HomePage :: TechnicalProjects :: MakingWindowsMoreSecure
Making Windows More Secure
If you're stuck with Windows…
- Patch everything. Windows is fundamentally broken, and Microsoft only releases patches when a critical number of people complain about something being full of holes, but every little bit helps. Run Windows Update often.
- Run alternate applications whenever possible. How can I say this any more forcefully? If you run default Microsoft applications, your computer is vulnerable to attack. Don't use Outlook and don't use Internet Explorer. Use [OpenOffice http://www.openoffice.org] instead of Word if at all possible. Mozilla's [Firefox and Thunderbird http://www.mozilla.com/] are great for web browsing and email respectively, and you can get both in one application suite called [Seamonkey http://www.seamonkey-project.org/]. Mozilla's mail application even talks to Exchange servers.
- Install a real Linux- or hardware-based firewall or router if at all possible. If you can't do that, at least turn on the built-in firewall if you're running XP or Vista.
- Scan for viruses. Unless you're at work, go get and install the free [AVG http://free.grisoft.com] anti-virus scanner. While you're at it, ask if your ISP can filter attachments and spam for you.
- Don't run applications or services you don't need. Every additional application that interacts with the Internet is one more possible vector for crackers to get in. The less you run, the safer you are. Often overlooked is software that starts at boot (sometimes these put an icon in the tray, next to the clock): check your startup folder, or for the brave, clean out the appropriate registry keys.
- Be on the lookout for spyware/adware. This stuff is despicable. Read [this slashdot article http://ask.slashdot.org/article.pl?sid=03/10/27/2349222&mode=thread&tid=158&tid=99] for more information. Also important to watch out for is [malware http://www.westcoast.com/securecomputing/2003_07/cover/] (malicious software). [Ad-aware http://lavasoft.com/products/ad_aware_free.php] and [Spybot http://www.safer-networking.org/en/download/index.html] are your friends. Don't count on [Dell http://www.spywareinfo.com/articles/dell/support_letter.php] to help you, though…
Security checklists
Additional things you can do
- Install Cygwin. Cygwin is a DLL and a set of tools that emulate a Linux environment in a dos box. Pretty much anything you want to do, with the exception of kernel stuff, is included or is installable. You can run web and mail servers, perform backups over the Internet, there's a free C/ C++ compiler along with numerous development tools, an X-windows environment which allows you to install and run KDE… plus there's tons of other stuff, and all of it is [free http://www.gnu.org/philosophy/free-sw.html].