There’s an old saying that goes something like this: “Just because you’re paranoid, it doesn’t mean they’re not out to get you.”
I urge all of you to be paranoid to the nth degree with respect to taking precautions to protect your computer against viruses and hackers. Because, believe me, they are out to get you.
Oh yes, they are out to get you. And if you don’t believe it, consider this: my antivirus software stops several infections every week, and I have all of the people who aren’t paranoid enough to protect their computers to thank for this!
Antivirus Software
Antivirus software is the first defense weapon against viruses and worms. There are many products available on the market, including some that are absolutely free. I eschew the free products because I want to make sure my antivirus software is kept up to date so that it can detect the latest viruses. I doubt that companies who provide antivirus software for free can apply the same amount of resources to keeping their products up to date as companies that actually generate revenue from their products.
With that in mind, the two industry leaders are Symantec’s Norton Antivirus and Mcafee AntiVirus. I would recommend staying with one of these industry leaders, and I have a very strong personal bias towards Norton [as does Capitalism Magazine!]. I like its user interface better, and I think their web site is better designed. More importantly, a colleague of mine who was using Mcafee recently found that after downloading the latest Mcafee antivirus definition files, his computer would only boot up in safe mode.
I did some research on the internet and discovered that a number of other people were having the exact same problem. Folks, antivirus software is supposed to prevent problems, not cause them. My colleague uninstalled Mcafee and this solved the problem, that is, his computer then booted normally. He then downloaded and installed Norton Antivirus and has had no problems since. I’m sure there are many happy Mcafee users out there, but personally, I would not use it and cannot recommend it.
You can purchase Norton Antivirus at any local store that sells software, or if you have a broadband connection, you can purchase it and download it over the web. When you purchase Norton Antivirus, make sure you purchase an annual subscription that allows you to update your virus definitions. Else, you’ve just wasted your money, as Norton updates their virus definition files several times a week, and sometimes several times a day!
Here are some specific recommendations with regard to the use and configuration of Norton Antivirus.
First, and most important, make sure the auto-protect option is turned on. This causes Norton Antivirus to automatically start whenever you turn on your computer. The only time you should ever stop Norton Antivirus is when you install other programs — apparently, having your antivirus software running can interfere with the installation process. In the spirit of paranoia, I would suggest that you disconnect from the internet when you need to stop Norton Antivirus to install another program. Remember to turn your antivirus software back on when the installation process is complete and before you reconnect to the internet.
If you are using an older version that does not automatically connect to the Symantec web site for live updates of virus definition files, make sure that you update check for updates manually twice a day. That way, you will never be more than four hours behind the latest update. (Personally, I check for updates three times a day.)
Be sure to configure Norton to check incoming e-mail messages for viruses. This is critical, as most viruses spread as e-mail attachments. When you configure Norton Antivirus to scan your e-mail, Norton sets up a proxy server on your computer and scans all incoming messages before delivering them to your e-mail client. If a virus is detected, you will be given the option of quarantining or deleting the attachment. I always delete the attachment — I’ve no desire to have these things hanging around anywhere in my computer, even in a quarantine folder.
Also, make sure you select the option to scan floppies for boot viruses on access. (You do not need to scan floppies for viruses on shutdown.)
You should run a full scan of your hard disc at least once a week. If you are taking all of the other precautions, your disc should not be infected, but do the safe thing and run a full scan anyway. Norton offers you the option of excluding certain files and compressed files from scanning. I recommend that you do not exclude anything from the virus scan — check (scan) everything. I use Microsoft’s scheduling agent to automatically begin the scan at lunch time.
Firewalls
Firewalls protect your system from hackers. A hacker is a person who scans the net for vulnerable PC’s to attack. A hacker may steal information from your computer, or take control of your computer and use it to launch attacks against other computers and web sites, such as the denial of service attacks with which we have become all too familiar.
Hackers are like thieves that walk up and down the street, checking houses for open doors and windows. If you live in a house in a bad neighborhood, you are more exposed, that is, you are more likely to see thieves walking up and down the block. Similarly, if you have an always-on broadband connection, your computer is more exposed to hackers.
Firewalls, as the name implies, put a wall between your computer and the internet. Firewalls don’t block out everybody — just the uninvited guests. If you are into Buffy the Vampire Slayer (and who in their right mind isn’t, I ask?), you know that the vampires can only get in if you invite them in. It’s the same way with firewalls. When you go to a web site, you are in effect inviting that web site in. But what if somebody tries to hack into your computer? These are the uninvited guests that firewalls block.
There are two kinds of firewalls — hardware and software. For a software firewall, I recommend Zone Alarm. It’s popular, widely acclaimed, and it’s free for personal and non-profit use. Zone Alarm has different options that determine the level of manual intervention that is required to let a guest in. If you have the security setting on high, you have to put each guest on the approved list. This may take some time, but it is well worth the effort.
If your computer connects to the internet through a router (which may be the case if you have a home network), you may have a hardware firewall as well, because many routers throw up effective firewalls, hiding your personal computers from the net.
Hardware firewalls are more effective than software firewalls because they stop the thief before he gets to your block (your computer), whereas software firewalls stop the intruder at the door. My Cayman router throws up such an effective firewall that nothing ever gets through to my software firewall. However, I leave my software firewall running as a kind of double-lock.
My understanding is that the latest version of Windows, Windows XP, comes with a software firewall, but I cannot vouch for its effectiveness.
Your software firewall will keep a log of suspected attacks and will classify the severity of the attack, and whether the attack was successful or whether it was blocked.
Do you still want to access the internet without antivirus software and a firewall? Then you are probably also the kind of person who drives without seatbelts and who hangs the “Bin Laden sucks” sign over his hotel balcony in Afghanistan.
And now, I have some very bad news for you. Even if you install antivirus software and religiously up to date, and even if you have a firewall, you are still not safe. That’s why you need proper policies and procedures with respect to your personal computer(s).
In the next installment in this series, I will discuss the importance of policies and procedures, and of good communications, in preventing your system from becoming infected or being attacked by hackers.
