I wanted to kick of this first edition of the "blog"
with some things that I hope you will find interesting as well as
helping you feel a little more at ease about using your computer and
connecting to cyber-space. Every now and then I email you to
tell you about the latest dangers, threats and need to patch your
computers. This month I wanted to share some optimistic views
about computer security for the home users.
Microsoft Is Not The
Problem:
Of all the people who regularly bash Microsoft for
giving us an operating system with so many holes, I am probably one
of the worst offenders. However, I recently had the
opportunity to hear a talk by
"Hacking
Exposed" author Stuart McClure. He made a
very interesting point - Microsoft is not the problem. There
is so much talk about using the Linux operating system and
alternative web browsers such as Mozilla FireFox. The point he
made is that those systems have just as many - actually, more -
security holes than the Microsoft products. I didn't have to
go very far to see that what he was saying was in fact true.
In my daily activities as administrator for our patch management
system, I see the new patches and updates jump onto my patch system server daily.
The number of patches and updates I get from Microsoft amount
to anywhere from zero to as many as twelve new updates per month.
For the Linux operating system alone, I get several new critical
updates a week sometimes. While you still have to be vigilant, folks,
you can rest a little easier knowing that as long as you keep your
critical patches up to date, you
should be fairly safe in using and relying on your Microsoft
products.
Using a Personal Firewall:
There are some interesting things about the
Windows Firewall strengths that you should know about.
This is the firewall that you get for free just by
installing Windows XP Service Pack 2, which by now all of
you should have. Well - in recent testing with some
pretty robust vulnerability scanners it was discovered that the SP2 Windows Firewall is one tough
cookie - the vulnerability scanners couldn't get through it in its
default configuration. What that should indicate
to you is that this also means that many threats out there on the
Internet can't get through it either.
Installing a more robust firewall like Zone
Alarm, McAfee, Symantec, and various others will provide you
with even stronger protection.
Zone Alarm is free to all. The McAfee firewall is free
if you are a
Comcast
customer. Whether you want to stick with the Windows
Firewall or go with another third party product, at least
install something, and make sure it is turned on. Then
- make sure and pay attention to any warnings you get.
At first, having a firewall presents a bit of a learning
curve - for both you and the software. You have to get
used to the warnings. As you allow or disallow certain
events, your firewall will usually "learn" and remember the
correct answer and you won't see as many alerts as time goes
by. But, as we geeks in the biz often say - "Don't get
into "Spouse Mode" when you see these alerts. In other
words, don't get in the habit of just saying yes, yes, yes,
yes.... to everything that pops up. Read the alert and
decide. If you don't know how to answer, just say
"No." If a legitimate and needed function is missing,
then the next time that alert appears, you can say yes.
Most firewalls allow you to go in and change the persistent
answers that you set later as well.
If you want to test the robustness of your
firewall, visit
Steve Gibson's
site and do a "Shields Up" test. You can run tests
from that site to test for open ports or other security
holes in your system.
Back to the Computer
Page
