The typical home user gets their new computer home and has the cable guy come out and hook them up to the internet. They are amazed at how fast their new machine can get stuff from the web. What they don’t know is that the bad guys are looking for them. Automated scripts are constantly searching the internet for new machines to come online, and exploit them. I did an experiment once where I took a new Windows XP machine right out of the box and plugged it directly into the internet. Within 30 seconds the machine was being scanned, and within 2 minutes, the machine had been compromised.

How do you avoid being attacked? There are several things you can do to help protect your home machine from the bad guys.

First, do not immediately plug the machine into the internet. Turn it on first and allow the machine to go through its initial setup routines (if there are any). Once it completed ensure that the firewall is turned on (For windows users check under Control Panel, Security Center). Setup the policy to automatically install updates. I recommend that you have all Microsoft updates automatically downloaded and installed periodically. Install anti-virus software if your computer didn’t come with some already installed. Create a standard user account and use that for normal operation of the computer. You do not need to be an administrator of your local machine most of the time, and this one step alone will stop most virus and malware attacks against your computer from succeeding.

Second, do not plug directly into the internet. If your internet connection is just a cable modem, consider purchasing a small firewall or router. Linksys is a popular home brand that does a good job and can offer features like wireless to your home network. Make sure you follow the instructions on setting up your new firewall or router including changing the administrator password on the device. The router/firewall will prevent machines on the internet from directly initiating connections into your home machine. Almost everything you want to do on your computer will work fine with this restriction in place. If you are technical enough to be hosting your own services on the internet, you should already know how to modify the firewall/router rules to allow traffic to come in.

Finally, plug your computer into the internet and update, update, update! Run windows update and keep running it until there are no more updates. It might take several reboots and re-runs to get all the updates installed. Also make sure that you update the pattern file on your antivirus software.

Ongoing tasks. Your machine should now be relatively safe from the majority of the bad guys on the internet; however, that does not mean that it always will be. There are a few things that you need to stay on top of to keep your machine safe.

1. Log in using the user account that you created, not the administrator account. You should only need to use the administrator account to install new software and a few other tasks.

2. Keep your machine up to date. If you chose not to allow automatic installation of updates from Microsoft, you need to periodically make sure that your machine has all the updates applied.

3. Keep your anti-virus up to date.

4. Know what people are doing on your computer. Peer-to-peer programs such as Limewire are notorious for being infected. They are also very popular amongst kids for file sharing. Games, and game patches are also a popular vector that bad guys like for infecting your machine. They know that kids are less likely to be concerned with where a file comes from than their parents are, so that is the path they choose.