Computer Security on the Internet.

The news today is filled with stories of the viruses, trojans, spam, scams etc that plague computer users when surfing the internet, or getting email and the situation is without a doubt more serious than it was a few years ago, as more complex features appear on the internet, more scope is given to the producers of malicious software to produce ever more mayhem.

Governments are finally getting their act together and taking some action to impose some kind of order, but this does vary according to each country and of course has no effect on sites outside of the parent country.

Internet Service Providers are beginning to play a part and some are now virus and spam scanning emails to help curb the problems, my own ISP does this and very welcome it is too.

But the main problem, is that because of the worldwide and complex nature of the internet, the onus is still on you the user to protect your own computer. This in my experience causes a problem, in that finding the necessary information to help yourself is not that easy. The information tends to swing between two camps -- the don't worry about it, it won't happen to me camp -- and the paranoid, lock everything down so tight that nothing works camp.

Neither idea is very good, on the one hand, you will catch something and on the other, surfing becomes so miserable with popup warnings and features that don't work, you give up and take up fishing instead.

So in this article I'm going to outline what works for me, I'm no expert, so it's mainly been a trial and error process, but I am a voracious reader of security articles and like to feel safe online, but still be able to surf with ease.
I use Windows 98se and XP, but most of the points covered apply to any system, as the internet covers an enormous breadth of different things such as P2P I will just stick to just those areas I use.



Firewalls.

These are of prime importance nowadays, tests have shown that XP users in particular will be infected within minutes of connecting to the internet without a firewall. The original XP firewall was rated quite poorly, but with Service Pack 2 installed the firewall has been improved and is considered by most experts to be adequate, but not great.
Most experts recommend installing a third party firewall, you should only run one firewall at a time, so if you are using XP you should turn off its own firewall, if you intend to use a third party one.

You can purchase a firewall, or if you prefer freeware, there is a fair selection about, Zonealarm is probably the best known and has both freeware and paid for versions.
If you are connected to the internet by broadband, a firewall is your most important defence and should not be scrimped on, buy the best you can find, ideally fit a hardware firewall as well.
Note: If you have a broadband connection you should unplug your phone line, or you could still suffer a dialer attack.

Zonealarm.
I have used the freeware version of Zonealarm for several years now and have found it to be very reliable, it is easy to setup and use.
The system tray icon shows the internet traffic to and from your computer so that you can see if something strange is happening, ie lots of traffic when your not doing anything.
When I first started using Zonealarm I used to leave the alert message system on, (This showed an alert on your desktop, if your firewall was probed.) but in the last year or so the amount of alerts has risen enormously, particularly during the last big XP virus infection, when alerts were coming every 30 seconds. So now I leave the alert messages off confident that Zonealarm is doing it job in the background.
You do see a few people having problems uninstalling Zonealarm. I have never had any trouble, but it is important to turn it completely off before uninstalling and if installing a new version I would recommend a clean install.
http://www.zonelabs.com


If like myself you have a dialup connection, you do not need to run your firewall when offline, this can be useful if you have a slower computer. But to be safe unplug your phone line when offline, this will prevent a malicious program dialing up in the background.

It is important when choosing a firewall to check that it controls outgoing traffic, as well as incoming traffic, this helps prevent malicious programs from connecting to the internet and transmitting your private data.

Once you have your firewall installed go along to grc.com and try their Shields Up! security test to see if you are protected, ideally your test results should show a 100% stealth mode.
You can also try another product from grc.com, Leak Test, this is a small (25k) standalone program that will try to penetrate your firewall from within, just run it and read the instructions carefully.



Virus Protection.

Protecting yourself against viruses, trojans etc needs more than just antivirus software, you also need to take some sensible steps to protect yourself, remember prevention is better than cure.

Most virus attacks nowadays come by email, ideally you would set your email software to only accept and send plain text messages, but in the real world most of us like to send pictures and files from time to time, with that in mind here are some precautions you should take.


If using Outlook Express
Under the Security Tab:
Set the security zone to Restricted Sites Zone.
Check the Warn me when other applications try to send mail as me setting.
You can also check the Do not allow attachements to be saved or opened that could potentially be a virus. ( Note this can cause problems with harmless attachements being removed.)


Under View -- Layout
Turn off the preview pane, this prevents you being infected by malware that can be embedded in a message.


General Email Safety.
Never open any files attached to an email, even if they appear to have come from someone you know. Save them to your desktop and scan them for viruses first.

Do not click on links in emails unless its something you have requested.

If the email is from an unknown source, check the subject line, does it sound personally applicable to you, if not delete it.

Put descriptive comments in the subject line of emails you send, this helps other users.

Never ever reply to spam. (Adverts.)

Do not give out your email address unless you have to.

Create a second email account specifically for those times when you need to give one for some purpose on the web, if you then start getting spam, you can stop using the account and create a new one without affecting your normal email address.

If you have a web site and wish to put your email address on it, use an image like I do, or one of the many email scrambling applications that can be found.

No business will ever ask for private details, ie bank number, password etc by email, any email doing this is probably a scam, if you are not sure visit the web site, but use the address from your favorites (bookmarks), not a link provided in the email, or phone the bank etc and ask.

Do not put your email address on forums, as automated programs scour the internet looking for email addresses to add to spam lists.

Never click on links in emails from an unknown source, instead, type the address directly into your browser. Links in email can be faked to look as if they’re taking you one place when they are, in fact, taking you somewhere else.

Be suspicious of an email which asks you to update your log-in details or other private information.


Surfing Safely.
In general avoiding malicious content on the web is fairly easy, just stay away from porn sites and any site you know contains illegal or dubious content, whatever you do, DO NOT download anything from a dubious site.
It is possible to get attacked in surfing normal sites but it is unlikely and has only happened to me once in all the time I have been using the internet.
File sharing should also be avoided, as many files carry viruses.
One final point, ignore those flashing messages on web sites that tell you your computer is slow, or unsecured and to click on a link for a cure, at best they are worthless and at worst they will attempt to install something nasty on your computer, do not be concerned if they show information about your computer, that is a JavaScript trick.



Antivirus software.
There is a lot of antivirus software software about, but for the best protection its best to stick with the well known ones, as they have a name to protect and as such strive to give you top level protection.
A few of the better known commercial brands are:

• McAfee --- http://www.mcafee.com

• Symantec Norton --- http://www.symantec.com

• Panda Antivirus --- http://www.pandasoftware.com

It is also possible to get freeware virus protection but you are limited to three programs that give full protection, they are:

AVG v7.0 Antivirus.
Fairly easy to use, although the program interface is little disjointed. Was the most popular freeware scanner, but in its latest version it has had some reliability problems. But still a good choice, the updater is better than AntiVirs.
http://free.grisoft.com/

AntiVir Personal Edition Classic.
The program is easy to use, with an extensive help file and it runs in a very quiet and efficient manner, the update window is very good, although slow to connect. Independent tests usually show it to have the highest virus detection rate of the freeware programs.
www.free-av.com

Avast! Home Edition.
The most fully featured of all the free antivirus programs and is certainly the most up to date in appearance, it has small fast virus updates, and is skinnable, if that is of importance to you.
It uses the most system resources of the freeware programs and may slow down older computers.
http://www.avast.com/

Generally speaking all the well known antivirus software has pretty good detection rates, although no program offers 100% protection and different programs excel in different areas of detection.
It is best to avoid antivirus software that neither you or anyone else has heard of, let someone else try it and wait for some reviews until you use it to protect your machine.

Before choosing your antivirus software look carefully at how much disc space and ram it requires, this is particularly important if you have an older machine, as some antivirus software uses a lot of resources.
A point to bear in mind as well, is that some of the commercial programs integrate very thoroughly with your operating system and this can cause problems if you wish to uninstall them, so rather than trying several trial versions, it is probably safer to see what any friends have on their computers and what they think of them.

Once you have chosen your antivirus program, that's not the end of the story, you must remember (Or use the auto update) to update the definitions regularly, some people recommend every day (Or even more often!!), which if you have broadband is fine, but if you have dialup, once a week should be sufficient, if a big alert goes out, just do an extra update.

Note: You should only have one antivirus background scanner running at a time, or they can interfere with each other.

If you wish to see what response your antivirus software gives when it catches a virus you could try and get infected, but a better idea is to try a harmless test file known as the EICAR Standard Anti-virus Test file. (EICAR is the European Institute of Computer Anti-virus Research)
You can find the test file in several formats along with more information here:
http://www.eicar.org/anti_virus_test_file.htm

Note: Its a good idea to save the test file to a floppy disc, this saves any problems with deleting the file later if your antivirus program will not let you access it, it also allows you to store it for future testing, without getting a virus alert every time you scan your hard drive.

As well as viruses you will often see trojans mentioned and there is quite a lot of software about for dealing with just these. But in magazine tests anti-trojan software generally performs quite poorly and is usually outperformed by the standard antivirus software.
So my advice would be don't waste your money on commercial anti-trojan software, if you want to use one try the free version of the A2 Scanner this detects trojans, dialers, worms and spyware and has its malware definitions updated regularly.
You can find it at: http://www.emsisoft.com/en/software/free/

Panda Software do an interesting course about viruses, which you can take for free at: http://www.pandasoftware.com/virus_info/virus_course/



Spyware/Adware.

Spyware or Adware covers quite a wide subject, its basically concerned with malicious or spying programs that install with other software, but it tends to overlap a bit into antivirus territory.

There is a lot of software about that claims to cure you of spyware, for a price!! Some do nothing but make your hard disk whirr, while others are actually spyware themselves.

Personally I recommend using three freeware programs, all are well known and respected, they are:

Adaware.
This program scans your system for any spyware, there is also a paid for version, with more features.
http://www.lavasoft.com


Spybot Search and Destroy.
This is a very comprehensive program, sadly under used by most people. In default mode, it can scan for spyware and also has an immunize function, to block bad content in IE and Opera. In advanced mode it has many more features, including the option to manage which programs startup with Windows and a secure shredder, for safe disposal of files.
Note: Spybot can be a little temperamental about updating, but you just need to alter the location you are updating from, on the update page.
http://www.safer-networking.org/en/index.html


Microsoft Defender.
If you are using Windows XP you could also try this freeware, which helps to detect and remove spyware and other potentially unwanted software from your computer. Microsoft Defender runs continuously in the background, monitoring your system for malware, it offers comprehensive protection, not only scanning files, but also monitoring your registry and blocking dangerous scripts.
http://www.microsoft.com/athome/security/spyware/product


If you are interested in trying other anti-spyware software I would suggest visiting: http://spywarewarrior.com/asw-test-guide.htm where you will find a comprehensive test of all the well known products. There is also a link on the site to an article that lists rogue anti-spyware programs.



Prevention is better than cure.

Personally I'm very keen to prevent damage to my computer by viruses or malware before it happens, while your antivirus helps by scanning files as you open them, a good backup is to block the opening of certain file types known to be favored by virus writers so they can't execute.

Script Trap.
Intercepts all requests to execute a variety of different file types that are commonly used to infect your computer with viruses, it doesn't need to run to do this, you just enable it and if a file on its list tries to run, it gives you a warning, it can also use your antivirus software to scan the suspect file.
http://keir.net/


RegistryProt.
Protects important parts of the registry, asking you for permission, if a program wants to set itself to start with Windows, a common feature of many virus and trojan programs. RegistryProt runs in the background normally and you will forget its there until it gives you an alert.
Note: A lot of programs alter the registry when being installed, this is normal. The alerts to look out for are if you are not installing anything or you can't see why the program should wish to alter the registry. (Which comes with experience I'm afraid.)
http://www.diamondcs.com.au

Note: Neither Script Trap or RegistryProt should be used, if you are using Microsoft Defender, as the programs perform the same functions.



Web Browsers.

As Internet Explorer comes as standard with Windows, pretty much everyone has used it at one time, or another, but its not necessarily the best browser for security, properly setup it is probably not much less secure than other browsers, but being the most popular it is targeted by more mischief makers than any other browser. It is also the most fully featured browser, which in its default setup does leave it quite vulnerable.

If you are interested to see how much information your browser is broadcasting about your computer go to: http://gemal.dk/browserspy/

Internet Explorer does have some good features, it is worth installing version 6, as this version displays the number you are calling, in the connection box, a good first line of defence against dialers. ( Note this only works if you connect manually.)
Another advantage to IE is that it is the only browser I have tried that lets you view pages fairly reliably when offline.

The two most widely used independant and more secure browsers are Opera and Firefox.

Opera.
I use Opera myself, most of the time. Surfing speed is about the same for all three browsers, but Opera and Firefox are faster if you are returning to a previously surfed page, I like Opera because you can configure the toolbars to contain your preferences, this allows you to turn Images, Javascript and Plugins on and off, as you surf, this gives both a speed boost and more security.
Opera was advert supported, but is now completely free, with no adverts.
http://www.opera.com/


Firefox.
Straight out of the box Firefox is not that good, needing some of the large selection of plugins to make the tabs work at their best, but it is highly configurable and can be adapted to suit just about any users needs.
It is very slow to load, but once up and running it performs as well as IE or Opera.
http://www.mozilla.com/firefox/


If you would rather stay with Internet Explorer I would recommend trying some of the other browsers that run using IE's internals, generally they add some features to modernize IE, such as popup blockers, tabs or cascading windows.
My personal favorite is Crazy Browser, which gives a very good tabbed display and being small in file size is quite responsive. You can read a short review of it on my internet page.

Security on Internet Explorer can be enhanced considerably, by installing the freeware program SpywareBlaster, which can help prevent the installation of ActiveX-based spyware and potentially unwanted software, it also aids the security of Firefox.

I would strongly recommend either Opera or Firefox for more security while using the internet and just use IE, or IE based browsers, for updates, registering and purchasing items online, when its extra functionality is required.



Your Modem.

If you still use a phone line connection, go to Start -- Settings -- Control Panel and double click the Modem icon. Then go to properties and you will see you can set the speaker volume for your modem, set it high enough, so that the initial connecting can be heard, this will alert you to any program illegally trying to phone out.



Other Security tips.

When downloading files on the internet, save them to a folder on your desktop and get into the habit of scanning it with your antivirus program, each time you exit the internet.

When installing software from CD's (Or floppies, but that's rare nowadays.), scan it with your antivirus software, ( Use the right click menu feature.) you can scan the whole disc but this takes a while.

When installing software, read the licence agreement, most software that contains adware, mentions it in the licence, so when you click the accept button, you have agreed to install the adware, the software company is just relying on the fact that few people read the licence.

Use Windows update to find critical updates, always read the info with the update to see if they apply to you, as the update system is not perfect.

Backup your essential files regularly and it is a good idea to save irreplaceable photographs etc, to CD or DVD. This protects you against equipment failure as well as virus damage.

Go to Start -- Settings -- Control Panel -- Network -- Configuration -- File and Print Sharing and disable the file and print sharing.

Rather than keep your passwords on a note stuck to your monitor (Very secure.), or use the same password (Your dogs name.) for everything, its a better idea to use a password holder program, then you only need one password.
I use Simple Password which is very easy to use, your passwords are encrypted and can be password protected if you wish, it is a small 300k download, you will need to set your own shortcut, as for some reason the program installs its own in the wrong place.

Use passwords consisting of a random mix of letters and numbers and the password should be at least 8 characters long.

Do not use personal details of any sort when using public computers, ie library computers, it is relatively easy for your details to be recovered.



Useful Links

Microsoft has its own basic security section at: http://www.microsoft.com/security

About - has some very interesting sections on security and the latest virus alerts.
http://antivirus.about.com/

Falcon21. If you are worried about virus infection and your computers security online, then this site is for you, with download links to helpful programs and articles written in plain English, it is a very useful source of information.
http://falcon21.vze.com/

Get Safe Online. Good comprehensive safety advice geared towards the new computer user, the site does tend to recommend paid for software rather than freeware, but the general safety advice is very good. The site is sponsored by the government and leading businesses working together to provide a free, public service.
http://www.getsafeonline.org/

Rob Goldfish Web Site

Copyright 2005 Rob Goldfish.