You buy a new computer and you bring it home, set it up, connect it to your DSL or cable modem and before you know what hit you, your computer is infected. Your computer can be infected in as little as 20 minutes without the proper protection. Don't take my word for it; SANS Institute Internet Storm Center tested it and they came up with an average time of 20 minutes. Look for yourself here. If that wasn't frightening enough, they say that it is half what it was last year. Assuming this speed increase every year, that means next year it will be 10 minutes.
So what is a user supposed to do? As they say, abstinence is always the safest action. For those of us who simply can't stay away, there are things you can do. I will outline all the practices and software/hardware you should be doing/using/installing.
Before I begin, there are some caveats to what I am spelling out in this article. First of all, I make no warranties either express or implied as to the security of your system. These are best practices; no one can guarantee that a computer won't be infected even with the most stringent of security measures. Second, I will be recommending various software packages. These are not intended to be an endorsement of any of them. They are simply packages I am currently using, and have not found any problems with them.
Routers
If you have either a DSL or cable modem connection, a DSL/Cable router is a good investment. This is a piece of hardware that would be purchased and then the DSL/Cable connection would be hooked to the router. Then you connect your computer to the router. The advantage of a router is that it performs what is called NAT, which stands for Network Address Translation. I could go into a long technical explanation of how it works, but the simple nuts and bolts of it is that it hides the computers connected to it by using different IP addresses than what is assigned by the ISP. It funnels all of the requests made by the computers connected to the router into the one IP assigned by the ISP. The security advantage to this is that any worms coming in can't connect to the computers because it would be addressing the router. Therefore, only outbound connections are the working connections. Even if you only have one computer this is a good choice.
Go To Page: 1 2
| Here's the follow-up discussion on this article: | View all related messages |
For a complete listing of article comments, questions, and other discussions related to Thomas Williams's PC Security topic, please visit the Discussions page.