XplanaZine

The Lovsan/Blaster worm that reeked havoc on computers across the globe last week left many feeling violated. In the past few years the number and intensity of viruses along with other security threats have increased dramatically. A few short years ago computer and network security wasn’t a big concern for the typical computer user. Today if you neglect security it’s just a matter of time before you receive a harsh and often costly lesson on the importance of security. Some people believe that only those who keep financial or other sensitive information on their home computers need to concern themselves with security. Nothing could be further from the truth. Why would a hacker want to gain access to your personal computer if not to steal your money and/or identity? Here’s a short list of possibilities.

• Use your computer as a springboard to attack other computers or networks
• Store illegal and/or pornographic pictures and video files
• Format (i.e. erase all software and operating system) your hard drive just for the fun of it

Today computer security is essential. So the question becomes how can the average non-technical user secure their computer without it costing a lot or requiring hundreds of hours of training? Computer and network security is a very complicated subject and if you don’t know what you’re doing you can actually make your system more vulnerable rather than more secure. For individual computers a good security plan involves five basic elements.

1. Antivirus Software
2. Operating System Security Patches
3. Minimizing
4. Hardening
5. Physical Security

Luckily there are tools available that take a lot of the guess work out of implementing a good basic security plan. Even better, many of those tools are free. Before we get into the free offerings let’s take a minute and talk about things you have to pay for.
First and foremost, a good antivirus program is important and requires an ongoing investment. I can’t tell you how many people I run into who have antivirus software that is out of date and, therefore, doing them no good. When it comes to antivirus software you can’t afford to be without the latest virus profile information. Of course, it costs money to employ people who are competent in creating virus profiles and programs to remove the latest bugs with minimal end user effort so vendors have no choice but charge for this service. When you buy antivirus software you should think of it as purchasing two things, 1) the program to scan your computer 2) the information needed to keep that scanning function up to date relative to the latest viruses discovered in the wild. Often none of this seems important until your machine becomes infected and unfortunately then it’s too late. Remember, an ounce of prevention is worth a ton of cure when it comes to keeping your computer in working order. Antivirus software comes with a limited number of months in which it will automatically update itself. When that time is up your software will still run, but it will not be receiving updated information about new viruses. Therefore, if you purchased a computer that came with antivirus software, or you purchased the software and installed it yourself more than six months ago, you need to take a few minutes and check the software license agreement that came with it to see how long updates are provided. Generally at least once per year you are required to renew your license with the vendor so your computer automatically receives new virus information. It’s well worth the small expense because you’ll save hours of frustration and money by keeping this information up to date.
Second on our list is keeping your operating system up to date in terms of security patches. Fortunately, Microsoft has made this painless and simple enough that anyone can do it. Simply connect to the internet. Then click Start, and search through the menus for this icon.

Yours might look a little different but the nomenclature should be the same. Click on the icon and you’ll be taken to the Windows updates site. Follow the instructions there to have your computer automatically scanned. Newer Windows operating systems allow you to set it up so that you are notified whenever new security updates are available. For more information on that do a search in the Help files on your local machine for Windows Update. The important thing to remember here is that you need to make certain your computer has the latest security (referred to as “critical updates”) patches available in order to avoid being compromised.
Third on our list is minimizing. Minimizing simply means if you aren’t using a particular service on your computer shut it off. Most of us use very little of the full capability of our computers. However, learning the ins and outs of what and how to disable or secure can be a daunting task. It requires advance knowledge of operating system services and tends to be more than the typical user wants to deal with. The trick is knowing exactly what services are the most problematic and how to secure them. With that information the task isn’t so formidable. Fortunately, Microsoft has created a free tool to help you sort all this out. The Microsoft Baseline Security Analyzer (MBSA) works on Windows NT 4.0, 2000, and XP only. If you’re still running NT 4.0 you should seriously consider upgrading. Likewise, if you’re running Windows 95, 98, or ME upgrading is highly recommended. Using the MBSA is not terribly difficult. Simply read through the information about it at the above link. Then download a copy to your desktop and install the executable accepting all the default options. Once installed, launch the program by double-clicking the desktop shortcut.

MBSA Desktop Shortcut

The following screen will appear.

Click “Scan a Computer” from the options listed and you’ll be taken to the following screen.

From the “Computer name” drop down menu select your computer. It should be the only one in the list but if others are listed yours will include “this computer” to the right of the computer name. Next click the “Start Scan” button. The following window will be displayed until the scan has completed.

Once the scan has completed you’ll see the View Security Report screen. Your security report should look similar to the one below.

You’ll notice under the word “Score” there are some colorful symbols. These give you a sense of the severity of the situation. Red x’s are BAD, yellow x’s are not good and green check marks are good. Of course, the object is to work with each entry until they all have green check marks beside them. I’ll warn you ahead of time that it isn’t always possible to achieve all green checkmarks. My advice is to give priority to the red x’s because they represent the greatest threat. Then move on to the yellow x’s and try to get as many as you can to change to green checkmarks. The example below was extracted from the above image and enlarged so you can actually read the entry. As you can see this red x is alerting me that there are three security updates missing from my SQL Server.

Now, if you want to find out what was scanned click on the “What was scanned” link. For additional details on an item click “Result details”. However, the thing I find most useful is the “How to correct this” link. Simply click there to find out how to fix the specific security problem. The instructions provided are pretty good for each repair action. However, I have run into situations in which a little research on Microsoft’s http://technet.microsoft.com web site was required. The more red x’s you can get rid of, the better off you’ll be when the next nasty little bug or hacker happens by. While the MBSA isn’t the most comprehensive tool, it is fairly easy to use, very accessible and free.
The fourth issue we need to address is that of hardening. Hardening refers to making a target, in this case your computer, more difficult to penetrate. Generally this is done with a firewall. Both hardware and software firewalls are available depending on your situation and budget. If you are using DSL or cable modem service you should seriously consider purchasing a router with a built in hardware firewall. Look for one with Network Address Translation (NAT) as this technology hides everything connected to it from prying eyes on the Internet. In terms of free software solutions there are several out there to choose from. When it comes to easy of use ZoneAlarm is a good choice. It’s about as easy to use as a firewall can be.Tip: If you install a firewall and later find that you’re unable to connect to internet based services like instant messaging suspect the firewall first. Try disabling it before you call technical support.
The nice thing about ZoneAlarm is that it’s difficult to install it incorrectly. Once installed it alerts you whenever you launch a program that needs Internet access via a little popup message which asks if you want to allow the program access to the Internet.
Our final security element is physical security. Basically we’re talking about not leaving your computer accessible to unauthorized people in your home or office and not leaving sticky pads affixed to your computer, desk or walls with your username and password on them. Additionally, don’t let people you don’t know use your computer and avoid inserting media like floppy, Zip and CD disks in your computer unless you know where they came from and trust that source. Another good idea is to shut your computer off when not in use. If your computer is connected via Ethernet, DSL, or Cable modem the connection is open anytime the computer is running and that connection is bidirectional.