Internet Tips: It's Time to Update Your Internet Security Arsenal

Photograph: Chris Gall
Right out of the box, your PC is almost entirely unprotected from the huge array of Internet-borne attacks. If you connect to the Internet and simply hope for the best, not only are you susceptible to data loss, identity theft, and fraud, but your machine could become a launching pad for attacks against other computers. Securing your system is no longer optional--it's a matter of survival.

Protecting your PC from Internet attacks requires a multilayered approach: Keep Windows and all other software updated, use a safe browser, and make sure your antivirus software is properly configured, regularly updated, and certified effective. You also need a bidirectional firewall program (and a hardware-based firewall, if possible), as well as at least one anti-spyware program. Fortunately, all of these tools are available for free (except the hardware firewall, which is now included with most routers). Here's our 2005 security checklist.

Update Your Software

Because it's easy to forget to update your software, many programs include an automatic-update mechanism. Lots of PC users report conflicts and other problems after installing Windows patches and service packs, but the protection these fixes provide from known exploits (like the infamous Blaster virus that struck in the summer of 2003) is worth the risk. To enable automatic updates in Windows XP with Service Pack 2, right-click My Computer, click Properties, Automatic Updates, select Automatic (recommended), set a time for the updates (or accept the default), and click OK.

Windows isn't the only place where automatic updates can save your bacon. Most antivirus programs also update automatically--all you have to do is provide an Internet connection and keep automatic updates enabled in the program. Firewalls, too, occasionally suffer from flaws and exploits that require regular patching. Zone Labs' free ZoneAlarm firewall software usually notifies users when such an update is available. And at least one browser--the Mozilla Foundation's Firefox--notifies you of available updates. Other programs require that you check for updates manually via a menu command, or by checking the vendor's Web site for a patch or a new version.

Antivirus: Now Mandatory

For years I used PCs without antivirus software installed. I was smart enough to spot a dangerous attachment, right? Unfortunately, flaws in Internet Explorer, Outlook, Java, and other technologies that dovetail with your e-mail program mean that a properly crafted e-mail message could install and execute a virus on your PC without much action on your part--all you'd have to do is read the message.

A virus (a malicious program file you download to your PC), worm (a program that sneaks onto your PC without a file download), or Trojan horse (a malicious program that piggybacks onto or masquerades as a legitimate program) can enter your PC in several different ways, but e-mail is the most common means of infection. You can pay dearly for a subscription to commercial antivirus programs: Last year, PC World picked Trend Micro's $50 PC-cillin Internet Security suite as our Best Buy. However, I have used two freebies--Grisoft's AVG Free Edition (see FIGURE 1

FIGURE 1: Beat the high cost of virus protection by downloading Grisoft's capable, free AVG antivirus utility.
) and Alwil's Avast 4 Home Edition--for several years, with great results. The programs are unobtrusive, and they automatically receive frequent virus-database updates. Both also received a thumbs-up from antivirus testing outfits ICSA Labs and Virus Bulletin.

Beef Up the Browser

Until recently, one browser was the same as the next. PC users are waking up from their complacency about Microsoft's Internet Explorer browser, however. IE's ActiveX technology permits Web sites (including Web-based e-mail messages crafted in HTML) to install and run programs on your machine--exactly what the virus, Trojan horse, worm, and browser hijacker writers are trying to do. Not surprisingly, many threats to PC security rely on ActiveX.

Microsoft has tightened ActiveX's security, especially in Windows XP's SP2, but new holes continue to crop up, often after malware exploiting them appears online. Microsoft doesn't provide all of these IE security updates for earlier versions of Windows, however, leaving users of Windows 2000, Me, and 98 vulnerable to ActiveX exploits.

To avoid ActiveX dangers, install an IE alternative--it won't be vulnerable to ActiveX attacks--and set it as your default browser. (See February's "The New Web Challengers" for a comparison of Firefox, Mozilla, IE, Netscape, and Opera.) Or simply disable IE's support for ActiveX: Open IE and choose Tools, Internet Options, Security, Custom Level, scroll to 'Run ActiveX controls and plug-ins', select Disable, and click OK, Yes, OK (see FIGURE 2

FIGURE 2: Heal IE's Achilles' heel by stopping the browser from loading ActiveX controls and plug-ins.
).

Disabling ActiveX prevents you from viewing Web sites that rely on it, such as Microsoft's own Windows Update site. To get these sites to work, add them to IE's Trusted Sites list: Click Tools, Internet Options, Security, choose Trusted Sites, click Sites, and enter the URLs one at a time. Uncheck Require server verification (https:) for all sites in this zone, and click OK.

Double Up Your Firewalls

Firewalls keep the bad guys out of your computer by shutting the thousands of doorways the machine opens through your Internet connection. Depending on how your system is configured, these doors could be invisible (no response given when the remote system comes knocking), closed but still visible to the remote systems (thereby confirming the presence of a PC at your Internet address), or wide open (the remote system can come right in). A good firewall protects you from these inbound attacks, while also monitoring the applications running on your PC when they make outbound connections to remote systems. (Trojan horse programs, spyware, and other malware that sneaks onto your PC often employ your Internet link to connect clandestinely to remote servers.)

Windows XP's firewall monitors only inbound connections, offering no protection from malware already on your PC. The latest versions of my favorite free firewalls--Kerio Personal Firewall, Outpost Firewall Free, Sygate Personal Firewall, or ZoneAlarm--are all effective, so if one conflicts with your system, try another.

If you have a broadband Internet connection, use a hardware-based firewall in addition to a software version. Many cable and DSL modems and routers--wireless routers included--have a firewall that you can configure from your PC. Because these hardware firewalls are external to your system, they can't monitor which apps are opening outbound connections, so they can't replace a software firewall running on the PC. However, they do keep incoming attacks off your local network, and they can shield your machine's IP address from the outside world, further protecting you from external attacks.

Anti-Spyware, Too

Spyware is a generic term for a range of programs that monitor your Web activity and then inundate you with targeted pop-up ads (adware), or that look for personal information, log-in names, and passwords that the program then forwards to a server or e-mail account (spyware). Adware may or may not provide a useful service--search toolbars are a common variation--and the programs are often bundled with other free downloads, such as file-sharing utilities. See April's "Spyware Stoppers" for more on spyware fighters.

Aside from swearing off Grokster, Kazaa, IMesh, and other spyware-laden software, you can avoid adware and spyware by using a reputable anti-spyware utility. I say reputable, because many free spyware removers can do more harm than good. For more on evil anti-spyware tools, read "Poor Defenders" from last December's issue, and last August's Internet Tips column.

I recommend Lavasoft's Ad-Aware SE (formerly called simply Ad-Aware) and Safer Networking's Spybot Search & Destroy, both of which are free. Each of these programs scans your hard disk and the Windows Registry for traces of known spyware and adware, and then removes the offending files and Registry trees. Spybot Search & Destroy also has a memory-resident tool that traps attempts to change the Registry (a typical spyware or adware activity) and asks if you want to allow the changes. Javacool Software makes two other free memory-resident utilities that prevent many kinds of spyware from loading into memory in the first place: SpywareBlaster blocks known ActiveX spyware from installing, and SpywareGuard scans downloaded files for known spyware payloads.

Unlike with antivirus programs, which tend to conflict with each other, it's a good idea to use several spyware removers. But even if you use all of these excellent tools, you may not be able to detect and remove every bit of spyware bogging down your PC. To get every last parasite, scan your system using Merijn Bellekom's HijackThis utility. HijackThis isn't for novices--it produces a log of browser add-ons and related Registry settings you must then sort through to choose which ones to disable (see FIGURE 3

FIGURE 3: Use HijackThis to find spyware that even Ad-Aware and Spybot can't nail.
). But the log does not differentiate between malware and nonmalware, and disabling the wrong thing could cripple your system. Fortunately, a growing cadre of dedicated anti-spyware volunteers that you'll find at several Web forums will scan your HijackThis logs for you, and tell you what to kill and what to keep. Browse to Bellekom's own list of forums for log-entry interpreters.

1 2 Page 1
Shop Tech Products at Amazon