Wednesday, September 29, 2010

Windows XP Security - Safe PC Usage

This is the third in a series on Windows XP security. The first two focused on cleaning malware and preventing malware with software. This article will identify how to prevent malware with defensive computing habits.

The lists below are terse. Quick soundbites, easily digestable. Not so easily explained. The rationale behind some, including attack vectors, exploits and countermeasures could fill volumes. There are many blogs by security experts that cover vulnerabilities and exploits extremely well.  In this space we'll just focus on practical security measures, again for the "average" PC user.

 Safe Computing

  • Don't login with Administrator rights. Make yourself a standard user and Run As... a separate Administrator privileged account only when needed. At least run applications that connect to the internet with reduced privileges via programs such as DropMyRights
  • Don't install programs unless they're absolutely necessary. Screensavers, wallpaper switchers, video players, system "upgrades" and other freeware utilities often have a hidden (malware) reason they're free.
  • Install programs only from trusted sources such as SourceForge at http://sourceforge.net/ or those reviewed by reputable third parties such as Gizmo at http://www.techsupportalert.com/  (yes, the name - I know) or to a lesser extent CNet at http://download.cnet.com - read the user reviews, not just the editor rating.


Safe Surfing

  • Select websites from Favorites/Bookmarks or manual typing
  • Never click on links in email, even from a sender you believe you can trust
  • Search for websites instead of guessing the URL or risking a typo
  • Use different passwords (and userids) for each website (use an encrypted password database like KeePass)
  • Heed the warnings provided by McAfee SiteAdvisor in searching for websites
  • Examine SSL certificate security warnings, don't just click through them
  • Close popups via the taskbar vs clicking anywhere in the popup - right click on the taskbar, select Close
  • Consider carefully entering personal data on a site that has a "This page contains both secure and nonsecure items" warning when visited
  • Understand unexpected program launches caught by the outbound firewall
  • Log out then close all browser windows after done using any site with financial transactions
  • Keep only one browser window or tab open when performing financial transactions, don't multi task by general surfing
  • Remember "Google is your friend" - search for file names, program names, virtually anything that you encounter that you don't understand. You don't need to be a computer genius to understand most results and make decisions.

Notes

  • Firefox will not make you invincible.
  • Even trusted websites can be compromised by partner content or bad programming
  • NoScript is good, but actually makes you more susceptible (by default) to ClickJacking
  • No one security program can do it all - think before you click
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)