By the time someone reads this article tomorrow, it may be out of date. I also want to preface this by saying I’m no security professional and if someone truly wants to break into your system there’s probably not a lot you can do about it. BUT, since most people bent on nefarious tasks take the path of least resistance, a few roadblocks are always good. Input from ‘real’ security professionals is welcome.
This article will try to identify the largest avenues for trouble and how to easily handle them.
The areas of security we will be handling are:
1. Home firewall and routers
2. Home wireless
3. Personal computer (hardware and software)
4. Browser and web surfing
Buckle in and lets go.
1. Home Firewall. Every single person connected to the internet should be protected by a hardware firewall. You may have it and not even know it. If your computer connects directly into a router, then you’re probably protected. If your computer connects directly into your cable or DSL modem, then you might not be protected depending on the type of modem you have. You may have to do a little research to see if you have a simple modem or if you have one of the newer ones that also acts as a firewall.
If you are connected to a router, you then need to log into your router and change the administrative password. Change it to something hard with upper/lower case and numbers, but something you will remember. Variations of an old street address, license plate or some other sequence you will easily remember. It is important that you change this password. Every hacker knows the default passwords to every single router out there.
2. Home Wireless. Wireless is wonderful, but if you don’t lock it down it’s like broadcasting your computer data across your neighborhood. Most newer wireless routers come with a configuration CD that allows the novice to set up wireless security. The easiest way I’ve found is to log into your wireless device through a web browser and configure the security yourself. The first time may be difficult, but I’ll try to give you the keywords to look out for.
A. Change your SSID. That’s the broadcast name of your router. Change it to something you know but nobody else will. Do not put your last name or street number as your SSID.
B. Enable Wireless security. Do NOT use WEP, as that is akin to locking your front doors but leaving the key under the mat. Always use WPA2. If you have older wireless devices, they may have troubles with this, but those are becoming the rare exception. Give yourself a passphrase that’s easy to remember but hard to guess. That is the key you will give other wireless devices when they want to get on your network.
C. Don’t forget to change the admin password of your wireless router.
3. Personal Computer (hardware). Included in Windows Vista and Windows 7 is the ability to encrypt portions of your hard drive. This is an absolute must if you want to protect your personal data in the event of a stolen laptop. Encrypting makes it virtually impossible for someone to take out the hard drive and access your data from another devices. If you have nothing of value on your laptop, then don’t bother with encryption. Power fluctuations can destroy delicate computer equipment. Spend $100 or so and get a UPS (Uninterruptable power supply). It’s a big, smart battery that will keep your computer equipment better protected than with a surge suppressor alone.
3. Personal Computer (software). One of the BIGGEST vulnerabilities is old software on our computer. Hackers may find a vulnerability in an old version of Flash or adobe and use that to hack into machines that have not upgraded their software. Download and install secunia to keep a close watch on out of date software and easily upgrade it.
4. Browser and Web surfing. First off, stop using Internet Explorer. Unless your bank mandates it or some other site only allows it, never use it. It stinks. It’s full of security problems and it’s just best to stay away from it. Download and use Firefox instead. The beauty of firefox is that there are a ton of addons that make browsing a true pleasure. Download Adblock to stop every ad on every website. Download noscript to stop nefarious 3rd party scripts from running on your computer. Download lazarus if you would like the ability to retrieve data you entered into a website before it crashed on you, wiping out an hour’s worth of work.
As far as websurfing goes, download the firefox addon HTTPS Everywhere to make your browser point to secure websites automatically. If you type in facebook.com, it redirects you to https://www.facebook.com/. This is a beautiful thing when surfing on public wireless connections. Secure connections are always where you want to be when out and about. This goes for surfing on corporate LAN’s too! Since many viruses come from just visiting websites, make sure noscript is running and your anti-virus is up to date. Just clicking a link on Facebook can take you to some place that can screw up your entire computer.
5. Anti-virus. Get one! Some are heavier and weightier than others, some do tons of things while others do only one. I like AVG Free for personal use if you’re averse to paying for software, or Vipre total home security if you have many machines on your home network and you value their safety. I tend to stay away from heavier suites like McAfee and Norton because they do too much and take too many resources. Make sure that no matter what anti-virus you get, that you run a weekly scan at least (I run nightly), and your virus definitions are updated as often as possible! You can also use online virus scanners to do a quick scan of your PC if you think your personal anti-virus has been compromised. I use Housecall by Trend Micro for this.
6. Anti-Malware. Malware wants to infiltrate your computer, loading software that can do any number of harmful things. Download and install malwarebytes if you think you have a case of malware.
7. Data. For heaven’s sake back up your data…nightly if you can, weekly at least. Get an external hard drive from Sam’s club, or a nicer NAS (network addressed storage) device from newegg. Install a stupidly-simple piece of software like Microsoft’s Synctoy 2.1 to back up your profile to an external device. Do it. Stop talking about it and get it done.
I may have missed some stuff, but these 7 points will make hackers think twice about going after you. Some of the software mentioned above can be found ninite and some of it will have to be googled. Addons for firefox can be found right on firefox.com.
Spend a little time and lock things down. The amount of time you spend protecting yourself will pay off in the end when you don’t have to keep reloading your computer, or you don’t have to try and protect your identity.
This article is a reprint from Gartland Technologies’ Facebook page. You can ‘like’ this page here.