Repost of my March 2004 article “5 Steps To Internet Security” after the issue was brought up in another forum. This initially started due to the large numbers of people who have called around the clock deeply concerned about every new virus they read about or every new hacker exploit. Having worked with computers for over 30 years and been online 24 hours a day 7 days a week for the last 15 years, let me assure you that if you follow 5 basic rules you will be immune to just about everything the world will throw at you. 1. Windows update: All modern Windows systems (Windows 98 and beyond) include an automatic update utility. TURN IT ON! Every single hacker exploit in the last 6 years has come about AFTER Microsoft has released a new security patch. The only people affected have been those that refuse to keep their systems current! Microsoft will never send you an e-mail announcing updates! If you get such an e-mail, IGNORE and DELETE it! Additionally Microsoft Office has an update feature. If you are using Office, UPDATE that also. 2. AntiVirus Software: ANY COMPUTER USER THAT THINKS HE CAN SURVIVE WITHOUT ANTIVIRUS PROTECTION, IS AN IDIOT! I used to be a big fan of Norton, today a user is required to use the latest version which is a resource hog beyond comparison. Today I use AVG FREE Antivirus and have had absolutely no problems! 3. E-Mail attachments: Several years ago there was what became known as the "Anna Kournikova" virus, supposedly this was a picture of her but in fact the file name was annakournikovajpg.scr. I was amazed at the numbers of people that actually thought it was a picture and opened it. Additionally if you are using a respectable AntiVirus software product, it is scanning all your incoming and outgoing mail, and all of your downloads. Be advised there are 6 kinds of attachments you should NEVER open. All files come with a 3 or 4 letter suffix after the last dot, such as "diablo.txt" NEVER open anything with the following suffixes: .exe .com .pif .scr (most people think of this as a screen saver, but usually contains malicious code) .bat .cmd Additionally beware of the common .zip file. While the vast majority of ZIP files are legitimate and perfectly harmless, they can contain a virus in a compressed and thusly hidden format. It is strongly advised that you never open a ZIP file from someone you don't know and even then use extreme caution. With the above you will be secure from nearly everything the world can throw in your direction. Still not feeling quite secure? There are 2 additional steps that I personally use: 4. Port Stealth(firewall): Every computer on the internet has an IP address, including yours. That's how other computers communicate with yours. Install a Router, these can be purchased for between 30 and 90 dollars, the more expensive ones are not necessary unless you are running a LARGE network. In essence a router makes your computer ports "invisible" to the rest of the internet (hackers can't find you). 5. SpyWare: Your machine not quite as fast as you remember it being last year? A lot of pesky pop-ups annoying you? There is a class of software out there known as SpyWare, its only purpose is to watch what you do and tell someone else about it. Nah, you are so careful, you couldn't possibly have any of that stuff on your computer! WANNA BET! Ever use KaZaa? (I hope not, included with KaZaa is a program called Gator, (now called Claria, after several lawsuits hit them) one of the worst SpyWare programs ever developed)! The last man that told me how clean his machine was, actually had 196 hidden files that he had no idea was there, and his machine was only 3 months old. Here I stray from my beliefs in one small aspect, there are two free products that will cure your SpyWare problems. The first is called "SpyBot Search & Destroy" Get it here: http://www.safer-networking.org/ind... After downloading and installing it, get the tool and detection updates (don't forget to use the immunize feature after each update). Now run the program, you will be amazed at the junk hidden in your machine. The second is "AdAware". Get it here: http://download.com.com/3000-2144-1... After downloading and installing, use the "get updates" feature and run it, delete everything it finds. _________________________ Embrace paranoia, they ARE out to get you!

I don't get it. In the first 5 hours following your original posting of the same thread, 13 people responded. This year, I am the only one so far. Does this mean we are now better educated than we were back then, or does this mean that we are becoming too complacent to care any more? i_Xp/VistaUser

In my opinon, it must be the latter. Just last week I responded to someone that admitted having NO AV because he had a SpyWare search program, and just this week someone is asking "Do Spycatchers get Virus as well?" This was basicly what you and I went through last year, over the HiJack This logs. I feel as though no one wants to learn anymore, it's just "FIX MY MACHINE". In my mind we are here to teach you how to fix your own. If they don't want to learn, perhaps they should just hand a tech $200.00 per hour to fix it for them. Sorry XP, maybe I need to get off the soap box. _________________________ Embrace paranoia, they ARE out to get you!

Heya all, Martin your post makes for some good reading, and I agree with 99% of what you say initially. It seems opinions are being offered up freely here, so I've posted here to offer up my own. The grass roots of PC care that you outline is impressive and I agree with the aspect that prevention is better than cure. That being said, I feel some of your advice is a little bit outdated. I no longer make reference to Spyware and Adware when helping posters. The clear definition of these types of software has become very blurred. Modern-day "Spyware" or "Adware" now piggyback various forms of viruses and trojans. The modern day Spyware and Adware removal applications now carry signature files to eliminate the known variations of malware that are either installed ad-hoc or introduced through the vulnerabilities they create. For example one particular piece of software designed to remove the spyware Smitfraud variants also scans for root-kits associated. It's a shame that you feel the people that need help here in malware removal make demands rather than requests. The majority here need the help provided by step by step instructions, rather than directing to links that advise registry editing without explaining preventative measures to back-up the registry before-hand and the implications of making errors whilst walking through that minefield. It's kind of careless don't you think? Would you teach a teenager to drive by handing them a learn to drive handbook? I rarely see posters return to the forum requesting help because of another malware infection. If they are provided the help and win the fight the first time around, surely their first port of call would be where they had the win. Because of this I would guess they actually did learn something and now know how to care for and maintain their pc. I can't profess to know what this site is all about, but to me the thanks and praise you get from helping someone out there is worth far more than $200 in the back pocket!

Cripes, does this mean my Drop My Rights for XP post is well overdue for revival? some other bloke...

btk1w1 The incident I was refering to which included XPUSER and I was a former "helper" relying solely on HIJACK logs to diagnose problems. The point was that 99% of the problems described would have been avoided if people used the basic 5 points for security. Unfortunately way too many people have NO IDEA what a critical update is, and way too many believe the "Windoze Malicious Software Tool" is their idea of AntiVirus. _________________________ Embrace paranoia, they ARE out to get you!