Secure Surfing
I’m always being asked to fix friends and relatives computers and most of the time the problem turns out to be some sort of malware. Out of the box Windows XP is very insecure. That’s not to say Windows XP can’t be a secure operating system. By default XP has enabled services that, for most users, are not necessary. Services like telnet, remote registry and remote desktop are not necessary and can be outright dangerous.
Elaborate suites of security software are un-necessary on a properly configured system.
Using the recommendations listed below I have been running Windows XP without a software firewall or any actively running anti-virus/anti-spyware software for more than a year without picking up any malware at all. Once a week I run a scan with Spybot - Search & Destroy and ClamWin anti-virus. The only thing I’ve found has been the occasional tracking cookie.
Watch Your Behavior
Your online behavior is the biggest single factor in preventing malware and keeping your personal information safe. Visiting un-trusted sites and downloading questionable software will almost always result in some sort of malware.
Opening email attachments is another risky behavior. All sorts of nasty things are spread via email. Even if you get an email from a trusted friend with an attachment, don’t open it! One of the tricks used to propagate malware is to infect one computer, and then send a copy of itself on to everyone in that computers contact list. If you need to send an attachment, let the recipient know beforehand. Even following links in un-trusted emails can be dangerous.
Get a Router
Installing a NAT router between your computer and your Internet connection is the first and one of the most effective things that can be done to prevent malware. A NAT router is a hardware based firewall that blocks all unsolicited incoming connections.
Your cable or DSL modem could have a NAT router built in. To find out, Open your web browser (you should be using FireFox) and type “192.168.1.1″ (not the quotes) in the address bar. If a web page pops up you’re in good shape. Look for Firewall options and set them accordingly.
Use Firefox
A lot of malware is written to take advantage of Microsoft Internet Explorer. FireFox also has add-ons that help keep you safe such as No-Script and AdBlock Plus.
Run as Limited User
A Limited User is just that, limited and can not make system changes or install software. If you should happen to run onto some nasty web site that would try to take over your system the malware will run with limited privileges and not be able to make system changes.
Go to Control Panel > User Accounts and set all users to “Limited User” instead of “Administrator”. You will first have to create a new account and set it to Administrator before setting the other accounts to limited user.
Stay Updated
On the second Tuesday of each month Microsoft releases patches and updates. In theory when Microsoft discovers or is made aware of security vulnerabilities in their software they release a fix for it. Your best bet is to stay updated!
Disable Unnecessary Services
I’m not sure how you do this in Windows XP Home but, in XP Pro right click MY Computer and select Manage, Click on Services and Applications. Double click Services and you’ll see a list of services and their status.
There are plenty of sites out there that have lots of good information on all the Windows services, exactly what the do and weather it’s safe to disable them. Just do a Google search for ‘Disable Unnecessary Services’ and you’ll find everything you always wanted to know and more.
Another benefit of disabling unnecessary services is a quicker, more responsive system that uses less memory.