It's actually easier than you might expect; that low-priced consumer computer sitting in your living room may already be more secure than most multi-million dollar government and corporate networks. Intruders typically gain access to computers by taking advantage of glitches in networking software. The software required for Web sites and networks is considerably more complex than anything found on the typical consumer PC, and is therefore much more vulnerable to these bugs. With just a little bit of caution and common sense, you can make that home computer almost impervious to attack.
The first rule of to computer security is "maintain control over your software." Always know what programs are running on your machine, and never run anything unless you know how to configure it securely. If you use a single computer with a "consumer" operating system, such as Windows 95/98 or most versions of the Macintosh OS, this is largely a matter of turning off the "file sharing" function in the Control Panels menu.
On the other hand, if you have multiple computers connected to a home network or use a "high-end" OS like WindowsNT/2000, Linux/Unix, or Macintosh OS X, you have a fairly complicated task ahead of you and will probably need a firewall for reliable security. The same is true if you want to use any sort of network server or remote access software. Entire books have been written on these topics, and with good reason; do your homework before heading down this road.
The Viral Threat
The majority of all attacks on home computers come in the form
of viruses or trojan horses; by installing and launching
themselves surreptitiously, they represent a direct violation of
security rule #1. Most of these programs are little more than
nuisances, using up processing cycles or bandwidth. A few can
alter, delete, or transmit important files. By far the most
dangerous, however, are a handful of programs such as Trin00,
Back Orifice, and NetBus, which create "back doors" that
attacker can use to hijack your computer.
Luckily, antiviral defense is fairly straightforward. Most importantly, keep antiviral software active on your computer at all times. Use it to scan any software you intend to install on your machine, and schedule regular sweeps of your hard drives. Check your antiviral vendor's Web site for updates at least once per month. Be extremely wary of e-mail attachmentsÃÆ'Ã,¢Ã¢,Ã,¬"perhaps the most common way of spreading viruses and trojans. Never open any file e-mailed by a stranger, and if a friend sends an unexpected attachment, drop them a line to confirm before opening it. Treat downloaded files with the same caution; you're relatively safe downloading an upgrade from Netscape or Apple, but grabbing files from newsgroups and "warez" sites is just asking for trouble.
Surf Safe
As the basic user's primary network tool, the web browser
represents an important target for an attacker. If not properly
constrained by your browser, java, javascript, ActiveX controls,
and other elements embedded within web pages can take control of
your computer just as thoroughly as any virus (remember rule #1?)
and can do just as much damage. Moreover, as browsers develop
longer and longer feature lists, they also acquire more potential
security problems; for example, Microsoft's Internet Explorer
(IE) browser has a particularly bad track record in this regard.
The first line of defense against these kinds of vulnerabilities is vigilance. As security bugs are discovered, software vendors and independent specialists typically scramble to distribute fixes and publish workarounds. Check the Microsoft Security site or ZDNet's Security Updates page periodically to keep your browser up to date with the latest patches.
If you are still concerned about these security problems, you can also disable any or all of these features. Indeed, most security experts recommend turning off the Active Scripting function if you use IE, though there is no consensus on whether or not java and/or javascript constitute acceptable risks. Both present potential vulnerabilities, but also provide increasingly common functionality in dynamic Web sites.
Safe web surfing is not solely a matter of browser technology; how you use your browser can be just as important. Take everything you see online with a grain of salt. Always research an e-commerce site before you give it your business. Remember that most of the information transmitted through browser forms is insecure and vulnerable to eavesdroppers; don't send sensitive information unless you're using a secure connection (look for a lock icon in your browser and an "https://" prefix in the URL).
The Bottom Line
As intimidating as it may seem, you can keep your home computer
locked up tight. It may not make you 100% secureÃÆ'Ã,¢Ã¢,Ã,¬"most experts
agree this isn't possibleÃÆ'Ã,¢Ã¢,Ã,¬"but you can get to 90% without too
much trouble. Just remember:
- Turn off File Sharing;
- Take virus precautions seriously;
- Be wary about e-mail attachments and software downloads;
- Keep your browser up to date with the latest patches;
- Turn off Active Scripting;
- Consider the trade-offs of disabling java and javascript.
