I recently had to investigate an issue with a client’s website reported by a customer who was unable to use the website’s navigation. I gave the customer a call to see if we could replicate the problem. The customer was from a SMB here in Ireland and my first question was what browser were they using. They were unable to answer so I asked that they click on Tools->About. Guess what? In 2006 they were still using Internet Explorer 5.0. The issue was with CSS but afterwards I began thinking about just how much malware must be floating around their network.
So to get into the swing of this blogging thing I thought it might be useful to give an outline of some of the practices and software available that will help keep your PC safe and clean.
- My #1 piece of advice to anyone surfing the web is to dump Internet Explorer. IE is a dated piece of software that has countless security vulnerabilities. As the market leading web browser it is also the target of most malware attacks and the source of many malware infections on Windows based platforms. I have been using Mozilla Firefox since version 0.7 and cringe whenever I am forced to use IE (generally when on vacation or using someone else’s PC). I have also used Opera and found it to be a well thought out browser. However, for pure extendibility I find Firefox wins hands down. You should really try one of these browsers – they copy over all your settings and bookmarks and I guarantee you will be impressed by the experience.
- Keep your operating system and applications up to date. Software vendors often update their products fixing bugs, adding functionality and removing security vulnerabilities. It is important that you regularly visit vendor websites or use in-built functionality to keep your products up to date. Most importantly for Microsoft users, you should visit Microsoft’s Update Site every month to download the latest patches. I know that many Irish computer users are limited to dial-up connections but if so you might consider leaving your computer on-line overnight some Saturday night so that it can properly update. The call charges shouldn’t be so obscene at that time.
- Regularly scan your computers with up to date Antivirus software using the latest definitions available. Most Antivirus software will allow you to schedule scans that run automatically. I have included an Antivirus Software section below with information and my own experience with many of the applications available. You should also install some form of AntiSpyware application – there are many free and purchased solutions available (see AntiSpyware section below for more details).
- If you are not behind a corporate firewall then you should consider installing a software firewall on your PC. Windows XP ships with the Windows Firewall but it is quite limited in the protection afforded (although, of course, better than nothing). You can find out about various software firewalls below.
- Something that I don’t see mentioned often is the use of anti-spam software on the mail server. If your e-mail is provided as part of a hosting package you may also have access to anti-spam software. Spamassassin is commonly bundled with Cpanel (you can find it in the Mail section on Cpanel) and uses both filters and heuristics to determine the likelihood of e-mails being spam. You should ensure that it is activated. You won’t lose any e-mail unless you explicitly set this option, but any mail that SpamAssassin believes is spam will be converted to plain text with a warning message in the title. Attachments, which are a common source of malware, will also be converted to plain text and displayed in-line in the message – in effect these attachments become far more difficult to execute by the casual user which reduces the possibility of infection.
In terms of the security software available here is a list of both free and paid applications that will help your PC remain healthy:
- Spyware Removal and Protections
- Firefox – as mentioned above dump IE and install a decent browser. You would be amazed at the extra protection.
- Spybot Search & Destroy – a FREE and handy spy-ware detection and removal tool that has become more advanced over its lifetime. I have used this for many years now and highly recommend it. (oh, and curiously the company is run out of Greystones, County Wicklow!);
- Spyware Blaster – another FREE tool that basically prevents you from visiting bad websites known to distribute malware. While simply a prevention tool which doesn’t offer the protection afforded by more advanced software, it can be a useful piece of software and best of all it’s free;
- Microsoft Defender – yet another free application (still in Beta but free for now anyhow) this software integrates technology acquired through Microsoft’s acquisition of Giant Software some years back. I rarely use this app as I find that scans take hours and are very resource hungry but technically this is probably the best free anti0spyware tool.
- Lavasoft Adaware – available in both professional and free editions this software includes a scanner and removal engine. I have used this in the past but cannot say what the detection rates are like currently.
- Webroot Spysweeper – this is probably my favourite anti-spyware software. While not free, Spysweeper provides detection and removal technology that sets the benchmark in this area. The one proviso I would give is that since updating to version 5.05 my system has had some serious instability issues.
- Ewido – Ewido is probably not so well know but I have heard increasingly good things about this software. As with Spysweeper this software requires a subscription.
If you can afford to buy Anti-Spyware software I would advise Spysweeper, however if you choose to install the top four apps above I reckon you will probably have a good level of protection.
- Eset Nod32 – again a brand name probably not well known outside experienced users, but this Czech antivirus really works well. Viewed as one of the best AV tools around, the only downside is that Eset NOD32 is slightly more technical in terms of the configuration options available. I have used Eset Nod32 and highly recommend it.
- Kaspersky – this time from Russia but widely viewed as having the best detection rates in the industry. I have tried Kaspersky but had to uninstall due to persistent BSODs. Pity because I read very good things about this AV.
- BitDefender – I have not personally used this AV but again i have heard very positive feedback about its abilities.
You may well wonder where are the Norton’s, the McAfee’s etc. The reason I don’t mention them is that, while providing sufficient protection for casual users, it is well known that they have the worst detection and removal records. I have included links to some review and comparative sites that you can have a look at.
- Agnitum Outpost – widely viewed as the most effective software firewall for personal use. I believe that previously they also offered a watered-down free version but checking their website I can find no reference to the free version anymore.
- ZoneAlarm – I have used this particular firewall for a number of years and found the protection to be comprehensive. There have been some previous issues with the software corrupting certain Windows features but these seem to have been ironed out with the latest release. The only thing stopping me going to Agnitum is that ZoneAlarm hasn’t caused me any problems. I can recommend this product if you are looking for a good software firewall. They also offer a reduced feature free version which you could try.
- Look ‘n Stop – I have only heard of this product recently but everything I have heard seems to be positive. Maybe worth a look.
Again you may wonder where are the brand name Firewalls. Well again my answer is that the Norton’s and McAfee’s etc don’t offer the protection of the best products available.
NB ALL-IN-ONE SECURITY SUITES – My advice on this is that most security suites seriously degrade the performance of your PC. If you need the simplest user interface then one of these products *MAY* be for you. However, if you can suffer multiple products you will should reap the rewards in performance terms.
- AV Reviews and Comparatives
- AVComparative.org – website giving impartial reviews and comparisons of all the major commercial AV software available. You might be surprised how well (or how poorly) some of the big names do.
- Wilders Security – online community dedicated to computer security issues. The website is an excellent resource for finding solutions to really nasty PC infections that many AV products cannot remove. You can also find user reviews of security software.
- Online Anti-Virus Scans
- Trend Micro HouseCall – a good free online scanner. This will detect but not remove malware from your PC. If the scanner finds malware they will try to sell you their full software.
- Panda ActiveScan – another online scanning engine with same removal limitations as Trend Micro HouseCall.
- Kasperksy – yet another online scanning engine. Probably better detection rates than previous two.
These scanners can be useful if you do not have up to date AV software installed and are worried about malware on your PC.
- Single File Submission Tools
- VirusTotal – this is a great tool for scanning single files that may be suspect. It uses multiple AV engines and reports the results usually within seconds.
- Kaspersky – using the same tool as for online scanning except for single files that you submit to Kaspersky. Usually returns results instantly.
Great for confirming single file threats that AV software flag as suspicious.
- Port Scanner
- GRC – a great tool for testing leaks in your firewall.
You can use a port scanner to determine if you PC has left any ports open and vulnerable to attack.
Phew! Well I hope the above is useful and maybe, just maybe, prevents someone from getting a nasty malware infection.