This article was written a while ago, and technology, recommendations, and opinions (including my own) change over time. While many core principles of computer security, maintenance, hardware, and software remain relevant, specific hardware, software, or other details may be outdated now. Consider this a snapshot and proceed carefully.
One of my clients sent me the following e-mail request:
Can you shoot me an email … with detailed instructions (how to’s) about … weekly & monthly cleanups … (Adware, Spyware, &/or other?). I keep getting official looking advertising pop-ups [regarding] such and am a little nervous to either do something or do nothing with them. I’d appreciate it if you could help me with this.
Realizing that my response could lead to a few blog entries, here is a first article on the steps that I would recommend for the average small office/home office (or “SOHO”) users to keep their computers running smoothly. If people like it, I might write more.
All the Time
There are a few things that really need to be in place all the time that your computer is powered on. Without these in place, you are fighting a hopeless battle against viruses, spam, and hackers.
- Hardware-based firewall for a broadband DSL or cable Internet connection. These are the “bouncers” who sit at the perimeter of your network and check all the lowlife scum that passes by to see if they have proper credentials. Of course, just like in real life, fake I.D.’s (or forged headers in the computer world) can be used for entrance, and the entry-level firewalls aren’t as good at spotting potential problems as the much more expensive versions can be. Even so, any security guy is going to help keep more riff-raff out than not having one at all. The same is true with firewalls.
- A hardware-based firewall protects all types of computers installed behind it. It does not matter if your PC runs Windows, Mac OS X, Linux, or anything else, including gaming systems!
- Since these firewalls are “always on”, they protect your device while it is powering up or down. Personal firewalls (next item) leave open a small window of vulnerability during that time. That is just one reason why multiple layers of protection are best.
- Personal-firewalls (i.e., ones that are software-based) are another good investment, especially if you use dial-up Internet connections and don’t have a hardware-firewall.
- Windows XP Service Pack 2, Linux, and FreeBSD (and probably also Mac OS X, since it is based on FreeBSD), all have some type of built-in personal firewall that is better than no firewall.
- All the popular antivirus companies sell personal firewalls (usually available as a bundle with their antivirus software).
- In general, all firewalls scan and protect against incoming attacks (things attacking you), but good ones also safeguard outgoing information. This extra layer of protection really helps to prevent viruses from spreading, spyware from divulging sensitive information, and hampers certain kinds of hacking. If you have a choice, get one that does both.
- Firewalls do not provide complete protection from viruses, worms, trojans, or spyware. They are only the first step!
- Real-time antivirus protection is the next most important thing you should have on your network. Some people consider it the most important. Either way, if you aren’t running it, you will be plagued by viruses.
- Other names associated with real-time protection include: “heuristic detection”, “bloodhound detection”, and “virus watch”. Heuristic detection means that the programs watch for “virus-like behavior” to help protect you against new, unknown viruses and worms. Not all real-time virus scanners offer this extra level of protection, but it’s a good thing to have.
- Generally antivirus software is only as good as its latest virus definitions file and scanning engine. Be sure to keep both fully up-to-date (more about that later).
- Other malware scanners are very important, too. They come under a lot of different names, including: spyware scanners, adware blockers, spy catchers, and pest removers.
- Operating systems and computers are much more reliable than they used to be, so most unexpected system crashes, freeze-ups, slow-downs, and pop-up advertisements are caused by some type of malware (which can include viruses and worms, too) installed on your system.
- No single antimalware solution catches everything. You will need multiple layers of malware protection.
- Protect your system settings from unexpected changes. There are a number of programs that do this, but few that do it well, because what works well for one person is frustrating for another person. It would be best to try a few different ones before settling on just one.
- Most programs in this class keep an eye on certain portions of your PC that are accessed when your computer starts up. Under Windows, these include the “Startup” folder in the Control Panel, the “Run” and “Run-Once” registry keys, the “config.sys” and “autoexec.bat” files, and a few other locations. Generally speaking, editing and cleaning up these locations is not a task for the faint of heart—you could prevent your computer from booting at all if you make a mistake. That’s where a startup monitor helps you by making things simple to understand and simple to maintain.
- Other programs that watch your system settings do so by keeping track of what is installed as it is being installed. Then, if you later want to uninstall something, all traces of the program can be removed. Like with firewalls, most current operating systems include a rudimentary form of this. Windows calls it “System Restore”, while Red Hat Linux calls it “RPM” or “Red Hat Package Management”. No matter which system you use, they all work the best if they are one of the very first things installed on your new computer so they can monitor everything else that is installed later.
- Some personal firewalls and other utilities monitor a wide variety of system modifications and warn anytime something “suspicious” happens. Personally, these seem to cause more problems than they solve. Since most users do not really understand the message, they either allow everything (so what’s the point?) or they block everything (and wonder why their software doesn’t work).
- This is an exception to the “more is better’ rule of thumb. Multiple system setting protection utilities usually are redundant and irritating. Pick one that meets your needs and your skill level, and use it exclusively.
- Pop-up blockers help protect you from deceptive and/or annoying pop-up/pop-under windows while you are browsing the Web. Current versions of most web browsers now include built-in pop-up blockers. Most popular antivirus bundles include a pop-up blocker.
- Multiple pop-up blockers generally should be avoided, since one is often enough. Having two can make it twice as difficult to allow pop-ups on sites that legitimately use them (like banks, schools, etc.). The exception would be in cases where one blocker does not block all the types you regularly encounter.
- If you continue to see pop-ups after installing a pop-up blocker, it’s nearly always a sign of other malware (specifically adware or spyware) infesting your system. Certain web sites use Flash or JavaScript tricks to simulate pop-ups. I guess the advertisers don’t understand how much those tactics annoy potential customers!
- Spam filters can really help ease frustration when opening your e-mail. Most solutions deal with spam at the server or by having you connect through a proxy. Microsoft Outlook 2003 comes with a built-in “junk e-mail” feature. Other solutions exist for dealing with spam before you download it to your computer.
- All the major e-mail sites (e.g., www.hotmail.com, mail.yahoo.com, www.netaddress.com, etc.) and most Internet Service Providers (ISPs) perform a limited amount of spam filtering for you, and most allow you to “train” the filters to be “smarter.”
- Spam accounts for over half of all e-mail sent over the Internet. Your e-mail account can receive spam even if you never give out the address, because spammers send to random addresses as well as known ones.
- Replying to spam—even requesting to be removed from a list—should be avoided. It tells the spammer that someone actually reads the e-mail and that the account is active. They will probably send you more spam, not less.
- The preceding items were primarily for protection from external threats. What about protecting the computer from itself? There are a number of diagnostic utilities that can constantly monitor your PC’s health and performance—warning you if certain thresholds are exceeded (e.g, too hot, too little hard drive space, too many errors, etc.). While it doesn’t take the place of regular preventive maintenance, it can give you advance warning of pending failures. And, that’s almost better than insurance!
So there you have it. My top-8 list of things that every SOHO computer should not be without. For people in larger offices with networks, the list changes somewhat, but the plan is the same: protect from external threats, monitor for infections, react when a threat is discovered, and watch for problems. In networked environments, you generally have to add one more step: protect from internal threats.
I wrote a suggested Computer Maintenance Schedule [Sorry. My old website and the file no longer exist.] for small business and home office workers. The steps are somewhat general in nature, and your specific computing environment may require modification to these suggestions. If you have a network administrator, please check with him or her before attempting to follow these steps; some may be unnecessary or impossible in such an environment. These suggestions can also be used for home PCs but may be more restrictive than many home users would prefer. Again, these are just suggestions, and ultimately you may need to adjust accordingly.