Protect Your Computer from Internet Attack

Urging abstinence as the best form of protection is like telling people to protect their computers from Internet attack by staying off the Internet.  (Or did I get that backward?)

There are several things you can do to protect your computer from attack via the Internet.  This may seem a little daunting at first, but once you get the hang of it, you'll find it's not so bad--and your computer will be better protected than 80 or 90 percent of the systems out there.

• Run Critical Updates.  Microsoft offers updates for Windows (and for Internet Explorer), which you can download for free.  Go to www.windowsupdate.com (or click on Start, Windows Update--or in Internet Explorer, click Tools, Windows Update).  This Web page will take a little getting used to, but it's well worth the time and effort.  It offers bug fixes and security patches, which can be essential to protecting your computer from what's out there.  It's good to check for updates at least once a month.
  
  Click on Scan for updates.  If it asks whether you want to download and install such-and-such an item, say Yes.  This is Microsoft's official support site, and they want to encourage people to download from it--since it makes them look bad when people's systems are vulnerable to attack--so they're unlikely to allow anything commercial or invasive here.  Internet Explorer will then compare what you have with what Microsoft has available, and you'll see a Review and install updates link.  (Note: the links look a bit different on NT machines.  Also, if you're running Windows 95, this site no longer works automatically; you'll be redirected to a page that lets you manually select and download updates.  Since Windows 95 is no longer supported, Microsoft no longer adds updates for it--so once you've downloaded updates for your 95 system, there's no need to check back later.)
  
  The page will then offer whatever updates you don't have.  It splits things into Critical Updates, Recommended Updates, etc.  Read the items' descriptions to see what you need and what you don't.  Most things under Critical Updates you probably want, especially anything labeled "Security Update".  Also check the Download size so you're not stuck on a huge download when you need your Internet connection for other things.  Remember, you don't have to download all your updates at once; I often download one or two, then come back later for more.
  
  You can ignore "Automatic Updating" and "Critical Update Notification", unless you want Windows to download Critical Updates automatically in the future.  You also do not necessarily need to download upgraded versions of Internet Explorer.  (If you do decide to download an upgrade to Internet Explorer, don't be fooled when it shows a Download size of only 452KB or so: that's just the installer program.  Internet Explorer is a sizeable application and will be at least 8MB to download.)  Likewise, if you're offered a Service Pack for Windows NT, 2000, XP, or .NET, don't plan to use your dial-up connection for anything else for many hours.
  
  
• Use Anti-Virus software.  This is the costly item.  Unfortunately, the biggest names out there in anti-virus protection (and likely the best) are not free to buy, and only let you download updates for a year or two before you have to resubscribe (expect to pay around $40 for the initial software, and $10-20 to resubscribe).  Part of the problem, I think, is that anti-virus software needs to be updated all the time: the makers of the software have to keep up with the hacker types, who are always at work writing new viruses (since it seems they have nothing better to do with their time).  It's a contant game of cat-and-mouse, and requires frequent updates to the software--usually as often as once per week--to keep pace.  This means that the software generally has to be done by for-profit companies.
  
  The three big anti-virus programs currently out there are Norton, McAfee, and PC-Cillin.  There are free anti-virus programs out there, and I'd recommend trying them, though I can't speak for how effective they are.  One, available from Grisoft, is available from their Web site (http://www.grisoft.com/html/us_index.htm?session=3ba6f6e679ff44be03bbad2a921).  Grisoft does charge for the software, but they also offer it free for personal use.  Please don't abuse the privilege by using it for work purposes.  Another wonderful source of free anti-virus and other protection that I recently discovered is http://www.freewwwtools.org/category/computer/anti_virus_spyware_desk_utilities_translation.htm.
  
  Whatever you do, don't neglect to install, update, and run anti-virus protection.  With the number of malicious viruses out there right now targeting home users, this is probably the single most important thing you can do to protect yourself online.  Being protected by anti-virus software can really save your ass.  It's saved mine more than once.  Once your computer gets infected by a virus, you can be in a world of hurt.



• Run a Personal Firewall.  Communications over the Internet (or over most networks, for that matter) run on a protocol called TCP/IP.  TCP/IP sends information to and from a computer using little virtual openings called ports.  There are over 65,000 ports on each computer.  A Web server, for instance, listens for requests on Port 80; an FTP server listens for requests on Port 21 and sends responses via Port 22.  A hacker can scan your computer for open ports, come in through one of them, and attack: snoop for personal information, execute malicious code, slip you a virus, or even go out through another port to attack some other user.  If a hacker goes through your computer to attack the Pentagon, the attack would be traced back to you, not the hacker.
  
  The reason is: those tracing the attack will know the IP address that the attack came from (i.e., your address), and can find out what ISP (Internet Service Provider) owns that address.  They can then go to your ISP and ask who had that address at that time, and whammo!  You get a knock on the door.  There won't be a record that someone came into your computer, or what address they had--which would make it difficult to prove you weren't the originator of the attack.
  
  Perhaps the scariest part of this port-scanning stuff is that, by default, Windows leaves most of those 65,000+ ports open and listening for connections.  This is a big part of why Windows machines are so notoriously vulnerable to attack from the Internet.  What a firewall does is close ports you aren't using, or that you don't want left open.  A closed port is not a vulnerable port.  A great place to test your computer's vulnerability to Internet attack is https://grc.com/x/ne.dll?bh0bkyd2.
  
  Luckily, there are firewall programs available free to the home user.  Three excellent ones that I use are ZoneAlarm, Tiny Personal Firewall 2.0.15, and Kerio Personal Firewall.  Personally, I use Tiny most of the time, though if a particular computer seems to have trouble running Tiny, I install Kerio or ZoneAlarm instead.
  
  Unfortunately your firewall will need to be configured.  This can be a little tricky until you get the hang of it, but the idea is pretty straightforward.  When one of these firewalls is first installed, it's configured to ask you whether to allow any transmission that it doesn't have a rule for (the software installs without any rules, so you'll have to create them all--but don't worry; it's not hard).
  • Let's say you just opened Internet Explorer and typed in an address.  When you hit Enter, the firewall pops up a message telling you that Internet Explorer wants to send [insert technical stuff here], and asking whether you want to allow that.  Internet Explorer is a legitimate program and you do want it to have access to the Internet, so you will want to allow that communication--so you would click the button to accept the communication.  In fact, you probably don't want to be asked about Internet Explorer again, so before clicking the Accept button, you'd check the box that says to create a rule and not ask you again.
  • Now, on the other hand, if you're sitting there online, reading a Web site or something, minding your own business, and a message pops up that some program you've never heard of wants to send or receive a packet, or so-and-so from such-and-such address wants to send you something, you probably don't want to allow it.  In that case, you check the box to create a rule and not ask again, then click Deny.  If you later figure out that you made a rule in error, you can open the program from the Systray (the section in the bottom right of your screen next to the clock) and delete that rule.
  
  
• Remove Spyware.  Nowadays the Internet is crawling with little programs that install themselves on your computer (often without your permission or even your knowledge), which then transmit private information to their masters for marketing purposes, or worse.  However, there are nifty programs out there that will sniff out these programs and remove them from your computer.  Unfortunately none of them will find all the spyware that might be on your system, but if you use two or more you'll get most of it.  There are a couple free ones you can use, Ad-aware and Spybot Search & Destroy.  An important thing about these programs is keeping them updated.  As with anti-virus technology, anti-spyware software has to be updated frequently.  Fortunately, both Ad-aware and Spybot have a liveupdate feature that lets you update quickly and easily.