From Wikibooks, the open-content textbooks collection

Contents 1 Why Security Matters 1.1 Protect Others on the Internet 1.2 Malware can cause trouble with your computer 1.3 Protect Your Privacy 1.4 Criminal Intentions of Crackers 2 Updating 3 User Privileges 4 Physical Access 5 Malware 5.1 Anti-Virus 5.1.1 Worms 5.2 Spyware and Adware Blocker 5.3 Common Spyware Infestation Methods and Prevention 5.3.1 Internet Explorer/ActiveX Exploits 5.3.2 P2P Apps and other Freeware 6 Firewall 6.1 NAT Firewall 6.2 Software Firewall

[edit] Why Security Matters

Why should you spend effort to keep your computer secure? There are many reasons why someone would want to do so.

[edit] Protect Others on the Internet

Failure to properly secure your computer could end up making it part of DDoS attack, or sending spam.

[edit] Malware can cause trouble with your computer

A virus could cause some programs to stop working. Spyware could prevent you from viewing your favorite site, because it redirects you to a porn site. Or it could just slow down your computer. The worst result of malware on your computer is losing all your data.

[edit] Protect Your Privacy

Many spyware apps may collect information on stuff like your web browsing habits.

[edit] Criminal Intentions of Crackers

Many crackers intend to hack to get a hold of credit card numbers, passwords, and other items that they can use for making a profit.

[edit] Updating

An important part to security is making sure your computer's software is up to date. Software that is out of date may contain exploits that a cracker or worm (a program that spreads itself through email) can use to cause harm to your computer. In addition, security software should be updated in order to be protected against new types of threats. Windows can be updated through Windows Update or the newer Microsoft Update.

[edit] User Privileges

The administrator account should not be used for anything but administration purposes, or for programs that require administrative privledges. This is because it is too easy for your computer to become victim of malware, crackers, and viruses while logged onto an administrators account. This is especially important when performing mundane tasks like browsing the web, checking your e-mail, or word processing. This is because many of the programs that hackers and like create require that you be an administrator to execute. They require writing files to certain directories, and registry keys, that "normal" user do not have access too. These programs are often hidden within webpages, IM chat windows, word processing documents, and e-mails. It is a very good idea to create a new user without administrative privledges to use on a normal basis.

In Windows, a problem often arises when a program needs to have administrative privledges to run. In this case, you can run the program as administrator. In windows operating systems, this is done by right clicking the program to run, selecting run as.., and typing in the administrator accounts information. If that doesn't work, you can always login to the administrators account to run the program, but be wary of running any other programs while in that account. Especially programs that access the internet like web browsers, chat programs, or e-mail programs.

Sometimes, damaging programs can infect non-administrator accounts. If this happens, these programs are usually limited to the that specific user account. Deleting that user account usually solves the problem. There are viruses sophisticated enough to infect the entire computer from a non-administrator account; however, if you keep your computer up to date with (like using windows update) the security holes are closed and the virus cannot damage the system.

You wouldn't hand out a key that could open everything in your house to anyone who asked, so why would you hand out administrative account to anyone? If you really want to protect your data, do not give out your administrator password or account to untrusted people. If other people want to use your computer, it is a good idea to create a general guest account without administrative privledges for them to use. If they use it often, creating a new user for them is also an option.

[edit] Physical Access

If a person has physical access to the computer, there are a few measures that can be taken to prevent damage to the computer. First, change the settings in your computers bios so that it boots first to the hard drive. Booting from the hard drive first ensures that a person cannot boot from a bootable media such as a cd-rom or floppy disk. Often bootable media contains programs that can crack Windows and change the administrators password. As well, operating system (ex: Windows XP, Linux) installtion disks are bootable and often have tools that allow users to erase all the information on the computer. NOTE: Do not EVER go into BIOS if you are not 100% sure of what you are doing. Ask someone who has extensive knowledge to help you.

Next, make it so a user needs a password to change the bios settings, this prevents someone from changing the boot order and thus booting from a cd-rom or floppy disk drive. Last, put a lock on the computer case preventing someone from opening the computer case and resetting the jumper on the motherboard that clears the bios boot password.

[edit] Malware

Malware is a class of software, which usually does harm to a computer, and is unwanted on the computer by its owner. Malware includes viruses, spyware, adware, and trojans.

[edit] Anti-Virus

There are some people who spend their free time writing viruses, programs that do bad things to computers. The threat of getting a virus is high in the digital age of today especially if you are using the Windows operating system. In order to protect your files and everything on your computer, an anti-virus program should be obtained. Anti-virus software is dependent on definitions. Worms can spread through the internet faster than anti-virus makers can make definitions for them, so you should not protect your self with only anti-virus software.

Here are some good ones:

• AVG Antivirus - This is an outstanding free anti-virus program. It is free for personal use only. A more advanced, professional version is available for purchase as well.
• Norton Anti-Virus - This is probably the most popular commercial anti-virus. A good choice.
• McAfee VirusScan - A competitor to Norton Anti-Virus. This one is also a good choice.
• NOD32 - This is one of the top anti-virus scanners based on tests conducted by ISCA Labs. Although it isn't as well known as Norton and McAfee, it still provides an excellent degree of protection along with a faster scanning rate than most other Anti-Virus applications.
• TrendMicro PC-Cillin - This is also a good choice and has been around for many years.

Make sure that you set up your anti-virus program to update its virus definitions at least every week, or you'll get lost in the dust. If possible set up your anti-virus program to update every day because new viruses are always emerging. To get an idea of how quickly things change you can look at any of the sites listed above and they will list the current top virus threats.

[edit] Worms

Worms are a type of virus that spread automatically through the internet, through exploits in a running service. Examples are Nimda and Msblaster. These can easily be blocked using a firewall, or making sure the services and your Operating System are up-to-date. Doing these can be especially important, because worms can spread faster than anti-virus software can be created, and often don't need any use interaction in order to install.

[edit] Spyware and Adware Blocker

Much of the free software available is not able to remove all spyware and adware.

Spyware and Adware are similar to viruses, except that they don't spread on their own, but can be installed without your knowledge. They are more annoying and can be just as harmful.

Spyware's main motive is to get personal information of whoever is using the computer and send it to a company. Adware is enhanced spyware. It uses the information that it collects to show you advertisements on your computer screen. Adware can be received the same ways as spyware.

There are some good free spyware and adware blockers.

• Spybot - Search & Destroy
• Ad-Aware
• Windows Defender

Together, these make a good defense against evil programs.

There are also commercial spyware and adware blockers. The major companies that make anti-virus software have been including spyware/adware detection with their products in recent years.

[edit] Common Spyware Infestation Methods and Prevention

A lot of spyware can be prevented. A few simple steps can save you from a lot of nightmares later.

[edit] Internet Explorer/ActiveX Exploits

A common avenue is for spyware to install through ActiveX or an exploit in IE, known as a drive by download. These usually affect IE shells like Avant. To prevent this type of installation, tighten up your IE settings, or use an alternative browser like Firefox. If you don't like Firefox we suggest Javacool's Spyware Blocker as an alterative.

[edit] P2P Apps and other Freeware

Another way to get spyware is by downloading free programs that are bundled with it. Almost every open source program, however, is spyware and adware free. Avoid programs that are known to contain spyware, especially proprietary file-sharing apps, and instead use one on the second list.

Filesharing apps known to contain spyware:

• Kazaa
• Bearshare
• Morpheus

Filesharing apps known not to contain spyware:

• Ares
• Azureus
• BitTorrent (watch out for "rigged" distributions however)
• eMule
• Limewire (older versions contained some spyware/adware; make sure you have the latest version to avoid this)
• Shareaza

The best places to download freeware without spyware, adware, and malware in them are:

• download.com
• fileplanet.com
• betanews.com
• softpedia.com
• sourceforge.net
• pcworld.com

[edit] Firewall

A firewall protects your computer by blocking certain network packets. They come in different flavors. Even if you are sent a packet that contains an exploit that is unpatched, a firewall can block the packet.

[edit] NAT Firewall

A NAT Firewall is used in routers. It maps one public IP address to multiple private IP addresses. This will make your whole network appear to be one computer. By default, unsolicited (inbound) packets are dropped, giving you basic firewall protection. Many routers offer more advanced firewall features. By default, any servers run behind the NAT (Network Address Translation) will only be accessible from your LAN (Local Area Network). Port forwarding can be used so that a server can be accessed from the internet.

[edit] Software Firewall

A software firewall runs on the client computer. They're also known as personal firewalls. (This can refer to any firewall that only protects one computer like the firewall built into some nForce chipsets.) Because it runs on your computer, it can block or allow traffic depending on the application. For this reason, many people run software firewalls in addition to a hardware firewall. Hardware firewalls are harder to configure for new computer users so software firewalls are more common. However, software firewalls take up resources on the host computer. Windows XP and above comes with a basic firewall.

We suggest:

• ZoneAlarm the free firewall for personal users
• Norton's Internet Security More commercial firewall