Having heard this query countless number of times from my friends and colleagues, usually these queries pops up only whenever their systems gets infected or when they detects some unusual activity in the system. I thought of documenting the process which usually I follow to keep my system secure. I would also like to mention two principles before moving on to the solution part.
Principle 1: Truth to be told on fundamental aspect of every security system developed by the human race is that, there no such thing as 100% secure or fool proof product\solution. Whenever you hear about a highly sophisticated secure product or solution, it merely means that, those who designed\developed had made the product\solution rugged enough so that, it takes a considerable amount of Skill(Knowledge), Infrastructure, Time, Money and patience to punch a hole in whatever they had come up with. So this doesn't mean that one should avoid security products\solutions at all. Security solutions\products will always evolve and fortify itself from whatever they had learnt from the past. My advice is, while choosing or implementing products and solutions first asses how sensitive is the core system you are planning to secure is. Most of the time you will be find yourself implementing a layered security approach with security products\solutions are different levels.
Principle 2: How to secure you personal computer economically. Yes you read it right "economically". The term "economically" is significant in the context of securing personal computers, as I had seen corporate workstations and laptops fortified with all sort of expensive intrusion detection systems, firewalls, software updates to protect from known virus and vulnerabilities (even then I had seen systems going down or infected, which is a different story). If you do a simple analysis on how much a person invests in terms of money or time to secure his\her personal computer, you will find it at zero in most of the cases. No one ever wants to spend money on security, but whenever their system gets compromised because of virus or backdoor attacks chances are, they might loose all the valuable data or the data might fall into the wrong hands, which is going to keep you running from pillar to post from law enforcement agencies to banks et al. In worst case scenario you even might not be aware of, that your system was compromised, which could put yourself into much bigger trouble.
Lets start off with securing your personal computer. Before moving on, make sure you meet the following prerequisites.
- You are using Microsoft windows XP or above (Vista, Win7).
- You have an internet connection (optional)
- You have administrator privileges and physical access to your machine.
- Never try this steps on your corporate machine, as it may violate your company IT policy.
- Never login to you system as an administrator(or a user with admin privileges), unless there is something that specifically demands you to login with administrator privilege. Never think of this for tasks like installation\un-installation of applications or starting\stopping services etc, all these could be accomplished without logging in as administrator. Here's how
- Installing Apps - Right-click the setup file and select "Run as" from the context menu. Provide the administrator username and password to start the installation.
- Un-Installaing Apps - Go to system32 folder(type "system32" in you Run dialog), find the file named "Appwiz.cpl". Right-click the file and select "Run as" from the context menu, provide admin username and password.
- Start\Stop Service (WinXP) - Go to system32 folder, search for the file named "mmc.exe". Right-click the file and select "Run as" then provide the admin username and password. Once the MMC window opens up, select File->Open from the menu and look for the file name "services.msc" (located in system32 folder)
- Start\Stop Service (Vista\Win7) - Go to system32 folder, search for the file named "services.msc". Right-click the file and select "Run as" then provide the admin username and password.
- Run a custom executable under admin privilege - Right-click the executable and select "Run as" then provide the admin username and password.
- Always create a normal user account and use this account to login for executing your day to day tasks like browsing, emailing, office apps etc. This helps to limit or nullify virus\worms from infecting, spreading or altering your system and files.
There is still lot many steps to be included, to get your system secure. I will be updating this article when time allows.
No comments:
Post a Comment