Thursday, December 31, 2099
Security Recommendations...
I wanted to share the security profile I am running on my computers (updated 7/20/08). Not only has this configuration been highly effective, but almost all of the software I am using is free for personal use. My system security has changed due to the differences in available software and methodology of the malware. In addition to being behind a router (providing a hardware firewall) I run Sunbelt Kerio Personal Firewall. This helps protect my machine from unauthorized access via the internet.
I no longer use a series of programs to scan for malware (trojans, rootkits, etc...). Instead, I run an antivirus software and a single malware scanner. Key for me is automation... if I have to remember to scan something every month, then it simply will not happen.
Speaking of antivirus, I switched to Avira AntiVir for protection. While some of the commercial programs may be slightly more effective, a current antivirus program is infinitely more effective than a "better" scanner. So if you (like me) are unwilling to pay for annual subscriptions for antivirus updates, then use Avira or another program where the updates are free.
Also, I will periodically run CodeStuff Starter to check for unwanted items that are starting when my system restarts. Become familiar with what startup items should be there and then be sure that any newly added items are ones you really want. Starter will also allow you to disable the unwanted startups. (Word of warning: Do not disable items unless you are SURE that you don't want them. You could disable something that is required for your system to operate properly. Also, many legitimate programs that add items to your startups allow you to disable that feature within the program.)
Further system maintenance that I recommend includes cleaning the registry (using a program like CCleaner). In addition to a registry scanner/cleaner, CCleaner has temp folder cleaners and other utilities as well. Use registry utilities with extreme caution. Always backup your registry first (Erunt) and/or create a system restore point. I suggest regularly emptying temp folders (Empty Temp Folders and/or CCleaner again) and of course running your computer's disk cleanup, scandisk, and defrag utilities (now I use an old version of Diskkeeper Lite). While I still recommend K9 as a proxy spam blocker, I do not use it anymore. Instead, I run all of my email through a gmail account. Gmail has an excellent spam filter built-in, so by the time it gets to Outlook, my email has very little spam.
For backups I use Acronis TrueImage (commercial software), but there are free backup tools available (see TechSupportAlert.com). TrueImage creates a drive image of my entire hard drive and saves it to a backup hard drive. Although this takes a large amount of storage space, the benefit is a complete restore including software when necessary. This saves me 30-some hours to reinstall all of my software and get everything up and running the way I like it in the event of a major hard-drive failure. Regardless of what you use, use something. Backups are crucial. As the old adage goes... there are two types of computer users, those who backup and those who wish they had.
A last measure of protection I recommend is modifying your hosts file. This is a windows system file that tells your computer which ip addresses are associated with which domain names. Long story short... it can trick your computer into disallowing access to websites that are notorious for carrying malicious code. This can be done manually, but I recommend joining Mike Skallas' Ad Blocking Hosts. This is a yahoo group that will automatically email you updated hosts files and a nice little utility that installs the hosts file with a couple of mouse clicks.
One more item worth mentioning is the Support Alert Newsletter. If you want to keep on top of security issues (as well as a variety of useful freeware programs), subscribe to at least the free version. The supporter's version has even more useful information and is well worth the $10/year that is costs (this is the only newsletter that I've ever paid for and I highly recommend it).
The future (or maybe even the present) of computer security is sandboxes and/or virtual machines. SandboxIE allows you to run programs "sandboxed". By adding this isolated "sandbox environment" to your computer, anything run, installed, infected, or modified within that sandbox cannot permanently affect your system unless you intentionally make it permanent. Furthermore, if you encounter a problem, or simply decide you want to eliminate that action, just delete the sandbox and your system is back to the way it was. No restore point necessary. For a more detailed explanation, go to www.sandboxie.com.
A similar (and slightly more complex) approach is using virtual machines. VMware allows you to run a completely separate system within your existing system. This distinct "virtual machine" can be set to access the internet running the same or a different operating system. Anything done in the virtual machine will not affect your main computer since it is essentially a completely distinct computer that happens to share all the hardware.
Either way (sandbox or vm), you can filter all (or most) of your internet traffic through one of these setups so that your computer is nearly impenetrible (more accurately, any "penetrations" of your security can simply be wiped away).
Summary:
Hardware Security...
Router (built-in firewall)
Security that starts with Windows, runs in the background (always on), and scans automatically...
Avira AntiVir
Sunbelt Kerio Personal Firewall
???
Scans that I run manually (at least every month)...
Empty Temp Folders
CCleaner
CodeStuff Starter
ScanDisk, Disk Cleanup, and Defrag (Diskkeeper Lite)
Other...
Sandboxie.
I wanted to share the security profile I am running on my computers (updated 7/20/08). Not only has this configuration been highly effective, but almost all of the software I am using is free for personal use. My system security has changed due to the differences in available software and methodology of the malware. In addition to being behind a router (providing a hardware firewall) I run Sunbelt Kerio Personal Firewall. This helps protect my machine from unauthorized access via the internet.
I no longer use a series of programs to scan for malware (trojans, rootkits, etc...). Instead, I run an antivirus software and a single malware scanner. Key for me is automation... if I have to remember to scan something every month, then it simply will not happen.
Speaking of antivirus, I switched to Avira AntiVir for protection. While some of the commercial programs may be slightly more effective, a current antivirus program is infinitely more effective than a "better" scanner. So if you (like me) are unwilling to pay for annual subscriptions for antivirus updates, then use Avira or another program where the updates are free.
Also, I will periodically run CodeStuff Starter to check for unwanted items that are starting when my system restarts. Become familiar with what startup items should be there and then be sure that any newly added items are ones you really want. Starter will also allow you to disable the unwanted startups. (Word of warning: Do not disable items unless you are SURE that you don't want them. You could disable something that is required for your system to operate properly. Also, many legitimate programs that add items to your startups allow you to disable that feature within the program.)
Further system maintenance that I recommend includes cleaning the registry (using a program like CCleaner). In addition to a registry scanner/cleaner, CCleaner has temp folder cleaners and other utilities as well. Use registry utilities with extreme caution. Always backup your registry first (Erunt) and/or create a system restore point. I suggest regularly emptying temp folders (Empty Temp Folders and/or CCleaner again) and of course running your computer's disk cleanup, scandisk, and defrag utilities (now I use an old version of Diskkeeper Lite). While I still recommend K9 as a proxy spam blocker, I do not use it anymore. Instead, I run all of my email through a gmail account. Gmail has an excellent spam filter built-in, so by the time it gets to Outlook, my email has very little spam.
For backups I use Acronis TrueImage (commercial software), but there are free backup tools available (see TechSupportAlert.com). TrueImage creates a drive image of my entire hard drive and saves it to a backup hard drive. Although this takes a large amount of storage space, the benefit is a complete restore including software when necessary. This saves me 30-some hours to reinstall all of my software and get everything up and running the way I like it in the event of a major hard-drive failure. Regardless of what you use, use something. Backups are crucial. As the old adage goes... there are two types of computer users, those who backup and those who wish they had.
A last measure of protection I recommend is modifying your hosts file. This is a windows system file that tells your computer which ip addresses are associated with which domain names. Long story short... it can trick your computer into disallowing access to websites that are notorious for carrying malicious code. This can be done manually, but I recommend joining Mike Skallas' Ad Blocking Hosts. This is a yahoo group that will automatically email you updated hosts files and a nice little utility that installs the hosts file with a couple of mouse clicks.
One more item worth mentioning is the Support Alert Newsletter. If you want to keep on top of security issues (as well as a variety of useful freeware programs), subscribe to at least the free version. The supporter's version has even more useful information and is well worth the $10/year that is costs (this is the only newsletter that I've ever paid for and I highly recommend it).
The future (or maybe even the present) of computer security is sandboxes and/or virtual machines. SandboxIE allows you to run programs "sandboxed". By adding this isolated "sandbox environment" to your computer, anything run, installed, infected, or modified within that sandbox cannot permanently affect your system unless you intentionally make it permanent. Furthermore, if you encounter a problem, or simply decide you want to eliminate that action, just delete the sandbox and your system is back to the way it was. No restore point necessary. For a more detailed explanation, go to www.sandboxie.com.
A similar (and slightly more complex) approach is using virtual machines. VMware allows you to run a completely separate system within your existing system. This distinct "virtual machine" can be set to access the internet running the same or a different operating system. Anything done in the virtual machine will not affect your main computer since it is essentially a completely distinct computer that happens to share all the hardware.
Either way (sandbox or vm), you can filter all (or most) of your internet traffic through one of these setups so that your computer is nearly impenetrible (more accurately, any "penetrations" of your security can simply be wiped away).
Summary:
Hardware Security...
Router (built-in firewall)
Security that starts with Windows, runs in the background (always on), and scans automatically...
Avira AntiVir
Sunbelt Kerio Personal Firewall
???
Scans that I run manually (at least every month)...
Empty Temp Folders
CCleaner
CodeStuff Starter
ScanDisk, Disk Cleanup, and Defrag (Diskkeeper Lite)
Other...
Sandboxie.
