Each new wave of computer viruses, spyware and spam can get you to consider brushing the dust off the old typewriter. You need not go so far - it is possible to achieve good PC security, without having to feel like a chore. If you follow our 10 steps for better PC security, you will be protected against both current and future security threats.
1. Automatic patching. Make sure that Windows is configured to update itself. In Windows XP with Service Pack 2, click Start, Control Panel, Security Center. Then click the Automatic Updates, and turn on the updates to happen automatically. Do not have Service Pack 2 installed, you should go to Windows Update and install this as soon as possible.
2. Do not wait for Windows. If your PC has been switched off for more than a day, not wait for the automatic update in Windows to get going. Leave a visit to Windows Update site will be the first thing you do after you've turned on your PC. It may also be a delay between when a security update is available and when Windows Update delivers it to you. Microsoft releases security patches on the second Tuesday of each month, so to be sure you should check manually for updates with a couple of weeks. And do not forget to set the antivirus and antispyware programs to update themselves automatically!
3. Use XP's security monitor. Windows XP Service Pack 2 has a new safety center, which notifies you when your PC's firewall or antivirus protection is switched off or out of date. XP's own firewall protection, however only for incoming threats, and warns not to suspicious outbound traffic. We recommend that you disable Windows XP firewall, and instead install ZoneAlarm from Zone Labs, or other third-party firewall that protects both ways.
4. Your extensions are visible. Some virus disguises itself as a harmless file types by using a "fake ending" near the end of the filename, such as "Funny picture.jpg.exe. Windows XP and Windows 2000 is by default configured to hide file extensions, so the user will see this file as "Funny picture.jpg". Exe extension will be hidden. To make it easier to spot that sort of thing, open up Windows Explorer and click Tools and Folder Options. Click View and check the option Hide extensions for known file types is not checked. For a most complete picture of your Windows installation, you can also check the Show hidden files and folders and unchecking the Hide protected operating system files.
5. Keep Internet Explorer secure. Many people find Internet Explorer 6's Medium-security is too strict with ActiveX controls and other widgets, or scripts, which your browser is running on your PC. ActiveX and JavaScript enables useful Web features such as order forms and security scanners, but they can also run malicious code and give hackers access to your system. To make IE more secure, click on Tools, Internet Options, Security, Custom Level. Then select High from the drop-down menu. Then click Reset and Ok.
Unfortunately, this means putting your security settings to high, you will have a lot of warnings every time you visit a Web page. The solution is to add the Web pages you visit often to IE list of "Trusted sites". Select Tools, Internet Options, Security and click the Trusted Sites icon. Enter the Web address and click Add. Repeat this for all the Web pages you visit frequently and trust. Be sure to clear the intersection at the "Require server verification (https:) for all sites in this zone" of all the Web pages in this zone. When finished, click OK twice.
6. Make Firefox safer. The only way to block JavaScript on in Firefox for individual Web sites is to download and install the No Script module designed by Giorgio Maone. No Script places a warning bar at the bottom of all the Web pages you visit and use the JavaScript. Click this bar to allow the script permanently or temporarily.
7. Manage your e-mail links with caution. If a virus infects your PC, it's a good chance that it came with an e-mail. To reduce the risk of a viral infection spread by e-mail, you should never click on links in suspicious e-mails. The text of the message may mask the actual Web address. Instead, enter the URL in your Web browser's address bar manually, or visit the Web site's home page and then navigate manually until the current page.
8. Scan attachments for viruses. Each time you receive e-mail attachment, you should let your antivirus program to scan it before opening it. Instead of double clicking on the attachment to open it right away, you should save the attachment to a directory on your PC, open Windows Explorer, right-click the file and select the option to scan the attachment for viruses. An even better solution is to set your antivirus program to scan incoming and outgoing email for viruses automatically.
9. Close the preview pane. Some "malicious" e-mail messages only need to open your e-mail program's preview window to do damage. Therefore, we recommend that you close the preview of all of your inboxes. In Microsoft Outlook 2003, click View and check that automatic preview is turned off. In Mozilla Thunderbird, go to View, Layout, and check that the catch Message Window is removed (or press F8 to turn the message window or off).
10. Read email as plain text. Since many e-post carriage viruses and worms based on the HTML code to spread further, you can stop them by showing your e-mail messages as plain text. Both Outlook 2003, Outlook Express 6 and Mozilla Thunderbird has the ability to turn on viewing e-mail in plain text.
