If you're online for long periods, if you
use a broadband connection, or if you shop
online, download files, chat, instant message,
play games, etc., you need more than a basic
defense. The anti-malware software in this
plan (element 13 below) adds some degree
of privacy protection as well. You might
want to digress to this introductory article to get a view of how the online world has
become the Wild Wooly West and how your defenses
The plan below is only a checklist. The links
in each item lead to the essential details
for putting the plan in action. Don't try
to do it all at once. Take it one step at
a time, and check each item off as you go.
- Install a firewall. If you're using Internet Connection Firewall
(ICF) consider installing a better one: ICF
is reasonably good, but even Microsoft has
a list of alternatives. If you're running Windows XP, Disable ICF first to avoid conflict with the other firewall.
Update: Update: Microsoft intends to provide a much
better version of ICF in the second half
- Install an antivirus program if you don't already have one: Don't rely
on it as anything but a backstop
- Update your virus signature files at least once a week. And don't forget to update them when you
return from that two week cruise. The latest
crop of viruses will be there waiting for
- Install software to combat other kinds of
malware -- Trojans, spyware -- things of that ilk:
Or at least scan your system regularly online. Anti-malware software
will give you full-time protection for your
computer, and to some extent, your privacy.
If you want sound protection against Trojans, you'll also need robust anti-Trojan software.
- Gain a better understanding of the hazards
online and how defenses work.
- Learn about the nature of malacious computer code.
- Learn how attacks work.
- Learn about the defense tools that are available.
- Be wary of scams, fraud and hoaxes online: There's a higher percentage of con-artists
online than in real life, because it's so
easy to hide online. Virtually all spam contains a scam of some
- Limit what you put at risk: Never keep
critical personal information on your computer -- information like sensitive
passwords, account numbers or your social
security number -- and never send it online
without strong encryption. Use good password protection practices as well. If you want to do things like online banking
pick a higher level defense plan.
- Backup everything you can't replace or would
hate to lose: Digital pictures -- the book you're writing
-- recipes -- genealogy records -- whatever.
- Examine all email messages before you process
them further: Your own wits and common sense are your
best peripheral defense against bogus email.
Discard any messages that look at all suspicious
-- even messages from someone you know.
- Never open an email attachment unless you're
99.999% sure it's OK: Be suspicious of any attachment you were
not expecting -- even if it's from someone
you know. Check with the sender first before you open
it and even then be cautious. Be doubly suspicious
of forwarded attachments, or attachments
from someone you don't know. You can improve your online security by 10
to 1 if you're always careful with email
- Never download any files unless you know
you can trust the source: Unfortunately, that advice includes pictures
and music. The precautions on the "Safe File Handling" page should be part of your prudence
- Don't visit to risky Web sites -- gothic,
warez, crackz, gamer, cheat code, tres equis and sites of that ilk: And be doubly suspicious
of any unsolicited Web page -- pop up windows -- unexpected
requests to "log on again,"
- Don't use instant messaging or IRC (Internet
Relay Chat), or download files from P2P file-sharing
networks, such as KaZaa or Morpheus. [details]