| If you have followed this chapter through from beginning to end, your system is about as secure as it possibly can be given the flaws in Microsoft Windows XP. In the future, Microsoft will integrate a lot of these fixes into the operating system and find new ways of making it more secure. The company has taken a lot of criticism for its lax security focus and you can be sure that future releases of Internet Explorer will repair many of the holes in version 6.0 that was current as this book was being written. The next version of IE is slated for release in the fall of 2005. Moving forward, you should consider adding several more tweaks to the system: -
If a new web browser becomes available from Microsoft, hold off installing it until it's several months old (if you like to be conservative). A new browser will have new flaws. It'll take three to six months for these to be revealed. -
Add an anti-spam program to your email program. I recommend Cloudmark Desktop from www. cloudmark .com. -
Consider installing the Netcraft Anti-Phishing Toolbar for both Internet Explorer and Firefox from www. netcraft .com. Know What You're Opening One of the stupid things Windows does is hide file extensionsthe bit of the file name after the dot, such as .doc or .txt for what it considers to be familiar or known file types. These include JPG and DOC files, but also potentially harmful files such as EXE, PIF, DAT, and COM files, all of which can execute programming that can compromise your computer. One well-known trick hackers use is to send an email with an attachment named something like sexygirl.jpg.exe , which appears in most mail programs as sexygirl.jpg when this option is turned on. You might click on it thinking it's a naughty, yet non security- threatening file, and wind up infecting your system. There is an easy fix, though. Double-click My Computer, choose the Tools menu from the top, and select Folder Options. Then click the View tab, and uncheck the item that reads Hide Extensions for Known File Types, if it is checked (see Figure 9.32). If you make this change, you see the extensions for all files. All you have to do is make sure you always pay attention to what you're clicking on when you receive a file attachment. |
Figure 9.32. Reveal your file extensions so Windows lists the whole filename, including the file type that comes after the dot in the name. 
The Absolute Minimum -
Be sure you have a legitimate copy of Windows XP. -
Get a copy of Service Pack 2 on CD from Microsoft. -
Collect all your system drivers. -
Get antivirus, anti-spyware, and firewall programs for your computer. -
Set your BIOS so the CD or DVD drive is the first bootable device on the system. -
Wipe your hard drive clean and install a fresh copy of Windows XP after disconnecting from the Internet. -
Install drivers. -
Install an antivirus program, two anti-spyware programs, and a firewall. -
Install Service Pack 2. -
Configure your security settings. -
Install Firefox. -
Reconnect to the Internet. -
Use Windows Update to download security fixes and updates for your security programs. -
Add extras such as anti-spam and anti-phishing programs. -
Hold off on a new web browser from Microsoft until three to six month after it launches. |
|
