Wednesday, April 15, 2009

Just because security is an illusion doesn't mean you can't be safer

I had a discussion with my CIS 101 course yesterday regarding protecting their computers. Even though security is an illusion, it doesn't mean you can't protect yourself somewhat. Basically, your goal is not to be airtight and perfect - if someone is motivated enough to hack YOU, they probably will be able to. However, if they are just looking to hack SOMEONE, you want to present enough challenge that they move on to someone else.

One of the problems is that the Windows operating system includes no virus protection and only the latest versions came with a firewall (which is rather basic). Another problem is that many computers may come with anti-virus software installed, but only for a trial period. The problem is that you are protected against any viruses that were released up to your last patch date, but that is all. Any new viruses can slip through and infect you.

There are ways that you can upgrade this protection for free.

First of all, many of our local students don't realize that if they have Optimum or Comcast, they are entitled to free security software. Both of the high speed Internet service providers give out security suites. Optimum gives you CA's Internet Security Suite for free, while Comcast gives you the free McAfee suite.

For anti-virus software, there is a free tool called AVG anti-virus that I always recommend to students. You can get the AVG Anti-Virus Free Edition on their Web site:
free.avg.com

In terms of a firewall, you can always upgrade from the Microsoft one. I used a free version of the ZoneAlarm software package for many years, until I got the free McAfee suite. You can download this from the following site:
zonealarm.com

Are any of these programs 100% foolproof? No. However, if you have nothing, this will make you a harder target, and really, that's all you can ask for. Remember, in a herd of animals, the predators go after the easiest targets. Don't be that easy target.

5 comments:

David J. Csuha, CPP, CFE said...

Eric,

A couple of additions for your list, all free:

Spybot Search and Destroy: Spyware/adware remover. Also includes Tea Timer Registry Protector: www.safer-networking.org

ClamWin Antivirus: Runs WITH avg as an on-demand file scanner, effectively giving you two anti-virus programs:
http://www.clamwin.com/

Virus Total: Free online virus checker. Analyzes files against 30+ anti-virus engines:
http://www.virus-total.com

Fred (former PCCC Student) said...

CA's Internet Security Suite has a known conflict(according to CA's forums and my experience today) with Yahoo Messenger. Yahoo Messenger fails to launch or re-install. Alternative for me is Zone-Alarm Firewall Free version works perfectly with my Windows Vista Home Premium and Windows XP SP-3. AVG Anti-Virus Free version also works perfectly with the above mentioned operating systems. I use the combination of these two for both my computers.

David J. Csuha, CPP, CFE said...

Eric,

Must of had a senior moment.

Virus Total can be found at:
www.virustotal.com

Sorry for the typo.

Fred (former PCCC Student) said...

Zone Alarm Firewall Free-Version may block some ports automatically and the user CANNOT manually allow these ports. The option to manually open ports is only available on Zone Alarm Pro version which is not Free.
Windows OS firewall does allow opening ports manually but the program does not monitor traffic as carefully as Zone Alarm does. PC Firewall Plus, another Zone Alarm type free firewall program does all of the above but is very unstable, often crashing. It also has some conflicts with OS and other programs. I have not found a decent free firewall program yet.

David J. Csuha, CPP, CFE said...

Fred,

The features you request are generally built into a Hardware firewall. Zone Alarm and the like, although free initially, they are trying to sell a "pro" version. That being said, you write about monitoring traffic, opening ports, monitoring a crashing OS, and being unstable, etc.

My advice to you is to research open source solutions to your problems. An open source solution, lets say Ubuntu Linux, would allow you to install an operating system that does 90% of what Windows accomplishes, while allowing you to install a "virtual machine" for the Windows based games, programs, etc. we all love to use.

Finally, a decent firewall program begins with the user, which means the program really begins with a respected, understood, and obeyed policy.

No matter what program you have installed, if someone, at some level, is tricked into clicking on a rogue application because of whatever reason, your system can get infected.

So the bottom line is this:
What activities, Fred (Fred can be a person, business, etc.), are you participating in that could lead to a Malware infection?