Minimizing the Threat from Viruses & other Malware
Avoiding Viruses : Best Practices to Minimize the Threat of Malware
Completely avoiding the threat of computer viruses and other malware such as worms, Trojans, and rootkits without completely isolating your computer from the outside world (and even your home network) is, well...next to impossible. This is particularly true if you are using a machine with is running some version of the popular Microsoft Windows operating system. In fact, it is safe to say that if you are using a Windows machine it is more a question of WHEN you will be infected than a question of IF you will be infected.
So, short of yanking your Internet connection and doing all of your computing inside of a sealed vault, what can you do to help minimize the threat from computer viruses and other malware? That is exactly the subject of this article and when you are finished reading it you should have a much better idea of what steps you can take to minimize your risk and keep your computers running as safe and sound as possible.
Minimizing the threat involves defending your system on three fronts: (1) software, (2) hardware, and (3) user actions. We will look at each one of these categories separately help you get a solid grasp on what you can and should do to maximize your security and minimize the threat from these three vulnerable fronts.
Understanding Software Solutions & Software Threats
Remember, computer viruses and other forms of malware are themselves software (they are programs after-all) and they often spread by attaching themselves to other executable files or even (in the case of Trojans) by pretending to be a safe or even beneficial program themselves! For the most part we will leave the discussion of software threats to be dealt with in the final section of this article which deals with the human element. For now it is probably more sensible to focus on the use of various applications to defend against and eliminate malware infections both before and after they have occured.
Your first line of defense here is to be sure that your computer has a software firewall running. Windows comes with a built in software firewall which is probably sufficient for most home or small business use needs. If you want some added security in this front I would suggest using a more robust firewall solution such as those available from ZoneAlarm, Kapersky, and others. Basically what a software firewall does is monitor the incoming and outgoing traffic on your Internet or network connection and either block or allow transmission requests based on a set of rules. Remember, a software firewall is only as strong as the rules which govern it and clicking "allow" every time the firewall asks will render it completely useless in a very short order.
It is important not only to have a software firewall running, but to actually pay attention to what incoming and outgoing transmissions of data you are letting the firewall allow. If unsure, it is best to err on the side of caution and disallow rather than allow network access. If you are unsure what the program is that is requesting network access, a quick Google search should point you in the right direction. Taking a little extra time to "train" your software firewall initially can greatly reduce the threat of virus, malware, or even hacker attack down the road.
A software firewall such as ZoneAlarm is not enough by itself though. Every Windows computer, whether connected to the Internet or not, should have an effective and recently updated anti-virus program installed and running. There are quite a few anti-virus programs available these days. Some of them are free and some are quite pricey. To further complicate matters when it comes to selecting one, the price seems to have absolutely zero correlation to the effectiveness of the program. In fact, Norton, McAffee and kapersky which are usually the most expensive are generally far less effective than Microsoft Security Essentials and Avast which are both available for FREE!
No matter if your anti-virus program is free or if you pay for it it is extremely important to keep it active and up to date. All of the major antivirus programs release virus definition updates daily at a minimum and sometime more than once per day! This is important to stay on top of newly discovered threats and be able to detect and defend against them as early as possible. Remember, many viruses and other malware applications are destructive and catching them quickly can mean the difference between disaster and victory.
Defending against Spyware & Adware
Spyware and adware, while not usually destructive or a direct security threat, install against your will like a virus or Trojan and acts to send and/or receive information over the Internet. This information is usually related to where you go and what you do on the Internet (used for marketing purposes) or advertisements which pop-up on your machine in response to some action by you or a program on your computer. This is NOT always the case though and occasionally this type of malware will log your keystrokes or use some other method to mine your personal data including such things as: addresses, email addresses, telephone number, credit card numbers, bank account numbers, and passwords!
Many of the programs which fall into this group of malware are not technically viruses and will often not be detected by even the best anti-virus program. Fortunately there is a very good defense available and it is absolutely FREE! The best defense against spyware is an application called Spybot Search & Destroy. This application is one of the best defenses available against spyware, adware, and other similar threats. It has been around for quite some time and is the recipient of numerous industry awards every year. I highly recommend this one and being that it is completely FREE there is simply no reason not to have it.
Defending your System with Hardware
Similar to a software firewall, a hardware firewall controls the flow of incoming and outgoing data transfers on your network or even to a from a single machine. Unlike a software firewall though, a hardware firewall does not rely on you to teach it what is and is not allowed. Instead it monitors all of the packets of information flowing through it and prevents known threats from getting through. Even more importantly, a hardware firewall effectively hides every computer behind it from prying eyes on the Internet and keeps would be hackers locked out. By hiding the ports of the computers on the network from the Internet they are invisible to the outside world.
The easiest and least expensive means of adding a hardware firewall to your home or small business network is to simply install a router between the Internet and the computers. You should NEVER have a computer directly connected to the Internet. Instead, the Internet connection should come into an external modem and then go to a router before making t to any computer or computers on your network. Contrary to what most people think, even if you have only a single computer you should have a router installed between it and the Internet for security!
Most homes or businesses these days have more than a single computer. In fact, most of them have one or more laptops (or even desktop computers) which connect to the Internet and/or the LAN through a wireless connection. I am constantly amazed (and NOT in a good way!) by the number of unsecured wireless networks I find in peoples homes and businesses. It is a quite simple matter to setup a secure network using encryption and passwords. Although WEP encryption is compatible with a wider range of hardware, almost all newer machines support WPA or WPA2 encryption which are MUCH more secure and highly recommended.
For most small to medium network applications I use and recommend the inexpensive and reliable Linksys routers. These are especially powerful if you replace the default firmware (device software) with DD-WRT. This free Linux based firmware is compatible with a wide range of routers and adds additional security and networking features. It can make your $40 router behave like one costing several hundred dollars! A particularly useful feature is the ability to set static IP addresses for the machines on your network which allows for easy setup of SSH and SFTP on the LAN.
Educating the Human Element to Reduce the Threat
Of course it probably comes as no surprise that no matter how well you equip your network or even your single computer with the latest and greatest hardware and software protection, the weakest link in your armor will always be the human element. It seems to be an integral part of human nature to try and get things done as quickly as possible. Because of this we seem to have an almost irresistible urge to simply click OK on everything which pops up and asks for permission. While this often does speed things up (at least at the moment) it is also a sure-fire way to get infected with viruses, spyware, and other undesirables. The moral of the story? READ before clicking and if you are not 100 percent sure then do a quick Google search to find out what it is you are agreeing to!
Aside from knowing what you are agreeing to before clicking OK or similar buttons, you can also decrease your chance of getting infected with a computer virus by following the following simple rules whenever possible:
- Do not download email attachments (even from friends) without first scanning them for viruses
- If you do not know the source of email attachments do not download them at all
- Use Firefox instead of Internet Explorer
- NEVER open or download files with 2 file type extensions (ie - filename.txt.vbs)
- Be especially careful with Microsoft Office file attachments such as Excel, Word Docs, & PowerPoint
In Conclusion -
As I stated at the beginning, there is no foolproof means of avoiding computer viruses and other forms of malware completely -- particularly if your computer runs the Windows O.S. None the less, with the proper use of a few simple measures it is possible to substantially reduce the risk to your system. Remember, use a solid anti-virus program (updated on a daily basis), protect yourself further by utilizing the free award winning Spybot S & D program, use (a properly trained software firewall, always connect to the Internet from behind a router, and use due diligence when making decisions about what to download and what to agree to. I am confident that if you follow these few simple steps you will be MUCH safer from computer viruses and other malware. If you truly want to be secure, ditch Windows altogether and move to a Macintosh or better yet a Linux based PC.
If you would like to learn more about utilizing Linux for your desktop, laptop, or even server needs, please read my Ubuntu Linux article and, as always, feel free to contact me with any questions and concerns you might have.