A rough guide to securing your personal computer

It’s possible to create a secure PC environment which is safe and unobtrusive by taking a few basic steps:

• Installing a standard anti-virus product;
• Installing a standard fire-wall product;
• Installing a “safe browsing” tool as an add-on to your browser;
• Ensuring that your operating system and all other software products are fully patched and are the latest versions available from their suppliers;
• Performing a full scan of your PC on a regular basis using an alternative anti-virus package to your normal product.

Anti-virus products

There are many anti-virus products which are available on the Internet or in high-street shops.

There are a couple of products that have been around for a number of years and have been found to be consistently good at identifying threats. One is supplied by www.kaspersky.com; the other is supplied by www.f-secure.com. This doesn’t mean that other products won’t be as effective but some organisations have chosen to recommend these products to their customers. Packages can be purchased direct from manufacturers, from High Street shops and from other suppliers such as Amazon. Some are also available as free downloads from the manufacturer for a 30 day trial period, but you must ensure that you purchase a full license before the trial period expires otherwise the package will become out of date.

It is essential that your chosen product is set up to check for updates every time your PC is switched on. A typical update to the product will take a couple of minutes and will happen in the background. Ideally it should also be set up to perform a full scan of the PC once a week. The time when this scan takes place can be determined by you. Most products are also available as multi-license purchases if you have several PCs in your household.

Firewall products

Once you’ve installed an anti-virus product you should ensure you have a firewall product as well. They can be purchased with the anti-virus package at little or no extra cost and can be set up through the same control panel. The default settings should be suitable for most PC users and will automatically receive updates at the same time as your anti-virus product.

It’s important that you allow the sites you want to use to have access to your PC and deny all other accesses. This will prevent sites which are set up to find unprotected PCs from getting access to yours and using it for malicious purposes.

If you’d prefer to use a different firewall product you could consider the ZoneAlarm firewall which is available from the manufacturer at www.zonealarm.com. Two versions are available: a free basic level firewall and a professional version. Setting up either of these products to run with your anti-virus solution will take a little more effort. You’ll also need to ensure that the product is set to search for new updates when the PC is switched on. As a minimum, if you don’t have this firewall or one as part of your Anti Virus package, you should make sure that the Windows firewall is switched on (this is found in the Security Centre of the Control Panel).

Safe browsing tools

This is still an emerging area and there are fewer products to choose from. You could try the Finjan “secure browsing in-the-cloud” security tool from www.finjan.com. This product is free and is based on their experience with corporate businesses. It examines web-pages as they are loaded for any activity that could be malicious.

These products will protect against “drive-by” infections where legitimate websites have been compromised and are being used to download Trojans to unsuspecting users PCs. They’ll display a security status “button” against every website returned by internet searches. If it’s red it’s not safe to visit that site. They’ll also give some protection against attacks where Trojans are trying to exploit weaknesses in operating systems before the system manufacturers issue emergency patches.

Operating system patches

Microsoft offers a free service which will automatically update your operating system and any related software as soon as updates and patches are available. The status is checked every time the PC is switched on, as long as you’re using a genuine copy of Windows.

F-secure have also produced a free health check product which will check all of the software products which are loaded on your PC, and will let you know if any are out of date or require security patches. It’s a good idea to run this product at least once a month. It’s available via the useful links section of our website.

Regular scanning

There are occasions when one anti-virus product will not detect a Trojan but another one will. As a safety measure you should run an anti-virus scan ideally once a week using a different product to the one which you’ve installed on your PC. We provide links to all of the main suppliers' free scans on the security section of our website.

Adware and spyware advice

Spyware is a program that secretly gathers information about what you do on your PC and quite often it does this without your knowledge.

• in its least dangerous form it is known as Adware and it collects information about your Internet habits on behalf of companies
• the more annoying adware can pop up adverts as you surf

How does it work?

• in its more dangerous form it can act like a 'Trojan', a particularly dangerous program that captures your passwords, credit card numbers and other sensitive information as you type them
• it will send this information to criminal gangs who will try to use it to defraud you
• you do not have to be connected to the Internet to be spied upon, but once on the Internet any information gathered can be sent to the person(s)/organisation spying on you
• spyware removers search out these programs in the same way as anti-virus and can also block those annoying pop-up adverts

There are many free anti-spyware programs out there which can be downloaded and used to scan your PC for spyware and adware, a couple of good ones are XoftSpy and Ad-aware. Links to these and to other anti-spyware scanners can be found in our useful links section.

Apple MAC users

There’s a common myth that Apple MACs are immune to viruses, Trojans etc. This is false. The fraud groups have woken up to the fact that many individuals were switching to this make of computer and have responded by using Trojans specifically written for these computers. Cross-infection from Windows based PCs is also quite common as files are transferred across via USB sticks etc.

Options are limited in terms of anti-virus products but the following should give a high level of protection:

• www.avast.com
• www.sophos.com
• www.mcafee.com

The product from AVAST will also work if both OS X and Windows are installed on the computer. The OS X operating system also includes a personal firewall and this should be activated.

If you suspect that you have a virus on your MAC a free anti-virus scan can be downloaded from ClamAV. A simple search online will give you a number of other options but you may have to purchase a license to use them.

Additional options for extra security

Encrypting your hard disk will give an extra level of security but will cause a significant decline in the performance of your PC. This is more relevant if you’re using a laptop and travel frequently or if you have serious concerns about the confidentiality of information on your PC should it be stolen.

Another option is to use a virtual machine session every time you use your PC. This means that any infection or Trojan will only remain until you switch off the PC. Normally the software will be stored on a USB stick and will be loaded each time you switch on the PC. Using this method could mean your PC runs slowly.

You can purchase a PC independent firewall which works from a USB stick and is protected from any malware which manages to get around it, but these devices are more expensive than purely software based tools.

The Trojan threat

Trojans can be broken down into a number of different behaviour types:

Downloaders

These will try to bypass firewalls and anti-virus products and will install additional malware from command and control sites.

Worms

Worms will try to open up back doors in your firewall to allow hackers to control your PC. It can then be used for mass spam attacks or distributed denial of service attacks (DDOS) on other computer systems.

Hidden storage

These operate in a similar way to worms, but their objective is to store large amounts of data, normally photographs, in hidden directories on your PC. These files can then be safely access by others from anywhere in the world while your PC is switched on. The content of these directories is likely to be of a highly pornographic nature and will certainly be illegal. Several PC owners have been prosecuted and have struggled to prove their innocence.

Blackmail

There are some Trojans which are capable of encrypting all the files on your PC. You will then receive an email “inviting” you to pay a form of ransom to obtain the key to decrypt your files. Anti-virus suppliers are struggling to break the encryption keys due to the length of them.

Key loggers

Key loggers will capture every key stroke or mouse click that you make. By “screen scraping” they can even capture items which are asterisked out.

Man-in-the-middle

Man-in-the-middle attacks will interfere with a session and will attempt to insert new items or to modify items which are being transacted.

Although a number of well known products have not been explicitly mentioned by name in this guide this should not be taken as suggesting that they are inferior to the products which are named. The mention of a product by name is not an endorsement and no liability can be accepted for any losses or inconvenience which may result from using any security product.

The final choice of a security product is the reader’s and is likely to be based on a number of factors such as price, availability and ease of use.