Home User Security Guide
by Randy Nash - @RISK Online - Monday, 31 January 2005.
I know many of you have received some nice to tech toys for Christmas recently, so its time to talk about making them secure and keeping them that way.

I know many of you have new computers in your homes, but how many of you realize that this computer is already vulnerable? How can this be? How can a brand new computer be vulnerable? There are many reasons for this:
  • Most computers have insecure default configurations.
  • Your software is probably already outdated. New vulnerabilities have likely been discovered between the time the computer was built and configured by the manufacturer and the day you power on your new system.
  • Numerous viruses and worms are already circulating on the Internet capable of taking advantage of the latest vulnerabilities.
  • Hackers know where you are! They regularly scan the common broadband and dial-up IP address ranges.
As a result, if you immediately connect your new computer to the Internet, it could be compromised before you've even had a chance to set up your email account.

Before You Connect

Let's talk about what you should do before you connect this new system to the Internet.


You should not connect your computer directly to the Internet. You should, instead, use a network firewall or firewall router. A network firewall or firewall router is a hardware device that users can install between the computers on their Local Area Network (LAN) and their broadband device (cable/DSL modem). By blocking inbound access to the computers on the LAN from the Internet at large (yet still allowing the LAN computers' outbound access), a hardware-based firewall can often provide sufficient protection for a user to complete the downloading and installation of necessary software patches. A hardware-based firewall provides a high degree of protection for new computers being brought online.

If you're running Windows XP (and if this is a new system, you probably are) you enable the Internet Connection Firewall (ICF). Microsoft has provided instructions for enabling the built-in Internet Connection Firewall on Windows XP.

If your operating system does not include a built-in software firewall, you may wish to install a third-party firewall application. Many such applications are available at relatively little (or sometimes no) cost. However, given that the issue we're trying to address is the relatively short lifespan of an unprotected computer on the open Internet, we recommend that any third-party firewall application be installed from media (CD-ROM if possible) before connecting to a network rather than downloaded directly to the unprotected computer. Otherwise, it may be possible for the computer to be exploited before the download and installation of such software is complete. If possible, download the software to a protected computer and burn it to CD. If you do not have this capability yourself, then you need to limit your exposure as much as possible. Connect the system to the Internet, go to one of the following website and download the desired firewall product, then disconnect immediately. My two personal favorites are:ZoneAlarm from ZoneLabs and Personal Firewall from Kerio.

ZoneAlarm is a nice and easy firewall that anyone can use without a technical background. If you're a bit more technical, or would like to learn more about firewalls in general, Kerio's product has a bit more granularity. There is a comprehensive listing of firewall software available here and here.

Disable nonessential services, such as file and print sharing


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th