# Take these steps to secure your brand-new PC...



## Nick (Apr 23, 2002)

...or watch it turn into a _Zombie!_

According to Symantec, it takes only 20 minutes for an un-patched and unprotected computer to be attacked once connected to the Internet. Click  *HERE* to read MicroSoft's publication "6 steps to help secure your brand-new PC" written for MS by _my_ favorite computer cutie, Kim Komando.


----------



## CoriBright (May 30, 2002)

All brand new PCs should have XP with SP2 installed and the firewall enabled by default.


----------



## SimpleSimon (Jan 15, 2004)

Cari is right - but that is NOT enough - not by a long shot. Besides a GOOD Anti-Virus program like Grisoft's AVG7, you need spyware protection:
Ad-Aware
Spybot S & D
SpywareBlaster
All three are needed. They are free. They work better than the ones you pay for. You have to keep ALL of your protection updated. WinUpdates, AV, Anti-spyware. ALL of it, ALL the time.

I do this for a living. Around a dozen a week. The ONLY bouncebacks I get are when the customer doesn't bother to update, and/or has teenagers that deliberately bypass the protection.

End of story.


----------



## Nick (Apr 23, 2002)

Cari, you are absolutely right and I appreciate your input. I have learned a lot from your comments here over the past couple of years.

The MS document also says it's a good idea to have the added security of a third party firewall...

_"The most secure method is to have a third-party software firewall in addition to the firewall on your router. It provides an extra layer of protection by alerting you to outbound traffic..."_

As you may have read elsewhere in this forum, I recently upgraded to ZA Pro to maximize the protection my firewall provides. I'm doing all I can to protect my PCs and my data, and I'm making it my goal to learn all I can to that end.

Simon: Right again. I've been using ZA and AVG for some years now, along with the ad/spy/popup freebies you mentioned.Now that I have all that, I'm working on my internal settings.

Any more comments on pc security from the _'experts'_ here will certainly be appreciated.


----------



## Mark Holtz (Mar 23, 2002)

Nick said:


> Any more comments on pc security from the _'experts'_ here will certainly be appreciated.


Use the Ghost, Nick. Ghost is your friend.

With the price of hard drives so cheap, you can use one drive as your work drive and the second drive to hold your backup images.


----------



## Redster (Jan 14, 2004)

Just as an added thought. I have been checking out Microsofts spyware beta. It is actually a pretty good program and seems to be working well. I have added it to my arsenal along with ZAP, Spybot,Adaware,NAV and router. Another little tip for ZAP users -- make use of the ID lock feature. I even have my email address in there,, nothing goes out hopefully that I am not aware of.


----------



## Sandman (Sep 23, 2002)

Redster

I just read with interest your comment on id locks, I looked at my za and the id locks were off with no info in the valut, I am not sure what this does, if I enter my credit card in the vault and then make an online purchase, will this prevent me from making the purchase,
I would appreciate a brief explanation of what the vault and id lock do,

Thanks
Bob


----------



## Jacob S (Apr 14, 2002)

Since I have used all of those programs a while back I have had little or no issues with my computers and install those programs by default when I hook up other people's computers telling them that its a must in order for their computer to function correctly.


----------



## Steve Mehs (Mar 21, 2002)

It’s a great list but is it all necessary for those that have an idea of what they’re doing and are the sole user of the computer? A corporate situation is completely different I totally agree with locking it down tight and doing everything you can to protect the network, but in a home environment where I’m the only user and have a good idea what I’m dealing with, I don’t believe in a few of things. 

I have used MacAfee, Norton and AVG over the years, I have never been infected with a virus, never received any spy ware or other malware, never had random pop ups open. I don’t surf porn sites, install XXX Toolbars, try to shock the monkey for a free Ipod or click yes to everything I see. I surf websites like bestbuy.com, foxnews.com, Map Quest, Macromedia.com, Slashdot, Amazon, eBay, PC World, Motorola.com, nextel.com, directv.com. Corporate and respectable websites not some 12 year old kids page on Geocities or Angelfire.

I run Windows 2000 Professional SP4 and Windows XP SP2 with all current updates and automatic updates enabled and up to date hosts files. I’m behind a router and also use Zone Alarm Pro for internal control. I perform weekly scans with Ad Aware Pro and MS AntiSpyware, current versions with current definitions, nothing ever found but a few cookies. As soon as Microsoft’s product has a final release I’m dropping Ad Aware. Windows Firewall is enabled, I mostly use Internet Explorer, sometimes Firefox, but for email it’s Outlook 2003, I cannot stand Thunderbird. I run no antivirus software at all. I’m not paranoid about security at home, I take a few steps, but I also don’t do stupid things. If I ever get infected with a virus it will be my own damn fault, but until then I will not use any AV program until NAV ’06 comes out so I can do my yearly scan that shows I have no viruses.


----------



## Mike123abc (Jul 19, 2002)

I have to agree with Steve Mehs... I just a few months ago finally put Norton Antivirus on all my machines at the house. I have 3 computers and they did not have antivirus or spyware installed on them. Now they all happen to have it. I installed Norton after SP2 just really because it annoyed me just enough to get it (plus Norton had a deal 3 computers for like $60). I installed the free antispyware program from Microsoft recently.

Both programs scanned everything and found nothing on the computers. Now I really only go to reputable sites. I have always kept up on all the patches. I also have always had a hardware firewall. It is a router that simply shares my internet connection with other hosts. It simply makes it impossible for my computers to be contacted from the outside, my computers have to initiate the connection. I never have run the firewall software from windows.

One thing I do notice is that the antivirus really can slow things down. I get my email through yahoo so it does all the virus scanning in advance, and norton has not found any viruses that have slipped by yahoo.


----------



## homeskillet (Feb 3, 2004)

I have the SBC Yahoo! DSL service for my e-mail and I've had Yahoo block virus and spyware products before they hit my Norton service locally, for that I am thankful! 

I must say that these are all great steps to take, and I do it for friends. Their should be some Internet 101 information for those newbies on the web to save the rest of us!

And also, make sure to explain to people to not click "YES" "OK" all the time, just to get rid of the window! Doh!


----------



## SimpleSimon (Jan 15, 2004)

Just for the record, I have had AVG find active and dormant viruses that up-to-date Norton and McAfee have missed (or been blinded to).


----------



## CoriBright (May 30, 2002)

I have Panda Antivirus on all my PCs (bar the Server)..... if you have several PCs they do you an excellent deal on volume licensing! (www.pandasoftware.com)

I like the fact it updates daily... by itself.

I also use the MS AntiSpyware, but not in the Media Center where it has a conflict with Fast User Switching and the Linksys Extender. Hopefully that will be fixed soon. And even better the final version will be FREE!

I wouldn't live without my router!!

I will add briefly that I got a whole load of new customers after Sasser hit and all were Cox cable customers where the broadband engineer connected the PCs direct to the internet without even mentioning the word firewall to the customer! It may have been a frustrating and stressful experience, but it was a very profitable one for me.

Oh the Windows 2003 Server uses E-Trust antivirus. It doesn't receive (open) email although it runs the email server and no one surfs from it. It just sits there and does what it's supposed to.

I've probably come across more problems with Symantec products, but it's like HP printers. Percentage wise there are more of them out there so you're going to here more problems. I'm extremely happy with my Panda, only other A/V I'd consider is Sophos but it's a lot more expensive.

I'm yet to find a PC 'owned' or regularly used by someone under 14 who has internet access without spyware and at least a couple of trojans. At least most stuff cleans off easy enough. Always a few exceptions and as ever, prevention is ALWAYS better than cure.


----------



## Redster (Jan 14, 2004)

Sandman said:


> Redster
> 
> I just read with interest your comment on id locks, I looked at my za and the id locks were off with no info in the valut, I am not sure what this does, if I enter my credit card in the vault and then make an online purchase, will this prevent me from making the purchase,
> I would appreciate a brief explanation of what the vault and id lock do,
> ...


The id lock prevents any information you have in your vault from going out unawares to you meaining by some chance the pc gets infected by a trojan any info in the vault will be blocked by ZAP from being sent out. If you purchase online and key in your credit card,, that is a seperate issue. I have had no issues with purchasing online. I have address, phone number, email address and cc# in the vault.


----------



## ntexasdude (Jan 23, 2005)

SimpleSimon said:


> Cari is right - but that is NOT enough - not by a long shot. Besides a GOOD Anti-Virus program like Grisoft's AVG7, you need spyware protection:
> Ad-Aware
> Spybot S & D
> SpywareBlaster
> ...


Simon is correctemundo. sp?

It seems we have some knowlegible users in this thread. I suggest every one check out www.grc.com to get another perspective on computer security. The name stands for Gibson Research Corporation and is owned by Steve Gibson. He's and electrical engineer and programmer and is one smart cookie. He's found and exposed many many dangerous holes in the Windows OS family. I get the impression that he knows Bill Gates personally. When Steve Gibson speaks Microsoft listens. There are lots of freebie downloads on his site and lots of free security tests. There is also a fascinating story of how some kiddie hackers broke in and taunted him and how he figured who they were and put a stop to it. He writes everything is the ultra efficient assembly language which I studied way back in the 80's.

Robert


----------



## Redster (Jan 14, 2004)

Not sure how good my memory is,, but wasnt Steve the original designer of Zone Alarm ? I seem to have gotten it off his site years ago.


----------



## ntexasdude (Jan 23, 2005)

Redster said:


> Not sure how good my memory is,, but wasnt Steve the original designer of Zone Alarm ? I seem to have gotten it off his site years ago.


I don't know but I know he was a ZA fanatic. Several years ago he discovered holes that allowed hackers to easily break into ANY firewall EXCEPT ZA. I can't remember the specifics but he told the world that every firewall on the market was worthless and the free ZA was the only one worth having and he was right. Norton and McAfee and all the others cried foul but they couldn't prove him wrong. They all took note and improved their products. The computer world is better off because of people like Steve.


----------



## Gett (Feb 5, 2005)

In my experience, I have seen all of the latest and greatest software tools trumped by one "dumb" user. You can have all of the technology pieces in place, but if you fail on educating users, you fail completely.

The converse is usually true too, If I train well, and scare the crap out of all of the users, sometimes I can get away with being a little lazy on the updates


----------



## Nick (Apr 23, 2002)

Steve Mehs said:


> ...I will not use any AV program until NAV '06 comes out so I can do my yearly scan that shows I have no viruses.


Steve, since Nostradamus says nothing about needing a/v software, you will surely be safe. 

Your rationale for not regularly using an anti-virus program is voodoo, but I defend your right to keep your pc vulnerable to attack. I also defend your right to keep your doors unlocked at night.

Good luck...sooner or later you'll need it, especially since you use IE and Outlook.


----------



## Steve Mehs (Mar 21, 2002)

Yes it is my right to refuse to use A/V software and have my PC go from off to fully loaded in 25 seconds and have it shut down in an instant. I don't engage in risky behavior online so I don't really worry about it. Like I said it will my own fault if I do get infected but not one virus or instance of malware in the 10 years I've been using computers using IE and OE or Outlook for about 8 of those years. As far as email goes I can count the number of emails I get per week on my hands, most of it is legitimate.


----------



## ntexasdude (Jan 23, 2005)

I've gotten so many viruses and spyware and trojans over the years I've lost count and I'm diligent about my PC security! I use Norton AV & FW and do spyware scans at least 5 times a week. I've turned off all the useless Windows processes like DCOM and try to read the help boards and articles from sites like www.pchell.com.

:rant: What really infuriates me is the fact that I have to dedicate so much time and effort to keep the bad guys out. I paid for the computer and pay for dsl and I don't think anybody has the right to install some backdoor trojan drive by style. In a sense they are destroying MY property. I just wish MS could make something foolproof where we wouldn't have to waste our short time on Earth doing this stuff. Wishful thinking probably. I know there are alternatives like Linux but I don't feel like spending 2 years learning it. :rant:  

I was just reading about some new type of "pop-up" that's not really a pop-up. It appears more as a webpage and current pop-up blockers are useless against it.

The web is a wonderful thing and I guess I have to put with it for now.

One security idea that was passed on to me that's free and easy with XP is to use the administrator account for maintenance only and surf the web under a limited account. In theory it makes it more difficult for backdoor software installs.

Robert


----------

