A Guide to Internet Security

From TecHKnow Wiki
Jump to: navigation, search

A Laymans Guide to Internet Security - This article has been submitted by Paul Fernihough from Bath.

About this guide This is not meant as an exhaustive guide to keeping your computer 100% secure at all times. It’s intended as a beginners guide to the basic things you should be doing to keep yourself safe & secure while using your computer on the internet. I’ve included a small amount of background material for those that wish to understand a little more, but if you just want simple recommendations then you can skip to the “In Brief” section at the end.

The guide is specifically tailored to the Windows operating system as currently users of Mac’s or the open-source operating systems don’t need to worry so much about security. There are very few threats to them presently but this situation will probably change in the future as they gain popularity.

Anti-Virus Software

What is a virus? It’s a piece of software that does things to your computer that may or may not be harmful. Most don’t kill your system dead but do rather more annoying things like bring up pop-up boxes or try to sell you stuff, some print up funny messages, some play with your mouse, some are more targeted & look to steal your passwords, but most… will do nothing. That’s right, they do nothing until the virus writer decides that he needs your computer for some nefarious purpose such as a mass spam e-mail send out or attacking servers on the internet using an army of “zombie machines”. Often time you will have no clue that a virus is operating.

Anti-virus software comes in many flavours & at many price points but they all do largely the same thing, which is to operate in the background & catch virii before you open them. In my opinion it is pointless paying for virus software as the free alternatives are better in two key respects…


They’re free for life.

  • They leave less of a “footprint” on your system – which means they use up less space, use less memory, use less processor power, install fewer components & are generally smaller & neater. Both Norton & Mcafee need a powerful PC to run, on lesser PC’s this need for power can literally slow down the computer to a crawl.

So what are the free alternatives downsides? None. They even outscore the paid for variants in number of virii detected! In short, use the free ones, un-install that behemoth that’s slowing up your computer, cancel the credit card standing order & download either of these…

I personally use AVG & have done for five virus free years but Avast is well respected by the community also. Either will be fine.

ADVICE: If you open or run a virus then that’s it, you’ve got it… you may be able to remove  it, but prevention is always better than the cure.

A Trojan

(or Trojan horse) is a virus that hides inside another file. Pretty much all types of files are capable of carrying virii but thankfully virus programs are designed to look for these hidden nasties.

A keylogger is a type of virus that logs your key presses, mainly to try to capture passwords.

Anti-Spyware Software

The boundary between spyware & virii can often be blurred, but broadly speaking spyware doesn’t do anything as malicious as a virus. Generally they monitor your activities & send this info back to the spyware writers who use it to send you targeted spam. This slows down your internet connection & means more spam. Grrr. It’s almost unavoidable to pick up spyware these days, many legitimate programs include spyware and much of your surfing habits will be picked up by harmless tracking cookies, spyware is not something to worry about, more an annoyance that you want to keep to a minimum.

There are many free tools for removing spyware, but again, most do the same job. I use AVG Anti-Spyware, which is available at www.free.grisoft.com and is highly recommended. Other free alternatives are

Firewall

A firewall is arguably the most important component in internet security. An un-firewalled windows machine can expect to pick up nasties in less than a minute after being connected to the internet.

Essentially a firewall sits between your computer & the internet to act as a barrier to anonymous requests. Anonymous requests are generally (not always) 
from baddies wanting access to your machine & are best ignored.

A firewall comes in two flavours – hardware or software. A software firewall runs on your computer & while it’s better to have one than not, they do have one downside; they’re running from within Windows, which means that if Windows has a flaw then your firewall could be of no use. A hardware firewall by contrast is a separate piece of electronics that sits outside your computer & therefore does not depend on your computer being flawless to operate properly. This makes them inherently more reliable. Most wireless routers have a firewall built in these days.

See also;

If you have a hardware firewall, then you don’t need a software one.

If you’re limited to a software firewall then the one that comes with Windows is more than adequate, but another free alternative is the well respected one from [ZoneAlarm]

Regular Updating

This is your most important step to keeping your computer secure. Virus & Spyware software needs to be updated, so that they know about the latest threats. More importantly windows itself needs to be updated so that its many flaws can’t be used by hackers to circumvent your security - Microsoft regularly issue security updates as new security flaws are found. Windows updates are available in the security centre which is located in the control panel on the start bar. It’s better to turn on “automatic updates” & let windows take care of itself, but if you don’t like to do this then you should manually update at least once a month.

AVG releases virus & spyware updates daily and its default setting is to look for these automatically when you turn on your PC. This is the best way to run them, but if you prefer the manual route then it’s strongly advised that you update the definitions at least once a week.


About Phishing.

Phishing is a more cunning way to get your password & log-in details that involves no virus at all. The phisher will send out an e-mail that looks like it comes from one of your genuine service providers – banks, e-bay, shopping sites etc. Normally they will include a paragraph explaining that there has been some odd activity on your account or they have lost your details or some other false claim. They explain that you need to log-in to your account to remedy the situation & will provide a link to take you directly to your log-in page. This link is a fake & will take you to a page that looks exactly like your banks page but is in fact theirs. When you log-in with your username & password…. nothing happens… except that now they have your username & password to go and use on the real site!

These e-mails are often easy to spot because they contain glaring spelling mistakes or sound like they’re written by a 16 year old. If it sounds bogus then it is. If it doesn’t sound bogus then it probably still is! No bank or company will ever ask you for your password via e-mail.

Browsers such as Internet Explorer & Firefox now include phishing filters but they are by no means foolproof & the attackers constantly evolve, so it’s hard to keep up.

If you ever get an e-mail from any of your service providers asking you to log-in to your account then ignore it, 99% are bogus. If you genuinely feel that you need to, then don’t click the link in the e-mail, go to the website directly by typing the address in manually – that way you know you’re going to the correct site.

See also;


In Brief

  • Ignore all paid for virus & spyware alternatives, the free ones are better in a number of ways. AVG anti-virus & spyware can be got at www.free.grisoft.com
  • Most importantly make sure you have a firewall, if you don’t have a hardware one, enable the free firewall in windows (start => control panel => security centre).
  • Update windows, your anti-virus software & anti-spyware regularly. (windows updates are available in start => control panel => security centre.)
  • Be wise to avoid falling for “phishing” scams; always be sceptical.

This article has been submitted by Paul Fernihough from Bath.

This contributor(s) article

Help us improve TecHKnow Wiki