Wednesday, September 2, 2009

What Should I Do To Secure My Home Computer?

Securing your home computer is not a trivial task. There are many topics to consider and many steps to follow. They take time to learn and do. If you can, read this entire document before you begin to secure your computer. You’ll have a better understanding of the effort and all its facets. This ought to help you when you begin to tackle the tasks described here.

In the next part of this document, we describe two types of activities. Some you can do using the programs that came with your computer: working with passwords and email attachments, running programs, and backing up your work. For other activities, you might need to obtain some specialized programs: applying patches, and running anti-virus, firewall, and file encryption programs. Though some vendors’ products provide these features, we’ll assume your computer doesn’t have any of them so you’ll need to add all of them.

Here then is the list of tasks you need to do to secure your home computer. Their order is based on how intruders attack computers, beginning with the most-often used attack methods. By starting with the lower numbered tasks, you address the biggest problems you face in securing your home computer. Remember that most sections end with a reference to a web site that you can use to find an example of how to do the task on a Microsoft Windows 2000 computer.



Task 1 - Install and Use Anti-Virus Programs

If someone rang your doorbell and wanted to come into your living space to sell you something or to use your telephone, you’d need to make a decision whether or not to let them in. If they were a neighbor or someone you knew, you’d probably let them in. If you didn’t know them but believed their story and found them to be otherwise acceptable, say they were neat and clean and not threatening, you’d probably also let them in, but you’d watch them closely while they were in your space.

What are you doing here? You are profiling this person and then deciding what to do based on that profile. It’s your responsibility to be concerned about who enters your living space. Further, if you have children, you’ve probably also taught them how to deal with strangers who come to your door.

Anti-virus programs work much the same way. These programs look at the contents of each file, searching for specific patterns that match a profile – called a virus signature – of something known to be harmful. For each file that matches a signature, the anti-virus program typically provides several options on how to respond, such as removing the offending patterns or destroying the file.

To understand how anti-virus programs work, think about scam artists – people who visit your home to try to get you to buy a phony product or service, or to let them in. Once inside, they may try to steal your valuables or try to harm you in some way.

There are a variety of ways you might find out about a specific scam artist lurking in your neighborhood. Perhaps you see a television report or read a newspaper article about them. They might include pictures and excerpts of the story the scam artist uses to scam their victims. The news report gives you a profile of someone you need to be on the lookout for. You watch for that person until either the story fades away or you hear that they’ve been caught.

Anti-virus programs work much the same way. When the anti-virus program vendors learn about a new virus, they provide an updated set of virus signatures that include that new one. Through features provided by the updated anti-virus program, your home computer also automatically learns of this new virus and begins checking each file for it, along with checking for all the older viruses. However, unlike scam artists, viruses never completely fade away. Their signatures remain part of the master version of all virus signatures.

Suppose a scam artist was at your front door. What would you do? Perhaps you’d not encourage them to come in nor buy their product but, at the same time, you’d try not to upset them. You’d politely listen to their story and then send them on their way. After you closed the door, you may call the police or the telephone number given in the report that initially brought them to your attention.

With viruses, you often have the chance to react to them when they’ve been discovered on your home computer. Depending upon the specific characteristics of the virus, you might be able to clean the infected file. Or you might be forced to destroy the file and load a new copy from your backups or original distribution media. Your options depend upon your choice of anti-virus program and the virus that’s been detected.

In your living space, you look at those who come to your door and you look at what you receive in the mail. These are two of the ways that items can get into your living space, so you examine them, sometimes closely, sometimes not.

Viruses can reach your computer in many ways, through floppy disks, CD-ROMs, email, web sites, and downloaded files. All need to be checked for viruses each time you use them. In other words, when you insert a floppy disk into the drive, check it for viruses. When you receive email, check it for viruses (remember to use the KRESV tests described in Task 3 - Use Care When Reading Email with Attachments). When you download a file from the Internet, check it for viruses before using it. Your anti-virus program may let you specify all of these as places to check for viruses each time you operate on them. Your anti-virus program may also do this automatically. All you need to do is to open or run the file to cause it to be checked.

Just as you walk around your living space to see if everything is OK, you also need to “walk” around your home computer to see if there are any viruses lurking about. Most anti-virus programs let you schedule periodic exams of all files on your home computer on a regular basis, daily for example. If you leave your computer turned on over night, think about scheduling a full-system review during that time.

Some anti-virus programs have more advanced features that extend their recognition capabilities beyond virus signatures. Sometimes a file won’t match any of the known signatures, but it may have some of the characteristics of a virus. This is comparable to getting that “there’s something not quite right here, so I’m not going to let them in” feeling as you greet someone at your door. These heuristic tests, as they’re called, help you to keep up with new viruses that aren’t yet defined in your list of virus signatures.

An anti-virus program is frequently an add-on to your home computer, though your newly purchased computer might include a trial version. At some point, say after 60 days, you must purchase it to continue using it. To decide whether to make that purchase or to look elsewhere, use these steps for evaluating anti-virus programs:

  1. The Demand test: Can you check a file on demand, for example, when you want to send an attachment as part of the KRESV tests?
  2. The Update test: Can you update the virus signatures automatically? Daily is best.
  3. The Respond test: What are all the ways that you can respond to an infected file? Can the virus checker clean a file?
  4. The Check test: Can you check every file that gets to your home computer, no matter how it gets there, and can those checks be automated?
  5. The Heuristics test: Does the virus checker do heuristics tests? How are these defined?

These tests – the DURCH tests – help you compare anti-virus programs. Once you’ve made your selection, install it and use all of its capabilities all of the time.

Intruders are the most successful in attacking all computers – not just home computers – when they use viruses and worms. Installing an anti-virus program and keeping it up to date is among the best defenses for your home computer. If your financial resources are limited, they are better spent purchasing a commercial anti-virus program than anything else.





source:cert.org/homeusers/HomeComputerSecurity/#1

No comments:

Post a Comment