I was going to chime in with an explanation of the different kinds of malware but nd5056 had that handled.
Something that is often overlooked when talking about computer security is that things like Firewalls, scanners, and anti-virus are not the first line of defense, the user is.
There is a misconception about computer security and hacking being about advanced code finding it's own way into your system. The vast majority of the time we either allow those things in directly by clicking on links we shouldn't or going to malicious web pages we shouldn't or indirectly but not patching holes that have been fixed. A lot of hacking is not what you see in the movies where geeks sit in rooms flanked with supercomputers writing code in a race with a security professional on the other end. Much more of the attacks are just social engineering. More phishing sites rely on users not checking the URL or security certificate of the site carefully then they do high tech attacks like DNS redirects. These kinds of things do happen, but they are much less common then the social attacks.
Here is some PSA advise on staying safe online. Take it or leave it but it is out there.
Run a good free anti-virus program. I recommend AVG, Avast, or Microsoft security essentials. It is the second line of defense, but it is still better to have the backup.
Even if you only have one computer in the house for the love of sweet little baby Jesus do not connect it directly to the Internet, use a router. I am not going to get into the technical reasons why because no one will care (or few of you will care) and those that do probably already know but trust me, it is worth the $50. If you had a chance to see all the random packet traffic hitting your Internet facing ports it would blow you mind. Many of these are because people don't follow the next piece of advice:
Patch you machine religiously. This means any piece of software that can check for upgrades should. Windows, any Adobe products, your web browser of choice (hopefully Firefox), anything. A lot of the exploits that are still being used have been patched and unpatched machines are the ones spreading the worms or sitting on botnets. That conficker worm that made the news last summer was patched in October 2008. Anyone fully up to date had nothing to worry about.
If you are using Adobe Acrobat Reader switch to FoxIt. If you can't or don't want to go into the settings and disable Java Script. You don't need it and it seems that weekly there are attacks against the PDF readers using this mostly unused feature that is on by default.
Run a full scan with the Microsoft Malicious Software Tool every month after it is updated. To do this click on Start, select Run, and type 'MRT' in the run box. Select a full scan and let it chomp away for a couple of hours. Without getting overly detailed again there are a lot of viruses that get deep in the operating system and not only are they almost impossible to detect but are impossible to remove. This tool is a Microsoft tool that can scan these files and determine if they are legitimate versions or have been replaced (aka root kitted). It is free so take advantage of it.
Along those lines go get the free Spybot S&D and AdAware software and run it. It is free and can find less intrusive adware kind of files and cookies.
If you do get a virus it is a good idea to just wipe the computer and reinstall Windows (of course you should be backing up all your data regularly). You may be able to remove the virus, you may not. In the later case you may never really know. Those root kit viruses I mention above are almost impossible to remove and even if you knew how to open and re-write the infected file it would still take less time just to reinstall and move the data back.
I do some cookie management using Firefox. I block all 3rd party cookies and set the browser to remove all cookies when I close a page. This is more identity and privacy related but I wanted to throw it out there.
Lastly, since almost everyone uses a wireless router I wanted to throw out so good router security practices.
First, change the default SSID and administrator password. I also turn off the ability to manage the router from the WAN (Internet) side of the router.
Turn on at least WPA encryption and WPA2 if you have it. Get a good random key from
this page (every time it loads a new psudo-random string is created) and use it. It is a pain to enter but we usually enter it once and keep it stored so it is a small price to pay.
If your router has uPNP (Universal Plug and Play) turn it the heck off.
I also hide the SSID and turn on MAC filtering. It is an added measure that isn't really necessary if you have done the above but it doesn't hurt either.
And lastly, remember that when you are out at Starbucks or another open WiFi area that doesn't make you enter a key you are sending everything in the open. I can sit there with a wireless modem and some free software and see everything you are doing. User names, passwords, everything. If you go to any sites that require a username and password use the ssl page if necessary (http
s://facebook.com not just
http://facebook.com). Luckily most things like financial institutions will do this automatically but sometime you have to manually type it all out or select a secure or enhanced log on (in gmail or hotmail for example). If you are on a site like the DisBoards that only allow http pages don't use the same password you do for anything else. Worst case someone getting the password can log in and post as you. If it is the same password they could log into your email and you would be very surprised the stuff we can figure out just by looking in your inbox and outbox.
Hopefully this will help someone. That will at least make the pain in my wrists from typing this novel worth it.
!
