We originally wrote this computer security "how-to" nearly three years ago, but experts are still doling out the same advice. We've added a few new tips, focusing mainly on spyware and the importance of backing up your data. Follow these simple instructions and dramatically decrease the likelihood that you will run into serious security problems online.
1. Install and use a firewall. Considered the first and last line of defense, a firewall is a software program or piece of hardware that prevents unauthorized Internet traffic from entering or leaving your computer, particularly computers that are always left connected to the Internet (typically, Internet users who connect over DSL or cable modem fit this category). Properly configured, a firewall can give you greater control over your computer and prevent attackers from successfully scanning your system to learn details about potential weaknesses on your network or PC.
For a sobering look at the insecurity in the average operating system, consider the research conducted by The Honeynet Project. The project takes servers and computers "out-of-the-box" -- without any changes to improve or reduce their security -- and connects them to the Internet for the sole purpose of seeing how often they are probed and hacked, and what techniques attackers are using.
Based on the project's tests, the average unprotected Windows computer with the most common security holes will be hacked within 20 minutes. Even secured computers will be probed or scanned for known vulnerabilities dozens times each day. It's nothing personal, said Honeynet Project founder Lance Spitzner. "The vast majority of attacks on the Net today are launched by people out to break into as many computers as possible," he said.
Using automated software tools available online, a malicious hacker can set in motion a scan of more than a million computers before he goes to bed at night and have hundreds of systems under his thumb by morning, Spitzner said.
"It's not so much people not realizing they're vulnerable than it is they don't believe they're a target," he said. "The fact is, anybody can be a target."
The reasons attackers would want to break into your machine are as varied as the methods for doing so. Computer criminals often use other peoples' PCs for storing files that would be incriminating if found on their own machines, such as child pornography or lists of stolen credit card numbers. More frequently, criminals hijack computers for financial gain or as a means of attacking others with impunity.
2. Use anti-virus software and update virus definitions regularly.
Most new computers come equipped with anti-virus software already installed, but that software requires regular updates that tell the program how to identify the latest threats. In most cases, antivirus program installed on new PCs only provides the user updates for less than 90 days, so it's important to renew your subscription at that point or install a different anti-virus program.
Once executed on a vulnerable computer, most viruses transmit copies of themselves to all of names in the victim's e-mail address book. As a result, people who don't use antivirus software or allow their virus definitions to expire are putting their friends, co-workers and loved ones in the line of fire.