Beginners Guide to Securing a Pc
You have probably heard this before: every PC user should secure the computer as best as possible. You read stories like this in every other computer mag, your geeky friends probably tell you the same and even name some programs that you should use because they are the best and most secure.
I know that you would like to have a secure computer, well a secured computer, there is nothing like 100% security if you are on a network or the internet. Keep that in mind.
I will explain the basics of securing your computer, will tell you what you need to secure it and give you alternatives if there are any.
But first of all, all programs that I name will be freeware or open source. We want a secure computer but don't want to pay hundreds of $$ for it. There will also be some geeks who will comment that program XY is way better and pro than the program I named and that only people with no security understanding whatsoever will use. Don't listen to them, there are many factors that play a role in selecting a suitable software. I tried to find the best mix between security and user friendliness.
I will recommend the following type of programs for your personal computer: Anti-Virus, Anti-Spyware, Rootkit Checker, Autorun Checker and Process Checker.
Wait, no Firewall? Yes no firewall, I will give you a short answer why there will be no firewall. This seems unusual but just wait a little more and you will know.
Before we start, let me give you a short advice. Running all these tools in the background does not make your system secure. Its more secure yes, but not totally. Therefor you should still use common sense when you do something on the internet, e.g. donÂ´t click on mail attachments that are unknown to you, or on links in emails. Common Sense is probably the best protection against threats that are out there.
- Use common sense.
- Install an antivirus solution.
- Use a firewall.
- Check from time to time: autostart, processes, for rootkits.
- Use common sense.
There are unfortunately thousands of free anti-virus products out there, what we need is the following. It should be up to date, have internet updates and use few resources.
I suggest Antivir Personal Edition, its free, always up to date, uses only few resources and has a very good virus recognition rate. Alternatives would be Avast Antivirus and AVG Free Edition.
Update: While those programs are good, BitDefender Antivirus Free Edition has risen to popularity thanks to its excellent (independent) test results.
Ad-Aware SE Personal, small and good, enough said. As an alternative Microsoft's own Windows Defender Tool. Update: Most anti-virus programs ship with solid anti-spyware modules so that you do not really need an extra program for that anymore.
Everyone knows about Rootkits since the Sony debacle but only a few know how to check their pc for a rootkit. Rootkit Revealer from Sysinternals does the job. Run this tool from time to time, its not necessary to run it all the time.
There are numerous places that can hold programs that autorun at startup, its a hassle to check them manually. Run a autorun checker from time to time to check on all places and programs and disable the ones you won't need. Your system will probably boot faster if you disable some.
I suggest you useÂ Autoruns by Sysinternals.
Process Explorer from Sysinternals tells you which handles or dll process have opened or loaded, small great tool. Also great for research, latest versions include Virustotal checking of all processes.
The reasoning behind this is pretty simple. A software firewall gives the user a false sense of security. If you look up bugtraq for example you see lots and lots of firewall vulnerabilities.
Every software that runs on your system raises the danger of exploits and backdoors. Many trojans and worms already know ways to bypass firewall systems and use save routes (that means use programs that are safe to use for the firewall) to execute their malicious code.
Another problem that occurs is that if a malicious tool is installed with admin rights it could alter firewall functions. You find a simple code on netfirms.com that does press the YES button of Zonealarm automatically. There are of course other more serious possibilities.
The conclusion would be, that firewalls are not secure and malicious code can find ways around the firewall and even manipulate it.
Therefore i suggest you don't use a firewall but do something different.
Update: After some consideration I suggest you do use a firewall, hardware firewall if possible, on your system. Check your router or modem to see if it has one built-in. If not, use a software firewall like Windows Firewall that ships with all modern versions of Windows.
I suggest you download this small tool called Shutdown Windows Servers and run it on your system. This should be sufficient to avoid most of the nasty worms and trojans that float around lately without the use of a firewall. .Common sense of course applies
Good advice man – and you’re right on with the firewall advice as well. Let me add to it:
When PROPERLY PATCHED, you really don’t need a firewall – for those who are still un-convinced, consider this: firewalls are their to hide vulnerabilities. Vulnerabilities exist in UNPATCHED SOFTWARE (and hardware sometimes ;). So, patch your system, run an anti-virus package, and you’re as good to go as anyone else out there.
Microsoft patches should be a Windows user’s greatest concern – these are vulnerabilities that Microsoft has acknowledged and provided a patch for. In my experience, MOST viruses, trojans, worms, etc. rely on the very vulnerabilities that the patches are designed to fix. That’s right, the “bad guys” are watching the patches, figuring out what’s broken, and attacking computers that simply aren’t patched. I can’t say it enough: run Windows Update, and patch your pc… dude.
“When PROPERLY PATCHED, you really donâ€™t need a firewall – for those who are still un-convinced, consider this: firewalls are their to hide vulnerabilities. Vulnerabilities exist in UNPATCHED SOFTWARE (and hardware sometimes ;) . So, patch your system, run an anti-virus package, and youâ€™re as good to go as anyone else out there.”
Pray tell, oh wise one, how not running a firewall will protect against unpatched software, that does not have any patches released yet? You know, like the MAJORITY of exploits that have been published weeks/months before a patch is ever released?
The “No Firewall” advice (and comments) should be thought out a bit more before you recommend that to a non-tech.
Yes software firewalls on a windows based system is nearly worthless especially on a dial-up connection. But to tell a broadband user they have no need for a firewall will only lead to more zombie bots.
You should instead recommend a decent hardware firewall Even a $60.00(US) home Linksys/D-Link router set to NAT will will server them better as it’s a simple configure and forget device.
That way they only have to worry about anti-virus (ClamWin – free open source) and spyware (Ad-Aware and Spybot) which makes things easier to remember.
Don’t use ad-aware anymore. Spy Sweeper is a hundred times more successful in removing some of the pesky spyware that ad-aware still has yet to figure out how to remove.
Yes Spy Sweeper is the best spyware utility out there but it costs $30.00(US) a year which is crazy.
Ad-Aware + Spybot together will catch and clean as much spyware as Webroots product which is why I recommended both of them together and they are free.
If you need the best and have money to burn every year get Webroots product by all means.
Just want to add…… don’t run IE :-)
I do agree with what youÂ´ve written so far. A hardware firewall is a good solution which should be recommended to everyone. I should have said so as a suggestion, thanks for pointing this out.
I am a noob and I know that is not right. -digg
but what if you want to deny specific programs access to the net? does whutdown winServers do this?
I also use WinPatrol (http://www.winpatrol.com/) – Checks startup changes, file association changes, and more.
Also, not running as an Admin user is very good advice.
If you need to install something, use Run As… (if your OS supports it) or log in as the admin just for that install.
It’s a hassle, but it does make it harder for malicious apps to do very bad things.
Oh, and password protect that admin account… the number of people I’ve helped out who (bless their hearts) don’t log in with Admin rights but don’t password protect the admin account… *sighs*
I have to ask, why have you chosen such a small font? It makes for readability hell, and you don’t need anything getting in the way of your content.
Regarding the content of the article, some of these tools aren’t immediately applicable for beginners. What does the average beginner know regarding processes on their computer? A notable tool missing from your round-up is HijackThis! An inclusion of this tool and the various hijackthis log parsers would do wonders for many people.
Everything else seems on the level though, perhaps an expanded entry in the future might get you more positive feedback.
firefox ctrl +
10. no you canÂ´t do that, if you can get your hands on a hardware firewall do that, else you would need a software firewall.
12. I tested the site with firefox 1.5, opera 8.5 and internet explorer 6.0 and all show a good medium sized font. If you have difficulties reading the entries you could use CTRL + mousewheel up / down to decrease / increase font size of the webpage.
Nice Guide. I have a question I have a wireless router that functions like a firewall and it protects my computer of unwanted incoming traffic but if I buy a laptop will the protection of my wireless router protect my laptop?
Microsofts own Spyware Tool. ?
Are you kidding? I’d almost rather have spyware.
Well, no. :) But therea are way better alternatives, even to AdAware.
Let’s get real. No firewall? Firewalls are about preventative maintenance – a proactive approach to mitigating the possibility of being compromised. There are no guarantees , but that doesn’t mean one SHOULDN’T use a firewall. It is like a seat belt, it MIGHT kill you in an accident or it MIGHT save you. Statistically, it is more likely to save you.
Additionally, safe computing practices (such as don’t hunt for free MP3’s, porn, use FireFox, ban ActiveX controls, etc) will go far to secure a USER from the Internet. It is all about the “red dot” – everything has a red dot of death on it. The bigger the dot, the more likely it will be the target hit by the perverbial rocket. I look for the smallest red dot possible (I learned this from my days in Half-Life multiplayer: red dot = rocket = imminent death).
I think its great that we have lots of different opinions, thats fine with me. IÂ´am running my pc without a software firewall for 6 months now and never encountered a problem, luck ? probably..
If you are happy using a software firewall do so, IÂ´am not telling you that you have to uninstall your firewall and run your computer without one. Its your decision. If my advice is sound to you you probably try it out, if not well, then not.
You should also remember that freeware personal firewalls are becoming scarce, sygate and kerio will not be updated anymore. Whats good firewall is left ? I canÂ´t think of a free one but maybe some of you.. let me know.
i use zonealarm firewall on my comp. i got it off one of the free PC cds that came with my MaximumPC subscription. its seems to do the job and is a free program. i also noticed that since ive installed it my computer doesnt start slowing down as much after using it for a long time.
derek i suggest you take a look at this link which has a discussion if one should zonealarm or not.
Or you could get a mac. Still very good advise for the windoze bound.
For a free Open Source anti-virus program I’d recommend ClamWin at [http://www.clamwin.com]. It’s GUI isn’t as advanced as AVG but you can look at the source code and they update their definitions as many times a day as needed instead of only once a week like the three big $$ AV companies.
Or you could install Linux instead. It’s free and not as difficult as you think.
Where’s the equivalent Linux tools?
My gosh, why didn’t I realise in time that PC of course means Window box :(
hej the linux guys can help themselves ;)
I disagree with the idea of not using a software firewall.
Using a software firewall is simply to protect you at the application level. Trojans, take advantage of dll injection on IEXPLORER.EXE to bypass the firewall, but that only works if, 1) you have IE set to auto allow and/or 2) you don’t have any specific rules setup.
So maybe for the average user is a software firewall not needed, but I definitly recommend using one. Sygate detects .DLL injection, which my linksys router doesn’t do.
If i was to stop using a software firewall, should I disable the windows firewall as well? or does that not matter?
I agreee with most of the reasoning, however, not with no firewall, essentially for reasons already stated by other poeple above. HOWEVER …
Having a firewall can stop attacks by the mere fact that most ports are blocked from the outside world, stopping many from even finding the machine in the first place. If an exploit gets onto the machine to “press” say zonealarms off button, it is already too late anyway. (Otherwise, how did the exploit get there.)
It will ALWAYS be a race against those who infect, and those who attempt to infect. A firewall (even a software one) is just another level that attempts to stave off the wolves
In regards to post #34 –
The WinXP SP2 Firewall is very passive so it’s ok to leave it on at all times as a layered defense.
Hi Guys , The way I figure it you can use a software firewall or not use a
software firewall there are risks either way you dice it; my advice make your
system as slimline as posible(Yeah I know , good luck with Microsoft!, don’t
we all just want the days of windows 3.1 to return!) Patch it up , make it
secure as you possibly can and then backup , backup, backup! Ghost is my
Hmm…I bet someone will now want to create a thread about should you use
Ghost or another program to backup your drive , but hey at least its backed
I also wrote a similar article if anyone is interested..
Microsoft Windows security for computer illiterates (Good title hun? :) )
I think it all goes by preference. Alot of things one person uses another wil
l not. Some people can only use certain programs depending on their operating
system. I doubt its for anyone to say what is needed or not needed.
It all depends on your computers vulnerabilites and how well knowldeged you are
in taking proper care of your computer, updating your software, and
surfing the internet safely.
It is the user who makes the choices, in the end a user could have the crappiest
computer protection, but if it makes them feel secure, that is what they are
going to choose.
GOOD topic but: No FIREWALL @ all?
Of course most people who do not know what they are doing DO need firewall, one of the many reasons are: Beginners DO not patch their software and still click on every possible link they see and ignore system warnings etc (or their friends).
What use is for beginner to see the system processes etc, good if they recognize from these tools that MSN is starting up every time they boot PC lol.
Best would be ShutDown WinServers (shut down NT services – u can do it manually, google!) + Software Firewall + Hardware firewall(most cheep routers will do, note: H-W F-W do not see if any program is hijacked). No need to say u need AV and anti spyware.
I was using Sygate Pro and started to test Lavasoft Firewall(seems good), and nothing is better in the end compared to Nod32 if ya SET IT UP RIGHT WAY. Some AV makers leak “independent” tests where Nod32 looks bad – do not believe these sites. Even for beginner with default settings – nod32 is good!
Of course.. then comes the money part… well, everyone finds hes own ways how to use software who asks to much â‚¬ or $
One other question, all what u have on ur PC, is it not worth 25… 50 dollars a year to buy some good sec software? Most people want everything for nothing, not thinking all the months, years hard work and money what takes to make good software. Would You work for nothing?
One other thing: there is difference for what u need on New PC v. infected PC
Use Linux? Like there would be no hack and holes in usual linux system, hope so. Xandros Pro is what i use, u can run some Windows software on this to and its really easy to use. Use Mac? If ya have so much money, and do not want to use most fun software what is out there, why not. But its like recommending to change your house (to get warm) from Estonia to one in Hawaii because your Windows is broken lol
Please google about software before u install it, these 5 minutes do not kill u ;)
srry for bad english, but i hope u got my point ppl :)
– Waffa Drunker –
Is it just me…
“Shutdown Windows’ servers” is a program, which makes Microsoft Windows XP Home, Microsoft Windows XP Professional and Windows 2000 much more secure from attacks from the network. Other Windows releases I cannot support until now.”
U forget to add that ur advice is for NT users not for win95, 98 or ME users. Dont ya think its important or do you think no one will use 9x systems anymore?
WiNo (Comment #11):
I don’t have any personal experience with this, but according to some articles I’ve read, not setting a password on an admin account in XP actually makes it impossible to log in as that admin remotely. I think it has something to do with Microsoft rigging it so that all remote logins attempts must provide a password — even a blank one — meaning that the remote login attempt fails by providing an incorrect password (i.e. having one at all).
Of course, you’re then leaving yourself open to the uninformed actions of your teenage child… ;b