Personal Computer Security

Network Operations Center -- updated 08/2007

Emergency Help: Do you think your PC is infected with a virus or infested with spyware? Login with your Dowling network/email username and password here and get help!

This document is aimed at PC users at home or in the Residences. Recommendations for secure computing on faculty and administrative PCs on campus are at this page.

You might be using Windows Vista, or a Mac, or some version of Linux. The general principles here apply but specifics do not.

It doesn't take much effort to protect your PC from external attack, but like everything else, the more effort you expend, the more results you'll get. You need to start with at least the following:

  1. regular visits to WindowsUpdate
  2. antivirus software
  3. anti-spyware software

For the more diligent, we also list additional measures you can take to protect your PC.

Note: If you have just gotten a new PC the very first thing you should do is follow the excellent, detailed instructions at this location: http://www.sans.org/rr/whitepapers/windows/1298.php. The average "survival" time of an unprotected PC on the internet is about 5 minutes!

Windows Updates

Most people use some version of Microsoft Windows on their PCs. Since Windows is so pervasive, it is targeted more often than other platforms by various forms of malware. Microsoft strives continually to repair problems, and provides updates, mostly free. Visit the Microsoft Windows Update site and follow the instructions there to make your PC automatically update itself whenever a flaw is fixed.

Technical note: some people unknowingly have unlicensed copies of Windows XP. For them, Windows Update will eventually fail, when they try to install one of the major updates. A properly-licensed copy of Windows XP is necessary in order to reliably update your PC at Microsoft's sites.

Antivirus Software

A computer virus by definition attaches itself to legitimate programs, reproduces by infecting other files on your PC, then copies itself to other PCs by way of e-mail, file-sharing programs, chat programs or other methods. Worms, their close cousins, don't attach themselves to another program but exist as separate programs and reproduce in similar ways. Trojan horse programs are malicious programs hidden inside useful programs or websites. These various types of malware can cause damage to PCs by deleting files, corrupting data or making your computer inoperable; they can provide unauthorized access to unknown people for the purpose of stealing your data.

Antivirus software protects you by (1) detecting malware on your hard disk, (2) detecting activity that looks like malware activity, (3) wherever possible, blocking such activity and deleting the offending programs. A good antivirus program acts as a watchdog who wakes up and barks at any sign of intrusion.

There are a few free antivirus programs, many of which do a good job of protecting your PC. You may find that it's best to buy a commercial antivirus from a well-known company with the resources to "stay on top of" the problem. Some of our favorite antivirus programs are:

Note our preference for single-task programs. Many security vendors sell comprehensive programs but most of them try to do too much, and a as a result they slow your PC down by taking up too many resources. Simpler is better.

It is crucial that you subscribe, for $20-40 per year, to your antivirus vendor's update subscription program. New viruses are detected EVERY DAY, and you MUST update your antivirus program's detection list frequently. Dowling's administrative PCs update every two hours!

A good antivirus program and update subscription is step one, but it's not enough...

Anti-spyware software

As the web has evolved into a commercial marketplace, advertising has become a big business. It has become very profitable to find ways to target ads instead of sending them out at random. Your browser may even be "hijacked" to always go to one set of vendors web sites when you try to go anywhere else. Targeting and redirecting of this sort is usually done by installing "spyware" on your PC.

How did this software get installed? There are many ways. Usually, you have downloaded a program offered to you for "free". When you install it, there is a legal notice that you must OK - most people ignore them, but somewhere in the notice you are giving your permission to install additional software besides the "free" program. There are many other ways that spyware can be installed, but this is the most common.

If you do enough web-surfing, your PC may have several hundred spyware programs installed! Eventually, your PC is spending so much time reporting your behavior that it scarcely has time to allow you to engage in it. Your PC slows to an unusable crawl.

The solution to this nightmare is to install anti-spyware software. Anti-spyware programs and antivirus programs are closely linked, and as the industry matures you will be able to buy one program for both types of protection. Trend Micro's product listed above is an example of this tendency.

Our favorite anti-spyware programs include:

We recommend you obtain at least one of the above programs. Look for the ones that provide BOTH frequent updates AND "real-time" protection.

Additional Measures, More Information...

There are a few other things you can do to prevent viruses, worms, popups and tracking software from infiltrating your PC:

  • Secure your PC right from the start. Follow the instructions at http://www.sans.org/rr/papers/index.php?id=1298 to lock it down BEFORE you connect it to any network. Don't become a statistic!
  • Install a personal firewall on your PC. Discussion is here, and includes links to several free personal firewalls. If you use Windows XP with Service Pack 2, it contains a personal firewall that's turned on by default. WinXP's inbound-only firewall is slightly better than no personal firewall at all, but you'll want one that monitors outbound ("phone-home") connections as well.
  • Try using another browser besides Internet Explorer. The majority of spyware operates most effectively on the browser most people use. Be different! Try FireFox, Mozilla, Netscape or Opera, all of which are free!.
  • If you must run Internet Explorer, goto this page and find the section about Enough is Enough, or go to this page and download ScriptSentry. These freeware programs that gives you much greater control of the security features of IE.
  • Read carefully any licensing agreements displayed when you install software. If it includes language about tracking your behavior, abort the install and find another program. KaZaA? NO! (see Sections 4, 8, and especially 9). ShareAza? Yes! (No spyware - GPL license.)
  • Run a program like WinPatrol or SpywareGuard to alert you to programs trying to install themselves. Most antispyware programs also contain an "immunize" function that does the same thing.
  • Run a program like SpywareBlaster, or install the "inoculate" feature of your anti-tracking software, to add another layer of protection against unwanted software installs.
  • NEVER, EVER open an e-mail attachment unless you are expecting it - even if it looks like it came from a friend or relative. Unrequested attachments are usually viruses! Consider any attachment to be the electronic equivalent to a mail-bomb, and act accordingly. We're repeating this warning here because it's important.
    • "No legitimate organization on the planet will EVER send you an update file attached to an email message."
    -- Patrick Douglas Crispen, http://www.netsquirrel.com/

Securing your PC and making the Internet a useful resource requires some work and study. Below are some resources to help you take your skills further. If you find others and would like to share them with other Dowling students, please e-mail them to the noc(at)dowling.edu .




© 2007 Dowling College