Just bought a new notebook with Windows XP Home…do you have a check list of items to setup or download in order to make my connection to the web safe?
This question was answered on May 18, 2006. Much of the information contained herein may have changed since posting.
A common misnomer about new computers is that since they are new they have everything needed to be safely connect to the Internet.
Nothing could be further from the truth! First of all, you don’t really know how long ago the “new” machine that you just bought was actually put together and loaded with software (You can check by right-clicking on the Windows folder in the C: drive and selecting Properties – look for the Created: date.)
Once it’s put in the box, no new updates can be installed If it sits in a box for three months, while it goes from the production facility to the distribution facility, then to the vendor’s warehouse and finally to the showroom floor, it could be missing dozens of crucial updates the first time you connect to the Internet If any of them are critical enough, you could be attacked within minutes by automated programs that constantly scan the Internet looking for machines that can be compromised.
The “bad guys” know all of the current exploits and with over 1 billion potential victims connected to the Internet, finding folks that are not completely up-to-date with security patches is like shooting fish in a barrel.
If you’re a do-it-yourselfer, make sure that you connect to the Internet from behind a “router” which has a firewall to keep the malicious scanning programs from locating you quickly.
Once connected, here is a list of items that we perform (as a minimum) for our customers when we custom build a new computer so they have up-to-the-minute protection:
- Install Critical Windows updates and Service Packs
- Update all security software programs (anti-virus, anti-spyware, firewall, etc.)
- Configure Windows for automatic updates
- Install security updates for all of the Microsoft Office programs (if they are installed)
- Make sure the security settings in Internet Explorer are set to default or higher
- Create a restore point, once the system has been fully updated (which allows us to return your machine to that point, should something go awry in the early stages)
- Optionally install an alternative browser, such as FireFox to bypass the many Internet Explorer exploits
- Educate the user on the most common causes of corruption and exposure so they can reduce the chances of being a victim
Since you are working with a system that came from a national vendor, we highly recommend performing these additional steps:
- Remove all the pre-loaded “free” software that is not relevant to your usage
- Clean up the Registry of the unnecessary factory installed Startup items that reduce system performance
- Update any “trial” (90-day) versions of the security programs (anti-virus, anti-spyware, firewall, etc.) to a full working annual version
- Run a full Scandisk/Defrag of the hard drive (to optimize hard drive performance after all of the software removal and changes)
- Run a full Virus and Spyware scan
By performing all of the above tasks, you can improve your chances of steering clear of common problems and exploits, but it’s all for naught if your behavior (once you connect to the Internet) is not controlled.
Don’t let this safe starting point give you a false sense of security; be extremely careful about what you download, install, open or click on or you can quickly circumvent all the security measures that you put in place!
About the author
Posted by Ken Colburn of Data Doctors on May 18, 2006