The Henna Page Tech Pages
Shields up! Part I
Basic Tips on Securing Your Computer
Against Intruders
by Roy Jones © 2004 - 2007



While scanning the latest online computer security news one morning at work, I read an article on the BBC Website about the spam problem on the Internet. The article included a vox-pop section where readers were invited to comment on the issue. There were, as you might expect, lots of messages from people telling their personal horror stories about popup ads that they couldn’t make go away, computers hijacked by spammers, and other online disasters. All these complaints were accompanied by demands that “somebody” “do something” about the spam problem.

What I found interesting about these comments is that none of the complainers had taken even the most basic measures to secure their computers. Instead, they considered the security of their property someone else’s (their ISP, the government,) responsibility. I’d be willing to bet some of those people still have improperly secured computers connected to their broadband connections while they wait for “somebody” to come and take care of them. Those poor souls will wait a long time and their computers will be compromised beyond all redemption while they wait.

If you want your computer to be secure, learn this simple mantra and repeat it to yourself every time you boot up:
“The responsibility for my computer’s security is mine and mine alone.”


There is no such thing as perfect security, especially when you use your computer to communicate on the Internet. Computer communication requires “opening the door” so data can come in and go out. A lot of the bad data can be filtered by your ISP, but some will always evade their security net, so you have to take measures to protect yourself and your computer as if it were entirely up to you.

Defend yourself
Two of the most basic self-defense measures are also among the simplest to put in place. Firewalls and anti-virus software are easy to install and configure and go a long way toward keeping Internet bugs out of your computers and home networks. In this article, I’ll give you some starter information on anti-virus programs. I’ll introduce firewalls in part 2. In part 3, we’ll look at spam, spyware, adware and ways to keep them under control.

Anti-virus basics
There are dozens of anti-virus products on the market. McAfee and Norton are the best known in the US. Two less well known, but good quality products are Sophos and Trend Micro.

All anti-virus products attempt to accomplish the same thing, though they might differ in how they go about it. An anti-virus examines files and compares their contents to a database of virus “signatures.” If the anti-virus software finds a match, it takes whatever action is called for in its configuration files. For example, it could be set to delete or clean an infected file, or to alert the user with the name and location of the infected item, the name of the virus or other infection and recommend a course of action.

New viruses, worms and other bugs are identified nearly every day, so anti-virus manufacturers regularly update their signature file databases and make the updates available to their customers through their websites or through automatic updates over the Internet.

Antivirus technology is highly complex and many of the best minds in computer technology are devoted to it full-time, but for computer users, it’s all been made very simple. You really only have to do three things:

1.Install an anti-virus on your computer – Most products do a reasonable job. Some are better than others. If you want to shop around, a good source of independent evaluations of anti-virus products is the Virus Bulletin website http://www.virusbtn.com/. Virus Bulletin runs performance tests on anti-virus packages and reports the results on their site.

2.When you install your anti-virus, note the scanning options that are available and choose the configuration that best fits your needs. I highly recommend setting the anti-virus to scan e-mail, because that’s one of the most common routes for malware infections these days.

3.Keep your anti-virus updated – The manufacturer of your anti-virus will include in the installation information instructions for obtaining updates of the signature file. Most products offer an automatic setting that will download the latest updates in the background with no user interaction.

Check the anti-virus to be certain it’s up-to-date – This is an important rule, especially if you configured the anti-virus for automatic updates. You might not know if the update failed unless you check from time to time to be sure it installed. Checking is easy. Open the anti-virus program and find the “Help” entry in the menu bar. Click it and on the dropdown menu, click the “About” link. A popup window will open showing the name, version number and other information for the anti-virus product, including the number of the currently loaded signature file and its creation date. Antivirus manufacturers typically release a new signature file at least once a week. If the signature file is more than one week old, you need to update it. Your anti-virus will have a link or a button you can click to start the update process manually. Run it and stand by to see if it runs with no errors. After it finishes, reboot your computer if necessary and check the signature file number and creation date again. If the date and number have changed to the manufacturer’s most recent file number and date, you are now up-to-date. If they haven’t changed, something might be wrong, but don’t panic…check the manufacturer’s user manual or their website for troubleshooting information. Very often a broken anti-virus can be fixed by removing and reinstalling the software, but follow the manufacturer’s recommendations if you think there’s a problem.

Sometimes, the anti-virus can’t do the whole job of cleaning up after a virus and you will have to do part of the job manually. Even after the active files are removed, a virus might leave behind other files or might make changes to your computer’s configuration files. It’s always a good idea to write down the name of the bug your anti-virus says it found and then look up the name on the anti-virus manufacturer’s website. They will have a database of information that will include detailed instructions for removal, cleanup and restoration.

What if you’re already infected?
Tools exist to help with virus emergencies, for example, if your anti-virus has failed or maybe you just forgot to install one. My current favorite is called “Stinger.” It’s a free program designed to deal with several dozen of the most common virus threats. Stinger is a small program; I keep a current copy on a USB “thumb drive” in my toolkit for emergencies. Stinger is made by the same folks who make the McAfee anti-virus. The program is updated regularly as new virus threats become known.

CAUTION! Stinger and programs like it are not substitutes for a properly installed and configured anti-virus. They are, however great tools for cleaning up an already compromised computer or making a quick check of an unknown system. As soon as Stinger has completed its scan and cleanup, install a full anti-virus, update it with the latest signature file and run a “deep scan” of the system to be sure it’s clean.

You can download a current copy of Stinger at http://vil.nai.com/vil/stinger/

Where to find anti-virus information

Software manufacturers
There are many companies that produce reliable anti-virus software. The five I’ve listed below are just a few of the heavy hitters in the anti-virus industry. Along with online sales and service all these companies maintain online virus information libraries that are valuable sources of information about specific viruses and how to remove and clean up after them.


Independent information sites – The sites listed below have no connections to any software manufacturers and are good places to look for the latest virus-related news. The Vmyths site posts information about virus hoaxes, scares, scams and hysteria, and the phony anti-virus experts who seem to be everywhere these days.

Virus Bulletin - http://www.kaspersky.com/

Computer Security Resource Center (CSRC) http://csrc.nist.gov/virus/   

Computer Emergency Response Team (CERT) http://www.cert.org/other_sources/viruses.html

Vmyths - http://www.vmyths.com/
 
You can e-mail specific computer questions to Roy Jones at streetleveltech@hotmail.com.


Back to The Henna Page Tech Pages Index

Can't find what you want here?  Try The Henna Page Main Index.