Elementary Computer Security

This article is available at: http://www.heurtley.com/richard/security.html and was last updated on 2004-07-15.

Also see the author's other article:

Elementary Computer Maintenance: http://www.heurtley.com/richard/maintenance.html

Nearly all computers are connected to the internet. But most computers, even brand-new ones, are missing some of the programs required to connect to the internet securely. An unprotected computer is vulnerable to viruses, worms, and malicious programs that record your internet use, display advertising, or use your computer to send spam. The symptoms of an infected computer are:

All computers that are connected to the internet should have the following programs installed:

Free versions of all of these programs are available for download on the internet. Some of the suppliers of these programs have commercial versions that they hope to sell you but others do it as a service to the internet community.

Secure Internet Applications

Most of the security problems on computers that run Microsoft Windows are due to flaws in the two most popular Windows internet applications: Internet Explorer and Outlook Express. There are free alternatives to these programs available from the Mozilla Organization: http://www.mozilla.org

Firefox is a replacement for Internet Explorer. In addition to being more secure, Firefox also has excellent built-in pop-up window control. Firefox can be downloaded at: http://www.mozilla.org/products/firefox

Thunderbird is a replacement for Outlook Express. In addition to being more secure, Thunderbird also has excellent built-in spam control. Thunderbird can be downloaded at: http://www.mozilla.org/products/thunderbird

Antivirus programs

Viruses are malicious programs that generally require human assistence to travel from computer to computer. Old-fashioned viruses usually spread on infected floppy disks while newer viruses usually spread as e-mail attachments.

Antivirus programs perform the following functions:

A antivirus program will try to remove any viruses it finds. Sometimes a virus can't be removed so then the antivirus program will give you the option of deleting or quarantining the infected file or e-mail message. E-mail scanning happens automatically as e-mail is sent and received and disk drive scanning is usually scheduled to happen periodically, often once a week.

Installing an antivirus program is just the first step. It is necessary to occasionally update the antivirus program's virus database so that new viruses will be detected. Ideally the virus database should be updated once a day. Once a week is acceptable.

A good free antivirus program is Grisoft's AVG Antivirus available at: http://www.grisoft.com/us/us_dwnl_free.php

Stinger is a free stand-alone disk drive virus scanner available at: http://vil.nai.com/vil/stinger

Firewall Programs

Firewalls make a computer more resistant to attacks from worms and hackers.

A worm is a malicious program that generally doesn't require any human assistence to infect a new computer. Worms and hackers usually exploit a programming error in the computer's operating system or in an application to gain access to the computer.

Firewall programs work in two ways:

If a computer has a cable or DSL connection then the best way to protect it from worms and hackers is with an inexpensive external firewall router like the LinkSys BEFSR41 EtherFast® Cable/DSL Router with 4-Port Switch: http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=20 An external firewall router has the advantage of allowing you to easily share the internet connection with more computers by simply plugging them into the router.

If buying and installing another piece of equipment is not an option then a firewall program should be installed instead. Microsoft Windows XP comes with a built-in firewall program called the Internet Connection Firewall. Other versions of Microsoft Windows (98, ME, NT, and 2000) do not come with firewall software.

Agnitum offers a free version of their Outpost firewall product at: http://www.agnitum.com/download/outpost1.html

Spyware/Adware Detection and Removal Programs

Programs that spy on a computer user's web browsing and report the information to someone else are called "spyware". Programs that alter or insert advertising are called "adware". Spyware and adware is installed on a computer when the user downloads a nifty-looking free utility program. These utility programs are usually somewhat functional and do what they claim to do, but they also secretly do things that most people don't like.

Spyware programs collect a history of all the web sites a computer accesses and send this information to the organization that wrote the program. The information is usually used to create broad marketing statistics, like the geographic distribution of all the people visiting a particular web site, but sometimes a company will try to identify the individuals who use a computer and the web sites they like to visit.

Adware programs insert ads into web pages that normally don't have them or can change ads in web pages. If a web site has an ad for a Ford trucks, for example, an adware program could change it into an ad for Toyota trucks.

Some computers have as many as a dozen spyware and adware programs installed on them. Each program takes up memory and disk space, takes time to start up, slows down the computer, and slows down the internet connection; all for the benefit of the company that wrote program, not for the user of the computer.

Like virus checkers, spyware/adware detection and removal utilities use a database to recognize malicious programs. It is important to update the database before the program is run for the first time and then regularly thereafter.

Sometimes a spyware/adware detection and removal utility will recognize a program but make its removal optional. I recommend removing everything that gets recognized.

There are two excellent free spyware/adware detection and removal utilities available and because they work in different ways it is a good idea to download, install, and use them both. They are:

Operating System Updates

Computers are vulnerable to viruses and worms because of flaws or "bugs" in the computer's operating system. Most computers run a version of Microsoft Windows. Microsoft offers a set of free updates for each version of Windows. Each update fixes a bug in the operating system and, when installed, makes the operating system more stable and secure.

Most brand-new computers come with none of the updates installed which means that a new computer fresh out of the box is extremely vulnerable to viruses and worms. It is very important to update a new computer as soon as possible.

There are two ways of downloading operating system updates:

The "manual" technique is actually quite automatic. The web site determines the version of Windows that the computer is running and creates a list of all the updates available to install. The most important or "critical" updates are listed first. The user can choose to download and install all of them at once or updates can be selected one-by-one.

The Windows Automatic Update feature is available on Windows ME, 2000, and XP. (Not on Windows 98 and NT.) The Automatic Updates feature checks the Windows Update web site a few times a day and automatically downloads any new updates. When a new update is downloaded it notifies the user and asks whether it should be installed.

One problem with Microsoft Windows updates is that there are many of them and some of them are quite large. It could take all day long to download just the critical updates over a slow modem connection. If you have a slow modem connection you should download the critical updates one-at-a-time.

Automatic Program Start-up Control

Most computers automatically run some programs when the computer is turned on. Many of these programs are not necessary for the operation of the computer and just take up memory and slow the computer down. Often the programs are very irritating. Microsoft Windows 98, ME, and XP come with a program called "msconfig" that can be used to stop these programs from running automatically.

The msconfig program is run as follows:

  1. Click on the "Start" button.
  2. Click on the "Run" menu item.
  3. Type "msconfig" (don't type the quotes).
  4. Click on "OK" button or press "Enter".

The msconfig program shows a window with several tabs at the top. The rightmost tab is labeled "Startup". Click on it and a list of automatically-started programs will appear. There is a checkbox on the left of each program entry. If you uncheck the box then the program will not automatically start up the next time the computer is turned on.

Mike Lin wrote a free replacement for msconfig called Startup Control Panel which is available at: http://www.mlin.net/StartupCPL.shtml . This program works on all versions of Microsoft Windows.

Care must be taken when disabling startup programs. Some startup programs are necessary for the proper functioning of your computer. If you disable a program and something on your computer stops working you may have to reenable the program.

Safe Computing

Some of the programs described in this article are preventive measures while others are cures. A knowledge of safe computing practices can prevent a computer from being infected in the first place.


The author assumes no responsibility for the use of the programs and utilities referred to in this article. Follow this advice at your own risk!

Copyright © 2003-2004 Richard Heurtley.

Verbatim copying and distribution of this entire article is permited in any medium, provided this notice is preserved.