Howto | Protect your Windows PC21 Mar 2009
In my opinion, protecting your Windows PC is much harder than it should be, and for that reason I recommend Linux.
If you are determined to run Windows, then read on!
Secure your network
A recent study found that an unpatched Windows PC connected to the Internet without a firewall, lasted just four minutes.
Use a hardware firewall
Various studies concluded that so called Personal Firewall software is flawed in concept. Read more about it on Wikipedia, including some of the criticisms:
The good news is that combined modem, router, network switch and Wireless access point can be purchased for less than £50. Linksys and Draytek have a great reputation, and I personally have had no problems with Netgear. Just try and get a personal recommendation, and ensure that it does have a built-in firewall.
Encrypt your Wireless
Often people don’t bother encrypting their wireless network. I believe this is often based on the incorrect assumption that the worst that will happen is that someone will be able to use your broadband for free. The real reason to encrypt your wireless, is because anyone on your wireless network is inside your network, and can thus browse the file-shares on your computer and potentially exploit your machines. The fact that they have bypassed your firewall is a big advantage to them.
Avoid WEP encryption, which can be cracked, and instead opt for WPA encryption.
Secure your PC
Don’t run as administrator
Most Windows users run either as “administrator” or with an account that has administrator rights. This gives any virus that you run full rights to do whatever they want on your PC. Instead you should run as a limited-user account and only login as administrator when you need to, or use the Run as administrator option.
Read more about this subject:
If you have teenage children, it is a good idea to create user accounts for them and restrict them to limited-user rights.
Keep your PC updated
You must use the Windows updater to keep your PC updated with critical updates. If you are running anything older than Windows XP SP2, then consider upgrading, or better still consider changing to Linux.
Install anti-virus software
I would avoid all the free trials that come with a new PC, and I would avoid Norton - which will have devastating effect on your PC. Instead I would have a look at the following:
I have only personally tried AVG, but understand that the others are also good.
Install anti-spyware software
Microsoft Defender is now included in Microsoft Vista, and is available for install for Windows XP and this is a logical choice.
I have personally used all of these programs without issue.
If you have already installed some anti-spyware program, make sure it’s not a rogue:
Avoid Internet Explorer
Use Mozilla Firefox instead of Internet Explorer. Only use Internet Explorer for those sites that you trust implicitly.
- Do not open email attachments unless you know the sender and are expecting the attachment
- Do not click on hyperlinks in emails (they’re as dangerous as attachments)
- Do not visit dubious websites
- Never follow links in pop-ups
- Delete any chain e-mails or unwanted messages without forwarding
- Don’t reply to junk emails, nor follow links to remove yourself from their database, often all you are doing is confirming that your email address is valid
- When installing software, read every step thoroughly to ensure that you do not install additional software without realising it