Heal and Inoculate Your PC

Posted 11/19/2007 at 5:19pm | by Paul Lilly

5

Comments

Print

Protect Against Future Attack

By practicing tried-and-true preventive measures, you can keep your PC running like new and save yourself a lot of trouble down the line

Unless you live far from civilization, you wouldn’t dream of leaving your house unlocked, your windows wide open, or your car keys dangling from the ignition. By doing so, you’re just asking for trouble, inviting mischievous ne’er-do-wells to violate your property. So why then, would you treat your PC any differently? When you connect to the Internet, you’re throwing your system in the midst of a thriving online metropolis no matter where you live, and instead of occupying dark alleys, the bad guys brazenly roam freely in search of new victims. Don’t become one of them!

We’re going to show you how to set up a strong defense that will have no-goodniks moving on to easier targets. Combined with our tips for safe computing habits, your PC will be primed to travel the web without fear of infection.

Build a Wall

Bad guys won’t attack what they can’t see; use a variety of defensive measures, including a firewall, to make your rig invisible to online probes.

1: Surf Securely with Firefox

You’re only as secure as the vehicle you’re traveling in, and coasting along with Internet Explorer is like putting a sign in your back window that says, “Hey, steal from me!” If you haven’t made the switch to Mozilla’s Firefox (www.mozilla.com/firefox/), then drop what you’re doing and download this superior browser. Now.

Not only does Firefox render pages faster than IE7 and come with a massive array of extensions for customizing your experience, but security threats are also less prevalent. It’s not that digital thieves skip over the browser entirely, but until Firefox can close in on IE’s market share, hackers’ energies are better served by targeting Microsoft’s browser.

After installing Firefox and upping your geek cred, head over to http://tinyurl.com/2z5qmt for a comprehensive guide on how to optimize your new browser and recommended extensions.

2: Shield against Spyware

No matter which browser you use, you’re still susceptible to spyware. Earlier, we pointed out several candidates for rooting out and zapping miscreant programs, but not all anti-spyware software actively monitors and protects in real time. We want to catch spyware before it has a chance to install and run, and for that, we turn to Webroot’s Spy Sweeper ($30, www.webroot.com)

Spy Sweeper maintains a list of sites known for their spyware affiliation and blacklists them from dialing in to your PC.

Spy Sweeper includes a fairly straightforward GUI, making it easy enough for inexperienced users to navigate, but more savvy individuals will appreciate the utility’s many included tools and safeguards. Spy Sweeper calls these safeguards shields, which alert you when a potentially unsafe program attempts to alter system files, execute processes on your PC, or behave in some other suspect manner. The shields won’t check for keylogging activity by default; you’ll need to manually enable that feature for the added layer of protection.

Click the Shields button on the left-hand side, click the Keylogger entry, then put a check mark in the box to enable it. Be warned: The anti-keylogger feature does tend to trigger a number of false positives—it’s even fingered the Maximum PC disc as a keylogger in the past (don’t worry, we don’t record your keystrokes). You’ve now erected a wall of defense to thwart spyware before it has a chance to breach your system.

3: Install a Virus Scanner

With thousands of viruses in the wild, the question isn’t whether to run an antivirus program, but which one to choose. There are dozens of options to choose from, with three standouts worthy of consideration: AVG (free, http://free.grisoft.com), Avast! (free, www.avast.com), and AntiVir (free, www.free-av.com). While you could pay for an AV program with more features, the protection remains virtually the same when combined with our computing safeguards.

AVG is fast, easy to use, effective, and free. How many antivirus programs can claim that?

While it can be beneficial to have more than one anti-spyware program on your PC, you should limit yourself to just one AV package. Because of the deep access needed by these programs, multiple AV apps can interfere with each other and cause major slowdowns and weird problems. But you are free to test different ones before committing to a long-term relationship. In the end, we prefer AVG for its ease of use and email scanning, but if you’re hell-bent on paying for protection, Kaspersky ($60, www.kaspersky.com) combines excellent protection with one of the most feature-rich packages around.

4: Hide Behind a Firewall

Attackers constantly ping the web for unprotected systems, and without a firewall installed, your PC will become compromised within minutes of connecting to the Internet.

If you’re installing a version of XP that predates Service Pack 2, then stay disconnected from the Internet until you can get a firewall up and running, especially if your router lacks a built-in firewall. Download the firewall to a USB thumb drive before you install Windows! For those running SP2 or Vista, Microsoft’s basic firewall will be enabled by default, but it doesn’t monitor outbound traffic. For outbound monitoring, we recommend Zone Alarm (free, http://tinyurl.com/296pwe). The free version monitors both inbound and outbound traffic, so if an infection does happen to slip through, you’ll be notified when it tries to dial home with your personal data and given the option to deny the connection.

Change Your Habits

Implement these safe computing tips into your daily regimen and you’ll never fall prey to hackers again!

1: Avoid Unexpected Attachments!

When it comes to unexpected email attachments, we follow one simple rule; don’t open them. It doesn’t matter how tempting or innocent the file name may be, or who it’s from, the contents inside could contain nasty code. Why would someone you know send you malware? Chances are, it wasn’t intentional, but rather the sender is a victim also and the virus is attempting to spread. Many virus writers rely on uninformed users to spread their diseases, but without your help, they’re stopped dead in their tracks.

2: Don’t Be Baited

It’s not just attachments you have to worry about with email, but hyperlinks too. You may receive a seemingly legitimate-looking email from your banking institution, PayPal, or eBay stating that there’s a problem with your account and prompting you to sign in to resolve the issue. Clicking the link appears to bring you to the appropriate site, but you’re about to be duped. In an attempt to steal your username and password, hackers set up fake websites that look identical to the originals, which they use to harvest your personal info, from login information to your social security number. The practice is called phishing, and the worst part is you may not even know it has happened. The more sophisticated phishing sites will return that familiar “incorrect username/password” error message indicating a typo, then redirect you to the real site so that subsequent login attempts will prove fruitful, keeping you in the dark about what just transpired.

It doesn't matter how legitimate an email appears to be, you should never trust the links inside it; type URLs directly into your browser.

Telltale signs of this scam include typos and poor grammar, but that’s not always the case. Avoid being phished by never clicking hyperlinks in your email. Instead, type a site’s URL directly into your browser (not the URL given to you in an email but, rather, the main address for a site). If there’s a problem with your account, you’ll be notified when you sign in.

3: Download Responsibly

Back when the online music revolution was just beginning, Napster made peer-to-peer (P2P) file sharing mainstream. Suddenly, everyone with an Internet connection was swapping files, both legally and illegally, and that trend continues today.
We’re not pooh-poohing legal file-sharing; we ourselves have fired up our BitTorrent clients to download Linux distros and other large files from trusted sources. But we discourage folks from downloading cracked commercial software, otherwise known as warez. Not only is this stealing, but oftentimes these cracked programs include something extra—malware. Hackers know that one of the easiest ways to spread a virus is to slap the word “keygen” on the malicious file and then throw it on a peer-to-peer network.

Rage with a Virtual Machine

Why hose your OS when you can experiment on a virtual machine without risking the health of your main system?
It’s not always easy to tell the difference between legit software and attachments from harmful files. Maybe your brother really did find time on his honeymoon to email you a zip file of pictures from Hawaii, but do you want to take the risk and open it? You’re right to be cautious, but with a virtual machine, you can afford to live dangerously—without putting your system at risk.
To get started, download and install Microsoft’s Virtual PC 2007 (free, http://tinyurl.com/2jr7a7); then follow the prompts to set up a virtual hard disk. Pop your Windows CD into your optical drive, fire up your VM, and install Windows. Once it’s up and running, install the Virtual Machine Additions package (found under the Action menu), which will let you move seamlessly between your VM and main system. You’re ready to go. Use your new sandbox to surf those, uh, adult-friendly websites or to experiment with suspicious programs.

Virtual PC 2007 doesn't cost a cent, but you will need a separate license for each OS you plan to install.