Sunday, August 22, 2010

How I keep my new computer safe from malware (spyware, viruses, worms, etc.), network attacks, phishing websites, spam, etc.

I use the following policies, tools and techniques to safeguard my new computer from all sorts of privacy and/or security breaches:
  1. DNS level: Use of OpenDNS resolution service ensures that malicious addresses are blocked at the DNS level. Even the basic/free version of OpenDNS provides a decent level of customization, including allowing blocking of specific website categories.
  2. CPU level: The CPU in my new computer supports DEP at hardware level.
  3. BIOS level: The computer's BIOS includes a "Virus Warning" feature, which warns whenever an attempt is made to write to the MBR of the hard disk. Additionally, enabling passwords in the BIOS helps prevent unauthorized changes to BIOS settings, and unauthorized entry into the system.
  4. OS level: Windows 7 provides me with these helpful features - Action Center, ASLR, Automatic Updates, DEP and UAC. Additionally, the computer is normally run with standard user privileges, rather than administrator privileges, and the user accounts are password-protected.
  5. Firewall level: Use of a good firewall such as the one by COMODO keeps the machine secure from unauthorized access through network. Additionally, COMODO's firewall includes useful features such as Image Execution Control, Sandbox, etc., which protect against unknown/untrusted executable code. I would've liked it if COMODO's firewall included its own feature to block malicious websites.
  6. Anti-malware level: An anti-malware application such as ESET NOD32 Antivirus (or Norton AntiVirus) used in real-time protection mode provides effective protection against all sorts of bots, rootkits, spyware, Trojan horses, viruses, worms, etc., and also mandatorily scans all Web traffic. Behavioral-analysis/heuristics features enable such an application to detect new/unknown malware, while the unique Download Insight feature of Norton AntiVirus provides vital crowdsourced information about individual files. Frequent updates ensure that definitions and modules remain up-to-date. NOD32 Antivirus also blocks webpages known to include "potentially dangerous content".
  7. Additional anti-malware: Windows Defender and Windows Malicious Software Removal Tool - both provided by Microsoft - provide additional protection against common malware. Finally, a monthly scan with the free and nice Windows Live OneCare Safety Scanner both checks and optimizes the system.
  8. Web browser level: Use of Chrome provides these benefits - it's secure by design, it includes its own anti-phishing feature, it runs Flash inside a sandbox, and it updates automatically and forcibly. Additionally, I use HTTPS (whenever supported); I've even made bookmarks with HTTPS prefixed, so I'm directly taken to secure pages (whenever supported).
  9. Search engine level: Google's search engine includes its own warnings against malicious results, and thus, use of Google provides an additional layer of protection.
  10. Frequent, regular updates for everything: I've configured the system so that everything - anti-malware applications, browser, drivers, operating system, etc. - updates frequently and regularly. I manually update the applications which report that updates are available.
  11. Remove everything unnecessary: Removing everything that doesn't contribute is another policy that increases security. Disabling really unneeded services (without breaking essential functionality), disabling unneeded ports, uninstalling non-essential components of the OS (Internet Explorer, etc.), etc., are examples of this policy.
  12. Functional-but-secure settings throughout: Applications, devices and the OS include many configurations options which allow a trade-off between functionality and security. Some of these include AutoPlay/AutoRun, router settings, USB-related settings, etc. Striking a good balance throughout is essential to increasing security without breaking functionality.
  13. Stay abreast of whatever's new: Stay aware about the latest developments and discoveries, and adopt whatever's good. Google's Chrome is a good example. It's newer and safer than Firefox. Someone who uses Firefox and doesn't stay updated about new developments would've missed Chrome entirely, thus making him a little less safe (than he could be).
  14. Avoid paying too much price: Additional protection is possible by using additional tools such as Malwarebytes' Anti-Malware, McAfee SiteAdvisor (or Norton Safe Web), SUPERAntiSpyware, Web of Trust, etc., but I don't use these as I don't see as much benefit from their use as is the price to be paid, especially since the above measures have already kept me safe for years.
I use the above methods (except the 14th point) to safeguard my new machine. One good aspect of the above policies, tools and techniques is that all of these need to be deployed and setup just once. Everything works automatically thereupon, except for occasional manual checks/updates. The few hours it takes initially to set things optimally have paid off nicely for me - I've been breach-free and malware-free for years now!

No comments:

Post a Comment