permission. It can be a bit of a pain at first, because you will be prompted to approve applications that you do want to access the Internet, but it is worth it in the long run. I recommend ZoneAlarm (get the pro version if you want more information on messages, otherwise the free version is fine). The firewall that came with Windows XP does not protect you for outgoing traffic, so it doesn't give you any more benefit than your router. The software firewall will also protect you from incoming requests if you connect to a shared network.
  3. Install a virus scanner and have it update daily. New viruses are released, as well as new fixes are published daily, so having an up-to-date virus definition file is as important as having the virus scanning software to begin with. the household brand names, Norton and McAfee are rather bloated, so I recommend Nod32 ($39) or Avast (free).
  4. Install anti-spyware software. If you have an outgoing software firewall (see #2), then even if you get spyware, you should be protected from the spyware calling home. But you can get anti-spyware software for free, and you can run it manually every week or month just to be safe. Try Microsoft's Defender (which has other good features, such as managing startup applications), Lavasoft's Ad-Aware, or Spybot Search & Destroy.
  5. Install and use Firefox (or even Netscape or Opera). Firefox will protect you from security holes and related annoyances (as Microsoft has tried to patch them) in Internet Explorer.
  6. Use Firefox Extensions. Once you have Firefox, you can install an Extension called NoScript which by default will disable JavaScript on all web pages you access. It is then very easy to enable JavaScript just from the sites you trust. It is a great way to get content from sites you like while blocking their outsourced ads. You can also install McAfee SiteAdvisor, which will warn you of potentially unsafe websites.
  7. Replace Outlook Express with Thunderbird (or Eudora). By using Thunderbird, you can avoid the same security risks in Internet Explorer, as Outlook Express uses Internet Explorers rendering engine for all HTML formatted email. You can also use Thunderbird to retrieve webmail.
  8. Use a User Account. With Windows XP it is easy to be running as Administrator and not realize it. Be sure that your Administrator account has a password (default is blank) and that you have created a separate user account that you use for your everyday computing.
  9. Avoid P2P, Porn, and other questionable site. In most cases you should be protected, but if you enable JavaScript on a questionable site, or open a file from retrieved through a P2P transfer or other unverified sources, you are opening yourself up to problems.
  10. Use strong passwords and don't share them. We all get frustrated because passwords are so hard to manage, and strong passwords are even worse. One solution is to use a program such as RoboForm to help you manage your passwords. RoboForm lets you use one global password to protect all your other passwords. It also makes it easy to have different passwords for different sites. This way if one of your passwords is compromised, it doesn't let someone into all your sites.
  11. Protect yourself on public networks. If you find yourself using public networks such as Internet hotspots and hotel networks, read my post on Safe Computing While Traveling.
  12. And of course, keep you machine patched to the latest level -- this of all items, should be a no brainer.
I hope this helps. Let me know if you have other techniques you use. Just being careful and not protecting yourself isn't a technique, it's luck -- most users are not able to do this successfully, so if you have then you are not the average user. Related to that, I have a friend who takes that approach and recently had his machine compromised by a key logger. Fortunately for him, he only had one account compromised and only lost $1400.

No comments: