So, you recently bought a new personal computer for your home (not for work or as a server) and you want to protect it (including from viruses and spyware). Confidentiality (including encryption, cryptography, and anonymity) is part of the protection, but must be considered separately. Data backup, defragmentation, and system restore points are indirectly related to security. What's more, backups even make it easier to access or steal data.
This article assumes that you will be using the network (for example, the Internet), exchange files using flash drives (flash drives), and that your computer can be accessed by other users. If this is not the case, then this article is not for you, since your computer is already sufficiently protected.
Step 1. Select an operating system based on its security and vulnerability characteristics (Linux has no known active viruses, and OpenBSD is security oriented)
Find out if the system has the ability to use restricted user accounts and file launch restrictions. Update your operating system and programs regularly.
Step 2. Choose a web browser according to its security and vulnerability characteristics, as most malware enters the system through a web browser
Disable scripts (the NoScript, Privoxy and Proxomitron extensions will help you do this). Read the information about computer security (for example, US-CERT). Google Chrome is a secure sandboxed browser.
Step 3. Use strong passwords (for example, in your user account)
Hackers crack passwords by searching words in a dictionary.
Step 4. Use reliable sources
When downloading software (including antivirus software), use trusted sources (developer sites, softpedia, download, snapfiles, tucows, fileplanet, betanews, sourceforge) or the repository (if you are using Linux).
Step 5. Install good antivirus software
It is designed to fight viruses, Trojans, keyloggers, rootkits and worms. Antivirus should scan files both in real time and on demand. Also, the antivirus must provide heuristic scanning. Avast and AVG are very good free antiviruses. Choose one of them, download and install it. Update your antivirus and scan your system regularly.
Step 6. Download and install anti-spyware software such as Spybot Search and Destroy, HijackThis or Ad-aware
You can install several of these programs and scan your system regularly (especially if you surf the Internet a lot). Spyware hosted on many websites exploits security vulnerabilities in Microsoft Explorer and can install malicious code on your system without your knowledge.
Step 7. Download and install the firewall
Either ZoneAlarm or Comodo Firewall is a great choice. (Linux systems come with a built-in Iptables firewall.) If you are using a router, it increases security because it acts like a hardware firewall.
Step 8. Close all ports
To penetrate, hackers use port scanning (by default in Ubuntu Linux all ports are closed).
Step 9. Perform a penetration test
Start by pinging and then running an Nmap scan. The BackTrack Linux utility can also come in handy.
Step 10. Start a host intrusion detection system (HIDS), such as ossec, tripwire, or rkhunter
Step 11. Consider physical protection
Purchase a Kensington lock (to prevent computer theft). Set a BIOS password to protect access to your computer or removable devices (USB, CD-ROM, etc.). Do not use external storage media (flash drives, external hard drives, etc.) to store or copy important data, as they are the most vulnerable (they are easier to steal).
Encryption can be an effective tool against information theft. Encrypt your user account (completely, not multiple files). This affects the performance of the system, but pays off from a security point of view. Truecrypt encryption software runs on Windows, Mac OS X, Linux. To encrypt data on a flash drive, use the FreeOTFE program, which works in Windows and Linux. Mac OS X (10.3 or later) has a built-in FileVault encryption utility (encryption can take minutes to hours). If you are installing Linux Ubuntu (9.04 or later), select the "Require password to login and encrypt home folder" option. This uses the ecryptfs utility
Step 12. Use programs to hide and encrypt files, for example, Folder Lock (you can download it from the site
www.newsoftwares.net/folderlock/). This program allows you to hide certain files, folders or drives, encrypt them and set a password on them.
- The greatest danger to the computer is the user himself. Protecting your computer is up to you; if you do not update security programs or run suspicious programs, then you yourself endanger the security of your computer.
- Update your antivirus software regularly (often).
- Some viruses block antivirus programs from accessing infected files. In such cases, specialist intervention is required.
- There is a hugely popular podcast called Security Now.
- Take training at HackerHighSchool.
- If you've encrypted your data, don't lose the encryption key. Otherwise, you can say goodbye to data.
- Antivirus software is not always effective against viruses. Therefore, when protecting your system, do not rely on antivirus completely!
- If information must be destroyed to prevent unauthorized access to information, do not back up such information.