7 Simple Steps to Good Home Computer Security

Being the resident computer geek in my family and circle of friends, I'm constantly asked for help when it comes to computers. Nine times out of ten, the computer problems that I fix for people are related to viruses and/or spyware. Therefore, I've decided to put together this condensed guide, which will provide you with what I believe are the minimum steps required for adequate home computer security.


Step 1: Buy a Mac (instead of a Windows PC).

Macintosh computers are very secure right out of the box. If you are fortunate enough to have bought one, you really only need to complete Step 3 below, and you'll be done. Why is this? Well, first of all, the Mac OSX operating system has default settings which are far more secure than the Windows default settings. But mostly, it's because 95% of computer owners run a Windows operating system. So if someone wants to create a virus that will inflict the most amount of damage, they're going to create it for the Windows, since that's what the vast majority of people have.

So, if you're like the typical 95% of people out there, and you have a Windows PC, keep reading, because the rest of the steps apply to you.


Step 2: Set up a software firewall (such as Windows XP Firewall or ZoneAlarm).

This step should be done before you even consider connecting to the internet. Luckily, Windows XP comes with its own software firewall. (A firewall works like a valve to block or allow certain types of internet traffic.) Unfortunately, in systems prior to the release of Service Pack 2, this feature was not turned on by default. To turn on the Windows XP firewall, follow these instructions:

a) In the Control Panel, open Network Connections, and then open the connection which corresponds to your internet connection. (This will usually be called “Local Area Connection”.)
b) Click on the Properties button.
c) When the Properties box comes up, click on the Advanced tab.
d) Under the Windows Firewall section, click on the Settings button.
e) When the Windows Firewall box comes up, turn it on and click OK.

The Windows Firewall will be adequate for most users with Windows XP. However, it only protects you from traffic coming into your computer. If you already have a virus on your computer that is sending information out from your computer, then Windows Firewall will not block that.

If you would like a stronger (and free) firewall solution, or if you have an earlier version of Windows, then I recommend downloading and installing the free version of ZoneAlarm Personal Firewall.

ZoneAlarm direct download link:
http://download.zonelabs.com/bin/free/
1001_cnet_zdnet/zlsSetup_61_737_000_en.exe

If link above does not work, then click here and then look for the Free ZoneAlarm. http://www.zonelabs.com/


Step 3: Install a hardware router/firewall (not required, but highly recommended).

A hardware router/firewall is a box, typically called a “Cable/DSL Router”, which is placed in-line between your cable/DSL modem and your computer(s). Think of the router as a good receptionist at a large company where no one outside the company knows your direct phone number. The receptionist filters and blocks unwanted calls, and then she forwards wanted calls to the right extension within the company.

A router works the same way with an internet connection. It filters and blocks unwanted traffic, and routes wanted traffic to a specific computer. In doing this, a router also allows you to share one internet connection with multiple computers. The term for this routing is called “Network Address Translation” (or NAT). So, if you want to buy a hardware router/firewall, look for the abbreviation “NAT” on the package. Here are the two routers that I recommend:

Linksys BEFSR 41 Cable/DSL Router w/ 4-Port Switch (about $50 at NewEgg.com)
http://www.newegg.com/
Product/Product.asp?Item=N82E16833124001

Linksys WRT54G Wireless-G Broadband Router (about $55 at NewEgg.com)
http://www.newegg.com/
Product/Product.asp?Item=N82E16833124010


Step 4: Install an anti-virus program (such as AVG Free Anti-Virus).

Skip installing Norton Anti-Virus or McAfee Anti-Virus. While most new computers come with free versions of these two programs, you have to pay a subscription fee to continually update the program, and continual updates are vital to a good anti-virus solution. In addition, the Norton and McAfee programs are so bloated that they hog valuable memory resources and CPU cycles (which slow down your computer).

I highly recommend AVG Free Anti-Virus. Here is a link to the download page:
http://free.grisoft.com/doc/
Get+AVG+FREE/lng/us/tpl/v5

Look toward the bottom of the page for “AVG Free for Windows installation files”, and click on the link to download the file. (If the link above does not work, then go here and do some searching: http://free.grisoft.com/)


Step 5: Install an anti-spyware program or two (such as Microsoft AntiSpyware, Lavasoft Ad-Aware SE, and/or Spybot Search and Destroy).

A spyware program is similar to a virus, except that instead of contracting it automatically, users typically install the spyware programs themselves without even knowing it. Usually this occurs when you download and install a “free” game or program from a shady vendor. How, you ask? You know that long, small print, legal agreement that you quickly click “Yes” to when you install the program? Well, if you took the time to actually read it, it would say something like this:

“blah, blah, blah… We’re going to install a nasty program on your computer to track your web surfing habits and report back personal information about you… blah, blah, blah… Click ‘Yes’ to agree.”

Symptoms which indicate you may have spyware on your system include: numerous pop-up windows, automatically opening porn or shopping websites, changes to your internet startup page (or homepage), and/or hijacked links (where you click on a known link like CNN.com, but it opens up a completely different website).

To fight this, you should be very wary of ever installing free programs without knowing they’re totally safe. (If you really want to download free programs, a good place to get them from is NoNags.com.) The other thing you must do is install at least one anti-spyware program.

Windows XP users should definitely download and install the free Microsoft Windows AntiSypware Beta. Here is the link to the download page:
http://www.microsoft.com/downloads/
details.aspx?FamilyId=321CD7A2-6A57-4C57-
A8BD-DBF62EDA9671&displaylang=en

The great thing about the Microsoft AntiSpyware program is that you can (and should) set it up to automatically update itself and run in the background to continually scan for spyware.

Two other good programs are Lavasoft’s Ad-Aware SE and Spybot Search and Destroy. These two programs are both excellent at scanning for and removing spyware. The only problem with them is that it does this after the fact when spyware is already on your system. To get real-time background scanning (like Microsoft AntiSpyware), you would have to buy the upgraded version of Ad-Aware. But, if you suspect you have spyware on your system, and Microsoft AntiSpyware won’t get rid of it, then try out these programs. Here are the links to the download pages:

Lavasoft Ad-Aware SE:
http://www.download.com/Ad-Aware-SE-
Personal-Edition/3000-8022_4-10399602.html

Spybot Search and Destroy:
http://www.safer-networking.org/en/download/


Step 6: Turn on the Windows Automatic Updates feature.

New flaws in the Windows operating system are found almost daily. About once a month (or more frequently in extreme cases), Microsoft publishes updates to Windows to patch these flaws. The spread of most viruses occurs simply because people don’t update their systems on a timely basis.

To solve this, Windows XP comes with an Automatic Updates feature, which may or may not be turned on by default, depending on how up-to-date your version of Windows is. To turn on Automatic Updates, follow these instructions:

a) Right-click on the My Computer icon on the desktop, and click on Properties.
b) Click on the Automatic Updates tab.
c) Turn on the Automatic Updates and click OK.


Step 7. Stop using Internet Explorer, and start using FireFox.

Microsoft’s Internet Explorer has certain inherent flaws in it (like ActiveX components), which make it more vulnerable to security problems. FireFox is a web browser that solves most of these issues, plus it has many added features that make web browsing more productive that Internet Explorer does not include (like tabbed browsing). FireFox is produced by the Mozilla Foundation, which has roots to the old Netscape web browser that most people remember.

To get FireFox, go here: http://www.mozilla.com/firefox/


Final thoughts:

The seven steps above are just the beginning towards practicing good home computer security. In fact, in my mind, these steps are the bare minimum that you should do to protect yourself from malicious software, websites, and viruses. If you want to learn more about computer security, then I highly recommend listening to the Security Now podcast. Security Now is hosted by technology expert Leo Laporte and security expert Steve Gibson. (If you can’t figure out how to listen to a podcast, you can also read their show notes on the website.) Security Now’s website is located at: http://grc.com/securitynow.htm

I hope you have found this guide to be helpful and informative. If you have any questions, comments, or suggestions, please leave a comment for me below.

- Matt Clipper