Understanding Layered Security
Securing your desktop computer must be done in a layered approach. Many kinds of issues need to be resolved, and they require a layered approach to security.
First Layer: Firewall
The first line of defense is your firewall. The firewall should be thought of as outside your computer (even if it is a software firewall running on your computer). It is designed to protect your computer from uninvited intruders. Think of your computer as a gated community and the firewall is the security guard at the front gate. If someone is uninvited, then the guard stops them and doesn't let them enter.
All firewalls I know about, except for Microsoft's in Windows XP, also check the guests when they leave. If the guards were not told to allow them free entry and exit, then the guards stop them if they try to leave as well as when they try to enter. Microsoft has essentially instructed their guards that if they see strangers leaving your house carrying a TV Set, then just open the gates and let them out. I think they didn't want to bother you with a call to ask if was ok if these two guys identified as "Slick Eddie" and "Wiley Willie" leave with your TV set. Let's not be bothered by those pesky calls from the guards, thinks Microsoft.
The firewall is designed to stop the casual hacker from breaking into your computer. It also stops the thief from leaving with your information. For this reason, install another software firewall and turn off Microsoft's, so you check those going out as well as those coming in.
Second Layer: Anti-Virus
The anti-virus program is designed to stop known viruses, and virus-like behavior, from programs you invite in. What? You don't think you invite evil viruses into your computer? Well, you do. When we get email, we are inviting that email onto our computer and just reading it can be sufficient to unleash a virus. Also, of course, opening an attachment can execute a virus. It is often said that you shouldn't open attachments from people you do not know. This is true, but be careful of them from people you think you know as well. Viruses usually use false return addresses, so you really do not know where any email message comes from by looking at the return address.
Other ways to invite the evil into your home:
- Active X on Websites can actually install software onto your computer. You prevent active X by restricting it's use in Internet Explorer, by doing most of your browsing in FireFox instead of IE, by using Spyware Blaster (http:⁄⁄www.javacoolsoftware.com⁄spywareblaster.html) and other means.
- Game websites: Free game websites have to make their money somehow. Often it is by installing software on your computer to display advertising.
- Any program you install could be infected.
- Screen Savers are a very common carrier of spyware or malware.
- Spyware detectors are one of the most common ways to infect your computer. They say they'll protect you against spyware, then install spyware on your computer.
- Download accelerators are another dangerous type of program. They say they'll make you faster, then load software onto your machine to make you slower.
All of these invite other people to run their code on your computer. Since you have invited them in, there is nothing the firewall can do about them. For this reason, the anti-virus program is essential.
About 25 new viruses are discovered every day, so it is essential that you keep your anti-virus protection up to date.
Third Layer: Spyware ⁄ Adware cleaner
The anti-virus can only go after dangerous programs that sneak onto your machine even if you were most vigilant. They do not remove those that simply display advertising, clog up your machine, or malfunction crashing your machine. After all, you may want those! For those programs, you need spyware ⁄ malware protection. I recommend two programs:
- Spyware Blaster: http:⁄⁄www.javacoolsoftware.com⁄spywareblaster.html - This software has a database of known bad active x spyware, hijackers, dialers, websites, and cookies and prevents them from running. A good safe program that is free and will improve the safety of your computer, particularly if you are using an Internet Explorer based browser.
- Adaware from Lavasoft www.lavasoftusa.com. This program removes spyware and malware.
- Spybot Search and Destroy and Pest Patrol are also good programs.
The Fourth Layer: Patrol Dog
So, now you have the firewall or security guards at the gates, the anti-virus program to check programs that start running to see if they are infected, and the Adware removers and preventers to remove the advertising and malware that infects your computer. Now, we just add a guard dog, and we are set. WinPatrol looks for changes in the areas of your computer where programs run when Windows starts. It also looks at Browser Helper objects, the Hosts file and program associations to determine if changes were made. If so, it alerts you. This protects you against normal programs taking undue advantage of your willingness to install them and new malware or spyware which the other layers missed. It is very difficult for programs to hurt you if they do not run, and they can't run if they don't start. So checking the programs that are told to load when Windows starts, and seeing if they change, normally catches anything the other layers of defence miss. http:⁄⁄www.winpatrol.com
Summary
Are these all the things you need to do? NO.
- You must keep up with Microsoft's continuous barrage of security updates.
- You need to learn how to browse the net more safely.
- You need to learn how to handle E-mail more safely.
- Passwords and password savers should be understood.
- Some of you should learn about encryption.
- And much much more.
Connected computers are potentially a dangerous weapon, like a car. They need to be operated responsibly. Keep reading my newsletters and you will learn how to do it.