The past week has been a long, yet productive one. I feel like I'm in the land of flying monkey wrenches sometimes, because so often a wrench is thrown into my plans, big or small. But such is life I am afraid, and through these obstacles we become stronger, do we not? Anyway, on to the stuff you really care about, the whole reason for this particular post.
Given my recent decision to focus more on IT instead of programming in the short term, I figured base line security would be a good thing to Google. Put simply, I wanted to know some easy things to change or install on my system to make it more secure, mainly things most people just don't think about. I didn't know if it would lead to anything of interest or if maybe it would just bust (you never really can tell I suppose. That's the adventure) but I am happy to say I have come up with quite a few things you can do that are quite simple in the way of computer security.
First things first. Get a good browser. And maybe a good add-on. I kid you not, this is one of the best ways to secure yourself against viruses and hackers alike. Think about it: if someone wanted to monitor your internet activity, where are they going to go first? Your browser. I would suggest that you never use Internet Explorer, ever again. Never. You may not realize this, but Internet Explorer is easily the most vulnerable browser to hackers and viruses alike. This could be in part to the fact that IE is also the most popular browser on the market, but I feel its safe to say that's the reason these attacks are so big, not why they are happening to begin with. Mozilla Firefox is a very useful and free browser that has grown in popularity greatly over the past couple years. They also offer the option of downloading the HTTPS Everywhere add-on, and it does exactly as it says. For any website you travel to, Firefox will request a secure connection, if the host site offers this capability. This alone can greatly protect you as you surf the web. One other option is Google Chrome. Chrome works on the idea of a sandbox, confusing viruses as they enter your system, so after a while they don't really know where to go. It's quite ingenious how it works, if you ever want to check it out.
Moving on, firewalls are your best friends. This is
your first line of defense in protecting against hackers and viruses. No
castle is complete without a moat teeming with crocodiles and other
beasts. This is your deathly moat.
Zone Alarm - A free and useful program, this is highly recommended along the line of firewalls.
If firewalls are your best friends then antivirus programs would be like that best friend's little brother. You know the one. You didn't really care for him at first, he always
kept talking out of turn, but after a while you got to know him and
figured he wasn't so bad. Antivirus programs can be treated the same way, though
they are ever more essential than your buddy's little brother. How
else do you plan to fight off viruses? You can't fight sickness without
medicine, and the same applies here. There are quite a few very useful
antivirus programs out there, and many for free.
ClamWin Antivirus - Free
program, and works fairly well. Be advised though, if running in
Microsoft 7 (and possibly later versions, I'm not sure), always right
click the program and select "Run as Administrator", so it will actually
access the files you need it to check.
Microsoft Security Essentials
- I still ask myself why this is not included standard with Windows 7.
For later versions, there are other types of the same program released
from Microsoft, and all free as well. This program is a must have, as it
keeps an eye on your system regularly and can scan files before you
open them. Very useful product, and I would recommend it to anyone.
MalwareBytes AntiVirus - This
is another free and very useful program. They do have a paid option, as
well as a free trial, but the free Lite version is what I personally
use, and I love it. This program will sniff things out on your computer
you didn't know existed, and to be honest, it may get kinda gross. This
is because MalwareBytes will actually go through your registry files,
where many sneaky and resilient viruses like to hide out, lying in
wait. This is the only program I have found that I know for a fact does
that.
If you are really feeling tech savvy, you can always try some more advanced measures. Pen (penetration) testing would definitely not be a bad idea, as it will reveal any vulnerabilities in your network. Vulnerabilities that, if given a chance, a hacker could exploit. In conjunction with pen testing, you could also go through and close all unused ports. These steps go hand in hand, and are equally necessary. Nmap is an incredible program to use for this, and its actually free. Now, you have to pay for the book, but you can also search online for a decent amount of tutorial information. Nmap does exactly is it says: it maps your network, showing what ports you have and what are open where. Its a very useful program, but seems mainly effective on a second computer, as you cannot ping localhost, as that is how Nmap works.
There is one further measure I have found that would assist in this goal. There is intrusion detection software you can install, as somewhat of a tripwire, to let you know when someone is tampering with your system. That way, you will always be on the guard. I really wish I could go into detail about these programs and how they work, but as of now I am still unsure. But believe me, there is an update in the making on that one.
OSSEC (Open Source SECurity)
Tripwire (Open Source)
rkHunter - This one seems quite interesting, but I'm not quite sure how it works. This should be an adventure to get into.
In closing, these are a few of the ways you can enhance your security significantly. And given how simple these things are to do, this may not be a bad idea. On a final note, I want to encourage any of you that are reading or following to leave a comment. Criticism, advice, questions, or general comments; all are welcome. In all fairness, I started this with the hope of being able to connect in some way, and I'm sure some of you reading this can relate to that. So act on it. Feel free to follow the blog, or just leave a comment. Any and all are appreciated. And as always, thanks for indulging me once more.
