What can you do to prevent yourself from being infected? They’re actually very simple rules. Follow them.
- Never open attachments.
I don’t care how much you love your mother — sister — friend — husband — wife — whoever!
Do not open attachments.
Many people will tell you that if you “trust” the sender to know whether or not a file has a virus, and you scan the file yourself, and the sender did intend to send the attachment to you and it’s been the luckiest day of your life anyway, then it is “ok” to open the attachment. Don’t believe them. If you don’t open email attachments you still may not be protected, but at least you know you have minimized the potential for infection. While there are often lulls in the destructiveness of email-borne viruses, several times per year a new series of viruses will go around which tests the ignorance of the common computer user. The “UPS” virus, “postcard” virus variants, and recent “invoice” viruses. However tempting, if you don’t open these attachments, you will not get infected by them. The millions of people that open them all wish they’d known better.
- Install existing patches.
Remember Patch Tuesday. Microsoft releases most of their patches on the second Tuesday each month. Even if you have your computer set to automatically apply updates — you should manually check for updates on Patch Tuesday. Not all updates will download in automatic mode.
The vast majority of viruses in the wild exploit bugs in products that have already been corrected. If you are using a product that does not have that “patch” applied you may as well install the virus yourself! Most vendors have web sites where you can download patches to their products. This site provides a regularly updated index of updated software.
- Use a firewall!
A firewall is a hardware device or software program that prevents certain traffic from crossing it. Think of it like a sieve – a filter that automatically strains undesirables. In technology, a firewall is a divider that prevents untrusted traffic from coming in or going out.
- A hardware firewall usually takes the form of a router or gateway – a box that sits between your computer and the internet. If the device has a firewall and the firewall has SPI enabled, then most Internet worms that would otherwise be able to access the computer would be prevented from doing so. This may prevent some functionality, such as Remote Desktop, but that can be worked around through configuration options on the device. This can quite effectively eliminate all unwanted incoming traffic.
- A software firewall runs on the computer, monitoring and filtering traffic directly. Software firewalls today support both port and application-level filtering, so it is possible to enable only a small handful of authorized programs that need access to the internet, and only “approved” ports from accepting incoming traffic. This helps to eliminate unwanted traffic in both directions, including traffic from potentially unwanted applications (PUPS) or infections on the computer – minimizing the damage they can cause even if the computer is infected. Every version of Windows since XP SP2 has included a software firewall, enabled by default. Every version of macOS X and newer includes a firewall, though it is not enabled by default.
There are, of course, third-party firewalls with additional features, but in any case, it is absolutely essential to have a software firewall installed and running 24/7.
You should use both hardware and software firewalls. Where one is limited, the other provides strength.
- Do not engage in “promiscuous” activity.
“Trust” is real – every site you visit, every file you download, and every application you install places files on your computer. That’s just the way it all works. These files can potentially exploit insecurities that are less-often patched. If you visit a site of “questionable nature” – anything and everything on the site should be considered untrustworthy. Be careful when you click links and if you notice your system slowing then “maybe something’s wrong?” If you’re installing pirated software there is a very good chance that it includes a virus. And it’s illegal. And it’s immoral. Just don’t do it.
- Trust your instincts.
Regardless of what it is, where it came from, how it got where it is – if you have any instincts at all – when something nags you in the back of your mind not to open something don’t do it!
- Use strong passwords, using passphrases wherever possible.
And don’t use the same username and password at every site and service you visit.
That means your passwords should be as long as possible, including letters, numbers and other characters. It should be a bare minimum of 14 characters long, though longer if the application allows. Windows (all versions since XP) have no effective limit on password length, meaning that you could readily use a passphrase that is over 100 characters. While that may sound like overkill, considering how infrequently you actually have to type it, the password will be far more secure, effectively preventing the ability for the machine to be attacked in a “brute force” or “dictionary” attack on the password.
- Read item number one again.