Win XP Security - Are You Open to Attack?
Windows
XP and security
Internet Explorer and SP2
What's a firewall?
Recommended
firewalls - free & not free
How
to turn off Windows XP
firewall
Port
scanners and stealthing your ports
Browser
wars
Choosing an anti-virus
Anti-virus and firewall limits
Spyware
Windows XP updates
[ next ]
If
you're a novice, or average, computer user after reading this you'll
know more than nearly half of all computer users, since it's estimated
that over 40% of computer users don't have both antivirus protection
and a firewall. Many people don't understand the vulnerabilities
of Microsoft's Windows, and their software, to exploits and attacks.
Thinking it won't happen to me is foolish. It can happen and
does to millions of computers! That's how viruses, Trojans and exploits
spread throughout the Internet.
If you doubt most computers are vulnerable to attack:
"Two of every three computers are running software that contains a critical security hole, according to statistics released by vulnerability scanning company Qualys. The data, based on more than 32 million vulnerability scans, spans three years. In all, 21 million critical vulnerabilities were identified in that period, which could allow an attacker to take over a machine or get access to sensitive data, said Gerhard Eschelbeck, chief technology officer at Qualys." eWeek, November 21, 2005
* What is that sign above that displays information about your computer? I'll let the sign's author explain:
When
you view the sign, you will see your IP address and computer info. When
others view the sign, they will see THEIR information. Try it, ask a
friend to visit danasoft.com.
They won't see your IP, they will see their IP. Your information is
never shown to others. This is always true, no matter where the Danasoft
sign appears (within web pages, emails, etc).
Whenever you visit a website, your IP address is automatically broadcast to that site, and it's even broadcast to those sites that you don't visit when you load a website that contains images that are hosted by a third party, such as advertisements. When you load the Danasoft signature from a webpage, your IP address is automatically broadcast to us, just like any other site. Danasoft.com does not "hack" your computer to obtain your IP address. One of the purposes of the sign, besides for fun and amusement, is to spread awareness that your IP and other computer information is known to every website that you visit. If that concerns you, there are software programs available to mask your IP and other information when you surf the web, search Google for those.
Windows XP comes out of the box with as many security holes as Swiss cheese
Microsoft
is notorious for releasing software prematurely and being lackadaisical
about security. Since Windows is the most widely used OS (Operating
System) it's going to attract more attempts at poking holes in it --
exploits are continually being found. Microsoft has tried to clean up
their act with Vista and IE7. However, this article is about Windows
XP and I still wouldn't trust IE7, especally with free and more secure
Firefox
and Opera.
For these reasons, Microsoft has to continually release patches and
critical updates.
"Any computer that's connected to the Internet without antivirus and firewall protection is a disaster waiting to happen." Security Suites, Neil J. Rubenking, PC Magazine
SP2 - Service Pack 2
SP2 (Service Pack 2) is Microsoft's 'answer' to security risks in XP, that they should've addressed years ago. You most likely have SP2 already installed. To find out right-click on My Computer, Properties, General tab, look under system.
When installed SP2 tries to turn on Window's firewall, but even SP2's firewall doesn't provide adequate protection. It only monitors what's entering your computer, not what's leaving. You could be broadcasting a virus, worm or Trojan. Use a better firewall!
To
see what security you have enabled, and if you have automatic updates
turned on on, click on Start, Settings, Control Panel and double-click
on the security icon (shown at left).
Don't let SP2 lull you into a false sense of security, as a Windows tech said:
"Microsoft can change fixes to patches, patches to service packs, service packs to updates all it wants. These are just distractions and diversions from the core problem. Windows at its foundation is unsecure. Microsoft's 'Trustworthy Computing Initiative' is nothing but a PR process to condition public opinion and sanitize reality. The reality is the king has no clothes."
In
SP2, Microsoft has tried to address security flaws inherent in their
Internet Explorer web browser by adding an irritating yellow "Security
Warning" bar (above) everytime a website, that isn't on your trusted
sites list, tries to run javascript or an ActiveX component. Then you
have to click on the yellow bar, "Allow blocked content,"
then an "Are you sure? window.
ActiveX runs enhancements on webpages, like Flash animation or audio (it's also used in video games). Javascript creates animations, webpage counters and other effects. The vast majority of the time running ActiveX, or javascript, isn't malicious and some webpages won't display correctly without it (like this one!).
Not that there aren't malicious websites that will try to harm your computer with ActiveX or javascript. If you go to a website that looks suspicious it's a good idea not to run either. Websites with adult content (porn) have the most chance of containing malicious code. But 99% of the time running ActiveX or javascript is safe. If, after reading this, you still want to use Internet Explorer, upgrade to IE7, which is more secure (though still not as secure as Firefox or Opera) than IE6. IE7 can be downloaded from the Microsoft update webpage. Click on Start, Microsoft Update.
To add a website to your trusted sites in IE
Click on Tools, Internet Options, Security tab. Next to Trusted sites click Sites and add the URL, or website address (ex. yahoo.com), click OK, OK.
If you only have anti-virus your computer is only half protected!
A firewall basically has two main functions. First, it monitors everything coming into and leaving your computer. It's like a fence around your computer. If it sees something you haven't allowed, or appears to be suspicious like a port scan or Trojan, it will block it or ask your permission to allow it. As previously said, Windows firewall doesn't monitor data leaving your computer to prevent personal information, or sensitive information about your computer, from being sent to another party without your knowledge.
Secondly, a firewall monitors your computer for malicious programs.
A firewall will not stop all information from leaving your computer such as your IP (Internet Protocol) address, OS (Operating System), ISP (Internet Service Provider), web browser and monitor resolution. None of this information is particularly dangerous to transmit. The IP address is needed to identify your computer, so other computers know where to send data. Some webpages need to know what browser you're using to tailor the HTML, the code the web browser understands. What a firewall should block from leaving your computer is sensitive information, like your credit card numbers, bank account info, passwords and so forth.
geek explanation of a firewall
Recommended firewalls (free and not free)
Comodo is a free firewall and was PC mags Editor's Choice. I dumped it after it interferred with other software on my system. However, it's fairly user-friendly and might be a good choice. I use Jetico firewall that you can download here. It might be intimidating for the novice user and the latest version is shareware, but the free version is still there. I use the free version and it's worked well for me, but I'm a gearhead. There are several other free firewalls. You can find links and reviews of both free, and licensed, firewalls here.
Symantec's Norton is a popular utility suite that includes a firewall, anti-virus, and different system tools depending on what suite you buy. It's relatively user-friendly and usually draws high ratings, but can be expensive and has a fairly large footprint on your computer. I no longer use Norton because of the yearly fees and hit on my computer's resources.
Zone Alarm is another popular firewall, though they dropped the free version. You still may be able to find the free version with a bit of searching.
Once you have installed another firewall, you'll need to turn off Window's firewall (if it's enabled).
How to turn off Windows XP SP2 firewall
Click on Start, Settings, Control Panel. Double-click on Security Center, under Manage Security Settings for, click on Windows Firewall, click Off, OK.
Port Scanners and stealthing ports
Ports
allow your computer to communicate with other computers on a network
and the Internet. Port scanners are used to diagnose network problems,
but can also be used by crackers
or black
hat hackers, not to be confused with hackers,
or white
hat or ethical hackers to discover open, hence vulnerable, ports
on your system. Stealthing your ports offers the best defense
against port scanners, or sniffers. Most firewalls allow port stealthing.
Browser wars - Netscape v. Internet Explorer v. Firefox
Netscape was the first popular web browser, but was bullied off the market by Microshaft who then included Internet Explorer with Windows, which rapidly took over the browser market. Mozilla is the name of the source code that Netscape uses, who decided to release the code free to the public. This type of software is called open source, because the code is available to anyone to use and improve. Whereas, MS Windows is closed source meaning the code is proprietary and you must rely on Microsoft to keep the code secure.
Firefox grew out the Mozilla source code. Firefox is a safer web browser and is cross-platform, meaning it can be used on either Linux or Windoze. Linux, though less popular than Windows, is a more secure OS.
Is Netscape the same as Firefox? Not by a long shot! The Mozilla code that Netscape uses is still proprietary and not openly available, so it cannot be tested and improved by thousands of people. For more discussion about Firefox, Netscape and IE click here.
There are many anti-virus programs, some free; though many charge a fee, like Norton that requires you to 'renew' its software each year. I use free AVG. There are several websites that compare anti-virus programs and since they are constantly changing I won't list them here. I suggest doing a google search and checking out the various comparisons.
It's important to familiarize yourself with both your anti-virus program and firewall and keep them up-to-date. A firewall is your first defense against attacks and most have settings for different levels of security, what programs can access the Internet, ways to allow trusted websites, etc. Scan your system for viruses at least once a week. Most anti-virus software have schedules that autorun virus scans.
Anti-virus programs and firewalls have limits
Just because you have an anti-virus program and firewall doesn't mean your computer isn't vulnerable to attacks!
There are ways around these programs. Your anti-virus looks for known viruses. The virus has to already be on the Internet to be known. Some exploits are designed to circumvent and disable anti-virus / firewall software. That's why you need to make your computer itself more secure!
Windows, Internet Explorer and Outlook / Outlook Express are particularly vulnerable targets. If you're using IE and / or Outlook/Outlook Express switch to another web browser, like Firefox or Opera and Mozilla's email client Thunderbird or Eudora.
"The [Outlook Express] product has been under fire since its release, and almost every major virus uses Outlook's open-door security policy to turn individual mailboxes into spam-o-matic emailing machines." John Dvorak, "Microsoft, Fix Your Software!" PC Magazine, Nov. 20, 03
Spyware
are
small programs surreptitiously put on your computer that track and report
your web surfing activities to various parties. They can be put on by
websites as cookies, or by programs
(like Gator and Cute FTP) you download off the Internet. Iwon.com
is an example of a site that puts spyware on your computer. Some programs
won't work without the attached spyware. Even when you uninstall the
program the spyware often stays on your computer using its resources
and reporting your websurfing activities. Before downloading software
from the Internet be sure it's spyware-free.
Anti-spyware software
There are several programs that scan your system for spyware. Two good ones are Ad-aware
by Lavasoft and SpyBot. SpyBot was recommended by PC Magazine. There are also programs that monitor your computer in real-tme and alert you when spyware is attempting to copy itself to your computer. If you're an avid websurfer I recommend regularly scanning your system for spyware. Be sure you have the latest version/updates so you'll have the latest spyware definitions. Run virus scans on programs you download off the Internet.
Windows XP usually installs with auto-update enabled. This assures you'll have the latest updates installed on your computer, but it also installs stuff your probably don't need and could make your computer unstable. I recommend disabling auto-update and doing it manually, as long as you check for updates every week or two. To manually check for updates click on Start, Windows Update. Microsoft's Windows update page will only work with Internet Explorer, but using it only for updates shouldn't be risky. Choose Custom (instead of Express) updates on the MS Update webpage.
Sometimes there are updates you don't need. For example, I don't use MSN Messenger so I don't download Messenger updates. You can see what Windows updates you have installed by clicking on Start, Settings, Control Panel, Add or Remove Programs and checking Show Updates.
I don't recommend using Microsoft's drivers for your hardware, i.e. video cards, sound cards, etc. They can screw up your computer! Use drivers from the manufacturer's website or trusted third-parties.
When you go to Microsoft's update webpage it scans your computer to find out what updates are needed. Your firewall might see this as an attempted intrusion and block it. If this happens add Microsoft's URL (Universal Resource Locator) to your firewall's trusted websites. You can approve the entire Microsoft domain, including updates, by using *.microsoft.com. The asterick, before .mircosoft.com, denotes a wildcard. Used this way it will allow everything from .microsoft.com (the asterick wildcard is a carry-over from DOS).
home
| my story | ask tara
| photos | female walk
| female voice | SRS
| beginning your transition
hormones | who she
wants to be | journal | end
drug prohibition | bio | contact
what men really mean | just another night in Oakland | photo portfolio | comments
"Customer support's purpose isn't to help customers, it's to protect management from customers." - ex-Amazon.com customer service employee.
