Governing Windows Into Submission: Part One
System Protection
Windows can be a beast of burden and difficult to tame for some. With the right tools, it can be done. Here are several programs and security tips that I recommend.
There are no firewalls listed except for Comodo Internet Security because third-party firewalls are not average PC consumer friendly. While there are numerous third-party firewalls available that are freeware, I will not make recommendations for them yet.
Spybot - Search & Destroy: Passive anti-spyware, freeware. When it comes to passive anti-spyware software, there are a few really good choices. The difference between passive and real-time is that passive needs to be manually updated and given commands to perform its duties, such as scanning. The first and best anti-spyware program I can recommend is Spybot - Search & Destroy. It is far more aggressive than Lavasoft Ad-Aware, comes loaded with options to check all internal aspects of your system, and can switch from Advanced or Normal user modes. As always, the scans are dependent on the speed of your system. The immunization is actually the most important function as it tricks spyware to think that it is already installed on your system. Though, leaving immunization alone for a week or two is fine.
Spyware Blaster: Passive anti-spyware, freeware. Automatic updates with a license purchase. This software immunizes your system from threats. It works as well as promised and has the option to automatically update with the small purchase of a license. Definitely well worth the donation to keep up pre-emptive defenses. There is not much more information that I can give aside it's a great companion to have for any anti-spyware program.
Spyware Terminator: Real-time anti-spyware software, freeware. I am in love this internet security suite. This software is not recommended for everyone, but can be configured to a comfort level for most. This software can be built up for the true paranoid user. You have advanced options for HIPS (Host Intrusion Protection System), optional integrated anti-virus ClamAV, great custom scan options, automatic updates, great system alerts and warnings, black, white and review lists, immunization, browser favorite scans, cookie scan, and even anyway you want it custom real-time protection. Spyware Terminator is not only a one man army of anti-everything, but it is completely free and highly customizable. Highly recommended.
Comodo Internet Security: Real-time Internet Security suite, freeware. My favorite anti-virus with an integrated firewall. I've been using Comodo products for years and they have never let me down. I've used just about every anti-virus on the market; be it freeware, registerware, or licensed. This guy has everything you could want in security. Automatic updates, great virus defense, HIPS called Defense+ that can be tweaked to comfort levels, a very nice and configurable firwewall, and so much more worth writing. Not to mention that if you don't need a firewall, because many normal users don't need anything more than Windows Firewall, which should always be enabled if you have no other third party software, you have the basic Comodo anti-virus option.
Comodo Memory Firewall: Real-time protection, free. Straight from the Comodo website, "Comodo Memory Firewall is a buffer overflow detection and prevention tool which provides the ultimate defense against one of the most serious and common attack types on the Internet - the buffer overflow attack." This tiny utility sits by itself and never seems to bother you, but it remains to be very important in a constant battle against identity theft, anti-zombie PC, and many more typical, but severe, exploits that could render your system dead.
AVG Products: Real-time protection. Back in the day, I was very fond of AVG and recommended it to everyone. Now with security requirements rising, AVG no longer gets the job done and has been proven to be worse than past versions of Norton. Now that Grisoft has gone almost strictly retail, the free real-time protection is no longer there and you have to pay for once decent freeware to a not so decent program that requires a license. I do not recommend AVG to anyone. Comodo has become what AVG might have been trying to obtain, but failed.
Comodo Products: Such a beautiful wealth of great freeware. No shareware, trialware, or registerware here. Though, these applications are not as important to your systems health or novices to the previously mentioned, they are worth a close look:
- Comodo Verification Engine: Protects against phishing and fraudulent attacks. If anyone has used McAfee before and their forever false-positive reporting SiteAdvisor will prefer this little guy. Not useful if you don't surf the web much, but great for those that stumble around. Easy to use.
- Comodo iVault: A lovely encryption storage software. iVault is lightweight and easy to use. With 256-bit encryption and anti-keylogging methods, many would benefit from iVault. If you save passwords for websites, phone numbers, credit card numbers, and pretty much everything else, but you worry about the safety of them, this should be your weapon of choice. One-click logon for websites and applications. I recommend this over an encrypted text file on your desktop!
- Comodo AntiSpam and Comodo SecurEmail: Great security, anti-spam, and encryption options. With both of these, you will not have to worry about junk mail, spam, and anyone else reading your digital messages as they will all be encrypted. Though, these two pieces of software are only useful if you use Thunderbird, Outlook, IncrediMail, Eudora, or other clients. Invaluable if you do, though.
Avast! Home: Real-time anti-virus, registerware. I have only used Avast Home for a very short period of time before switching back to Comodo. I did run Avast through a guantlet, but it seemed to offer a good deal of protection. This is definitely the pick for the common casual user that doesn't need to worry about alert after alert when new programs cause a stir. It's basic, easy to use, has some decent options, and will not annoy you until you figure out how to reach a comfort zone. Important note: You will have to register with a valid email address to keep updates and real-time protection going within 14 days. You only have to do this once and Avast! Home is completely free.
TrueCrypt: Encryption software, freeware. Not only does it give you the choice between multiple combinations of multiple different encryption algorithms, it has some really advanced encryption options. While it does have the basic Create-a-Container encryption method to mount as a drive, it offers so much more. You are able to encrypt your entire hard drive or just your operating system partition.
What about that flash drive in your pocket? What if that fell into the wrong hands? Well, with TrueCrypt, not only can your encrypt that entire drive, but you can create hidden partitions that are encrypted as well. You can hide crucial files in these encrypted partitions or containers and then hide the extremely important files in the hidden partitions or containers in the already encrypted partitions or containers. Perhaps the most advanced feature is the ability to hide an entire operating system on the hard drive. TrueCrypt is one of my favorite programs.
PeerGuardian2: IP blocker, open source. Keeps the man out of your home. PeerGuardian is not complicated software from the outside, but can be configured to block over 3 million IP addresses in the world. Many see this software as anti-RIAA/MPAA/MD P2P software, but it's more than that. From their website, "PeerGuardian is an open source IP filter that is designed to block the IP addresses of certain organizations and corporations that may wish to harm a users privacy while using the Internet and peer-to-peer networks." It also blocks harmful HTTP connections.
This software is completely automated, but recommended to make sure it's updating lists 100% at least one every couple of days. People claim this software consumes system resources, but I have never had a problem and it's on almost all of the time. Be warned that this may block internal network connections, which can be bad if you're sharing resources, such as a printer, on your computer. Easily disabled temporarily. Available for Linux as Moblock.
Disable Default Administrative Shares Permanently: This was a big issue with me a long time ago. I noticed I was sharing every one of my partitions on the network as hidden shares, ie., C$, D$. I did not like this at all considering I want to share only what I want others to see on the network. I see this as a big security risk. Applying this tweak will disable the drive shares, but will still allow resource sharing such as printers and other shared folders. Highly recommend fix.
First, go to Start - Run - and type in regedit. Follow this path: HKLM\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters. Typically, you will not have the required values present. Create two DWORD values in the Parameters branch named "AutoShareServer" and "AutoShareWks" with a value of 0 (zero). A reboot is not necessary, simply restart the Server service by going to Start - Run - cmd. Type the follow command: "net stop server". If you are prompted, stop the Computer Browser service as well. Then type in the run box "net start server". To start Computer Browser if it did not do so automatically, "net start browser".
To test this registry tweak in your open command prompt, type in "net share". You should only see IPC$ and a couple of other entries such as printing/fax. Now you have almost full control over what you share on the network. Also note there is another way to stop default network shares in Computer Management under Administrative Tools, it is only temporary and they will share again after a reboot, log off, or Server service restart.
Update Microsoft Office 100%: I see this neglected too often. It is in everyone's best interest to visit the Microsoft Office Update website and patch/update their Office version (all Office versions, including Office XP) for major security fixes. At least the necessary service packs. Most will be surprised on the amount of updates they need after a quick scan.
