Tips for Better Computer Security

Regardless of whether you use WindowsMac OS X, Linux, a BSD, or any other operating system, there are definite things which can easily be done to increase your computer’s security. You can, of course, disconnect your computer from the Internet and the rest of the world, and though this is an effective way to increase security, it is not practical for most people. Below are some examples of how to make your computer more secure without taking the extreme measure of becoming a “digital hermit.” It should be mentioned that these tips are very useful in increasing security, but it is not an exhaustive list by any means. I would also like to especially emphasize the last tip which is “Good Sense,” without which the other tips will be of little help.

  • Firewall – Most online providers have a firewall which protects your network from outside intrusions, however you also need to have a firewall installed and enabled on your computer as well. Click here to learn why it is so important to have your computer’s firewall enabled [1]. Most Linux distros have a built-in firewall, which can easily be controlled through such graphical interfaces such as Gufw or Firestarter. You can test your firewall system for free by going to the Gibson Research website and using “Shields Up!”
A screenshot of a firewall control in Linux:
 Firestarter screenshot
  • Strong Passwords – Always make sure you create and use strong passwords for anything you do with your computer, which includes online banking, email, and social networking sites such as Facebook and Twitter. One way to make a stronger password is to use a combination of lower case and upper case letters, along with numbers and symbols such as !, @, #, $, %, ^, &, *, (, ), -, =, etc.  Also, the more characters (numbers, letters, symbols) in a password, the better. Additionally, it is very wise to use different passwords for each website which requires them.
  •  User Accounts – Make certain that you set up and login to a user account which does not have administrative user privileges. One great feature of most Linux distros is that this is done by default. So an administrative (root) password is required in order to make any changes to a Linux system, which includes installing and uninstalling software, activating or deactivating a firewall, and changing passwords. Unfortunately, Windows is set up to run as an administrative user by default, which means that any person or malware with access to the computer has free reign over the operating system. If you continue using Windows, it is strongly recommended that you set up a “standard user” account for everyday use and avoid logging into the administrative account. This will require an administrative password whenever installing new software, and many viruses and other malware can be stopped or hindered by doing this. Also, make sure to use a strong password.
  • Antivirus – For Windows users, having a reliable antivirus program running is a must, and it is strongly recommended to have one running in Mac OS X and Linux as well. No computer operating system is totally invulnerable from malware….. especially not Windows, not Mac OS X, and not even Linux [2][3]. However, it should be mentioned that the vast majority of malware is designed to attack Windows systems, and by their very natures Mac OS X and especially Linux provide more challenges to being infected by malware than Windows. Another reason for Mac OS X and Linux users to have an antivirus is to protect friends who use Windows when sharing files with them. Mac OS X and Linux, while immune to Windows viruses, can become carriers. One important piece of advice is to not have more than one antivirus installed on your computer at the same time, unless you want your computer to slow down to a crawl! Listed below are some free antivirus and rootkit detection programs which work very well:
A screenshot of the ClamTk Antivirus:
ClamTk Virus Scanner screenshot
  • Updates – Keep your computer’s operating system and other software as up-to-date as possible. This will greatly increase your security. Malware and malicious “hackers” are constantly adapting and changing, and software developers are working to meet these challenges by offering updates and security patches. Windows, Mac OS X, and many Linux distros such as Ubuntu will let users know when updates are available.
  • Avoid a Lot of Junk – The more random software you install to your computer, the higher the potential for there to be security vulnerabilities. Remove any software from your computer which you do not use on a regular basis, and make sure you keep all of the installed software up-to-date. In your Internet Browser, keep your plug-ins and add-ons to a minimum and in particular avoid installing toolbars. In Linux, avoid installing software outside your distro’s official software repository. Some Android users and some of those who have jailbroken their iPhone, iPod Touch, or iPad have learned this lesson the hard way [4][5]. There have even been cases where a few apps found within the official Android Market contained malware, so it is always wise to install any software with caution [6].
  • Use A Safer Internet Browser – Some excellent browsers are Mozilla FirefoxGoogle Chrome/Chromium and Opera; all can be installed in Windows, Mac OS X, and Linux. For extra security in Firefox, you can install the NoScript add-on, which only runs Java scripts and Flash Video from websites you deem to be trustworthy; this is important because many malware attacks come through Java and Flash exploits. Another excellent security add-on available for Firefox and Chrome/Chromium is Adblock Plus, which automatically blocks all ads while surfing the Internet. While the majority of Internet ads are probably legitimate, there are some ads that carry malicious links which are designed to install malware such as scareware on to unsuspecting users’ computers [7]. A couple of other nice add-ons for Firefox are Web of Trust and Flagfox. Web of Trust gives safety ratings of websites, and Flagfox shows a flag representing the country of origin for a website. If you use Windows and browse with Internet Explorer, then update it to version 8 (if you have Windows XP) or version 9 (if you have Windows Vista or7), and especially avoid version 6 or older.
  • Turn Off Your Internet Browser’s History – In most Internet browsers, you can turn off the “History” feature, which means that your browser will basically not remember previous websites you have visited or passwords you may enter online. While this may be an inconvenience for many people, it is definitely something which can be done to make your computer more secure.
  • Use Caution on Open Wi-Fi Networks – Whenever you are browsing the Internet on an open (unsecured) Wi-Fi network, you should avoid exchanging sensitive information while logged into unencrypted (non-https://) websites. Any low-level “hacker” (“cracker” is a more correct term) who is on the same Wi-Fi network can access your account while you are logged in and steal your private information [8]. One solution is to use HTTPS Everywhere while browsing on open Wi-Fi networks with unencrypted websites, though it does not work with all websites [9].
  • Encrypt Your Home Folder – This is extremely important with portable devices such as laptops, but it is smart to do with any computer, including desktops. If your computer is ever lost or stolen, by encrypting the information stored on it, you are safeguarding it from being accessed by unauthorized people. For example, in Ubuntu, Kubuntu, and Xubuntu it is very easy to encrypt your home folder where your files are stored. Click here for more information [10].
  • Wipe Your Hard Drive Clean if You Give Away or Sell Your Computer – Simply deleting files from your computer or even reformatting it will not prevent people with enough skill from accessing your files later. Before you give away your computer or sell it, use a thorough hard drive cleaner such as DBANto totally wipe your hard drive [11]. Once this is done, you can reinstall your operating system of choice on the computer before you turn it over to someone else.
  • Good Sense – Even though this one is last on my list, it is probably the most important. Everything above will be of little help unless you exercise good sense while on the Internet. One thing which gets a lot of people in trouble is that they get “click happy” and download and install software from questionable websites or online ads and pop-ups, or click on file attachments and links in emails without taking time to consider whether or not they are from reliable sources. You must use extreme caution when downloading and installing software. Linux users can greatly protect themselves simply by downloading only from their respective distro’s software repositories. Additionally, beware of social engineering tricks such as scareware and phishing. If you see an email or other message from someone you do not recognize, do not open it or any of its contents and definitely do not divulge confidential information to the sender. Caution must also be used when receiving emails from people you know, either because they may have unknowingly sent you a virus-infected attachment, or because they did not send the email. For example, the Koobface worm has entrapped Windows users (and to a smaller and more limited degree Mac OS X and Linux users) through fake messages sent via Facebook and other social networking sites, which falsely appear to come from friends and include a video attachment that requests a file to be downloaded and installed, which is malicious [12]. It seems that many people believe their computer systems are “bulletproof” because they have antivirus software installed, so they do careless things, which can open the door for all sorts of malware and even “hackers” (more accurately “crackers”) to take control of their computers, even with antivirus software running. It is scary to think that there are potentially millions of people who’s computers are unknowingly (to them) part of some botnet. Many types of malware will disable antivirus software, or make it ineffective. It is like opening the front door of your home to a burglar….. once the burglar is in, he can do all kinds of damage and steal all kinds of valuable things.

***For more detailed information regarding computer security, you can visit the United States Computer Emergency Readiness Team website [13] and The Last Watchdog on Internet Security [14]. Also, click here to read an excellent article about Internet safety [15]. Finally, click here to read a nice summary of security basics from the Fedora Project [16].


References:

1.    ^ “Why Your Computer Needs a Firewall Enabled.” http://www.linuxbsdos.com/2011/11/21/why-your-computer-needs-a-firewall-enabled/.
2.    ^ “Do I Need an AntiVirus Program on Linux?” http://techthrob.com/2009/03/02/do-i-need-an-antivirus-program-on-linux/.
3.    ^ “The Short Life and Hard Times of a Linux Virus.” http://librenix.com/?inode=21.
4.    ^ “Symantec: Malware Masquerading as Android Apps.” http://reviews.cnet.com/8301-19736_7-20037782-251.html.
5.    ^ “Truly Malicious iPhone Malware Now Out in the Wild.” http://arstechnica.com/apple/news/2009/11/truly-malicious-iphone-malware-now-out-in-the-wild.ars.
6.    ^ “The Mother of All Android Malware Has Arrived…” http://www.androidpolice.com/2011/03/01/the-mother-of-all-android-malware-has-arrived-stolen-apps-released-to-the-market-that-root-your-phone-steal-your-data-and-open-backdoor/.
7.    ^ “Scareware’s Pitches for Fake Secuirty Show Up in Odd Places.” http://www.usatoday.com/tech/news/2009-06-09-cybergangs-scareware-hackers_N.htm.
8.    ^ “Firesheep Simplifies Stealing Logins.” http://www.informationweek.com/news/security/client/showArticle.jhtml?articleID=228000481&cid=RSSfeed_IWK_All.
9.    ^ HTTPS Everywhere. https://www.eff.org/https-everywhere.
10.    ^ “How to Enable Ubuntu 10.04/10.10 Maverick Meerkat to Encrypt Home Folders.” http://www.liberiangeek.net/2010/11/enable-ubuntu-encrypt-home-folders/.
11.    ^ “Six Security Sins to Avoid: The IT Darwin Awards.” http://www.linux.com/news/technology-feature/security/402705:six-security-sins-to-avoid-the-it-darwin-awards.
12.    ^ “New Koobface Variant Infects Linux Systems.” http://news.softpedia.com/news/New-Koobface-Variant-Infects-Linux-too-163450.shtml.
13.    ^ US-CERT. http://www.us-cert.gov/.
14.    ^ The Last Watchdog on Internet Security. http://lastwatchdog.com.
15.    ^ “The 17 Most Dangerous Places on the Web.” http://www.pcworld.com/article/206107/the_17_most_dangerous_places_on_the_web.html.
16.    ^ “Security Basics.” https://fedoraproject.org/wiki/SecurityBasics.


Number of Visitors – Powered by www.statcounter.com

customisable counter
Advertisements