Home > Articles > Home & Office Computing > Home Networking

  • Print
  • + Share This
Like this article? We recommend

Hardening Your System

Now that you have a constantly open connection, your system is apt to receive a few unwanted visitors. Yes, you could have received them just as easily with a dial-up connection, but the permanently connected nature of your system makes things a lot easier for those with evil intent. Consequently, you need to harden your system—that is, make it more difficult for outsiders to gain access.

Hardening your system means installing good virus protection and ensuring that you have a firewall installed. The firewall that comes with the original Windows XP is almost useless, but better than nothing. Windows XP Service Pack 2 (SP2) comes with an improved firewall that should provide enough protection for most home systems. After you install the virus protection and firewall, make sure that it's actually working by testing it using an outside testing resource such as Shields Up!. If Shields Up! reports that you have open ports, reconfigure your firewall to close those ports that you don't need. Most firewalls and virus-protection aids also provide reports for your benefit. These reports don't count for much if you don't read them. Part of using these products is reading the reports to ensure that no one is breaking into your system. Set aside a special time each week to check things out.

Even after you install a good firewall and virus protection, your system can still contain hidden security problems. For example, most applications today contain security holes that outsiders can exploit with relative ease. Visit the vendor sites to get product updates for applications you own. Updating your applications monthly usually works fine for home systems unless you hear of a new exploit that particularly worries vendors.

Test your Windows setup and the status of Windows updates by using the Microsoft Baseline Security Analyzer (MBSA). Running this free tool tells you about possible security problems on your system, such as the use of ineffective passwords and the presence of accounts that you might not know about. It also checks the status of any patches or updates you need. Unfortunately, MBSA only works with Windows NT-based systems, including Windows 2000 and Windows XP—you can't use it with older Windows versions such as Windows 98.

No matter how well the installation goes and how well you harden your system, a broadband connection is still a doorway to your system. Exercising vigilance—knowing what applications you installed on your system and keeping track of which processes normally run—is the only way to ensure that your system stays relatively safe. The easiest way to determine which processes are running is to right-click the Taskbar and choose Task Manager. You'll see a list of processes on the Processes tab. Record this list when you aren't running any applications and perform a comparison from time to time. Processes you don't know about could be suspect and you should learn more about them.

The bottom line is that if someone wants to access your system, they're going to do it. After you make sure that you have the best possible installation and you can keep an eye on unwanted activity, perform the additional task of backing up your system. Ask yourself what you would do if someone damaged files on your system—make sure that you have a way to recover from the errant virus that comes uninvited.

  • + Share This
  • 🔖 Save To Your Account