1. Make sure you can backup and restore the entire system
a. http://support.microsoft.com/kb/309340
b. Before making any system changes, it is wise to backup your system
2. Check system for current Malware
a. Download and install the free version of MalwareBytes
i. http://www.malwarebytes.org/
b. Update and run.
3. Correctly configure your wireless router
a. Determine what services your router is exposing by testing the firewall through GRC:
i. https://www.grc.com/x/ne.dll?bh0bkyd2
ii. Test common ports
b. Most routers will have a Web interface that will allow you to configure them.
i. Determine your default gateway address
ii. Open a cmd.exe prompt and type IPCONFIG.
iii. Type your default gateway address into your web browser: (For instance http://192.168.0.1 )
iv. Enter user name and password. (Defaults found on Internet, search "Default password" with your model) (Caution if using DSL and you reset the router, it may mean a call to your ISP to get/reset your username password for the DSL connection).
c. Implement WPA2-Personal (AES encryption). This will require a password you will use both on the router and computers connecting to it, make it strong.
d. Disable remote (from the Internet) management.
e. Disable IDENT (and other services) identified in step 1a. to prevent remote systems from determining your router model number. (Retest if you reset your Router)
f. Use a safe DNS system
i. Create a free account at OPENDNS - > https://dashboard.opendns.com
ii. Download the agent if you do not have a fixed IP.
iii. Block categories you do not want visited
iv. Block these sites:
1. adbrite.com
2. admeld.com
3. advertising.com
4. doubleclick.net
5. fastclick.net
6. interclick.com
7. invitemedia.com
8. quantserve.com
9. questionmarket.com
v. Configure your ROUTER to use these settings by changing the DNS to 208.67.222.222 and 208.67.220.220 (OPENDNS Servers)
g. Change the administrator password of the router to 8 characters minimum – store in password safe (see tip below).
4. Update all of your programs, and keep them updated
a. Not doing this step is the #1 reason systems become infected.
i. Download and install the Secunia Personal Software Inspector (PSI)
1. http://secunia.com/vulnerability_scanning/personal/
ii. Continue updating all programs until you are at 100%
5. Use a password safe
a. Download, install and use:
i. http://keepass.info/
b. Have long passwords for all of your sites/services.
c. Create strong passwords for all administrator accounts on your computer
d. Configure the safe and learn to use the shortcut keys. By not typing the passwords, keyboard capture programs are defeated as well as shoulder surfers.
6 Get an AntiVirus program
a. Microsoft’s Security essentials won’t bug you for a credit card every three months.
i. http://windows.microsoft.com/en-US/windows/products/security-essentials
7. Prevent your children from getting to bad websites
a. Download and install Microsoft Family Safety:
i. http://explore.live.com/windows-live-family-safety
8. Create a computer guest account for casual users (and kids) with limited capabilities
a. http://library.techguy.org/wiki/Windows_Non-Administrator_User_Account
9. Configure your Internet Browser for safety
a. http://www.cert.org/tech_tips/securing_browser/
b. Remove “search helpers” and other Browser Helper Objects (BHO’s)
i. http://en.wikipedia.org/wiki/Browser_Helper_Object
ii. Don’t buy anything to help remove BHO’s
10. Disable Flash cookies
a. http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html
11. If you or a member of your family are Facebook fans, download and install Websense Defenso
a. http://www.websense.com/content/facebook.aspx?cmpid=pr
12. Test system processor security features (GRC SecurAble)
a. Download and Run
i. http://www.grc.com/securable.htm
b. Follow advice
If you have followed these instructions, congratulations, your computer is more secure than 98% of the computer population!
Subscribe