Details

Category: Security

Published on Saturday, 26 February 2011 23:56

Written by Administrator

A Guide to PC Security

"HackerProof: Your Guide to PC Security" by Matt Smith is a wide ranging review of all areas of security for the personal computer. It is up to date as at February 2011 and is available to download as a PDF file free from MakeUseOf.com at:
https://www.makeuseof.com/tag/download-hackerproof-guide-pc-security/

This article is a brief summary, please see the 53 page guide for full details.

What are the risks?

PC Security covers various threats with different names.
The term 'malware' is used to cover:

• viruses: any malevolent software that tries to run on your PC
• trojans: software that gives others access to your computer
• rootkits: software that gains admin ('root') access and then hides from users and antivirussoftware by replacing system files.

Malware is mainly spread by user error - opening an email attachment that contains a hidden program which you unknowingly start running. You can try to be carefull but virus writers keep coming up with ingenious ways to trick you into clicking on something you will regret.

♦ Install software that scans email attachments.

A worm is malware that can infect a computer without the user doing anything beyond switching it on and connecting to the internet. The worm randomly attacks thousands of internet addresses looking for computers with known network vulnerabilities. When it finds one that is vulnerable it gains access and uses that computer to fire off yet more random attacks, spreading exponentially. In 2003 the SQL Slammer worm infected 75,000 computers within 10 minutes of its initial release.

♦ Block access to your PC except for email and other known services.
♦ Install security updates regularly.

The rise of effective antivirus software for checking emails and the growijg use of the web led to new security threats such as:

• redirecting users to a bogus website, known as pharming;
• harvesting information on a bogus website, known as phishing.

The classic example is an email from your bank with a link to a website (pharming) for you to enter some information they require. You find you need to log in with your current details (phishing) before you can enter the details requested.

♦ Only enter sensitive information on secure sites that you have accessed directly.
♦ Pay attention to phishing warnings from browsers and security software.

You choose the level of attack

The major decision that determines the security risk to your PC is when you choose its operating system. In most cases viruses, trojans, rootkits and worms are programmed to take advantage of a particular weakness in a specific operating system.

Windows XP is the worst common operating system from the standpoint of security. It lacks new security features, is well understood by those coding malware, and is frequently attacked.

Windows 7 is an improvement over XP but remains heavily targeted by malware because of its popularity. Windows is still the operating system used by most of the world,

Mac OS X has benefitted from its Unix heritage, regular updates and relative obscurity. However security threats do exists - rather more than some Mac users think - and protection is hampered by a slim selection of security suites.

Security vulnerabilities also exist on deskto[ Linux systems, and these weaknesses are not always patched as quickly as vulnerabilities found on Windows. However, Linux PC's are impacted by security threats less frequently, and the threats are often less severe.

What is the main current danger?

You run an up to date security suite, never click on email attachments that you are not expecting, and are deeply suspicious of emails from your bank, UPS and the tax authorities. What can go wrong?

Currently the problems you need to worry about are security issues with your web browser or its plug-ins. Jave, Flash, Shockwave and ActiveX have been patched time and time again after security flaws were found. Some plug-in flaws make it possible for an attack to take full control of a PC simply by luring a person to the website with the malicious code.

♦ Ensure that your web browser and its associated plug-ins are kept up to date.

What else should you do?

This summary skims through barely half the guide, It goes on to discuss antivirus (AV) suites, firewalls, rootkit killers, network monitoring and phishing protection. It reviews free versus paid AV protection and firewalls, and suggests three free programs that will protect your PC against a variety of threats.

And there's more - when the worst happens you will need a clean backup, which in turn needs to be protected. Back-up options and file encryption are discussed. Finally there's a guide to what to do when the worst happens and malware infects your PC.

What else should you do? Download and read the rest of Matt Smith's "Guide to PC Security".