SECURITY - PART 2
Microsoft Security Essentials
Microsoft Security Essentials (MSE) was created by Microsoft because many Windows computers were unprotected with outdated anti-malware products. Many new PCs come with time-limited security programs so many users believe they're protected even though the initial subscription period may have ended. Some don't even activate the free, bundled solutions at all.
MSE is easy to install and use. MSE is small and light and runs quietly in the background. It's absolutely free as long as you have a genuine copy of Windows XP, Vista, or Windows 7. There's no registration, no annual fees. You install it and forget it, and it keeps you safe.
MSE is updated when needed and delivered through Windows Update. Microsoft publishes new malware signature updates three times each day. None of it impacts the user at all. You just install it and forget it.
Windows guru Paul Thurrot concludes in his review:
"There's been a lot of interest in Microsoft Security Essentials and I think it will prove quite a hit with users. It's free, effective, lightweight, and quiet and is, in other words, exactly what I'm looking for in a security solution. And it comes with no strings at all. As long as you're running a genuine Windows version, you can install this product without worrying about up-sell advertisements, yearly renewals, or other silliness. And you can do so on as many Windows-based PCs as you own. I'd like to see it just included with Windows, but what the heck: Free and easy is the next best thing. Microsoft Security Essentials is highly recommended, to all Windows users." -- Paul Thurrott September 29, 2009
If you don't wish to spend the money on dedicated security software like NOD32, BitDefender, Spysweeper or Spyware Doctor, then Microsoft Security Essentials is a good alternative. If you're already using free software like AVG or Microsoft Defender, then a switch to Microsoft Security Essentials would be a good idea.
Return to top
Windows Live Onecare
Windows Live OneCare
Discontinued as of 10/15/2009
Return to top
A firewall is designed to prevent unauthorized Internet users from accessing your computer. Firewalls can be hardware or software, or a combination of both. This section is concerned with software firewalls. Hardware firewalls, basically routers, will be covered in the next section.
All messages entering your computer from the Internet pass through the firewall which examines each message. The firewall blocks any message that was not specifically requested by your system. For example. when you click on a link in your web browser, you are requesting that page and the firewall will let it pass through. If a hacker attempts to gain access to your pc from the internet, the firewall will identify this message as not being requested (hopefully) and will block it.
There are many firewall programs available ranging from expensive to free. Here is a brief overview of the most popular and some recommendations:
Like Norton products, I do not recommend any of the ZoneAlarm products. ZoneAlarm uses a lot of your system resources, bogs down your RAM (memory) and causes your system to run slower. In addition, since ZoneAlarm is the most widely used software firewall, hackers tend to target PCs with that software installed. Several nasty bugs can even disable ZoneAlarm and you would never know it.
Price (Nov. 2013): FREE
This is the only software firewall I use and recommend. NOTE: The Windows Firewall should only be used in conjunction with a hardware firewall such as a broadband router (see next section).
Hardware Firewalls (Routers)
Routers are the most common hardware firewalls for the home user. The basic idea behind a router is to allow two or more computers to share an Internet connection. This is done by using a system called Network Address Translation (NAT). If you really want to induce a nap, read the explanation of NAT in the "Did You Know?" section below. Using NAT, you can use your individualand share the connection with all of the computers in your home at the same time. In addition, NAT acts as a firewall by masking the true IP address of your computer which helps to keep your system safe from . A simple broadband router is easy to install and maintain.
That NAT stands for ?. It is a technology that allows your home network to share internet access. A single cable modem or DSL modem could connect all the computers in your home to the internet simultaneously. Additionally, NAT keeps your home network secure from hackers. By not forwarding requests that originate from the internet to your computer, a NAT device blocks most mischief.
Probably the greatest threat to the security of your computer system is............human behavior. Let's face it, we humans do stupid things! A majority of the viruses, bugs, spyware, spam and other nasties can be avoided or reduced by modifying our behavior on the Internet. Read the following suggestions for practicing safe surfing:
- Do not visit shady looking web sites. (You know the ones I mean!)
- Do not click on links in pop-up windows. Even if they tell you that your pc is infected or has a problem that you must fix immediately! It's a scam. Internet Explorer, Firefox and Opera browsers feature -- be sure to turn them on.
- Do not click on links in emails. If you really wish to visit the site shown, type it in the address bar of your web browser by hand. It's probably a good idea when entering the web address to ignore any characters to the right of .com (or .net, .org, etc.).
- Do not respond to spam (junk email) -- just delete it. If you respond, then you are telling the spammer that he has reached a valid email address. Never click on any links that say something like "To unsubscribe, click here". That's just what they want you to do.
- Do not respond to or click on links in emails that look exactly like email from your bank, credit card company, retail stores, insurance companies, etc.. This is called phishing. Once you visit their site, they'll try to get private data from you, like passwords. These web sites can look identical to your own trusted sites. If you really wish to visit the site shown, type it in the address bar of your web browser by hand. When in doubt, call the institution on the phone.
That phishing is the act of sending an email to a user falsely claiming to be a legitimate enterprise? This is an attempt to scam the user into surrendering private information that will be used for identity theft. The email directs the user to visit a web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The web site is bogus and set up only to steal the user's information.
- Do not open attachments in emails, even from friends. Certain viruses can access someone's address book and copy the email addresses found there. Then they can send you email that looks exactly like it came from your Aunt Tilly using a technique called address spoofing. If you need someone to email you an attachment, make sure they tell you about it first or request it from them in advance.
- Do not use your home or primary email address to fill out forms or subscribe to services on the Internet. Get a free email account from Google or Yahoo for these purposes.
- Shop online from reputable companies only. It's safe to use your credit card to pay for purchases online at any store as long as when you check out, you see a little gold lock in the lower right corner of your browser (See Figure S2-2).This means that the transaction is secure. If you don't see this lock -- DO NOT CONTINUE WITH THE PURCHASE! The lock is not just a picture. Click on it to see details of the site's security. This is important because some fraudulent web sites will imitate the lock icon of your browser. It's also a good idea to use the same credit card for all of your online shopping. If there is ever a problem, all you have to do is cancel that one card.
Figure S2-2It is actually safer to shop online with a credit card than at a real store? Here's why: When you use your credit card at a secure site and you see the little gold lock in the lower right corner, your credit card information is sent to the store using a. In simple terms, this means your data is scrambled using really powerful encryption which is the process of hiding information to make it unreadable. Even hackers cannot break this encryption.
Think about what happens when you use your credit card at an actual store:
- You hand your credit card to a complete stranger.
- They scan it or enter the number into a computer and it is displayed on a screen for all to see.
- You sign the receipt with your credit card number on it and then there is a paper copy laying around.
Pretty scary, huh?
- DO NOT GIVE OUT PERSONAL INFORMATION LIKE SOCIAL SECURITY NUMBERS, BANK ACCOUNT NUMBERS OR CREDIT CARD NUMBERS (unless you're making a secure purchase) ON THE INTERNET!!! Any web site or email asking you for this information is trying to rip you off!
- DO NOT RESPOND TO E-MAILS FROM FOREIGN GOVERNMENTS (LIKE NIGERIA) ASKING YOU TO HELP THEM RECOVER MILLIONS OF DOLLARS!!! The list of unfortunate souls who have lost their life savings to this scam is very long.
- Do not download music, movies or software from illegal sources such as Limewire and others. It's a sure fire way to pick up viruses and spyware. Stick to legal sources such as iTunes.
I use the following techniques to secure my personal computer:
- Anti-virus software - Eset NOD32 set for constant real-time protection and automatic full system scan once a week.
- Anti-spyware software - Windows Defender set for constant real-time protection and automatic full system scan once a week.
- Linksys Wireless Router to share internet connection with multiple computers. Also serves as a hardware firewall.
- Windows Updates set to automatically install.
- Software firewall - Windows Firewall.
- Mozilla Firefox is my default web browser.
- Mozilla Thunderbird is my email program.
- Run manual weekly spyware scans with Spybot.
- I created a "limited user" account for myself so I don't run my computer as "Administrator". Even if a bad guy should get through all my defenses (unlikely) he can't do any serious damage because a limited user account doesn't have full access to the entire system. (See the following article: "The Advantages of the Limited User Account").
The Advantages of the Limited User Account
If you use Windows XP to browse the internet, check email, pay bills, shop online, etc., one of the most effective ways to protect yourself from hackers, viruses, worms and other mischief is to run Windows as a "limited user" for every day use.
Microsoft automatically sets you up as using the powerful "Administrator" account when you first install it. By running as "Administrator", you are exposed to huge security risks. If a bad guy makes it into your computer while you're using an "Administrator" account, he can access the operating system without your knowledge and cause havoc. This means that any code that finds the system also has full rights. By regularly using Windows XP under a "limited account", you can avoid most of the nasty stuff out there, because the "limited-user" account cannot install programs or change system settings.
You still need an "Administrator" account available for system maintenance and Windows XP won't let you remove all your administrator accounts anyway. You can set a user's account type by following these steps:
- Log in as "Administrator".
- Left-click the "Start" button.
- Left-click the "Control Panel"
- Left-click "User Accounts".
- Select an account and choose "Change the account type".
- Select "Limited".
Unfortunately, running as a "limited user" can have some disadvantages. You usually can't install a program unless you have administrator rights, and a number of programs don't function properly when the user has limited rights. When you come across this problem and you have to perform some task that requires administrator access, here are several solutions:
- You can log off and log back on as the system administrator. This has the disadvantage of taking you out of whatever you were working on.
- In most cases you can use the "Run As" command. This lets you run a single program as a different user. If you right-click on the program in Windows Explorer, you will see a "Run As..." menu option that will prompt you for the user name and password of the "Administrator" account.
- There's another option that makes things easier. Using Windows XP's Fast User Switching option, you can have both an administrator and a limited user logged in at the same time. When something comes up that requires an "Administrator", you can "switch users" to the administrator, perform the task, and switch back.
The bottom line is this: If you have good ant-virus and anti-spyware programs, a good hardware or software firewall, use Mozilla Firefox and Thunderbird, and follow the safety guidelines outlined above, running as a "limited user" may not be necessary for the average user.