- Apply all maintenance via the Windows Update facility, including all optional maintenance. The trick here is to run it, run it again, run it again, etc. until Windows Update is totally out of new patches. If you’re rebuilding a PC from a few years ago, this can take hours. Do it anyway. The bad guys really like taking advantage of PCs that are not patched. And make sure you have Windows Update automatically check every day and apply anything it finds. Yeah, it’s a pain to wake up in the morning and wait 5-10 minutes as you login. Do it anyway. And make sure to check Windows Update manually from time-to-time, and apply anything it finds.
- Use a hardware firewall and never plug your PC into the box provided by your Internet Service Provider (ISP). Never count on the firewall running on your PC. Spend the $50. This will keep out those hackers that live anywhere in the world. You probably want the wireless access anyway, and these devices typically have a built-in firewall. I use a Linksys WRT54G, although several other models from D-Link and others work fine. If you have wireless access, use WPA2 if possible and follow the manufacturer’s instructions carefully. This is will keep out those hackers that live in your neighborhood.
- The most effective method of protecting your home PC is to create a new account as a “Limited Account”. You can use Control Panel ... User Accounts to create the new account with limited privileges, leaving the account that came with the machine as the administrator. This, more than anything else you can do, will prevent viruses, spyware and adware from infecting your computer. The downside is that most software installs will have to be performed from the administrative account. This inconvenience is well worth it.
- Load the free AVG anti-virus/anti-spyware software. This is licensed for non-commercial use only, one of the few software products I’ll recommend that can’t be used for business. It takes a bit to get through the various up-sell options presented, but starting at http://free.grisoft.com help a bit. AVG will automatically keep its virus signatures up-to-date, but watch for the occasional new version.
- Use the OpenDNS service and configure it to block categories of web sites that you do not want your household accessing. I would suggest starting with "Moderate" level, but you can select just the categories you want to block. If you have the typical home ISP service, your IP address can change from time to time. Use their Dynamic IP support (see www.opendns.com for details) to insure your OpenDNS selections stay in effect when your IP address changes. This is somewhat technical and you might need your family’s Tech Support Person (there’s always a lucky one in the bunch).
Friday, October 23, 2009
My Home PCs – Part 1 – The Basics
A number of years ago I was messing around with partitioning my hard drive and managed to completely destroy my home PC. As I was trying to remember all the software I needed to install again, I decided to take the opportunity to document them all, figuring I would do something else stupid again in the future. That started the list, I shared it with a few folks, added some of their suggestions and it grew into a nice reference. I’ve also added some good tips and techniques to protect a PC from the bad guys. Several folks, after rebuilding their kid’s PCs every few months, adopted these suggestions and all the feedback I get indicates it’s pretty solid. I decided it might be of interest to others, and hence I begin this multi-part blog, broken down into collections of related components. Part 1 starts with the basics, those things I recommend be done before you wonder off to email-land or surfing the web.
Posted by Paul Moorman at 1:28 PM
Subscribe to: Post Comments (Atom)
Post a Comment