Optimize Your Security Apps

SECURITY-SOFTWARE maker Symantec announced earlier this year that it has documented 10,992 32-bit Windows virus and worm variants, with new ones appearing almost daily. Keeping your computer secure against these endless—and endlessly changing—attacks requires the help of today’s sophisticated antivirus and antispyware tools. But just installing the software isn’t enough.We’ve put together some tips that should help you tweak these tools and keep your computer well ahead of viruses and spyware in the security struggle.


1. Do full-system scans regularly
What’s a full-system (or “deep”) scan? It’s one that looks at your Windows Registry, at running processes, and inside of nonexecutable files, archive files, and files of all sizes. So-called “smart” scans ignore archives, extremely large files, and sometimes nonexecutables. It follows that deep scans take much longer (some archives contain more than 500 files), but they’re much more thorough.Where viruses are concerned, missing just one you’re infected with is as good as missing them all. So we recommend running deep scans regularly.

How you define “regularly” depends on how much traffic you see on your computer. If you process a lot of incoming/outgoing files and e-mail daily, it’s a good idea to use your antivirus and antispyware scheduling function, setting up a deep scan every night while your computer is
otherwise idle. Because a deep scan can take hours and really tax your system, you don’t want to perform one while you’re trying to use your PC.


2. Do deep scans with antispyware apps, too
Spyware isn’t as damaging as viruses can be, but it’s more insidious. What if somebody was busily taking notes of every Web site you visited, then selling the info to a survey company for analysis? That’s what spyware does, so don’t neglect antispyware programs. Whether it’s an excellent little app such as Ad-Aware (www.lavasoftusa.com) or a more full-featured product such as Steganos AntiSpyware (www.steganos.com), deep scans can find and either quarantine
or remove those infiltrators on your computer. Scanning once a week is probably enough, but if you install, remove, and test a lot of software, consider more-frequent scans.


3. Check daily for antivirus updates
Running the best virus scanner money can buy won’t buy you anything if its virus definitions
aren’t up to date. While some antivirus apps offer automated downloads as a configuration default, not all do. Check your program to see whether that’s the case. If it isn’t, we recommend
performing a daily manual check for updates. If you don’t get an update for as long as two weeks, check whether your antivirus app is working properly. If it is, and the manufacturer says it has had nothing new to provide, consider switching to a different app. Many viruses show up only rarely, but that shouldn’t matter to antivirus software. It’s meant to know and find them all.

4. Turn Windows Firewall off only when offline
You’re continuously vulnerable to Web-based attacks if you’re connected to the Internet, and attacks are more frequent than we’d like to acknowledge. As often as every few minutes, somebody, somewhere, is doing a broad-beamed port scan to find insecure backdoors in computers. It’s not a question of whether you’ll be scanned, but how many times you are in a given hour.Your best defense is your firewall, so never turn it off unless you’re literally disconnected from the Web. Some software offers more-elaborate firewall protection than Windows does, often with extra features. If you’re installing and configuring a third-party firewall, disconnect your PC from the Web first, and then turn off your old firewall.You
don’t want two firewalls running at once, because they’ll interfere with each other’s operation.


5. Get acquainted with your firewall’s network-control settings
Whether you’re connected to a local-area network (LAN) or not, you and your computer are part of the largest wide-area network (WAN) in existence: the Internet.Your firewall’s network settings are a valuable tool for dealing with the Web on a daily basis. Choosing to filter your traffic allows you to “teach” the firewall what contacts from outside your computer are allowed to access it. It’s almost equally important that a firewall prevents apps on your PC from trying to reach the Web on their own. While some programs do this periodically to check for updates, others may represent spyware or virus activity.

Tip: Some firewalls must be configured to start up automatically every time you turn on your computer. Ignoring this control could lead to you being open to the Internet without any protection.


6. Surf the Web without Microsoft
That’s right: Consider a non-Microsoft browser, such as Opera (www.opera.com) or Firefox
(www.mozilla.com/firefox), and an alternative e-mail reader such as PocoMail (www.pocomail.
com). No, we’re not opposed to the good folks that brought us Windows, but several security exploits have been documented in Internet Explorer and Outlook Express. Some of them, such as the malware Download.Ject, can be extremely damaging. Hackers typically direct their efforts at this pair of Microsoft programs because they’re by far the most common browser and mail reader. You stand a far better chance of being “invisible” to their efforts if you use alternatives.


7. Use common sense when downloading or opening anything
Your antivirus and antispyware utilities are highly sophisticated tools, but they can’t prevent
you from stepping off a cliff. If you receive an e-mail stating that you’ve won a prize and must go to a site to collect it, kill the e-mail. If you get a note from a friend saying “Hi there! Look at what I found!” with an attachment, again, delete it. Genius isn’t required to determine that both of these situations are ruses—but you’d be surprised how many people regularly fall for them.