The first half term of this academic year has seen a large rise in the number of students using infected mass storage devices such as memory sticks/Pen Drives, iPods etc. This section of the web site is dedicated to help you keep your home computers secure from virus infections and other malware. Advice on e-Security is freely available from the ICT department as is virus checking of memory sticks.

Securing your home computer is best done as a series of layers of security, each of which the malware has to pass through to infect it. This guide gives simple suggestions on how to achieve a good level of security. It is aimed at users of computers running some form of the Windows operating system which is the main target of most malware. Users of the Apple Mac OS-X or Linux operating systems are already running a good level of security by default but should not be complacent. All the software suggested is free and has all been tried and found to be effective. There are many other alternative applications, free and paid for that will work just as well.

Layer 1 - Good security practice

You can go a long way to avoiding infections by adopting good security practice when using your computer.

When online:

• Only visit sites that you trust. Check that you have entered the address correctly, small grammatical errors can take you to unsafe sites.
• Set the popup blocker and only allow popups on trusted sites.
• If visiting sites like online banking, never click on a link to get you there. Enter the address by hand.
• Avoid peer-peer file sharing services, these are often full of malware.
• If online shopping look for a padlock in the browser window that shows that the site is secure.
• Do not agree when sites ask to download an application or Active-X control to continue unless you are really sure that it is safe. You may suddenly find an unwelcome visitor on your computer.
• Use an alternative browser to Internet Explorer. Suggested applications are Firefox, Opera, Chrome, Safari.
• Use a site advisor. These give a real time guide to the security of sites before you visit them. Suggestions are McAfee Site Advisor and Web of Trust.

Using e-Mail:

• Only open e-mails that are from sources that you trust.
• Never open attachments unless you are sure that they are not dangerous.
• Set the e-mail view options to text only and do not display images.
• Use an email client other than Outlook Express. Thunderbird is a good choice.

Mass storage devices:

• Scan mass storage devices such as memory sticks/pen drives, memory cards, iPods for malware on a regular basis.
• Keep an eye out for security warnings when plugging in a mass storage device that has been used in other computers.

Sensitive/important data:

• Do not keep sensitive or important data such as passwords, bank/credit card details, documents, images, music on the computer hard drive. Use external hard drives and only turn them on when you need to use the files.
• Back up important data to at least two separate places. CD/DVD storage can be unreliable.
• Encrypt important data such as passwords. A suggested application is Truecrypt.

Layer 2 - The firewall

The firewall controls movement of data between your computer and the Internet and as such is an essential layer of security. For best protection, you should use both hardware and software firewalls.

Hardware firewalls

• If you connect to the Internet via a broadband/ADSL router, you may already have a hardware firewall installed. You should check to see if your router has a firewall (most have) and if it is turned on and set up correctly. You may need to get this information from your ISP support as there are many models of router.
• If your router does not have a firewall or if you connect by broadband/ADSL modem, then you should think about replacing it with a router equipped with a firewall. These are available from most computer/electronic goods shops and online suppliers. Make sure that it is suitable for your connection before buying.
• Broadband users with cable should check that the router firewall is on and dial-up users will not have a hardware firewall.

Software firewalls

• The Windows firewall is effective at blocking unauthorised entry to your computer from the Internet. If you use this firewall, make sure that it is enabled. In XP go to Network connections, rght click on the Internet connection listed and then the Advanced tab.
• The Windows firewall will not control or alert you to unauthorised connections to the Internet from your computer. A lot of malware such as spyware and trojans communicate information back to their owner this way. Install a software firewall to block and alert you to this activity. Most firewalls have an early learning phase where they decide what is legitimate traffic on your computer and will generate quite a few pop ups. This is nothing to worry about though you should check what they are telling you and respond accordingly.
• Suggested applications are Comodo firewall (enable Defense + and disable Comodo Antivirus) and Outpost firewall.

Layer 3 - Anti-virus applications

Anti-virus applications detect, prevent and remove many types of infection. You should always keep the signatures up to date (set auto updating) and schedule regular full scans.

• Suggested anti-virus applications are Antivir, Avast, AVG and Microsoft Security Essentials.

Layer 4 - Anti-malware applications

Anti-Malware applications do a similar job to anti-virus but cover other areas of Malware. As with Anti-virus it is important to keep signatures up to date and scan on a regular basis.

• Suggested anti-malware applications are Malwarebytes, SuperAntiSpyware and Spyware Terminator.

Layer 5 - Computer setup

Your computer setup can have a big effect on security.

• In XP run as a limiter user account. Most people run as an administrator which is very dangerous. Follow these instructions to set up limited user accounts.
• Make sure that all accounts use strong passwords that are at least six characters long with lower and upper case letters and numbers.
• In Vista and Windows 7, make sure that User Account Control (UAC) is turned on. Many people turn it off because of the annoying pop ups but doing this lowers your security considerably. Advice is given here about setting up Vista UAC correctly.
• Keep your operating system up to date by running Microsoft Update. This will download security patches and system updates. Set your computer to update automatically. This can be done via the control panel.
• Use a software vulnerability scanner such as Secunia PSI. This will scan every application on your PC and tell you when they are out of date or a security risk and how to resolve the situation.

For further advice

Further advice on computer security can be found in the following links.

• Microsoft Online Safety Centre
• Get Safe Online

Liability

While the advice and software suggestions given in this guide have been tried and tested, the number of possible computer hardware and software permutations along with the possible effects of malware infection means that Fisher More Humanities College cannot be held liable for any direct, indirect or consequential loss or damage incurred by any user following the advice given. The links given in the above text lead to external Internet sites. Fisher More Humanities College is not responsible for the content of external Internet sites.