Windows Security Checklist

by Larry Stevenson, aka Prince_Serendip, CastleCops Staff Writer
November 28, 2004

Part 1: Firewalls and Antivirus Applications

No one application nor technique can protect you at 100%, but you can get pretty close to that. When these guidlines are followed by Windows users, it can bring their chances of being infected by malwares almost to zero.

It is not as complicated as it may first appear, although there is a lot of information to absorb. The Security Experts, 1st Responders and Consultants at CastleCops can help you if you have questions about any of these techniques and applications. The applications featured here are compatible with all Windows platforms, unless otherwise noted.

Firewalls

Your computer has about 65, 000 ports that can share information with the Internet or another computer. A good two-way firewall will monitor all outgoing and incoming traffic. It can alert you to anything out-of-the-ordinary, according to the rules or procedures you decide. It can even close all of your ports at need. Put it at the highest level of security possible for your internet zone. Set all programs to alert you for access. You may also set programs you trust, and use frequently, to automatic. If you are not sure about a program wanting access to or from your computer, you can deny it. Firewalls are an absolute must to prevent trojans and hacking attempts.

Excellent articles on firewalls: Personal Internet Firewalls that really work! by Steve Gibson, Gibson Research Corporation.

Firewalls and ZoneAlarm Guide and Tips by Markus Jannson.

Internet and Firewall Security Info from HowStuffWorks.

Firewalls You Can Use

ZoneAlarm is newbie friendly. The Pro and Plus versions are paywares but it has a stripped-down, freeware version which provides optimum protection for most non-commercial purposes. For help with ZoneAlarm, you are welcome to come to CastleCops ZoneAlarm Forum.

Norton Internet Security includes Norton AntiVirus, Personal Firewall, Privacy Control, AntiSpam , and Parental Control. Provides excellent protection. (Windows 98/se users should be aware that it has a large impact on the system resources.) For help with NIS (or other Norton/Symantec applications) you are welcome to visit the CastleCops General Symantec Forum.

x-wall by Sphinx Software is a firewall which integrates your protections under one umbrella. You need to provide your own antivirus. It is compatible with Sophos Antivirus and Eset Nod32. For help and futher information please visit the CastleCops x-wall Forum.

More firewalls are available on the CastleCops Firewall Downloads page.

Antivirus and Anti-Trojan Applications

Installing an anti-virus and/or an anti-trojan program on your system is the next most essential security measure that you need. When a virus (or trojan) is detected, the program will move the infected file to a quarantine area for disinfection or removal. This prevents the malware file from making contact with any other program. As long as you keep the virus data files up-to-date (check every day), configuration is often simple and detection is reliable . Apply all updates and program patches as they are released. Most applications have these tasks automated and you can schedule them yourself.

Enabling the Heuristics feature is important but be aware that this can detect more false positives. This detects possible viruses. Most antivirus companies do provide file analysis should you be unsure if a file is infected or not. Set it to scan all email attachments and downloads before they are opened. If there are settings for scans of ActiveX controls and Java for harmful content, use them. It is important to allow the program to create "clean boot" or "Rescue" disks, as you never know when you might need them for an infected system.

The essential difference between viruses and trojans is viruses propogate themselves while trojans must be downloaded by clicking a link or by opening an email and /or attachment. Remember, no antivirus nor anti-trojan application is ever 100% accurate. There may be times when your application will not remove a particular threat. If this happens, please come to CastleCops and we will help you.

Antivirus and Anti-Trojan Applications You Can Use

Norton Antivirus 2005 is a most-trusted antivirus solution. It removes viruses, worms, and some trojans automatically, without interrupting your work. Norton AntiVirus can also detect many spywares, adwares and other non-virus threats. For help and guidance with this product please go to CastleCops Norton Antivirus Forum .

AVG Antivirus by Grisoft. After 5 years and some 20 million free downloads it has released a completely updated and improved AVG Free version of its industry leading AVG Anti-Virus software. It detects viruses and some trojans. AVG is fairly simple to use and it is easy on your system resources. For extra help please visit the CastleCops AVG Topics Forum.

AVPE: AntiVir Personal Edition by H+BEDV Datentechnik, GMBH is free for non-commercial use, offering effective protection against computer viruses, dialers and trojans on individual or private workstations. Note that AVPE does not work on servers, including Windows 2000/2003 Server. AntiVir Pro is also available at http://www.hbedv.com/en/ For further assistance please visit the CastleCops AVPE Forum.

TrojanHunter by Mischel Internet Security, is one of the very best applications for detection and removal of trojans, spywares and adwares. TrojanHunter is the most powerful trojan scanner on the market. With an intuitive user interface and a scanner capable of thoroughly examining your files, system registry, open ports and running processes it gives you all-round protection against trojans. TrojanHunter has a 30-day trial version for your evaluation. The cost of this program is minimal. For extra help and questions, please visit the CastleCops TrojanHunter Forum.

More antivirus applications are available from CastleCops Antivirus Tools Downloads page.

TrojanHunter and other anti-trojan applications can be downloaded from CastleCops Anti-Trojan Tools Downloads page.

Many of the products mentioned here are available for purchase through theCastleCops Software page.

Best regards and always take care of your security!