Basic Windows Security

Basic Windows Security

March 3rd, 2012  |  Published in Security

Every once in a while a family members and friends will me ask a couple of windows security questions on how to set up this and ask opinions on several different pieces of software, etc. So I thought I would write down a couple of thoughts on basic pragmatic windows security for you home computer. It is by no means complete but, it gets pretty far down the line.

1) Create a non admin account

This is a big one. In the Linux word having your main login account not be an admin account is virtually imposed on you from the second you install Linux. However, in the windows world this is not. In fact you have to explicitly set this up. Here is a pretty good video addressing this concern.

Windows System Security Part I from Devon Greene on Vimeo.

2) Personal Software Inspector (PSI)

One big feature that is in Linux that is explicitly not in Windows is a way to check to see if your applications are up to date. Part of this reason is that most flavors of Linux have an desktop interface that allows you to freely install hundreds of applications over the internet – because it knows which applications you’ve installed and has a repository if a new update for your application comes out it lets you know and requests you install that update. Thus, eliminating a lot of security bugs as they arise. It’s a bit on par with saying, “Hey Windows has a system update do you want to install it?” for all your applications.

Personal Software Inspector brings this Linux feature in to the Windows world. And it is a must. It will scan which applications you have installed on your computer and compares the version number of the most current application in their database. If you don’t have the latest version it will request that you download it keeping your system more secure.

3) Microsoft Security Essentials

Every Windows machine needs a anti-virus program. There are lots of opinions as to which anti-virus is the best and the only thing I can tell you is that no anti-virus is perfect. One anti-virus application will catch things that others miss. I’ve seen it in real life many many times. So since no anti-virus is perfect which one do you go with? In the past I’ve used Kaspersky, Symantec, AVG, McAfee, Avast, etc. All of them do a fairly decent job. My main complaint against some of them is the amount of resources they use on your computer but, generally speaking they are all fine.

For me now I tend to you  Microsoft Security Essentials. I like it. Fairly low on the resource utilization end of things, a simple interface and probably one of the bigger points it is totally free and doesn’t pester you to buy their ‘Pro’ version of their software.

4) Zone Alarm Firewall

You probably need a firewall. I kind of put this in the optional category for two reasons: first, windows does have a fire wall and is enabled by default (most don’t know how to make it work exactly right but, it’s there and it works) and second, firewalls can be a little tricky at times especially novices.

I like Zone Alarms free personal firewall for one specific reason, it tells you “Hey, application x wants access to the internet! Is this ok?”. It’s application access control does a pretty good job and is a good thing to have on your computer regardless.

5) CCleaner

I love CCleaner! It’s one of the first applications that I install whenever I buy a new computer or do a fresh install. It essentially cleans your computer of garbage files, your internet cache, temp application data, etc. And “it just works”! CCleaner also has a lot of features that come with it like the Registry cleaner – there are a lot of pro/cons for these types of tools. For the average user it is probably best to use some of the features.

6) Spybot – Search &? Destroy

You probably need Anti-Malware/Anti-Spyware application. There are somethings that are in the “gray” area when it comes to viruses. Somethings are not necessarily viruses or trojans persay but are tracking pieces of code that an anti-virus scanner might not trigger. Or sometimes anti-virus systems are not as good at removing that’s why I like Spybot it tends to do a pretty good job at getting those last couple of things out.

7) Revo Uninstaller

Having a good un-installer is a great thing to have. Often when you un-install something files are still left on your computer or items are left in your registry. The Revo Un-installer take care of this job fairly well.

8) Virtual Private Network VPN

I travel a couple of times a year for work and sometimes work out of a coffee shop and for me a Virtual Private Network (VPN) is pretty much a must. A VPN is normally software or setup internet connection that routes your internet traffic through an intermediary and the great thing about this is that it is all encrypted. I only mention this because I have personally witnessed a guy at a Starbucks sniff traffic using wireshark but, it wouldn’t be needed in your own home.

9) Different Browser & Plugins

First tip here is try other browsers. Two of my favorite browsers are Firefox and Chrome. Chrome from a programming point of view is probably the most secure as it implements on of the best sandboxing methods I’ve seen. But, I still have a big soft spot for Firefox.

The most important thing to consider and often not use aspect is the use of plugins. There is a list of plugins you may want to consider:


Related Posts

Sql Injection Testing With SqlMap
CMS Explorer In Back Track