SECURITY - PART 2

Windows Live Onecare

Windows Live OneCare is an automated product from Microsoft designed to perform all the necessary security functions, maintenance and data backup with little or no user interaction. It includes the following programs:

Protection Plus

Performs anti-virus and anti-spyware scanning and two-way firewall to help protect your computer from viruses, worms, Trojan horses, hackers, and other threats. It runs continuously in the background, but you can scan individual files and folders for viruses on demand.

Performance Plus

Regularly defragments your hard disk, removes any unnecessary files that can clog your PC, and helps make sure important security updates from Microsoft are installed efficiently and on time.

Backup and Restore

Regularly copies your important files and settings to CD, DVD, or external hard disk.

Technical Support

Provides online help anytime you need it, 24 hours a day, 7 days a week.

Windows Live OneCare updates itself automatically to counteract new viruses and other threats and works with Microsoft Update to help ensure that your computer is up to date with the latest critical security updates from Microsoft.

Windows Live OneCare
Rating:
Price (Nov. 2006): $49.95 per year covers up to 3 computers. There is also a 90 day free trial.
Read a review from PC Magazine

* UPDATE ON WINDOWS LIVE ONCARE - March 2007
According to AV-Comparitives, Microsoft Windows Live OneCare anti-virus program had the lowest effectiveness score of all the anti-virus programs tested. Their latest test results show that OneCare was effective only 82.4% of the time. That means almost 18% of all bad guys made it through OneCare's defenses. Most other successful anti-virus programs like AVG and BitDefender scored at least 96%.

Windows Service Pack 2

Windows Service Pack 2 is a required set of updates to the Windows XP operating system. This service pack contains many security improvements and features new technologies designed to reduce unwanted content and downloads. In addition, the improved Windows Firewall, turned on by default, helps defend your PC against viruses and intruders who try to access your computer over the Internet.

As soon as you install Service Pack 2 you will be prompted to turn on Automatic Updates. After you turn it on you won't have to search for updates online or worry that critical updates might be missing. Windows automatically downloads and installs them for you, using a schedule that you determine. If you prefer to download and install updates yourself, you can also set up Automatic Updates to notify you whenever any high-priority updates become available.

How do you know if you need Service Pack 2?
That's a good question. I'm glad you asked. Here's how to find out if you already have it or not:

• Right-click on "My Computer".
• Left-click on "Properties".
• You should see a window similar to this one:
  
  
  
  Figure S2-1
• If the area highlighted in yellow says "Service Pack 2" then it's already installed in your computer. If it says "Service Pack 1" then you MUST install Service Pack 2 as soon as possible. Do not pass "GO" or collect $200. You can download it for free from Microsoft or order the CD for a small shipping charge. I strongly suggest getting the CD. It is a very large download and the CD will reduce the chance of problems. Make sure you save the CD with your Windows XP install CD. You will need it in case you ever have to reinstall Windows.

Download or order the CD for Windows Service Pack 2 here

Software Firewalls

A firewall is designed to prevent unauthorized Internet users from accessing your computer. Firewalls can be hardware or software, or a combination of both. This section is concerned with software firewalls. Hardware firewalls, basically routers, will be covered in the next section.

All messages entering your computer from the Internet pass through the firewall which examines each message. The firewall blocks any message that was not specifically requested by your system. For example. when you click on a link in your web browser, you are requesting that page and the firewall will let it pass through. If a hacker attempts to gain access to your pc from the internet, the firewall will identify this message as not being requested (hopefully) and will block it.

There are many firewall programs available ranging from expensive to free. Here is a brief overview of the most popular and some recommendations:

ZoneAlarm
Rating:
Price (Sept. 2006): $39.95 - $49.95
Like Norton products, I do not recommend any of the ZoneAlarm products. ZoneAlarm uses a lot of your system resources, bogs down your RAM (memory) and causes your system to run slower. In addition, since ZoneAlarm is the most widely used software firewall, hackers tend to target PCs with that software installed. Several nasty bugs can even disable ZoneAlarm and you would never know it.

Norton Personal Firewall
Rating:
Price (Sept. 2006): $49.99
I think by now you know how I feel about Norton products. At times, this firewall can even block you from using the internet. Avoid it like the plague.

Sunbelt Kerio Personal Firewall
Rating:
Price (Sept. 2006): $19.95
This is a good software firewall for the money. It's good at blocking unwanted traffic without scaring the user. Kerio also has a range of privacy features including cookie management and a system that prevents your most sensitive data being entered into forms on websites. With its good range of features, simple interface and a great price, Kerio is a good firewall for those on a budget.

Windows Firewall
Rating: with a router
Rating: without a router
Price (Sept. 2006): FREE
This is the only software firewall I use and recommend. NOTE: The Windows Firewall should only be used in conjunction with a hardware firewall such as a broadband router (see next section).

Hardware Firewalls (Routers)

Routers are the most common hardware firewalls for the home user. The basic idea behind a router is to allow two or more computers to share an Internet connection. This is done by using a system called Network Address Translation (NAT). If you really want to induce a nap, read the explanation of NAT in the "Did You Know?" section below. Using NAT, you can use your individual IP (Internet Protocol) address and share the connection with all of the computers in your home at the same time. In addition, NAT acts as a firewall by masking the true IP address of your computer which helps to keep your system safe from hackers. A simple broadband router is easy to install and maintain.

That NAT stands for Network Address Translation?. It is a technology that allows your home network to share internet access. A single cable modem or DSL modem could connect all the computers in your home to the internet simultaneously. Additionally, NAT keeps your home network secure from hackers. By not forwarding requests that originate from the internet to your computer, a NAT device blocks most mischief.

Human Behavior

Probably the greatest threat to the security of your computer system is............human behavior. Let's face it, we humans do stupid things! A majority of the viruses, bugs, spyware, spam and other nasties can be avoided or reduced by modifying our behavior on the Internet. Read the following suggestions for practicing safe surfing:

1. Do not visit shady looking web sites. (You know the ones I mean!)


2. Do not click on links in pop-up windows. Even if they tell you that your pc is infected or has a problem that you must fix immediately! It's a scam. Internet Explorer, Firefox and Opera browsers feature pop-up blockers -- be sure to turn them on.


3. Do not click on links in emails. If you really wish to visit the site shown, type it in the address bar of your web browser by hand. It's probably a good idea when entering the web address to ignore any characters to the right of .com (or .net, .org, etc.).


4. Do not respond to spam (junk email) -- just delete it. If you respond, then you are telling the spammer that he has reached a valid email address. Never click on any links that say something like "To unsubscribe, click here". That's just what they want you to do.


5. Do not respond to or click on links in emails that look exactly like email from your bank, credit card company, retail stores, insurance companies, etc.. This is called phishing. Once you visit their site, they'll try to get private data from you, like passwords. These web sites can look identical to your own trusted sites. If you really wish to visit the site shown, type it in the address bar of your web browser by hand. When in doubt, call the institution on the phone.
   That phishing is the act of sending an email to a user falsely claiming to be a legitimate enterprise? This is an attempt to scam the user into surrendering private information that will be used for identity theft. The email directs the user to visit a web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The web site is bogus and set up only to steal the user's information.


6. Do not open attachments in emails, even from friends. Certain viruses can access someone's address book and copy the email addresses found there. Then they can send you email that looks exactly like it came from your Aunt Tilly using a technique called address spoofing. If you need someone to email you an attachment, make sure they tell you about it first or request it from them in advance.


7. Do not use your home or primary email address to fill out forms or subscribe to services on the Internet. Get a free email account from Google or Yahoo for these purposes.


8. Shop online from reputable companies only. It's safe to use your credit card to pay for purchases online at any store as long as when you check out, you see a little gold lock in the lower right corner of your browser (See Figure S2-2).
   
   Figure S2-2
   
   
   This means that the transaction is secure. If you don't see this lock -- DO NOT CONTINUE WITH THE PURCHASE! The lock is not just a picture. Click on it to see details of the site's security. This is important because some fraudulent web sites will imitate the lock icon of your browser. It's also a good idea to use the same credit card for all of your online shopping. If there is ever a problem, all you have to do is cancel that one card.
   It is actually safer to shop online with a credit card than at a real store? Here's why: When you use your credit card at a secure site and you see the little gold lock in the lower right corner, your credit card information is sent to the store using a Secure Sockets Layer (SSL). In simple terms, this means your data is scrambled using really powerful encryption which is the process of hiding information to make it unreadable. Even hackers cannot break this encryption.
   
   Think about what happens when you use your credit card at an actual store:
   

   • You hand your credit card to a complete stranger.
   • They scan it or enter the number into a computer and it is displayed on a screen for all to see.
   • You sign the receipt with your credit card number on it and then there is a paper copy laying around.

   
   Pretty scary, huh?


9. DO NOT GIVE OUT PERSONAL INFORMATION LIKE SOCIAL SECURITY NUMBERS, BANK ACCOUNT NUMBERS OR CREDIT CARD NUMBERS (unless you're making a secure purchase) ON THE INTERNET!!! Any web site or email asking you for this information is trying to rip you off!


10. DO NOT RESPOND TO E-MAILS FROM FOREIGN GOVERNMENTS (LIKE NIGERIA) ASKING YOU TO HELP THEM RECOVER MILLIONS OF DOLLARS!!! The list of unfortunate souls who have lost their life savings to this scam is very long.


11. Do not download music, movies or software from illegal sources such as Kazaa, Limewire and others. It's a sure fire way to pick up viruses and spyware. Stick to legal sources such as iTunes or Napster.

1. Anti-virus software - BitDefender set for constant real-time protection and automatic full system scan once a week.
2. Anti-spyware software - Spyware Doctor set for constant real-time protection and automatic full system scan once a week.
3. Linksys Wireless 4-Port Router to share internet connection with multiple computers. Also serves as a hardware firewall.
4. Windows Service Pack 2 installed.
5. Windows Updates set to automatically install.
6. I don't use a software firewall but I highly recommend Sunbelt Kerio Personal Firewall or the Windows XP firewall.
7. Mozilla Firefox is my default web browser with the following extensions installed:
   • Adblock Plus
   • Flashblock
   • NoScript
8. Mozilla Thunderbird is my email program.
9. Run manual weekly spyware scans with Spybot and Adaware.
10. I created a "limited user" account for myself so I don't run my computer as "Administrator". Even if a bad guy should get through all my defenses (unlikely) he can't do any serious damage because a limited user account doesn't have full access to the entire system. (See the following article: "The Advantages of the Limited User Account").

The Advantages of the Limited User Account

If you use Windows XP to browse the internet, check email, pay bills, shop online, etc., one of the most effective ways to protect yourself from hackers, viruses, worms and other mischief is to run Windows as a "limited user" for every day use.

Microsoft automatically sets you up as using the powerful "Administrator" account when you first install it. By running as "Administrator", you are exposed to huge security risks. If a bad guy makes it into your computer while you're using an "Administrator" account, he can access the operating system without your knowledge and cause havoc. This means that any code that finds the system also has full rights. By regularly using Windows XP under a "limited account", you can avoid most of the nasty stuff out there, because the "limited-user" account cannot install programs or change system settings.

You still need an "Administrator" account available for system maintenance and Windows XP won't let you remove all your administrator accounts anyway. You can set a user's account type by following these steps:

1. Log in as "Administrator".
2. Left-click the "Start" button.
3. Left-click the "Control Panel"
4. Left-click "User Accounts".
5. Select an account and choose "Change the account type".
6. Select "Limited".

Unfortunately, running as a "limited user" can have some disadvantages. You usually can't install a program unless you have administrator rights, and a number of programs don't function properly when the user has limited rights. When you come across this problem and you have to perform some task that requires administrator access, here are several solutions:

• You can log off and log back on as the system administrator. This has the disadvantage of taking you out of whatever you were working on.
• In most cases you can use the "Run As" command. This lets you run a single program as a different user. If you right-click on the program in Windows Explorer, you will see a "Run As..." menu option that will prompt you for the user name and password of the "Administrator" account.
• There's another option that makes things easier. Using Windows XP's Fast User Switching option, you can have both an administrator and a limited user logged in at the same time. When something comes up that requires an "Administrator", you can "switch users" to the administrator, perform the task, and switch back.

The bottom line is this: If you have good ant-virus and anti-spyware programs, a good hardware or software firewall, use Mozilla Firefox and Thunderbird, and follow the safety guidelines outlined above, running as a "limited user" may not be necessary for the average user.