This page serves a number of sites. Use your browser back button to return to your previous page.

If you're not paranoid about security - you don't understand the threat

If you have email, it is only a matter of time before you receive a virus. If you have broadband, and have no firewall, you have probably already been hacked, and a Trojan horse installed. You will certainly have spyware – everybody else has!  This page is intended to provide a basic and easily achievable reasonable security set up. It does not cover every situation, and I have deliberately kept it simple. 

This has been tested extensively on Windows XP, but not at all on Windows Vista, although the principles remain the same. I use all the products listed, on Windows XP, and have only experienced minor configuration problems, however as all PC set ups are different, you follow this advice at your own risk and I can accept no responsibility for any ill effects.

The On Line Threat

There are many threats on line, of which most surfers are only vaguely aware:

• Hackers – individuals who take control of your PC to send Spam, to hide paedophile images, to attack other computers; 
  

• Viruses – programs that automatically send themselves to other victims, and can destroy data, render your PC unusable, install backdoors for hackers, send your information across the Internet, and steal on-line banking passwords;
  

• Spyware – programs that install surreptitiously, often pretending to be something else (Kazaa is a good example) which can steal on-line banking passwords, monitor the sites you visit, and many other nasty things
  

• Rogue Websites - websites that can infect your PC just by visiting them.
  

• Phishing emails – emails purporting to be from a bank, or eBay, asking you to enter all your account information so they can steal money;
  

• Connection hijack – your dial-up connection to your ISP is replaced with a connection to a Mongolian ISP (not a problem if you have broadband and disconnect your old modem)
  

• Spam, hoaxes, chain letters – wastes everyone’s time, bandwidth, and often fraudulent
  

• Identity theft – someone assumes your identity, with enormous consequences
  

• Lastly, plain old system failure – loss of irreplaceable documents, photographs etc

Protection

Firewall 

• Install an effective firewall that will block malicious traffic both entering your computer, and leaving it (for example, spyware attempting to contact its controller). The built in Windows XP SP2 firewall is an improvement on its predecessor, and defaults to "on". My recommendation is Zone Alarm, which is available free. (www.zonelabs.com, search out the free version).  Zone Alarm Pro costs $50 or so, will provide anti virus protection by blocking executable attachments to email (but not if you use webmail, such as Hotmail or Yahoo). A firewall is essential if you have broadband. Turn off the Microsoft firewall before installing an alternative. A broadband router can be made more secure than a USB broadband modem with only a software firewall. Visit http://www.grc.com and do the 'Shields Up' test.

 Virus Defence

• AV software is only as good as its last update, so update it regularly. AVG is available free, (http://free.grisoft.com/ ), and is very effective. A firewall that blocks executable attachments will block even new viruses that arrive before you have updated your AV software. See above. A survey by Personal Computing World magazine placed AVG free edition above many expensive products including Norton AntiVirus. Best buy was Steganos AntiVirus, now incorporated in Straganos Internet Security  (http://www.steganos.com/uk )

Spyware Defence

• BEWARE! Many of the free anti-spyware packages are themselves spyware! Reputable free anti spyware comes  from Spybot, ( http://security.kolla.de), AVG (http://free.grisoft.com/ ) and Ad-Aware. I use both AVG and Counterspy ( $20) from www.Sunbelt-Software.com
  

• I have also used, and been impressed with housecall, a free downloaded utility from Trend Micro, http://uk.trendmicro-europe.com/consumer/housecall/housecall_launch.php This found items that others didn't, but can be time consuming. 

"Browse-by" Defence

• There are more than a few websites that can infect PCs just by visiting them. Common sense is essential, and I can recommend a useful free utility from McAfee, SiteAdvisor, see http://www.siteadvisor.com/ . Site Advisor analyses as many websites it can get its hands on, and evaluates them for risk in to red, amber and green categories. I wouldn't be without it.
  

• I can also recommend Proxomitron, for regulating what websites can download and run. This does take a bit of setting up of proxies etc, but can be found on http://www.proxomitron.info/files/index.html. Another tool I wouldn't be without.

Phishing Defence

• Defence against phishing attacks is easy - any email from a financial institution that requires you to log in and confirm security details is fraudulent. BANKS NEVER DO THIS! Never follow a link in an email, because these are easy to use fraudulently. If in doubt, right click the email, select "view source", browse down to the link, or use Ctrl F and search for it. There you will find the link displayed on the page is different to the actual underlying link.

PC Configuration

• Keep Windows up to date. Security updates are regularly published by Microsoft to patch vulnerabilities in Windows, Internet Explorer, Outlook etc. Always install critical or security updates quickly - an attack based on the vulnerability being patched is often only a few days or weeks behind the patch. I have never had a Windows update cause a problem.
  

• Do not use the Outlook preview pane. This can auto run viruses, and confirms your email address to Spammers. Auto-preview is safe. This allows you to see the first line of the email.
  

• Disable Windows XP Messenger Service. Go to start > control panel > administrative tools > services > Messenger.  Set  “Startup Type” is to disabled: right click, select properties, and set startup type to disabled,
  

• If you use XP, ensure system restore is enabled, and is taking restore points regularly. This can restore the settings to a pre-virus state. (Start > Programs > Accessories > System Tools > System Restore)
  

• Avoid taking up Windows offer to save your password, especially for on-line banking sites. These user names and passwords can be harvested by viruses and spyware.

Backups

• Most PCs have CD or DVD writers. Make sure you take copies of your important documents and photographs, and store them away from the PC. In the event of system failure, fire or theft you will at least be able to recover the important stuff.
  

• Store copies of software CDs securely, together with a note of the registration keys required so you can reinstall if necessary.

Common Sense

If all else fails, try common sense! 

• If an email looks suspicious, it probably is. Don’t open it until you have checked with the sender. If you don’t know the sender – just delete it.
  

• Don’t be taken in by hoax viruses, especially those that tell you to delete files. In general ALL virus alerts, indeed ALL warnings, emanating from the Internet are hoaxes. You can check for yourself at  http://www.breakthechain.org.
  

• Don't open mails that look like Spam, or take up their offer to unsubscribe – both are means of confirming active email addresses for future targeting. If a mail looks “strange”, it probably is;

Identity Theft

• For an excellent guide to ID theft  protection see http://www.crimereduction.gov.uk/theft1.htm. 

Junk Phone Calls

• Nothing to do with on-line security, but to prevent junk phone calls register your phone numbers with the Telephone Preference Service at www.tpsonline.org.uk          

Recovery

• In the event of a “security incident”, Windows XP System Restore can often recover the situation. If you need to reinstall software you have the CDs and the registration keys, and you have backed up all your important data and photographs onto CD (haven’t you?).

“The Internet is safe until you forget it’s dangerous”

Use of any of this advice  is at your own risk, but I follow it all myself. This page will be updated from time to time. Feel free to come back to me  with queries and comments (but I guarantee nothing!).