As Windows users, we sometimes get a hard time from users of other operating systems about security. It’s not really fair, especially since Microsoft has made many improvements in this area for Windows Vista. That’s not to say that Vista is perfect — there’s still no built-in anti-virus and one or two other areas need to be tightened up with third-party software but now you get plenty of protection from the moment Vista is installed. The key to a strong defence is knowing how to get the most from Vista’s built-in tools, and knowing when to start looking farther afield for replacement and/or substitute security utilities from other sources. With that in mind, here are a few cunning ways to ramp up your PC’s protection.
Keeping up to date with the latest security fixes is an essential part of staying safe. Vista includes a tool called Windows Update for this purpose and it should be set to look for updates automatically. It also can check for updates for other Microsoft software. Leftclick on the Start button and then on Control Panel. Click on ‘Check for updates’ in the Security section in the left-hand column. While there, click on the ‘Check for updates’ link and follow the instructions to download any available updates. Then click on the Change Settings link and make sure the top option is selected to install updates automatically. Select the bottomoption ‘Use Microsoft Update’ to include other Microsoft software when looking for updates. Click on OK. You may need to click on Continue or enter your password for User Account Control (UAC).
Checking for updates to Microsoft software is automatic, but what about software from non-Microsoft sources, such as Nero, Adobe or Roxio? Some applications have built-in update-checking tools but others don’t. There’s a useful utility called Secunia PSI that scans the software installed on the computer and compares it with a list of recent versions. This can be found on our cover disc or downloaded from https://psi.secunia.com. Once installed, this will scan the computer for software that needs updating or is no longer supported. It does not download any updates itself although it does include links to update pages on the internet for some software. It remains in the Notification Area and will periodically display reminders when software needs updating.
Though the Windows Firewall often gets a bad press, there are important things in its favour. First, it is active as soon as Windows starts and it will block all inbound internet communication until Windows Update has done its checks. As many attacks are initiated from these inbound connections it can be a good idea to block them entirely if the network cannot be trusted. To do this, click on the Start button and then on Control Panel. Click on Security > Windows Firewall > Change settings, then click on Continue when prompted by UAC. Ensure that the Firewall is turned on and select the option ‘Block all incoming connections’. Also, always try to make sure that you are using the computer as an ‘ordinary’ user, ie. not an Administrator. This helps to stop malware in its tracks and reduces the risk of anyone changing important settings.
If you want to limit what a user can do, the guest account is a quick solution. Click on User Accounts and Family Safety in Control Panel, then User Accounts, and finally ‘Manage another account’. Click on Continue when the UAC window appears. Click on the icon for the guest account and then on the ‘Turn On’ button. The Guest account will now appear when people log on. However, the guest account is actually something of a security liability if it is left on, so we recommend disabling it when not in use. Click on the account icon again and select ‘Turn off the guest account’.
Your network might be secure, but what about a friend’s Wifi or a public hotspot? When you first connect to a network Vista will ask whether or not the network is public or private. ‘Public’ should be selected if there is any doubt about security. To check or change what a network is set as, go to the Start button and select Control Panel. Click on ‘View network status and tasks’ in the Network and Internet section. A small map of the network is shown. Click on the Customize link underneath the internet icon. Select Public and click on Next. Enter your password, if required, and click Continue in the UAC window. Click on Close.
A good way to stop attacks from bad websites is not to allow any contact with them. This can be done with a replacement DNS service such as that provided by ScrubIT (www.scrubit.com). DNS is the way the computer finds a website from the address in the address bar. ScrubIT refuses to pass on the details of sites known to be a problem. Click on ‘View network status and tasks’ in Control Panel and then on ‘Manage network connections’. Right-click on the network connection you are using and select Properties. Double-click on ‘Internet Protocol Version 4 (TCP/IPv4)’. Click on ‘Use the following DNS sever addresses’ and enter 220.127.116.11 and 18.104.22.168 then click on OK twice.