Wednesday, October 12, 2005
Be safe out there
The internet is a scary place (especially for Windows users), and there's lots of folks out there who want to mess with your machine - either because that's how they get their kicks, or because they've worked out a way to make a dollar at someones expense (usually yours).
There are three things you need to worry about when you connect to the internet. It doesn't matter if you're on dial-up, DSL or a corporate network either you, or you systems admin, need to take care of it.
Those things are Anti-Virus, Anti-Spyware and a Firewall.
Anti Virus... If you have an antivirus package installed make sure it's up-to-date. If it's not then you're at risk to all the new good infections. If it's out of date, or you don't have one at all then the first thing to do is run an online check to see what state your machine is in. It's a good first port of call to see if you have a problem. Another really good place to start looking for trouble is DoxDesk Parasite Detector - a very quick test to see if your browser is infected (note: a clean result here means that just a subset of malware has been checked for, you should still visit Housecall for a more in-depth investigation.
If you do have a problem (or even if you don't but you've not installed an up-to-date Anti Virus package yet) then I'd suggest you go and download either a trial of PC-cillin, CAs eTrust Suite or NOD32 (my favourite anti virus programs) they're all very effective and, unlike some others, don't use too much of your system resources while doing a very good job of keeping you safe) and use that to keep your system clean.
These products are not free, and you do have to pay for it after the trial ends but for the peace of mind it's well worth it (if you get a virus infection it can cost you thousands of dollars to recover your machine, and some data may be irretrievably lost). If paying for anti-virus isn't your thing GRIsoft have a free version of their reasonably good AVG package - but it's not quite as "out of sight, out of mind" as either of the others, and simply based on the adage "you get what you pay for" I'm not sure I'd trust critical data to it.
The next problem you need to counter is Spyware also often refered to as Malware. This encompassed programs that spy on what you do, deliver ads or otherwise subvert your machine (for instance using it to deliver spam).
Just as annoying as a virus and can cost you just as much in terms of hijacked resources and unwanted pop-ups. Trend Micros PC-cillin Internet Security Suite or CAs eTrust Suite both include anti-spyware and anti-virus protection in one easy-to-use package.
A second alternative is Spybot - Search and Destroy, apply any available updates and let that scan your machine for nasty programs and remove them. You can also set it to Immunize Internet Explorer against some of the most common mechanisms used to infect your machine.
A third, equally good, anti Spyware solution is Ad-Aware. You can use one, or both of these, to keep your machine free of Spyware.
One word of caution about Spyware. Some 'free' applications you can download from the web or get from PC Magazine cover discs often are supported by the adverts they deliver (or the demographic data they on-sell) - be careful when installing anything that it doesn't slip one of these in without you knowing as using a tool to remove the advertising component may well disable the application.
Keeping it clean
On a shared machine (or a work machine you use at home) you don't always want people to know where you've been on the net or what you've been doing (you wouldn't leave your bank PIN in plain site, so why risk leaving it on your machine). There are a number of 'cleaner' products such as Xblock which encompass spyware protection with tools to erase any records which could be used by Malware/Spyware programs as part of an Identity Theft attack.
Firewalls help to keep your machine safe from prying eyes and invaders who try to take advantage of trojan horses (either installed via a virus infection or a spyware install) or flaws in Windows itself. Current versions of Windows XP come with a built-in, pretty good firewall. It's easy to set up and very easy to use. If you've not got it turned on.... do so now.
There are a number of third party firewalls that can provide additional levels of security for your machine. Again PC-cillin or CAs eTrust Suite include a robust personal firewall (for wired networks and WiFi connections) that complements the built-in WinXP firewall while adding extra levels of protection. A third well respected personal firewall solution is from Zone Labs. With a long history and a very good reputation it is another tool that you can trust to keep your machine safe and secure.
Outside these services you should subscribe to anti-phishing alerts, and also add smart, safe search tools to your arsenal of tools.
These things can help keep your machine safe. It's important not to blindly trust everything you see on the web or every email attachment you receive. Agreeing to install something on your machine can have very serious consequences - so be careful what you agree to.
Equally important is to make sure that your machine has the latest patches to help prevent attack. Go to the Microsoft Update site and make sure that both your Windows System and MS Office programs are updated to the latest versions. You should also allow Windows to run it's update on a regular basis to make sure critical fixes get delivered. Thanks to some clever folks you can now connect to Windows Update using browsers other than Internet Explorer.
If you're using an operating system older than Windows XP (with service pack 2) and your computer can run it ... you should consider upgrading as some security updates / fixes are only available for newer machines.
It's important not to trust everything you read on the internet about spyware/malware and virus protection... especially when people try to sell you stuff. I trust all the products I mention above but for a second opinion on ones to avoid check out the Spyware Warror: Rouge Anti-Spyware sites.
For Mac users... OSX is pretty robust and free from most of these issues, although a firewall (again, the internal operating system provided option is a good choice) is essential. Just because it's not been compromised yet as it becomes more popular the incentive for it to become a target grows...