Wednesday, July 05, 2006

Five simple steps to keep your home PC secure

Having a PC at home is nothing new. And having a PC at home with a plain normal modem to connect with Internet was a trendy habit some years ago. But now the trend is called DSL, especially the flat rate DSL, in whichever flavour marketed by the different providers.
A DSL connection uses the pair of external cables that for ages have linked your home with the nearest public phone exchange branch. The only distinctive thing about DSL is that the telecommunications provider has to install a “special modem“ at both ends of the line. With these two modems, you can transmit data much faster (for those willing to go a little bit deeper, this new speed has to do with the way the digital data modulation is performed). This is what we call bandwidth. By whatever means, a DSL connection has arrived at your home and, oh surprise, your family home PC is already connected to the DSL modem/router!
The increasing time that your home PC is connected and running, the fact that most
of us use the same operating system and the same applications at home (Windows XP and MS Office) and the speed of this connection create a scenario in which your PC is an easy target for all kinds of disruptive pieces of code coming from the Internet in many different forms: an e-mail from a friend, a piece of code silently downloaded
using your Internet browser, etc.
The time that you could spend repairing your home PC and trying to recover your valuable data makes the content of this ar ticle (or series of ar ticles) somehow
worthy.
There are five easy security measures to protect your home PC (and eventually to save you time in front of the screen of a “hacked“ or “infected“ PC).
1. Keep your operating system updated (nowadays this is really easy through automated
ways).
2. Install antivirus software (there are free ones such as Clamwin).
3. Install a personal firewall (there are free versions available for home use, for example Kerio Personal Firewall). This increases dramatically your security when browsing the Internet.
4. Install an anti-malware or anti-adware software, such as Spybot.
5. And finally, very importantly, make a copy of all valuable data in another media (a CD Rom or DVD) just in case your hard disk stops working unexpectedly.

These five security measures are not the golden solution to 100% security (by the way, there is never a 100% scenario in any field), but the likelihood of you spending a whole sunny weekend in front of the screen of your family’s PC trying to rescue
it from a virus or something similar should be a little bit lower.

Monday, July 03, 2006

Keep your operating system updated

The aim of the five security measures presented on Secure home PC: to secure your home PC from internet threats coming through your DSL connection and ultimately to limit the time you (or a willing IT savvy friend) devote to fixing your PC.

One of the proposed measures was to keep your operating system updated. Microsoft uses the expression “stay current with automatic updates” to refer to the updating process for Windows, Office and other Microsoft applications. As most home PCs run Windows XP as their operating system, this article focuses on how to configure and use “Automatic Updates” in Windows XP using DSL to connect to the internet.

Firstly, start up “Automatic Update” (these two words should appear in the Control Panel).

Secondly, double click the “Automatic Update” icon. It is advisable that you decide when the updating process should start, rather than letting it take place automatically. To achieve this, check the option “Notify me but don’t automatically download and install them”. An alternative way of doing this is by going to the Windows Update website (http://update.microsoft.com) and selecting the “Express” option. Choose a time when you are not going to need to use the PC for anything else as the updating process can take a long time, especially if you do not update your PC frequently or if your internet connection is slow.

Thirdly, your PC will undergo the updating process in the background. It consists of three steps:

1. Checking which updates are required.
2. Downloading the updates (a window with a list of updates to download will appear).
3. Installing the updates.

SOME TIPS TO SAVE TIME:
As always, make a backup of your data before updating your PC by saving important files onto CD or a USB memory drive.

If you need to reduce the time your PC spends updating, only download security updates.

Check the screen of your PC every now and then as some of the steps require your input (e.g. the selection of updates to install and the acceptance of some end-user licence agreements).

You may also have to restart your PC in order to complete the installation process. Once the updating process has finished, check whether it was successful by clicking "Review your update history”.

The bad news is that, while updating your PC is necessary, it alone is not sufficient to protect your PC. The good news is that the experience you gain will help you when you have to respond to the pop-up windows that will inevitably appear (and that we have not even mentioned in this article) and that subsequent updates will generally take less time.

Sunday, July 02, 2006

Install an anti-virus in your home PC

This third article in the home PC security series focuses on an almost omnipresent security element in most PCs at home, namely anti-virus software. Most of us think that just by having the software installed we are safe and sound when browsing the Internet. Actually, something else is required. Let’s go through it now.

Wikipedia.org defines anti-virus software as “a computer program that attempts to identify, thwart and eliminate computer viruses and other malicious software (also known as malware)”. How do anti-virus programs work? Most of them are based on a virus dictionary, i.e. the anti-virus program compares files residing on the PC against a dictionary of known viruses. If any piece of code corresponds to one entry in the virus dictionary, then the anti-virus program tries to either repair, delete or quarantine the file containing that code.

Therefore, the key for effective malware protection is to keep the virus dictionary up to date. This is what companies always try to do. So, think about this when you see the automatic anti-virus update window appearing on the screen on your workstation. It is updating the dictionary of known viruses. The more up-todate the dictionary, the lower the probability of getting infected by a piece of malware.

You can also do the same with your PC at home: try to keep the virus dictionary up to date. There are many freeware and commercial anti-virus providers. A freeware example for Windows is www.clamwin.com. An example of commercial anti-virus program is ... well, there are many of them ;-) Check whether you can also use your corporate anti-virus at home (home use by staff members is included in some corporate licence).

Select one provider, but please do not install two of them simultaneously as they could be incompatible.

Some anti-virus programs include an auto-update feature. In this way, you can also keep your home PC updated with the latest virus dictionary. By default, the auto-update functionality will normally check for updates on the Internet every some minutes (provided that the PC is on and connected to the Internet).

Nowadays, the reaction time of anti-virus providers between the public release of a new virus and its inclusion in the virus dictionary usually varies from a few hours to a few days. Thus, as you can imagine, anti-virus software does not protect us against brand new viruses (what security experts call zero day exploits).

Finally, if you receive a file attached to an email or in a memory drive and you would like to ensure that it does not contain any virus, www.virustotal.com offers a free service for scanning suspicious files now with twenty three different anti-virus providers. You need to upload the file to be scanned onto that site (so don’t use it with confidential files). This service can be of help when you are not certain whether your home anti-virus software is working properly.

By Secure home PC

Saturday, July 01, 2006

Install a personal firewall

The fourth delivery of this home PC security series focuses on a relatively new security element for home PCs, the personal firewall. Having a personal firewall in our home PC will soon be a must if we run Windows XP and have a broadband connection to the Internet. In Europe, a freshly installed XP box connected to the Internet can be hacked within minutes (or even seconds).

Wikipedia.org defines personal firewall as a piece of ‘software installed on an end-user's PC which controls communications to and from the user's PC, permitting or denying communications based on a security policy’. How does a firewall work?

Let’s try to explain it without complex IT terms: Communications to and from a PC use different protocols. These protocols are the languages computers use to talk to each other. Complexity in these communications has been mitigated using a layered approach. For each communication layer different protocols exist. Some of these layers use as ending points the term ‘port’.

Firewalls control precisely these communications. For example, they allow that you can browse the Internet (in IT terms, this means that you are using the HTTP protocol from your PC to the Internet through a specific port). At the same time, they can forbid any communication from the Internet to your PC so that your printer cannot be used by external parties.

The peculiarity of personal firewalls is that they make an attempt to hide this IT complexity to the user by prompting pop-up windows when these communications happen for the first time in your PC. Normally, they offer you the possibility to allow always (this means that the firewall create a permanent allow rule), only for that specific occasion or never.

It takes some time (and some answers) for a personal firewall at home to know about your communication profile. Let’s face it, most users select the ‘allow always’ option when they are prompted for the tenth time with the disturbing firewall question window.

The basic piece of security advice is to grant access only to those communications you are sure you need and you are certain about their origin (basically, in a normal home use, those coming from your Internet browser, your email client and any additional network-based software you use). All the rest, whenever the window of your firewall pops up, select anything but ‘allow always’.

A popular personal firewall is Kerio. You can download a free copy from softpedia