You´d probably heard this before. Everyone should secure his personal computer. You read stories like this in every other computer mag, your geeky friends probably tell you the same and even name some programs that you should use because they are the best and most secure. I know that you would like to have a secure computer, well a secured computer, there is nothing like 100% security if you are on a network or the internet. Keep that in mind.
I will explain the basics of securing your computer, will tell you what you need to secure it and give you alternatives if there are any. But first of all, all programs that I name will be freeware or open source. We want a secure computer but don´t want to pay hundreds of $$ for it. There will also be some geeks who will comment that program XY is way better and pro than the program I named and that only people with no security understanding whatsoever will use. Don´t listen to them, there are many factors that play a role in selecting a suitable software. I tried to find the best mix between security and user friendliness.
I will recommend the following type of programs for your personal computer: Anti-Virus, Anti-Spyware, Rootkit Checker, Autorun Checker and Process Checker.
Wait, no Firewall ? Yes no firewall, I will give you a short answer why there will be no firewall. This seems unusual but just wait a little more and you will know.
Before we start, let me give you a short advice. Running all these tools in the background does not make your system secure. Its more secure yes, but not totally. Therefor you should still use common sense when you do something on the internet, e.g. don´t click on mail attachments that are unknown to you aso.
Lets Start:
Anti-Virus:
There are unfortunately thousands of free anti-virus products out there, what we need is the following. It should be up to date, have internet updates and use few resources.
I suggest Antivir Personal Edition, its free, always up to date, uses only few resources and has a very good virus recognition rate. Alternatives would be Avast Antivirus and AVG Free Edition
Anti-Spyware:
Ad-Aware SE Personal, small and good, enough said. As an alternative Microsoft’s own Spyware Tool.
Rootkit-Checker:
Everyone knows about Rootkits since the Sony debacle but only a few know how to check their pc for a rootkit. Rootkit Revealer from Sysinternals does the job. Run this tool from time to time, its not necessary to run it all the time.
Autorun Checker:
There are numerous places that can hold programs that autorun at startup, its a hassle to check them manually. Run a autorun checker from time to time to check on all places and programs and disable the ones you won´t need. Your system will probably boot faster if you disable some.
I suggest Autoruns 8.4 from Sysinternals.
Process Checker:
Process Explorer from sysinternals tells you which handles or dll process have opened or loaded, small great tool.
No Firewall ?
The reasoning behind this is pretty simple. A software firewall gives the user a false sense of security. If you look up bugtraq for example you see lots and lots of firewall vulnerabilities. Every software that runs on your system raises the danger of exploits and backdoors. Many trojans and worms already know ways to bypass firewall systems and use save routes (that means use programs that are safe to use for the firewall) to execute their malicious code.
Another problem that occurs is that if a malicious tool is installed with admin rights it could alter firewall functions. You find a simple code on netfirms.com that does press the YES button of Zonealarm automatically. There are of course other more serious possibilities.
The conclusion would be, that firewalls are not secure and malicious code can find ways around the firewall and even manipulate it. Therefor i suggest you don´t use a firewall but do something different.
I suggest you download this small tool called Shutdown Windows Servers and run it on your system. This should be sufficient to avoid most of the nasty worms and trojans that float around lately without the use of a firewall. .Common sense of course applies
Related posts:
20 Minute Guide to Pc SecurityHome Pc Firewall Guide
Computer Virus Effect Remover
Increase USB Security With USB Cop
What You Should Do After Buying A New Computer System
Dvd Rootkit on the way
Which Programs Should I Run To Scan A Computer For Malicious Software?
Say no to Drugs Virus
50 Responses to “Beginners Guide to Securing a Pc”
Trackbacks/Pingbacks
-
[...] LINK: Ghacks.com [...]
-
[...] More Comments » [...]
-
[...] Beginners guide to securing your PC Read this short informative article to know which components you should have protecting your computer. [...]
-
No firewall you say
Just because a lot of exploits carry themselves across ports that your firewall keeps open for other services doesn’t mean they are useless. Advising Windows users not to use firewalls just because it creates a false sense of security is…
-
[...] Eye Movement and Direction and How it Can Reveal the Truth or a Lie Saturn Surprise: One Ring is Actually a Spiral Views of Ground Zero at approximately 9:00 AM on September 11, 200 1080i vs. 1080p HDTV: should you care? How mazes are generated and solved by computers Beginners Guide to Securing a Pc The 360 degree LED television How-To: Stream almost anything using VLC The Reactive Cube – a seamingly true 3D display More CSS Templates IT Project Cycle – the animated version Top Four Non-Linear Video Editors Everyone’s eyes are wired differently GRIN – Welcome to the Great Images in NASA library of images. Wiring up the ‘Victorian internet’ Talking Back To the Junk Fax [...]
-
[...] Eye Movement and Direction and How it Can Reveal the Truth or a Lie Saturn Surprise: One Ring is Actually a Spiral Views of Ground Zero at approximately 9:00 AM on September 11, 200 1080i vs. 1080p HDTV: should you care? How mazes are generated and solved by computers Beginners Guide to Securing a Pc The 360 degree LED television How-To: Stream almost anything using VLC The Reactive Cube – a seamingly true 3D display More CSS Templates IT Project Cycle – the animated version Top Four Non-Linear Video Editors Everyone’s eyes are wired differently GRIN – Welcome to the Great Images in NASA library of images. Wiring up the ‘Victorian internet’ Talking Back To the Junk Fax [...]
-
[...] gHack’s Beginners Guide to Securing a PC. I will explain the basics of securing your computer, will tell you what you need to secure it and give you alternatives if there are any. But first of all, all programs that I name will be freeware or open source. We want a secure computer but don´t want to pay hundreds of $$ for it. There will also be some geeks who will comment that program XY is way better and pro than the program I named and that only people with no security understanding whatsoever will use. Don´t listen to them, there are many factors that play a role in selecting a suitable software. I tried to find the best mix between security and userfriendliness. gHack has a good list here, with some programs that I’ve recommended here on TechTips. His first antivirus recommendation is Antivir Personal Edition; I’ve never used this program but I agree that AVG is a good alternative. I don’t like is other alternative suggestion; Avast. I’ve used it in the past and didn’t like the user interface. gHacks makes the bold suggestion of not using a software firewall, saying they only give a false sense of security. I disagree as a layered approach is benefitial. It is just important to realize that all of the other security procudures cannot be ignore because you have a firewall; you must still run Windows Update frequently and have good antivirus and antispyware programs installed (and used!). [...]
-
[...] gHacks – Beginners Guide to Securing a Pc [...]
-
Security Advice For Beginners – Don’t Run A Firewall
One of my partners has put together a fairly comprehensive Beginners Guide To Securing A PC. However, Martin has one piece of advice which I don’t personally think is a good tip for beginners. He argues that a software firewall gives…
-
[...] You might remember that I wrote an article in late november called Beginners Guide to securing your pc. You might even remember that I suggested that there was no need for a desktop firewall at all. And you might even remember that I got some pretty bad comments about my suggestion in the comments section. [...]
-
[...] This guide gives tip on various tools everyone should use to secure his pc. It suggest antivirus, antispyware, autostart and process checkers and more. But, it will tell you to not run a firewall. Curious ? check it out.read more | digg story [...]
-
[...] Link: gHacks [...]
-
[...] I wouldn’t suggest following Martin’s lead and disabling the security features (Martin doesnt’ use a firewall) though, unless you really know what you are doing! More: gHacks [...]
-
[...] and Bitdefender I wouldn’t suggest following Martin’s lead and disabling the security features (Martin doesnt’ use a firewall) though, unless you really know what you are doing! RSS [...]
-
[...] wouldn’t suggest following Martin’s lead and disabling the security features (Martin doesnt’ use a firewall) though, unless you really know what you are [...]
Good advice man – and you’re right on with the firewall advice as well. Let me add to it:
When PROPERLY PATCHED, you really don’t need a firewall – for those who are still un-convinced, consider this: firewalls are their to hide vulnerabilities. Vulnerabilities exist in UNPATCHED SOFTWARE (and hardware sometimes ;). So, patch your system, run an anti-virus package, and you’re as good to go as anyone else out there.
Microsoft patches should be a Windows user’s greatest concern – these are vulnerabilities that Microsoft has acknowledged and provided a patch for. In my experience, MOST viruses, trojans, worms, etc. rely on the very vulnerabilities that the patches are designed to fix. That’s right, the “bad guys” are watching the patches, figuring out what’s broken, and attacking computers that simply aren’t patched. I can’t say it enough: run Windows Update, and patch your pc… dude.
“When PROPERLY PATCHED, you really don’t need a firewall – for those who are still un-convinced, consider this: firewalls are their to hide vulnerabilities. Vulnerabilities exist in UNPATCHED SOFTWARE (and hardware sometimes ;) . So, patch your system, run an anti-virus package, and you’re as good to go as anyone else out there.”
Pray tell, oh wise one, how not running a firewall will protect against unpatched software, that does not have any patches released yet? You know, like the MAJORITY of exploits that have been published weeks/months before a patch is ever released?
The “No Firewall” advice (and comments) should be thought out a bit more before you recommend that to a non-tech.
Yes software firewalls on a windows based system is nearly worthless especially on a dial-up connection. But to tell a broadband user they have no need for a firewall will only lead to more zombie bots.
You should instead recommend a decent hardware firewall Even a $60.00(US) home Linksys/D-Link router set to NAT will will server them better as it’s a simple configure and forget device.
That way they only have to worry about anti-virus (ClamWin – free open source) and spyware (Ad-Aware and Spybot) which makes things easier to remember.
Don’t use ad-aware anymore. Spy Sweeper is a hundred times more successful in removing some of the pesky spyware that ad-aware still has yet to figure out how to remove.
Yes Spy Sweeper is the best spyware utility out there but it costs $30.00(US) a year which is crazy.
Ad-Aware + Spybot together will catch and clean as much spyware as Webroots product which is why I recommended both of them together and they are free.
If you need the best and have money to burn every year get Webroots product by all means.
Just want to add…… don’t run IE :-)
Example: JavaScript addon for Firefox. Its simply dandy
I do agree with what you´ve written so far. A hardware firewall is a good solution which should be recommended to everyone. I should have said so as a suggestion, thanks for pointing this out.
no firewall?
I am a noob and I know that is not right. -digg
but what if you want to deny specific programs access to the net? does whutdown winServers do this?
Good advice.
I also use WinPatrol (http://www.winpatrol.com/) – Checks startup changes, file association changes, and more.
Also, not running as an Admin user is very good advice.
If you need to install something, use Run As… (if your OS supports it) or log in as the admin just for that install.
It’s a hassle, but it does make it harder for malicious apps to do very bad things.
Oh, and password protect that admin account… the number of people I’ve helped out who (bless their hearts) don’t log in with Admin rights but don’t password protect the admin account… *sighs*
I have to ask, why have you chosen such a small font? It makes for readability hell, and you don’t need anything getting in the way of your content.
Regarding the content of the article, some of these tools aren’t immediately applicable for beginners. What does the average beginner know regarding processes on their computer? A notable tool missing from your round-up is HijackThis! An inclusion of this tool and the various hijackthis log parsers would do wonders for many people.
Everything else seems on the level though, perhaps an expanded entry in the future might get you more positive feedback.
firefox ctrl +
10. no you can´t do that, if you can get your hands on a hardware firewall do that, else you would need a software firewall.
12. I tested the site with firefox 1.5, opera 8.5 and internet explorer 6.0 and all show a good medium sized font. If you have difficulties reading the entries you could use CTRL + mousewheel up / down to decrease / increase font size of the webpage.
Nice Guide. I have a question I have a wireless router that functions like a firewall and it protects my computer of unwanted incoming traffic but if I buy a laptop will the protection of my wireless router protect my laptop?
Microsofts own Spyware Tool. ?
Are you kidding? I’d almost rather have spyware.
Well, no. :) But therea are way better alternatives, even to AdAware.
Let’s get real. No firewall? Firewalls are about preventative maintenance – a proactive approach to mitigating the possibility of being compromised. There are no guarantees , but that doesn’t mean one SHOULDN’T use a firewall. It is like a seat belt, it MIGHT kill you in an accident or it MIGHT save you. Statistically, it is more likely to save you.
Additionally, safe computing practices (such as don’t hunt for free MP3’s, porn, use FireFox, ban ActiveX controls, etc) will go far to secure a USER from the Internet. It is all about the “red dot” – everything has a red dot of death on it. The bigger the dot, the more likely it will be the target hit by the perverbial rocket. I look for the smallest red dot possible (I learned this from my days in Half-Life multiplayer: red dot = rocket = imminent death).
I think its great that we have lots of different opinions, thats fine with me. I´am running my pc without a software firewall for 6 months now and never encountered a problem, luck ? probably..
If you are happy using a software firewall do so, I´am not telling you that you have to uninstall your firewall and run your computer without one. Its your decision. If my advice is sound to you you probably try it out, if not well, then not.
You should also remember that freeware personal firewalls are becoming scarce, sygate and kerio will not be updated anymore. Whats good firewall is left ? I can´t think of a free one but maybe some of you.. let me know.
i use zonealarm firewall on my comp. i got it off one of the free PC cds that came with my MaximumPC subscription. its seems to do the job and is a free program. i also noticed that since ive installed it my computer doesnt start slowing down as much after using it for a long time.
derek i suggest you take a look at this link which has a discussion if one should zonealarm or not.
http://www.deny.de/phpbb2/viewtopic.php?t=13559
Or you could get a mac. Still very good advise for the windoze bound.
For a free Open Source anti-virus program I’d recommend ClamWin at [http://www.clamwin.com]. It’s GUI isn’t as advanced as AVG but you can look at the source code and they update their definitions as many times a day as needed instead of only once a week like the three big $$ AV companies.
Or you could install Linux instead. It’s free and not as difficult as you think.
But… but…
Where’s the equivalent Linux tools?
My gosh, why didn’t I realise in time that PC of course means Window box :(
hej the linux guys can help themselves ;)
I disagree with the idea of not using a software firewall.
Using a software firewall is simply to protect you at the application level. Trojans, take advantage of dll injection on IEXPLORER.EXE to bypass the firewall, but that only works if, 1) you have IE set to auto allow and/or 2) you don’t have any specific rules setup.
So maybe for the average user is a software firewall not needed, but I definitly recommend using one. Sygate detects .DLL injection, which my linksys router doesn’t do.
If i was to stop using a software firewall, should I disable the windows firewall as well? or does that not matter?
I agreee with most of the reasoning, however, not with no firewall, essentially for reasons already stated by other poeple above. HOWEVER …
Having a firewall can stop attacks by the mere fact that most ports are blocked from the outside world, stopping many from even finding the machine in the first place. If an exploit gets onto the machine to “press” say zonealarms off button, it is already too late anyway. (Otherwise, how did the exploit get there.)
It will ALWAYS be a race against those who infect, and those who attempt to infect. A firewall (even a software one) is just another level that attempts to stave off the wolves
In regards to post #34 –
The WinXP SP2 Firewall is very passive so it’s ok to leave it on at all times as a layered defense.
Hi Guys , The way I figure it you can use a software firewall or not use a
software firewall there are risks either way you dice it; my advice make your
system as slimline as posible(Yeah I know , good luck with Microsoft!, don’t
we all just want the days of windows 3.1 to return!) Patch it up , make it
secure as you possibly can and then backup , backup, backup! Ghost is my
friend… :)
Hmm…I bet someone will now want to create a thread about should you use
Ghost or another program to backup your drive , but hey at least its backed
up!
I also wrote a similar article if anyone is interested..
Microsoft Windows security for computer illiterates (Good title hun? :) )
http://geeksaresexy.blogspot.com/2005/12/microsoft-windows-security-for.html
I think it all goes by preference. Alot of things one person uses another wil
l not. Some people can only use certain programs depending on their operating
system. I doubt its for anyone to say what is needed or not needed.
It all depends on your computers vulnerabilites and how well knowldeged you are
in taking proper care of your computer, updating your software, and
surfing the internet safely.
It is the user who makes the choices, in the end a user could have the crappiest
computer protection, but if it makes them feel secure, that is what they are
going to choose.
GOOD topic but: No FIREWALL @ all?
Of course most people who do not know what they are doing DO need firewall, one of the many reasons are: Beginners DO not patch their software and still click on every possible link they see and ignore system warnings etc (or their friends).
What use is for beginner to see the system processes etc, good if they recognize from these tools that MSN is starting up every time they boot PC lol.
Best would be ShutDown WinServers (shut down NT services – u can do it manually, google!) + Software Firewall + Hardware firewall(most cheep routers will do, note: H-W F-W do not see if any program is hijacked). No need to say u need AV and anti spyware.
I was using Sygate Pro and started to test Lavasoft Firewall(seems good), and nothing is better in the end compared to Nod32 if ya SET IT UP RIGHT WAY. Some AV makers leak “independent” tests where Nod32 looks bad – do not believe these sites. Even for beginner with default settings – nod32 is good!
Of course.. then comes the money part… well, everyone finds hes own ways how to use software who asks to much € or $
One other question, all what u have on ur PC, is it not worth 25… 50 dollars a year to buy some good sec software? Most people want everything for nothing, not thinking all the months, years hard work and money what takes to make good software. Would You work for nothing?
One other thing: there is difference for what u need on New PC v. infected PC
Use Linux? Like there would be no hack and holes in usual linux system, hope so. Xandros Pro is what i use, u can run some Windows software on this to and its really easy to use. Use Mac? If ya have so much money, and do not want to use most fun software what is out there, why not. But its like recommending to change your house (to get warm) from Estonia to one in Hawaii because your Windows is broken lol
Please google about software before u install it, these 5 minutes do not kill u ;)
srry for bad english, but i hope u got my point ppl :)
– Waffa Drunker -
Is it just me…
“Shutdown Windows’ servers” is a program, which makes Microsoft Windows XP Home, Microsoft Windows XP Professional and Windows 2000 much more secure from attacks from the network. Other Windows releases I cannot support until now.”
U forget to add that ur advice is for NT users not for win95, 98 or ME users. Dont ya think its important or do you think no one will use 9x systems anymore?
WiNo (Comment #11):
I don’t have any personal experience with this, but according to some articles I’ve read, not setting a password on an admin account in XP actually makes it impossible to log in as that admin remotely. I think it has something to do with Microsoft rigging it so that all remote logins attempts must provide a password — even a blank one — meaning that the remote login attempt fails by providing an incorrect password (i.e. having one at all).
Of course, you’re then leaving yourself open to the uninformed actions of your teenage child… ;b