Home Computer Security

If you are like the majority of Americans, you have a computer at home that is connected to the Internet. To sell more computers, companies make computers relatively easy to use, often at the expense of computer security. Do you know if your computer is protected from the constant probes of other infected computers and hackers? This article will focus on steps to adequately safeguard against the real threats against your machine.

Am I at Risk at Home? Why?

• Common security problems for home machines may include privacy invasions, destruction of files, spyware, virus and worm infections, and backdoor/trojan horse infections where an unauthorized person remotely has complete control of your computer and may use it to attack other machines or to host illegal software.


• Cable modem and DSL connections are fast and provide a constant flow to the Internet. With this "always on" connection, it is easy for a hacker to identify a weakness on your system and then return to your machine at a later date to take advantage of it. This atmosphere also provides a good breeding ground for viruses and self-replicating worms.


• If you connect to the Internet via a dial-up modem, your risk increases with the duration that you remain connected.

How to Make Your Home Machine as Secure as at Work

• Make sure your computer has good passwords.


• Patch your machine regularly.


• Install an anti-spyware product.


• Use an anti-virus product and update it regularly.


• Use a router-based firewall or install a personal firewall.


• Use a VPN to connect to Penn State resources.


• Know what is running on your system.


• Use caution when making online purchases.


• Use good Internet hygiene.

Make Sure Your Machine Has Good Passwords

• Most operating systems require a login username and password to protect your computer from unauthorized access by virus, worms, and hackers. For details on how to create a logon password for many of the common operating systems see http://sos.its.psu.edu/passwd.html.


• Passwords should not be dictionary words and should consist of 7+ characters of mixed case including numbers, letters, and symbols. Some guidelines for selecting and remembering a strong password can be found at http://www.alw.nih.gov/Security/Docs/passwd.html.

Patch Your Machine Regularly

• Computer software vendors provide regular updates for their products that can protect against known security vulnerabilities. These updates are called patches. The patches protect your machine from operating system or application weaknesses (e.g. Internet Explorer holes). When patching the operating system, use automatic updates where possible (e.g. Windows Update) or download updates manually from vendors. Try to download "critical" patches to removable media such as CD and install them before putting your computer on the Internet for the first time. When you hear of a new major vulnerability or patch, try to install it as soon as possible. You will need to install the patch from an administrator account.


• All Windows OS patches can be manually downloaded and installed from http://v4.windowsupdate.microsoft.com/en/default.asp.


• If you don't want to manually check for patches, you can set up your Microsoft operating system to check for updates automatically. Instructions on how to do so can be found at http://sos.its.psu.edu/autoupdates/.


• On a Macintosh computer, Automatic Software Update is available from System Preferences under the Apple menu, or you can download software updates manually from http://www.apple.com/support/downloads/.

Download Updates for the Software You Have Installed on Your Computer

• Just as the operating system has vulnerabilities, so do the programs you have installed on your computer. For example, if you are running Microsoft Office, there are a number of patches to protect your computer. They can be downloaded at http://www.officeupdate.microsoft.com.

If you are using Eudora as a mail client, updates can be downloaded from http://www.eudora.com.

Protect Your Computer from Malware, Viruses and Worms, Blended Threats, and Spyware

• Malware is software which has malicious intent that is usually installed without the owner's knowledge. Malware may be disguised to look like benevolent software. One example of malware is a software called a keylogger which is hidden on the computer and records every stroke you enter into your keyboard. The keylogger may record a wealth of information: credit card information, passwords, chat room transcripts, private e-mail messages, etc.


• Viruses are computer programs which cause some unexpected event on a computer and automatically spread to other computers via e-mail, open file shares, and applications installed on the computer (e.g. Kazaa, AOL Instant Messenger, etc). Worms are self-replicating viruses that are loaded into computer memory rather than altering files on the machine. A worm's main goal in life is to spread to as many other machines as possible.


• Most computer security problems arise these days from blended threats: attacks that combine the characteristics of malware, viruses, worms and use multiple avenues to attempt to infect as well as attack other computers connected to the Internet. There are many consequences of viruses, worms, and especially blended threats such as the infected machine attacking others (which also generates a lot of unnecessary Internet activity), harm to files on the infected computer or remote machines, and the infected computer having a backdoor implanted on it which allows a hacker to gain full access of your machine remotely!


• Spyware is a type of malware that is installed on a computer without the user's knowledge which monitors user activity and transmits it to another computer. Many spyware programs are set to monitor what web sites you visit and how long you visit them, generally for marketing purposes. Spyware is usually bundled with other software such as shareware or freeware programs (e.g. peer to peer file-sharing programs, games, etc.). The disclosure for the spyware is usually in the fine print of the licensing agreement. Who reads these anyway?!? Another way to get spyware on your machine is by clicking on a deceptive pop-up message.


• Spyware has many consequences as it runs in the background using your computer's system resources and memory to log what you are doing. This could interfere with other programs on your computer, and could even cause your computer to frequently crash or lock up. Spyware also uses your Internet connection to send information about your activities to someone else. This could cause your Internet connection to slow significantly.


• According to Steve Pierce, ITS Willard Building HelpDesk manager, "Spyware, adware, malware, or whatever you wish to call it has become a huge problem for many Windows users over the last year. Many of the machines we see at the Help Desk workbench are heavily infested with these types of programs. Users often believe they have viruses because their machines no longer work correctly, and they don't know what to do."

Scared Yet? Protect Your Privacy!

• Install Adaware and Spybot software to detect and remove spyware, adware, and malware. There are free versions of the software that must be manually run (on a regular basis of course) or versions you must buy but constantly run in the background on your machine and detect any malware that attempts to invade your computer. Each company writes updates to detect new spyware that has been written recently. It is recommended that you check for updates in the anti-spyware program at least weekly to protect your computer from the latest threats. Adaware is free for personal machines but must be purchased for University-owned machines.


• Adaware can be downloaded at http://www.lavasoftusa.com/software/adaware/


• Spybot S&D can be downloaded at http://www.safer-networking.org/index.php?page=download

Install an Anti-virus Product and Keep it Up to Date

• Penn State has purchased a site license for Symantec's Norton Antivirus Corporate Edition. Consulting and Support Services (CSS) provides user support if you have any questions or problems with downloading, installing, or configuring the product. Norton AV Corporate Edition can be downloaded at: https://downloadsym.cac.psu.edu (note: it's 33MB). The PAC-ITS CD-ROM with Norton AV is available at the ITS Helpdesks, campus Helpdesks, and at all ResCom locations.


• Update virus definitions weekly or more often if you hear of a new virus. Virus definition files allow your anti-virus program to be aware of the latest threats. Set virus protection to automatically download virus definition updates if possible by navigating to the file menu and choosing "Schedule Updates" and then choose the frequency of updates. If your machine is not constantly connected to the Internet, you can manually update your virus by clicking on the "Live Update" button after you open Symantec Norton Antivirus. Live updates are usually available once a week. However, Symantec usually creates updates of the newest viruses that can manually be downloaded and installed several times a week. These updates are available at http://securityresponse.symantec.com/avcenter/defs.download.html.


• Perform a full virus scan of your hard drive(s) at least monthly (if not more often).

Install a Personal Firewall

• A personal firewall is a software-based filter between your computer and the outside world that is installed on your computer to protect it from unauthorized access by other external users. Personal firewalls are configurable to specify which incoming and outgoing programs, ports, and IP addresses can be accessed. Recommended personal firewalls that are free for personal use include Zone Alarm and Tiny Personal Firewall:


• ZoneAlarm can be downloaded at: http://www.zonealarm.com


• Tiny Personal Firewall can be downloaded at: http://www.tinysoftware.com

Hardware-based Firewalls

• A firmware or hardware based firewall is a separate device that physically sits between your computer and an Internet connection. This type of firewall is generally more secure than a personal firewall and saves processing time on the computer that the personal firewall would otherwise be using. Router-based firewalls can range in price from relatively inexpensive ($50) to thousands of dollars. This type of firewall device is highly recommended for home use and can protect many types of connections including dialup modem, cable modem, DSL, etc.


• Linksys Cable/DSL Router BEFSR41 at Micro Warehouse ($55) is for Cable/DSL and quite usable for home use (1 to 4 ports): http://www.cdw.com/shop/products/default.aspx?EDC=196823.


• SMC 7004ABR ($80) is for Cable/DSL and also has an RS-232 port (for Internet connection via modem): http://www.smc.com/index cfm?action=products_show_description&productCode=SMC7004ABR.

Use a VPN to Connect to Penn State Resources

• A Virtual Private Network (VPN) is an encrypted tunnel between your computer and a remote machine. There are several benefits to using a VPN, including encryption, authorization, and privacy (e.g. data between your home machine and Penn State cannot be intercepted). The Penn State VPN service enables your remote computer to appear to be a part of the psu.edu domain. It is provided free of charge to anyone with a valid Penn State Access Account. A simple download and configuration of the VPN client software is required in order to use the service. See http://aset.psu.edu/vpn/index.html for further information.

Know What Is on Your System

• You should periodically determine what your running processes are on your computer and if they are valid. You can analyze what processes are on your Windows system by downloading a tool such as TCPView, Fport, Inzider, or Active Ports. They can be downloaded from the links at http://www.personal.psu.edu/lxm30/windows/utils.html.


• These programs will show you the name and location of the processes that are running on your machine. If you are not familiar with the process, you can perform a search of the Internet to determine if it is something that you should be running on your machine.

Prevent Identity Theft When Making Online Purchases

• Look for a padlock at the bottom of web pages, indicating that the site is secured by encrypting data when submitting sensitive information such as credit card numbers or a SSN. Be aware that a secure site means that your data is encrypted during transmission. Keep in mind that it says NOTHING about how secure the data is once it is stored on a remote computer. Thus, purchase from well-known companies only. Don't buy from a company you are not familiar with or from mass e-mail solicitation. Make purchases using a one-time credit card number or a card with a low credit limit. Realize that reputable web sites will never e-mail a request for any personal information such as SSN, password, credit card or bank account number, etc.

Use Good Computer Hygiene-Think Before You Click

• Be careful with e-mail attachments. Call or write back to confirm before opening.


• Be careful about what web sites you visit.


• Be careful when prompted to download software.


• Use good passwords and change them period cally for both machine and web sites you visit.


• Don't create non-password protected file shares.


• Backup your data such as important document frequently.


• Remove Internet access when it is not needed. Either unplug from the Internet or shut down your computer when it is not in use. The less you are connected to the Internet, the less vulnerable you are.


• Only install the applications and services that you really need to use. The fewer programs you have running on your machine, the smaller number of holes you will have for someone to potentially exploit.

Personal Computer Security Checklist

• A step-by-step checklist, written by a computer security expert, for securing your personal computer can be found at http://securityfocus.com/columnists/220.