Secure Your PC

Revision as of 16:28, 27 April 2017 by Kipkis (Kipkis | contribs) (importing article from wikihow)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

So you have just bought a new personal computer for your home (rather than for a workplace or as a server) and want to secure it (including protecting it from viruses and spyware). Privacy (including encryption, cryptography and anonymity) is a part of security but broad enough to need covering separately. Think of Privacy as the flipside of the coin. Making backups of data, defragging, system restore points are only indirectly related. Backups can actually make your data easier to steal and retrieve.

This article assumes you wish to use a network (such as the internet), share files on thumb drives and that your PC might be physically accessible to others. If none of those apply, then your many of these steps may be redundant as your PC will already be quite secure.

Steps

  1. Choose an operating system based on its security and vulnerability (Linux has no known active viruses in the wild, OpenBSD is focused on security). Find out if it uses limited user accounts,all files permissions and is regularly updated. Make sure you update your operating system with security updates and update your other software too.
  2. Choose a web browser based on its security and vulnerabilities because most malware will come through via your web browser. Disable scripts too (NoScript, Privoxy and Proxomitron can do this). Look at what independent computer security analysts (such as US-CERT) and crackers (similar to hackers) say. Google Chrome[1] is more secure and has a sandbox feature[2] so it would be more difficult to compromise the system and spread the infection.
  3. When setting up, use strong passwords in your user account, router account etc. Hackers may use dictionary attacks and brute force attacks.
  4. Use trusted sources. When downloading software (including antivirus software), get it from a trusted source (softpedia, download, snapfiles, tucows, fileplanet, betanews, sourceforge) or your repository if you are using Linux.
  5. Install good antivirus software (particularly if you use P2P). Antivirus software is designed to deal with modern malware including viruses, trojans, keyloggers, rootkits, and worms. Find out if your antivirus offers real-time scanning, on-access or on-demand. Also find out if it is heuristic. Avast[3] and AVG[4] are very good free editions. Choose one, download and install it and scan regularly. Keep your virus definitions up to date by updating regularly.
  6. Download and install software to deal with spyware such as Spybot Search and Destroy, HijackThis[5] or Ad-aware[6] and scan regularly. I can't state this enough - you need to run a good anti spyware and anti malware program like Spybot if you search the web at all. Many websites out there exploit weaknesses and holes in the security of Microsoft Explorer and will place malicious code on your computer without you knowing about it until its too late!
  7. Download and install a firewall. Either ZoneAlarm[7] or Comodo Firewall[8] (Kerio, WinRoute or Work With Iptables). If you use a router, this gives an added layer of security by acting as a hardware firewall.
  8. Close all ports. Hackers use port scanning (Ubuntu Linux has all ports closed by default).
  9. Perform Penetration Testing. Start with ping, then run a simple nmap scan. Backtrack Linux will also be useful.
  10. Consider running intrusion detection software (HIDS) such as ossec, tripwire or rkhunter.
  11. Don't forget to think in terms of physical security! Consider something like a Kensington lock (in case of theft/unauthorised access). Also setting a BIOS password and preventing access to your machine or its removable devices (USB, CD drive etc.). Don't use an external hard drive or USB device for important data, these represent another vulnerability, as they are easier to steal/lose.
    • Encryption can be effective against theft. Encrypt at least your entire user account rather than just a few files. It can affect performance but can prove worth it. Truecrypt works on Windows, OS X, Linux, FreeOTFE works on Windows and Linux. In OS X (10.3 or later) System Preferences Security, click FileVault (this can take minutes to hours). In Linux Ubuntu (9.04 or later) installation Step 5 of 6 choose "Require my password to login and decrypt my home folder". This uses "ecryptfs".

Tips

  • Remember to update your antivirus program frequently.
  • In most circumstances, the most dangerous thing on a computer is the user. Your PC depends on you; failure to install security updates, or running infected software will compromise your system.
  • Consider security through obscurity or security by design.
  • Some viruses intercept operating system calls to prevent an Anti Virus programs from accessing infected files. In those cases low-level investigation and removal will be required, which may require a professional.
  • Do the course at HackerHighSchool [9].
  • There is an extremely popular podcast called Security Now[10].
  • Windows operating systems frequently require updates through Windows/Microsoft Update. If your operating system is Window XP or older, Microsoft no longer makes updates for it, and chances are some software won't run on it. At this point it is best to upgrade or change operating systems or buy a new computer.

Warnings

  • If data must be destroyed to prevent unauthorized access, a lot of conscientious backups of THAT kind of data is unwise.
  • If you encrypt the data, MAKE SURE you don't forget the encryption key. If you can't remember it, you will effectively lose all of the data.
  • Anti-virus software are not always effective in combating viruses. Don't just install the anti-virus and forget about security. [11]

Related Articles

Sources and Citations

  1. https://www.google.com/chrome
  2. http://blog.chromium.org/2008/10/new-approach-to-browser-security-google.html
  3. http://www.avast.com
  4. http://www.grisoft.com
  5. http://www.trendsecure.com
  6. http://www.lavasoft.com
  7. http://www.zonealarm.com
  8. http://www.personalfirewall.comodo.com/
  9. http://www.hackerhighschool.org/
  10. http://www.grc.com/securitynow.htm
  11. http://www.symantec.com/norton/products/library/article.jsp?aid=internet_iq
Retrieved from "https://kipkis.com/index.php?title=Secure_Your_PC&oldid=43710"