Viruses, Trojans & Worms; OH MY!

[pcdoc4christ]

Hey, all!

Sorry for the corny Wizard of Oz subject line.

Recently, i was talking to a friend whose computer i repaired.  She said she has an antivirus program but insisted that she does not need to install it because she has a firewall.  Whoa boy!  

It got me thinking that there is much ignorance regarding even the basics of personal computer security.  So, i'd like to ask those in the know to share what you know about some of the best (and easiest) ways for a novice user to protect the files and personal information on her computer.

I'm hoping i might learn something new too.

Regards,
Doc

[gussery]

Short of never plugging the computer into the Internet and not accepting disks from other people?  

A1. Put a strong password on your personal account, no blanks, not words, no phone numbers, etc.
 1. Put a strong password on the Administrator account.
 2. Rename the Administrator account.
 3. Disable the guest account.
 4. Lock the HOSTS file.
 5. Install antivirus software.
 6. Keep it updated.
 7. Run (or schedule) a full system scan twice per week.
 8. Install Anti-Spyware software.
 9. Keep it updated.
10. Run (or schedule) a full system scan twice per week.
11. Install a software firewall.
12. Keep it updated.
13. Install a hardware firewall (No, this is not redundant).
14. Keep it updated.
15. If you are "surfing" the web, and a message box appears, do not answer it, close it. (Preferably using CTRL + ALT + DEL)
16. Use email forwarding (e.g. get a gmail account and have it forward to your regular account.  Use the gmail account as your email address.  That way the email goes through 2 services to clean up spam and viruses before you ever see it.)


How many more do you need?  I can type all day

[pcdoc4christ]

Gussery:

Good suggestions, those!

I've done all but #4 and #16.

I'm going to try #16 (as i have a new gmail account).  I don't know how to accomplish #4, however.  

I know the purpose of the HOSTS file and how to edit it, but will you explain how to lock this file?  It sounds like it involves something more than just adding the read-only attribute to the file.  

Regards,
Doc

[gussery]

Nope, just add the attribute.

There is also a big list of items that you could put in the hosts files that keep know ad items(like doubleclick.net, really bad sites, etc from even being seen on your computer.  For instance if you go to www.msn.com there is always an Ad in the upper right hand corner.  But with these additions to the file, I don't see the Ad and it doesn't place a cookie on my computer.

See.....
http://www.mvps.org/winhelp2002/hosts.htm

Lots of other interesting things on that site too.

[dl65]

pcdoc4christ......Wow ......I guess there are still trusting people out there .........Unfortunately those who are on line these days dont harbour the same morals ...........
Viruses ........It's not a matter of "if" she ends up with one , but rather "when"......... Please , please ...get her to install it ...and show her how to set it up and run it ..
Firewall ....... Again an essential ........but it must be set up properly to be effective .
E mail........if using Outlook Express .......make sure that the message preview pane is disabled .
And then apply the advice offered by Gussery .........It depends how paranoid one is .........when it comes to security .


dl65  

[pcdoc4christ]

...Viruses ........It's not a matter of "if" she ends up with one , but rather "when"......... E mail........if using Outlook Express .......make sure that the message preview pane is disabled ....

<---- Nods i agreement.  


Yeah, i tried to talk her into it, but it looks like she'll need another virus infection to convince her.  Your idea of disabling the message preview is a good one, DL.  If you can read the message, you've already opened it.

And Outlook Express--DON'T GET ME STARTED!    it's so automated it makes a virus programer's job a cake walk!  That's why i prefer to use the free Eudora Lite email program, because you can disable all automation.  It's a free download from Qualcomm:

http://www.eudora.com/download/

Regards,
Doc  

[pcdoc4christ]

Gussery:

Thanks for the great advice!  

Another good idea, which i recently read in a Microsoft text, is to have Windows require that a user press CTRL, ALT, DEL before logging on.  The textbook claims this prevents Trojan Horses from capturing user names and passwords, because the key combination is only recognized by Windows.  

If anyone wants to enable CTRL, ALT, DEL to log on in Windows XP Pro, she should do this:

1. Click Start > All Programs > Administrative Tools > Local Security Policy
2. Double-click Security Settings; double-click Local Policies; double-click Security Options
3. Scroll down to "Interactive logon: Do not require CTRL+ALT+DEL" and double-click this value
4. Select Disable and click Apply and OK

The next time the computer is started, Windows will prompt the user to press CTRL, ALT, DEL before she may log on.

Regards,
Doc

[gussery]

Yep Doc, CTRL+ATL+DEL is a must.

It is one of those automatic things I do when setting up a computer that I completely forgot about it.

[Computer_Commando]

Read this:
Setup and Secure your PC once and for all

[pcdoc4christ]

I agree, gussery!  Thanks Commando! i'll check that out.

[pcdoc4christ]

I picked up a little book on XP.  In it are these suggestions to enhance security by closing back door security holes:

A. Disable the file sharing service for Internet connections (this will not disable Local Area Network file sharing): Open the Network Connections window, right-click the icon for your Internet connection and choose Properties.  In the General tab, clear the checkbox next to the "File and Printer Sharing for Microsoft Networks" option.

B. Turn off Simple File Sharing, which may allow anyone, anywhere to access your personal files without your knowledge (this security hole is turned on by default in XP!): Go to Control Panel > Folder Options > View tab, and turn *off* the "Use simple file sharing..." option.  (I don't think that turning off this option is available in XP Home.)

C. Universal Plug & Play (UPnP), which XP supports out of the box, may open additional vulnerabilities on your system because it allows devices on your network to announce their presence.  To disable UPnP, click Start > Run > type services.msc and press ENTER.  Find the SSDP Discovery Service and double-click it.  Click Stop to stop the service and change the startup type to Disabled to disable it in the future.

D. The Messenger Service (which is different from Windows Messenger) allows users to send messages to others on their network.  Unfortunately this may be exploited by spammers to produce annoying pop-ups windows.  To disable this, open the services window (as described above), double-click the Messenger entry in the list, and click Stop to stop and Disable to disable it.  

E. The Remote Desktop feature, which may allow someone "in the know" to control your computer over the Internet, is enabled by default in XP.  Unless you specifically need it, it should be disabled.  Go to Control Panel > System > Remote tab, and turn off both of the options in this window.