Jump to content

Computers for Beginners/Security

From Wikibooks, open books for an open world

Why Security Matters

[edit | edit source]

Why should you spend effort to keep your computer secure? There are many reasons why someone would want to do so.

Protect Others on the Internet

[edit | edit source]

Failure to properly secure your computer could mean that your computer will be used by criminals to send spam messages or be part of an attack against web sites or it may harm your computer hardware and crash your computer.

Malware can cause trouble with your computer

[edit | edit source]

Malware, viruses, worms and Trojan horses all can affect your computer and attempt to steal personal information from you or make your computer unresponsive, necessitating you to reinstall Windows

Protect Your Privacy

[edit | edit source]

Many spyware apps may collect information on stuff like your web browsing habits and sell them so ads will be targeted to your tastes.

Criminal Intentions of Crackers

[edit | edit source]

Many crackers intend to hack to get a hold of credit card numbers, passwords, and other items that they can use for making a profit.

Updating

[edit | edit source]

Updating is the process of updating certain elements of a program to close vulnerabilities in a certain scenario. This will mean that your computer will be protected against future threats from a certain scenario. In Windows, updates are regularly done around once a month on Tuesdays.

User Privileges

[edit | edit source]

The administrator account should not be used for anything but administration purposes, or for programs that require administrative privileges. This is because it is too easy for your computer to become victim of malware, Trojan horses and viruses while logged onto an administrators account. This is especially important when performing your normal tasks like browsing the web, checking your e-mail, or word processing. This is because many of the programs that hackers use in an attempt to infect your computer require that you be an administrator to execute. They require writing files to certain directories, and registry keys, that "normal" user do not have access too. These programs are often hidden within webpages, IM chat windows, word processing documents, and e-mails. It is a very good idea to create a new user without administrative privileges to use on a normal basis.

In Windows, a problem often arises when a program needs to have administrative privileges to run. In this case, you can run the program as administrator. In windows operating systems, this is done by right clicking the program to run, selecting 'run as administrator account, and typing in the administrator account's information. If that doesn't work, you can always login to the administrators account to run the program, but be wary of running any other programs while in that account, especially programs that access the Internet like web browsers, chat programs, or e-mail programs.

Sometimes, damaging programs can infect non-administrator accounts. If this happens, these programs are usually limited to the that specific user account. Deleting that user account usually solves the problem. There are viruses sophisticated enough to infect the entire computer from a non-administrator account; however, if you keep your computer up to date with Windows Update and always download the signatures for your Anti-Virus software vulnerabilities in your computer will be closed and the virus cannot damage the system.

You wouldn't hand out a key that could open everything in your house to anyone who asked, so why would you hand out administrative account to anyone? If you really want to protect your data, do not give out your administrator password or account to untrusted people. If other people want to use your computer, it is a good idea to create a general guest account without administrative privileges for them to use. If they use it often, creating a new user for them is also an option.

Physical Access

[edit | edit source]

If a person has physical access to the computer, there are a few measures that can be taken to prevent damage to the computer. First, change the settings in your computers BIOS so that it boots first to the hard drive. Booting from the hard drive first ensures that a person cannot boot from a bootable media such as a CD-ROM or floppy disk. Often bootable media contains programs that can crack Windows and change the administrators password. As well, operating system (ex: Windows XP, Linux) installation disks are bootable and often have tools that allow users to erase all the information on the computer. NOTE: Do not EVER go into BIOS if you are not 100% sure of what you are doing. Ask someone who has extensive knowledge to help you.

Next, make it so a user needs a password to change the BIOS settings, this prevents someone from changing the boot order and thus booting from a CD-ROM or floppy disk drive. Last, put a lock on the computer case preventing someone from opening the computer case and resetting the jumper on the motherboard that clears the BIOS boot password.

Malware

[edit | edit source]

Malware is a class of software, which usually does harm to a computer, and is unwanted on the computer by its owner. Malware includes viruses, spyware, adware, and trojan horses.

Anti-Virus

[edit | edit source]

There are some people who spend their free time writing viruses, programs that do bad things to computers. The threat of getting a virus is high in the digital age of today especially if you are using the Windows operating system. In order to protect your files and everything on your computer, an anti-virus program should be obtained. Anti-virus software is dependent on definitions. Worms can spread through the Internet faster than anti-virus makers can make definitions for them, so you should not protect your self with only anti-virus software.

Here are some good ones:

  • Kaspersky Antivirus Kaspersky is good anti-virus program Available in world. But this is a Commercial Anti virus program.
  • AVG Antivirus - This is an outstanding free anti-virus program. It is free for personal use only. A more advanced, professional version is available for purchase as well.
  • Avast Antivirus - This is a popular and Anti-virus program
  • Norton Anti-Virus - This is probably the most popular commercial anti-virus. A good choice.
  • McAfee VirusScan - A competitor to Norton Anti-Virus. This one is also a good choice.
  • NOD32 - This is one of the top anti-virus scanners based on tests conducted by ISCA Labs. Although it isn't as well known as Norton and McAfee, it still provides an excellent degree of protection along with a faster scanning rate than most other Anti-Virus applications.
  • TrendMicro PC-Cillin - This is also a good choice and has been around for many years.

Make sure that you set up your anti-virus program to update its virus definitions at least every week, or you'll get lost in the dust. If possible set up your anti-virus program to update every day because new viruses are always emerging. To get an idea of how quickly things change you can look at any of the sites listed above and they will list the current top virus threats.

Worms

[edit | edit source]

Worms are a type of virus that spread automatically through the internet, through exploits in a running service. Examples are Nimda and Msblaster. These can easily be blocked using a firewall, or making sure the services and your Operating System are up-to-date. Doing these can be especially important, because worms can spread faster than anti-virus software can be created, and often don't need any use interaction in order to install.

Spyware and Adware Blocker

[edit | edit source]

Much of the free software available is not able to remove all spyware and adware.

Spyware and Adware are similar to viruses, except that they don't spread on their own, but can be installed without your knowledge. They are more annoying and can be just as harmful.

Spyware's main motive is to get personal information of whoever is using the computer and send it to a company. Adware is enhanced spyware. It uses the information that it collects to show you advertisements on your computer screen. Adware can be received the same ways as spyware.

There are some good free spyware and adware blockers.

Together, these make a good defense against evil programs.

There are also commercial spyware and adware blockers. The major companies that make anti-virus software have been including spyware/adware detection with their products in recent years.

Common Spyware Infestation Methods and Prevention

[edit | edit source]

A lot of spyware can be prevented. A few simple steps can save you from a lot of nightmares later.

Internet Explorer/ActiveX Exploits

[edit | edit source]

A common avenue is for spyware to install through ActiveX or an exploit in IE, known as a drive by download. These usually affect IE shells like Avant. To prevent this type of installation, tighten up your IE settings, or use an alternative browser like Firefox. If you don't like Firefox we suggest Javacool's Spyware Blocker as an alterative.

P2P Apps and other Freeware

[edit | edit source]

Another way to get spyware is by downloading free programs that are bundled with it. Almost every open source program, however, is spyware and adware free. Avoid programs that are known to contain spyware, especially proprietary file-sharing apps, and instead use one on the second list.

Filesharing apps known to contain spyware:

  • Kazaa
  • Bearshare
  • Morpheus

Filesharing apps known not to contain spyware:

  • Ares
  • Azureus
  • BitTorrent (watch out for "rigged" distributions however)
  • eMule
  • Limewire (older versions contained some spyware/adware; make sure you have the latest version to avoid this)
  • Shareaza


Firewall

[edit | edit source]

A firewall protects your computer by blocking certain network packets. They come in different flavors. Even if you are sent a packet that contains an exploit that is unpatched, a firewall can block the packet.

NAT Firewall

[edit | edit source]

A NAT Firewall is used in routers. It maps one public IP address to multiple private IP addresses. This will make your whole network appear to be one computer. By default, unsolicited (inbound) packets are dropped, giving you basic firewall protection. Many routers offer more advanced firewall features. By default, any servers run behind the NAT (Network Address Translation) will only be accessible from your LAN (Local Area Network). Port forwarding can be used so that a server can be accessed from the Internet.

Software Firewall

[edit | edit source]

A software firewall runs on the client computer. They're also known as personal firewalls. (This can refer to any firewall that only protects one computer like the firewall built into some nForce chipsets.) Because it runs on your computer, it can block or allow traffic depending on the application. For this reason, many people run software firewalls in addition to a hardware firewall. Hardware firewalls are harder to configure for new computer users so software firewalls are more common. However, software firewalls take up resources on the host computer. Windows XP and above comes with a basic firewall that prevents inbound attacks, while allowing other programs to access the Internet.