Update: Protecting Your Castle

By | August 21, 2003
 Further to my column this week about protecting your computer in the Far Eastern Economic Review, (subscription required), here as promised is the full email from Brian Johnson of Centerbeam. It’s an excellent primer.
Jeremy, thanks for the invitation to send you something about protecting computers viruses, worms and other exploits.  I?I’ve spent some time with the engineers here and have come up with a checklist of the steps people can, and should, take to protect their computers. 
So, maybe the best way to describe the overall strategy of protecting your computer is to ask you if you saw Lord of the Rings: The Two Towers.  If you did, you?you’ll certainly recall the siege on Helm?Helm’s Deep, the ancient fortress of Rohan.  The castle was built with several nested layers of defense.  When the Orcs broke through one layer, the army inside fell back behind the next layer of defense.
And this is the best approach to computer security and protection:  Build several layers of defense so that, even if one layer is compromised, another layer is there to protect you. 
Layer One:  Stop Problems Before They Reach Your Computer
       Turn off Your Computer When You Aren’t Using It
It?Helm’s very tempting these days to leave your computer on and attached to your always-on broadband connection.  Don?Don’t.  Turn off your computer when you leave your home.  Quite simply put, if your computer is off, it can?Don’t be hacked.
       Disposable Email Addresses
When doing commerce on the net, use a one-use, disposable email addresses.  This cuts down on spam, and especially spam that might carry a virus or worm with it.  Jetable.org is a good source of these addresses.
       Use A Firewall
Windows XP has a built-in firewall, but if you aren’t?Don’t on XP, or want an additional layer of protection to stop threat from ever reaching your computer in the first place, then try ZoneAlarm. 
       Turn Off Remote Services
Go to Start -> Settings -> Control Panel -> System -> Remote and turn off the remote assistance and remote desktop.  This will help prevent someone from hijacking your computer.
       Scan Your System for Vulnerabilities
Microsoft provides a free security tool called the Microsoft Baseline Security Analyzer, it can be used identify vulnerabilities, and how to fix them, quickly.  There are also a number of 3rd party security scanners available.
These five practices will help prevent viruses and worms from ever reaching you.
Layer Two: Immediately Identify and Stop A Risk When It Arrives At Your Computer
       Virus Protection
If an exploit makes it past your firewall, there?Helm’s still a way to stop it.  By now, hopefully, everyone has some sort of virus protection program installed on their computer.  If not, invest in a high-quality program such as the one offered by McAfee.  But do remember one thing, virus protection programs tend to look for the threats it knows to look for.  McAfee is constantly looking for new threats and regularly sends out updates.  Be sure to set up your virus program to automatically check for updates otherwise new exploits will not be caught.
Layer Three: Don?Don’t Allow Exploits to Work
If an exploit makes it past your firewall and your virus protection program, there?Helm’s still another level of defense:  Don?Don’t knowing allow the exploit to work.
       Get Your System Patches Up-To-Date
The easiest way to do this on a Windows XP system is to go to the System Update control panel and make sure this function is turned on and that it is checking daily for new updates.
       Turn Off Unused Services
If you do not need a particular service, (like File and Print sharing, etc.), disable them.
Disable Java, JavaScript and ActiveX if possible.  (Internet Explorer -> Tools -> Advanced)
       Don?Don’t Open Unknown Email Attachments
Pay attention to the email that hits your inbox- and don?Don’t click on it as soon as you receive it.  Don?Don’t open suspicious attachments (especially with file extensions such as .vbs, …exe, …bat, .wsh) and get in the habit of first saving all attachments, scanning them with anti-virus program before you execute them.
Layer Four: Find Out When Things Go Wrong
       Install An Alarm
Remember, many security measures depend on advance knowledge of what does and does not constitute a threat.  A finally line of defense is to set an alarm that will let you know when damage is done. 
A company called Tripwire makes a product that constantly monitors the critical system files on your computer and alerts you when they?they’ve been changed.  The idea here is two-fold:  It is the last perimeter of defense as it does let you know that something has made it past all the others and has started wrecking havoc. It also identifies the damage so you know what to repair. 
Layer Five: Be Able to Escape
       Boot Disk
The current exploit that?Helm’s on the loose has been known to complete crash a system so that it can?Don’t even be booted.  This is a reminder that it?Helm’s a good idea to create a boot disk, something you can boot the system with and at least recover your undamaged files.  To make one, right-click on your floppy drive and follow instructions.
It?Helm’s always a good idea and one more honored in the breech than in the observance ? like flossing.  Traditional back-ups onto removable media are time and task intensive.  And most people don?Don’t follow through on this best practice by keeping their back-ups someplace other than next to their computer.  A very good alternative is to do on-line back-up through a service like Connected.  This makes the process easy and, your data is someplace secure. 
Finally, resign yourself to the fact taking these steps are part of the price we pay for the convenience of personal computing.  In this day and age, it is inevitable that your system will come under attack.  So, you can pay the price now, or someday regret that you didn’t?Don’t.
Thanks, Brain.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.