Thursday, July 8, 2010

Security Essentials for a New Personal Computer

Identity theft and malware are on a rapid rise for profit.  Black hat hacking has become a billion dollar business through anonymity and covert operations.  For individuals buying new computers, it is essential to install a few security programs.  When connecting to the Internet with a computer as bought, it is within a short period of time (most likely within an hour) the computer will be cracked without warning.  Anti-virus software and spyware/malware protection software is not enough for the sophistication and ease-of-use of today's hacker tools.

Anybody can become a victim without proper precautions.  For those still skeptical, there are plenty of Trojans available for purchase on the Internet that are made specifically to steal bank account information, social security numbers, or any personal identifiable information.  Black hat hackers scan the Internet for open ports and send these Trojans through the ports or by e-mail through phishing.  Once installed and undetected, the information is automatically sent back to the perpetrator.  This happens without the person's knowledge while logging into their bank site, filling out forms for credit cards, or buying an item online.  We have to be very cautious and use good judgment while surfing the web.

The following are free software that I recommend to install immediately when a new computer is bought.

  1. Anti-virus Software is needed to protect your computer from viruses before they cause any damage.  Avast (download) is widely used and respected.  Avast has one for purchase for greater protection.
  2. Spyware/Adaware/Malware protection is needed to protect your browsing information from being logged and sent back to the creator without permission and possibly for malicious intent.  I install three programs since each of them usually catch malicious software that was not caught by the others.  The following are: Ad-aware, Malwarebytes, and Spybot.
  3. Firewall is extremely important to keep hackers away.  As mentioned, they look for open ports used by the individual's computer to have complete access.  Firewalls can be configured to block all incoming connections until the user permits access.  The firewall I use is Comodo Firewall.
  4. Microsoft Security Essentials is an incredible product that provides real-time protection.  I found that this product usually catches malicious software before my anti-virus software and malware protection software.  Microsoft continuously updates this product with the latest threats.
  5. Registry cleaner is needed to find any suspicious files or files that stayed in the registry after uninstalling a program.  This type of software helps the system's performance.  A good software is CCleaner.
  6. Lastly and I believe most important is a patching program.  There are hacker tools that provide information on the type of software version that is installed on the computer.  If the software is not updated, it will be extremely easy to crack into the computer through information provided by the manufacturer on the necessary update.  I installed two patching programs.  The one I regularly use is FileHippo.  In addition, I periodically use Secunia PSI.  To learn more about patching and its importance, read my blog post, Importance of Patches.

Others that would be good to have but not necessary are:

  1. Microsoft Baseline Security Analyzer is designed for IT professionals in small/medium sized business.  I have this installed for my personal computer and found it very helpful.  The program will scan Microsoft products installed on the computer and have suggestions and how-to's for making the specific Microsoft program more secure.  It is a great product.
  2. I suggest using Mozilla Firefox browser for its add-ons.  The open-source community is consisted of incredibly amazing individuals.  They write software programs and provide them to the public for free-of-use.  The following add-ons I use for safer browsing are: NoScript, AdBlock, and HTTPS Everywhere.
  • NoScript blocks software languages - Java, Javascript, Flash, etc. - that are mainly used by black hat hackers as executables to install malicous software.  You have the ability to temporarly or permanantly allow the scripts to load for the specific website.
  • AdBlock is, as you most likely have figured, an ad-blocking program.
  • HTTPS Everywhere provides a secure connection to sites that offer that option by encryption.  The following is quote from the website:
"Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site."
 For now, these are my recommended programs for computers to stay safe while browsing the Internet.  Though, as repeated in the information security community, security never stays stagnant and is a continuous process due to black hat hackers becoming more intelligent and their tools becoming more sophisticated in cracking computers and networks.

No comments:

Post a Comment