by: Aaron Weston
According to the latest research, Microsoft has found that cyber threats are getting more complex and advanced as "hackers" mature. How do you protect yourself against these threats? It's actually easier and cheaper then you think, and the payoff is high. In this article we'll address these challenges.
1. Get an antivirus program. Some worms, such as MyDoom, are capable of bringing entire networks to their knees. Some threats collect your personal information, such as passwords, and transmit them to a remote location. The cost associated with these threats is very high. To address these issues, several companies have released protections that are free for home use. Choose your program carefully as some promise the world, or have a reputation, but don't live up to the hype.
One unbiased test (http://www.techdo.com/?p=62) rated the top 20 virus programs against 175,000 virus definitions. The results may surprise you. Norton from Symantec, often perceived to be the best and requiring an annual fee for updates, is actually at the bottom of the list along with McAfee, easily surpassed by free offerings such as AVG, Avast! and AOL Active Virus Shield, using the top rated Kaspersky engine. In another test (http://www.thepcspy.com/articles/other/what_really_slows_windows_down/5), Norton takes three of the top six spots for programs that consume the most system resources. As you can see, you don't always get what you pay for and you may be leaving your system vulnerable.
At Northern Protocol Inc. we recommend AOL Active Virus Shield for Windows XP home use. Updates are free, response times are faster than Norton or McAfee, and it offers more comprehensive protection against threats. AVTest.org monitors response times of various vendors, and has found that Norton and McAfee are at the bottom of the list for releasing definitions. Your antivirus is only as good as it's definitions, and a slower response time and less effective detection increases the window for possible infection.
2. Get an anti-spyware program. Spyware threats are getting more complex. As browsers improve their security features, devious "script kiddies" have changed their tactics, now using Javascript to install threats, affecting any browser that has it enabled. So-called "free" software, such as screensavers, wallpapers and "smilies", to name a few, install spyware without your knowledge, burying the "agreement" in a lengthy license agreement that no-one ever reads before they click "accept". Some devious websites ask you to install "download managers" to access their files, which often have spyware (so-called "sponsor" software) embedded. Pay close attention to any installer that asks you to install "sponsor" software. Many antispyware programs and security suites are actually frauds, and often install spyware themselves. You can find a complete list at http://spywarewarrior.com/rogue_anti-spyware.htm.
There are several good programs out there, but the one we at Northern Protocol Inc. recommend the most is Prevx2.0. It requires a small annual fee to maintain the active protection component, but we find it extremely effective. Another good protection suite is AVG Anti-Malware which also requires a modest annual fee. Windows Defender is a good free alternative for users of genuine Windows products.
3. Install a firewall. Firewalls block intrusions from the outside, hiding your computer from the internet so that "hackers" don't know it's there. They can also block communications coming from within your network. Again, there are a lot of misconceptions in this realm. Norton and McAfee, while having a reputation, are actually sluggish and poor performers according to this review at http://www.informationweek.com/security/showArticle.jhtml?articleID=192201247&subSection=Security+Reviews. ZoneAlarm, while popular, is buggy and has hang ups of it's own, one being far too demanding of user involvement. One review (http://www.pcmag.com/article2/0,1759,1969207,00.asp), conducted by PC Magazine, rates Comodo Personal Firewall, a free firewall, as one of the best in it's class and is our recommendation as well.
A more effective solution, but more complex in installation, is to install an older computer as a firewall, running Smoothwall from http://www.smoothwall.org/. This solution is highly effective, inexpensive, and the one we use to protect our network.
4. Buy a router. Routers are inexpensive and in many cases offer built in firewalls that work in conjunction with the "NAT" firewall that is standard on all routers. What this does is take your IP address from the internet and translates it into internal addresses for your computer(s). This adds an extra layer of protection for your computer or network, putting one more obstacle in the way of any potential intruder. Northern Protocol Inc. recommends the use of Linksys or D-Link WBR or DIR series routers for the best performance.
5. Set the wireless security on your router. All too often people leave their wireless settings at default, leaving their networks wide open to attack. Log on to your router's control panel from any browser (192.168.1.1 for Linksys and 192.168.0.1 for D-Link) and set your wireless security settings.
First, change the password for the logon. Use a combination of upper and lower case letters and numbers, then test your password at http://www.microsoft.com/protect/yourself/password/checker.mspx for strength.
Second, enable encryption. In order, the preferred methods of encryption in terms of strength are WPA2, WPA and lastly WEP 128 bit. Some older network cards don't support WPA or WPA2, so either replace the card (recommended) or use WEP 128 bit. Create a key using the same guidelines as your administrator password, but make sure it's different.
Third, change the SSID (this is the name the router broadcasts to inquiring wireless devices). Ensure that it does not identify the make or model of your router and that it is not personally identifiable. It is preferable to disable broadcast altogether if you can remember the name and manually enter it into each computer's wireless configuration.
Fourth, if no other computers need to log on but your own, enable the MAC ID filter and enter in the MAC ID to each of your devices. This is a very effective solution, preventing all but your own devices from being able to log on to your router and obtain an address, even if they can figure out or already know the key. Each MAC ID is unique to every network device on the internet and thus no two devices have the same ID.
6. Update to the latest version of your browser. We recommend the use of either Opera or Internet Explorer 7, or both. These programs ensure that you have the latest security protections for your browsing experience, employing advanced techniques to prevent automatic installations of scripts, "phishing" scams, etc.
7. Update your operating system and software to the latest versions. As new threats and security flaws surface, Microsoft scrambles to get new fixes into the hands of it's users, and once a month releases a Malicious Software Removal Tool. Ensure that you have a genuine version of Windows, with Service Pack 2 installed for Windows XP, to be eligible for all the latest software updates. Research is showing that as operating systems become more secure, hackers are looking for alternative "attack vectors", or other software on your computer, as a means of attacking your system's security. Cover all your bases. Make sure that "Automatic Updates" are enabled on your machine(s).
8. Make regular backups. As backup solutions continually drop in price, there are no valid reasons to not perform regular backups. DVD burners, such as Pioneer and LG, are very inexpensive and reliable and can fit a large volume of data on a single CD or DVD. USB memory keys are also inexpensive, as are external hard drives. One folder that is very important to back up is your My Documents folder. Keep your backups away from the computer and in a safe place. Photographs can often never be replaced, so always keep current backups on hand.
Is your system infected? Do you need help employing any of the measures mentioned in this article? Call us at 705.812.2236. We remove the infections and protect you against future infections, without loss of data.
Learn more about security threats at http://www.npinc.ca/virus.htm.