Basic Computer Protection and Defence

The internet is not a safe place.

I hope the sentence got your attention, because it's completely and undeniably true. Although the Internet is a place to search for information and download just about anything, you can never just assume whoever is letting you download is friendly and helpful. Sometimes, whatever you download has an invisible, but potentially problematic component.

In order to protect yourself, there are three key software pieces to defend your machine, each of which is a layer of protection on its own. By using all three together you're increasing your operating system's longevity, because a well-protected system is a healthy system, and runs a lesser risk of needing a complete reinstall than a completely or partially protected one. Note that you only ever need one of each layer - programs on the same layer usually don't play together well and will interfere with each other, effectively crashing the protection layer.

Anti-virus

Anti-virus software is by far the best-known layer of protection, and which most users get with one of their computer components, usually bundled with the motherboard. There's a whole variety of virus types - from Trojan horses, which act as a legit program but do something entirely unwanted, to worms, which exploit holes in the operating and security systems, to e-mail viruses, which copy themselves onwards to people in your address book and send themselves onward like a chain-letter on steroids.

Anti-viruses generally attempt to either disinfect any infected file by removing the virus from the contents or delete the file completely. Some even have a much safer option of shredding, which wipes the infected file more thoroughly than even deletion. Generally, if the virus hasn't been started, it's best to destroy or shred it.

While an unleashed virus (if the virus is a destructive type) may cause total file destruction, some files may be recovered by disinfection (or healing) which removes the virus from the contents. This typically fails on any executable file such as a program, but has been known to fix documents like Word and Excel files - in case you have no backup, it might help salvage at least part of the original.

While all Anti-virus programs can work in a so-called on-demand scan mode, which means the user starts the antivirus manually and sets it to work, some offer on-access scanning, which checks files before they're actually opened, ensuring that you don't accidentally unleash a virus. A commonplace feature on some Anti-virus programs is called a chest or quarantine, since all infected files are usually moved there and become unopenable so they wouldn't affect the computer - it's best to think of the quarantine as a sandbox where the viruses are kept inactive.

To recapitulate, when deciding on your Anti-virus, these key factors should affect your choice.

  • modes of scanning - anti-virus that offer both on-demand scanning and on-access scanning are generally more thorough as well as more convenient,
    although on-access scanning can sometimes slow down computer performance
  • Action choice - any anti-virus worth its salt will be able to delete the infected file. Check for the ability to disinfect (or heal), quarantine and
    shred - the more options the antivirus has, the better
  • library size - obviously, the greater the library of known viruses is, the more viruses can be detected and eliminated
  • Update intervals - the closer the time between updates, the better. A week between updates is not good. A day between updates is good. Multiple updates per day are a godsend, but they come at a steep price
  • critical acclaim - although biased, and sometimes fuelled by commercials, it's a good overall measurement because antivirus are commonly pitted against each other in a stress test
  • price - last but definitely not the least, how much you'll shell out for it

Anti-spyware

Spyware is basically the non-destructive version of its evil twin, the virus. While most spyware boils down to tracking your topics of interest, some can get downright obnoxious, installing toolbars into your browser, changing your home page or showing dozens of pop-up advertisements. Worst of all, some of your private data, such as your credit card numbers can disappear somewhere they definitely shouldn't be. While not as hazardous as viruses, they need their own set of tools to pull off your browser.

The selection of anti-spyware programs is not as varied as anti-viruses, but a couple of programs are considered as the best in their class:

  • Spybot Search & Destroy and AdAware SE - able to detect and remove traces of spyware, having one of these programs from the get-go is your safest bet on staying spyware-free
  • SpywareBlaster - some spyware uses so-called ActiveX distribution to do its evil bidding. This program was made specifically to stop ActiveX-launched spyware in its tracks by not allowing it to start in the first place. Best combined with one of the above two programs.
  • HijackThis! - The most advanced tool for diagnosing your spyware status. If you want to figure out what spyware's stuck on your machine, this is the program to use. Gives out a textual printout which is easy to show to more experienced users so they could help out. Does not interfere with other anti-spyware programs.

Firewalls

While anti-virus and anti-spyware programs help protect you from what your own downloaded data could do to your machine, firewalls do the same from the opposite direction - they protect you from what a cracker might do. No, the correct term isn't "hacker". A cracker is whoever decides to abuse your computer from outside and uses it to:

  • hide his own footprints by making it appear it was your computer that did whatever he intended to do
  • "test" your protection level by attempting to bring it down
  • try to steal your passwords directly

...and so forth.

To disable anyone so malicious from doing it, the firewall controls whatever data comes to and from your internet connection. It does so by first closing down all the "ports" (which are connections through which programs contact the internet) and then asks you whether to open ports for programs you start. The first time you do this it'll be tedious as hell, but it's a small price to pay for an extra layer of security. Firewalls should be left to stick around in your memory and continue monitoring the traffic - of course, they won't collect any data, otherwise they'd be busted by one of the anti-spyware programs.

The selection of firewalls is varied, and there are even hardware firewalls - but to a home user, they're an overly expensive toy. Freeware firewalls do their job well enough to keep a "small target" such as a home user safe from intrusion. Just searching for "free firewall" on a search engine will give you a quick selection.

Are we safe yet?

So, now that you have your three layers of protection, the whole setup begs the question - is that all that needs to be done? The answer, unfortunately, is no. The most important layer of protection is you - the computer user. The rule of the thumb is not to download something if the location you're getting is from looks fishy. Developer's sites are legit, so are massive free software collection sites. Any sort of illegitimate site means trouble at least half the time. Downloading anything from pop-up ads is a definite no-go.

The worst you can do is keep your operating system, browser, Anti-virus, anti-spyware and firewall unattended by not updating them - make sure you update whenever possible.

Keep a close tab on your defence programs, and think before you click. Using your protection layers will keep you safe from automated hazards - but only your own common sense will keep you safe from hazards that wait on your own action.


Helpful Advice from those Friendly People at DOT-COMmunICaTions