Online Internet Security - How To Avoid Disaster and Recover if the Worst Should Happen
After my own recent disaster with a trojan virus I thought it was time that I revisit the ABC’s of internet security. Here is a overview of what you can do to improve your odds of not becoming another online statistic.
Reader Lee recently asked the question:
Bloke, please do us all a favor and share information on steps you’re taking to deal with this. I think we should all know what needs to be done to work towards shutting these idiots down. It’s getting ridiculous the things one needs to do to be protected any more. I have two virus checkers running at all times, plus about three different spyware filters up and running. And I’m sure that I’m still not completely safe.
Well first of all Lee, your anti-virus vendor should have told you to not run more than one software memory-resident at a time because they will conflict. If you already have more than one security suite installed, run only one of them resident and keep the other for just manual scans.
I’m using F-Secure suite which comes free with my ISP service and includes anti-malware (spyware). But no one product can catch everything.
Some free alternatives are:
- Spybot-S&D anti-spyware which is an excellent free software;
- AVG Free by Grisoft a free anti-virus;
- HijackThis which helps you to see what is being loaded on your computer;
- a-Squared Free which is a free anti-trojan scanner;
- ZoneAlarm Firewall.
I have all of these installed with the exception of AVG and ZoneAlarm because I already have the F-Secure suite installed and running.
Scan for Viruses at least once a week
A better alternative to installing more than one security suite which may cause conflicts is to make use of online scanners such as Trend Housecall which is an excellent service.
What’s important is that you have one good Security Suite installed and running at all times that includes anti-virus and a firewall. Scan your entire computer for viruses at least once a week and consider also using the other free anti-malware software that I’ve listed above.
What we should learn about my recent disaster is that most people don’t realize we can catch a virus by just visiting a maliscious website/blog besides opening email attachments or installing bad software.
One safeguard technique that we can all practice is if we are not sure of a site’s safety, use another browser instead of Internet Explorer. Firefox and Opera are more secure mainly because they are not targeted for vulnerabilities like Microsoft products are. (Yes, even Apples can get the sniffles although it is less likely.) So if you insist on using IE consider disabling scripts like ActiveX and Java before visiting a suspicious site.
Editor’s Note: Don’t leave scripts turned off all the time because things like menus (such as mine on this blog) will no longer work
My favourite browser for suspicious sites is Opera and I disable Java, cookies, plugins, referrer logging and all pop-ups. It also has a fraud protection option in the advanced security preferences. That will improve our odds of not being infected.
Of course, avoiding suspicious sites is still your best way to not get infected. Like I always say, “when you see doggy-doo on the road just walk around it“.
Make Yourself Invisible
Another thing that you can do to improve your online security is to make yourself invisible to maliscious hackers that search the net for vulnerabilities. For example, a good firewall should make you invisible online.
In addition, buy yourself an inexpensive Router that will provide you with the added protection of a hardware firewall.
Why not check your online visibility right now over at Steve Gibson’s Shields Up site and see if your computer gets a passing grade? And while you’re at it check out the rest of his site for great tips and free software to harden your computer from a disaster.
Backup, Backup, Backup!
In the event of a disaster your best insurance policy is to make regular backups of your important data. This is a entire subject of it’s own and beyond the scope of this post. But you can start by reading my post “8 Ways to Protect Your Blog and Recover from a Disaster.
Whatever you do, make sure that your important data is on another medium besides your primary hard drive. That would include backing up onto CDs or another hard drive.
CD’s have a nasty habit of eroding over time so unfortunately there’s no perfect solution but an external hard drive is probably your best bet.
Remember the hard lesson that was learned from my own recent disaster … that a trojan could possibly wipe out your backup drive if it is attached to your computer. In my case when I finally clued in that I had caught a trojan everything happened so fast I didn’t even have a chance to run a scan before it was too late.
Invest in a good Data Recovery software just in case the worst should happen
Being a technical person like myself can sometimes be a detriment, because when things started going wrong my first thought was to try and fix it. After all I use Windows and it’s supposed to break — right? Instead I should have immediately suspected a virus and acted quicker than I did. I won’t make that mistake again.
So you will need data recovery software to get it back again if the worst should happen. Even then it’s still no guarantee but at least it’s a lot cheaper than paying someone else to do it for you.
A true story — my brother-in-law just recently had a similar problem. He couldn’t boot into Windows and his computer (Compaq) was still under warranty. His vendor sent it out for repairs with specific instructions that there was important legal data on his hard drive that was confidential and important and should not be tampered with.
Well, guess what they did? They just wiped his hard drive clean and reformatted. Is he ever pissed!
Disaster Recovery Utilities:
Ok, but what if the worst should happen and we can no longer boot into our computer? Bootable utility CDs that I use are:
You should also download a utility from your hard drive vendor such as MaxBlast (for Maxtor hard drives) so you can do a low-level format and reset your HD like I had to.
For those of us who are hosting our own blogs or websites there are ways that we can reduce our online risk with .htaccess. Don’t forget to check out my post “8 Ways to Protect Your Blog and Recover from a Disaster” for great tips on using robots.txt files, strong passwords, making regular backups, phishing and much more.
Ok Bloke, who can I report these buggers to anyhow?
So you’ve run across a maliscious site but you don’t know who to report it to? One place that you can send the suspicious link to is SecurityWonks.org. Fraud and ID theft reports can also be sent to the Consumer Sentinel and the FBI. Even Google is asking for search engine users to report malicious sites by filling out a simple form.
How much online security is enough? In this day and age whatever you are doing is probably not enough to make yourself 100% immune from a disaster. But if you take a little precaution you can certainly lower the odds of something bad happening to you.
Vigilence is your best line of defence
Remember, the best security of all is to keep your wits about you and to not let your guard down like I did.
Ok it’s your turn now.
- What security software are you running on your computer?
- Do you have any online horror stories that you can share with us?
- What steps have you taken to reduce your online risk?