Secure Computers a how to.

[Crabber85]

I'm writing this now because I'm in the middle of repairing the old family laptop which is now mine yay and so I thought I would take the time to go over some rules of thumb to keep your computer and data safe.This information is provided on an as is basis, I am not a licensed computer technician so all the information contained herein is based on my personal experiences and extensive research over the years, if you should decide to do anything that may be suggested in this post you do so at your own risk as each computer is unique based upon the users habits and needs.The first thing to ensure a secure computer is to keep in top of system updates take them regularly, Windows based PC's are typically configured to look for and apply system updates as they are made available this is the best option so don't turn off automatic updates they are literally a system saver as they contain security patches to fix vulnerabilities in the Operating System or OS as well as vulnerabilities within certain key programs that are often integrated into the OS.A lot of users will opt out of automatic updates because they don't want to deal with the hassle and they certainly don't want to deal with doing the updates manually and I've done plenty this way and its long and tedious work, this leaves the system unpatched and completely open to attack and is a huge no no.The second thing to do is get a good Anti-Virus program and pair it with a good Anti-Malware like Malwarebytes Anti-Malware this will ensure that any infection if caught in time should be easily removable.The third thing to do is get a good fire wall this will help to prevent the harmful stuff like viruses, trojans, worms, bloat ware, scare ware and spy ware from actually getting onto your machine in the first place.A couple of really good firewalls are Commodo Dragon and Emsisofts Online Armor, Online Armor has a really great feature called HIPS which lets it identify and block day one threats that are not known yet just based on the way they behave.The forth thing to do is keep your browser and all plug-ins and extensions up to date and for heavens sake practice safe browsing habits, don't click on unfamiliar links, don't open emails from people you don't know and stay away from free-ware sites like U-torrent and Bit-torrent because sites like these are crawling with nasty little bugs that have been bundled into the downloads your trying to take which will end up with your computer being infected with some nasty little pieces of software.The final thing to do is download a good anti-spyware program like Spyware-blaster this program actually actively blocks your browser from going to certain sites, prevents the execution of certain Active-X controls that malware and viruses like to use to hijack your web browser and then your computer and even blocks certain kinds of scripts from running this helps to protect your browser and your computer.I'm also running an anti-exploit kit made by Malwarebytes that prevents all the core components of the OS and all the programs I use from being tampered with or hijacked by malicious programs, it even locks down the Java program to prevent any possible malicious manipulation of the program and Java is one of the worst offenders for attacking itself.Anybody who knows how to write Java applets or code can write up a little malicious code and insert it into your Java manage because Java is setup to run anything written in Java it will automatically run these applets which are nothing more than executable files ending with the tag .exe because this is a serious flaw with the Java manager and lots of bad people know that love to sit there and write these harmful .exe files and then send them out into the wild(internet) where they get picked up by unsuspecting folks like you and I and the thing is you don't even have to accept the file when Java detects it if your running your Java on the normal setting which just about everybody is Java will auto run it without hesitation infecting itself and your PC.This is why I keep Java turned off unless I absolutely have to have it because it is such a huge security risk and I know how to properly configure it to keep it from auto running any .exe it sees but thats still no guarantee so I keep it locked down with the anti-exploit kit.Most folks don't even realize that they have been infected until its too late and then they have to call local computer repair guy and take the infected machine in and have it cleaned which often results in the loss of data and the need to reformat the hard drive and re-install the OS which means everything you had on that computer is now gone.If you practice safe browsing habits and have the kinds of programs I mentioned your upping your computers security from zero to well over seventy percent and no unfortunately no matter how many security programs you use or how safe you think you may be there is no such thing as 100% secure but being proactive about it lessens the risks and keeps your computer around a little longer.

[Crabber85]

Part-2. Home Wireless Networks or WIFI and how to keep snoopers out.Most folks don't know much about their own wifi because they had an ISP technician come out and set the whole thing up after all it was free and if you had a good technician then he or she should have set up your wifi on a WPA or WPA-2 encryption, this method of signal encryption actually hides the data your sending back and forth on the wireless network effectively making it invisible to anybody next door or riding up the street and this method of encryption does not relay your network password over the air like the WEP encryption method does so if anybody is actively sniffing or snooping on your network hoping to catch it bad news for them they wont and this makes your home network very secure from those neighbors who would like to piggyback on your wifi.If you set your own modem/wifi up and your using the WEP encryption method then your going to need to change it because the federal government has said that if someone else from outside your home gains access to your network by sniffing the password(this happens when somebody is near enough to your home normally within 500 feet that they can see your network name or i.d. and they use a program on their computer like Viper that lets them sniff your network and detect all the data on it if its using the WEP encryption method they will be able to see what your looking at, your network password and all the devices that are currently on the network)and then uses your internet service to look at illegal things then you the subscriber are held legally responsible for the viewed content because you did not have your wifi protected, using the WEP encryption method is viewed as not having any encryption on your network traffic at all.I use WAP-2 type encryption and as a consequence the password we use to connect to the home network is not passed over the air from the modem/wifi to any of the devices nearby and all data on the network is completely invisible from the outside the only way anybody could use our internet is if they actually knew the password they can't sniff it out which means my home wifi is as secure as it can get.Some but not all router/modems will have a hardware firewall built in if your worried about port attacks like DOS or Denial of Service you can turn the modem firewall on to help prevent or block these attacks but if you use the firewall you will lose some home network functionality like wireless printers unable to connect or even being able to get online if you set the firewall permissions to a level that is too strict so be careful and consult the operating manual for your particular brand of modem/router and make sure to write down all the settings and any login credentials such as user name and password before you change anything.Most newer windows based PC's from 08'and up can use the WPA/WPA-2 encryption method and you can set your computer to use it by going down to your wireless icon click on it and go to network and sharing you'll see a map of your network near the top click the wireless icon shown there and then go to properties then select security type and select WPA-2 your modem/wifi needs to already be configured to broadcast the wifi on this type of encryption so just enter in your network password and then let the computer connect or re-connect to the network but you have to have the wifi configured to use the same encryption method first then configure your computer to the same and you should be able to reconnect to the network fairly quickly.Tip: Its best to have at least one computer connected to your internet access point ie modem/wifi via an ethernet cable as this will allow you to quickly and easily get back online and logged back into your modem's web page so that you can undo any changes, if you change something while connected via wifi you'll be disconnected from the internet and wont have access to modems web page to revert the changes you've made or make more changes.Some tablets, laptops and desktops have an auto setup wizard that will detect your home network for you and configure your device to use the encryption method that the network is using this normally happens by default during the initial setup process of your device.Another useful change you can make to strengthen your network security is to change your gateway ie modem/router's default DNS addresses to the DNS addresses at Open DNS they are 208.67.222.222/208.67.220.220, if your using these DNS addresses on your modem/router the Open DNS service will block and attempts that any viruses or malware you may contract from being able to reconfigure your default DNS addresses to ones they are configured to use so that they can issue a call back to their parent DNS addresses which under normal circumstances allows them to hijack your web browsers and download more viruses/malware, the Open DNS service actually stops this from happening by denying the infections the ability to set up a call back loop to their own DNS numbers this makes your home network and browsers just a bit more secure.Open DNS will also block you from accessing phishing sites, exploit droppers and malware host sties be default which adds a little extra layer to your security setup.The Open DNS addresses that I have supplied will also help to speed up your browsing connections because they are fare more stable than the default DNS addresses that your ISP or internet service provider loads onto your modem/router by default.