Step 7: Install Protection Against Malware


If you've already read the rest of this book, you know what that viruses and spyware are digitally toxic to your computer. What you might not know is that an unprotected computer can be infected within minutes of being connected to the Internet after an installation. So you need to have some security software in place before you reconnect .

Infected in Seconds

My colleague, Sean Carruthers, who has good hair and a better music collection, maintains his mom's computer. One day he re-installed Windows on her system and hooked it up to her high-speed Internet connection. The machine was attacked by eight worms within three minutes of being connected. The computer got so hamstered up in those first few minutes that he had to yank the Internet connection, reformat the drive, and start again, this time installing McAfee VirusScan before connecting the network cable again.


So before you go any further, you should install antivirus software, a firewall, and anti-spyware software as follows .

Install an Antivirus Program

If you already have an antivirus program, install it as you did on your previous Windows installation and be sure to update its virus signatures. These are updates from the software publisher that recognize viruses and they are inbound to your computer and nab them.

Tip

Some antivirus programs offer to run a virus scan before they install. In general you can skip this during a Windows re-installation process, unless you're installing from a questionable copy of the Windows CD. If you're installing from a legitimate CD, there's no need to scan at this point.


If you don't have an antivirus program, install AVG Free Edition. It's available free from www.grisoft.com (see Figure 9.14). It updates its virus signatures once a day and scans inbound email as well.

Figure 9.14. AVG Free Edition is a very good antivirus program that can be used free of charge by individuals.

To learn more about antivirus software, see Chapter 1, "Viruses: Attack of the Malicious Programs."

Install an Anti-spyware Program

Spyware and its nasty sister adware are worse than the virus problem because there are many more types and variations of spyware and adware than there are viruses. Spyware sneaks on to your computer and records and sometimes steals information about you. Adware watches your computer behavior and then shows you ads.

The best defense is to install at least two anti-spyware programs because one won't catch all of it. Windows XP users should definitely install Microsoft AntiSpyware and one of the following:

  • Spybot Search & Destroy from www.safer-networking.net

  • Ad-Aware SE from www.lavasoft.de

All three programs are free. If you run an older copy of Windows, install both of the listed programs. Microsoft AntiSpyware won't run on older versions of Windows.

During the installation of Microsoft AntiSpyware, you are asked several questions (see Figure 9.15). Be sure to agree to enable the AutoUpdater to keep the program automatically up to date. Also enable the Real-Time Protection so the program stops your computer from becoming infected with spyware (more on this in the next section).

Figure 9.15. Microsoft AntiSpyware asks you a series of questions when you first install it. It's important that you agree to turn on the AutoUpdater and Real-Time Protection.

You are also asked to join the Microsoft AntiSpyware community. This allows the program to send spyware it catches on your computer to Microsoft for analysis. At the end of the installation you are asked to run a QuickScan. This is not necessary at this point as your system has a freshly installed version of Windows XP on it.

To learn more about anti-spyware software, see Chapter 2, "Spyware: Overrun by Advertisers, Hijackers, and Opportunists."

Turn on Real-Time Protection

Anti-spyware programs not only remove spyware and adware, but they also block the initial infection if you turn on what Microsoft calls real-time protection (see Figure 9.16). On Spybot Search & Destroy it's called Immunize. And on Ad-Aware SE it's called Ad-Watch, but note that Ad-Watch is not available in the free version.

Figure 9.16. Real-time protection is a feature in Microsoft AntiSpyware that stands guard over your system to ensure that spyware doesn't sneak in.

These mechanisms simply stop spyware from getting on your system in the first place. If you choose not to turn on real-time protection in the set-up , you can always activate it later. It's very important that you do activate it. Here's how:

1.
Start Microsoft AntiSpyware.

2.
Click the Options menu and then Settings.

3.
Click the Real-time Protection button on the left.

4.
Check off Startup options.

5.
Check off Real-Time Spyware Threat Protection.

6.
Under Script Blocking Security Agent, choose whichever option you feel is best. Personally I like Ask Me What to Do, but if you want to stop all scripts from running, choose the Automatically Prevent All Scripts from Running option.

Install a Firewall

You should also turn on a firewall, a program that protects your computer from intruders on the Internet from accessing your computer. Think of it as a large cinderblock wall between your computer and the outside world, with a beefy security guard that raises the gate only when you invite someone in. Firewalls only let data in if you initiate contact with the data source first, such as when you fetch your email or a web page, for example. A firewall also stops worms, which are network-traveling viruses that infect exposed computers.

You have several choices when it comes to a firewall. I talk about these at length in Chapter 3, "Hackers: There's a Man in My Machine." However, here's a quick summary. Choose one.

Hardware Firewall

If you have a home network where you share your broadband Internet connection from the phone or cable company, you probably have a home network router. This little junction box has a built-in mechanism called Network Address Translation (NAT) that hides your computers attached to it from the Internet. This works as a basic firewall to keep intruders out.

For most people, this is sufficient protection. It's also simple because it's a physical barrier between your computer and the Internet. It's also the least intrusive technology because it doesn't need any software installed on your computer to work.

Third-Party Software Firewall

If you don't have a home network router with a built-in firewall, you might want to install a software firewall from a third-party publisher. I recommend two free products:

  • ZoneAlarm from www.zonealarm.com (see Figure 9.17)

    Figure 9.17. Zone Labs offers a free version of ZoneAlarm, a software firewall that protects your computer from hackers, viruses, worms, and spyware.
  • Wingate from www.wingate.com

Tip

If you are asked to activate or register your antivirus or anti-spyware program, choose the option to do this later. You are also prompted to update your virus options, but hold off on this; you'll do that later when you reconnect to the Internet.


Both inspect inbound and outbound data traffic to and from your computer. Inbound data inspection is important because it stops hackers and worms. Outbound data inspection stops unauthorized programs from sending data out to the Internet without your knowledge. Trojan horses, viruses, and spyware would all be stopped by outbound data inspection.

Windows Firewall

The simplest approach is to turn on your Windows Firewall, a built-in software firewall integrated into Windows XP (so long as you have one of the Service Pack updates). It is turned on for you when you install SP2 in Step 8a or 8b.




Absolute Beginners Guide To. Security, Spam, Spyware & Viruses
Absolute Beginners Guide to Security, Spam, Spyware & Viruses
ISBN: 0789734591
EAN: 2147483647
Year: 2005
Pages: 168

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net