In Figure 3-7, the line corresponding to automatic updates has been pulled down to show some more details.. Click on the Change settings button to bring up the automatic updates con-figu
Trang 1Book IV Chapter 3
The dialog box shown in Figure 3-6 is light on details You’re being asked
to decide whether or not an application should accept connections If you
allow it, the Windows firewall will allow incoming connections into this
application
To be clear, the application has requested the privilege of accepting
con-nections The first question you should ask is “Did I just launch that
applica-tion?” If the query came while you were in the middle of browsing the Web,
then you should be extra cautious However, in this case, I ran the program
If you’re not sure which program generated the alert, then check the dialog
box because it’s listed there
Trang 2After you determine that the alert was as a result of a program you chose
to run, you should ask “Is this the type of program that accepts network connections?”
On the Internet, a client (your computer) connects to a server to get some information The connection is always made from one side to the other, and having a connection come in to you if you’re a client is rare
Therefore, if you see an alert asking you if you’d like to accept connections, you should qualify the last question by asking yourself why someone would want to connect to me
You want incoming connections on the following scenarios:
✦ When you’re running some server software such as an FTP server
✦ When you’re running a peer-to-peer (P2P) file-sharing program that shares out parts of the file as you download the rest
✦ When you’re running some remote control software and want people to
be able to control your computer
It’s also important to note that if you’re behind a router, then people from the Internet can’t make direct connections to you and wouldn’t be able to connect to the application anyway There are exceptions to this, such as if you’ve enabled port forwarding (see Book IV, Chapter 2)
If you want to allow the application to receive connections, then click Unblock If not, click Keep Blocking
Using automatic updates
Software isn’t perfect Actually, if you spent some time as a software oper, you’d be continually surprised when it works at all A popular quote among developers is “If we built buildings the same way we built software, the first woodpecker that came along would destroy civilization.”
devel-Despite Microsoft’s biggest efforts, bugs exist in Windows Some of them are pretty tame such as “screen doesn’t redraw properly.” But some of them are pretty bad like one that surfaced in late 2008 that allowed anyone that could connect to your machine to take it over Oops
Patches are pieces of software that fix bugs Think of using patches as
patch-ing up a hole in a wall, or in a bike tire Microsoft releases these patches every month, and you can download them to make sure your computer’s software is up to date
Trang 3Book IV Chapter 3
The problem is that Microsoft software often has bugs and, therefore, it tends
to release a lot of patches Chances are you won’t remember to download every
single patch every month Figuring out which patches are necessary is also a
problem So Microsoft introduced Windows Update some time ago, and more
recently, made it install patches automatically, should you allow it
In Figure 3-7, the line corresponding to automatic updates has been pulled
down to show some more details
Click on the Change settings button to bring up the automatic updates
con-figuration, which is shown in Figure 3-8
From here, you have two options:
✦ Install updates automatically: In this mode, Windows checks for
updates periodically and installs them
✦ Let me choose: Gives you more flexibility on how you apply your
updates
If you choose the Let Me Choose option, the screen in Figure 3-9 appears
You can select one of the following options:
✦ Install automatically: This option is almost the same as the one in the
previous menu Updates are downloaded and installed without your intervention The difference between this and the previous menu is that you get to choose the time the updates happen
Trang 4✦ Download updates but let me choose whether to install them: If you’re
not comfortable with updates happening without your knowledge, choose this option When new updates are released your computer downloads them and then prompts you to download them
✦ Check for updates, but let me choose whether to download and install them: This option is similar to the last option, except that the updates
Trang 5Book IV Chapter 3
✦ Never check for updates: If you want to do it by hand, choose this
option
I recommend setting your system up for automatic updates, so you won’t
miss an update
Checking for updates manually
The automatic updates only download the patches that Microsoft deems
critical Every so often, check for updates manually; doing so lets you
down-load all the optional updates
Going through the process manually after you first install your computer is
a good idea Usually, you have some updates that require the presence of
earlier updates, so even after going through the updates once, you may find
that you’re not fully patched Only the manual process gives you the
confi-dence that you’re up to date To do so, follow these steps:
1 From the Control Panel, select Check for Updates from the Security
Trang 6In Figure 3-10, you can see that the system has 57 important updates to download If you are curious about what they are, you can click the View available updates link.
This screen also lets you confirm your automatic update settings Here you can see that the system is configured to update nightly at 3 a.m., and that it’s never been updated
2 Ignore the optional updates for now and click the Install Updates button to begin the update process.
Sometimes the updates come with a license that you must accept to use In Figure 3-11, the license is for the Windows Malicious Software Removal Tool, which is the built in anti-spyware product I look at this later, but for now, you have to accept the license terms and click Finish
Figure 3-11:
Accept
the license
terms
3 Wait while your system downloads and installs updates.
The time it takes to do this depends on the speed of your computer and how many updates you have
Your computer will be usable during the update process, but don’t expect peak performance There’s a lot going on during the update process, and at times your computer might feel sluggish
After the updates are installed, you get confirmation, as shown in Figure 3-12
Trang 7Book IV Chapter 3
If you read the message on the screen, you can see that you’re being
prompted to reboot to finish the updates You can do so now, or close the
window to reboot later
If you choose to reboot later, then you are periodically reminded to reboot
by means of a dialog box that pops up from the system tray, shown in
You can continue to postpone the reboot as long as you want
When you finally reboot, the process takes longer than normal because
updates are being processed
Some updates depend on other updates already having been applied The
first time you apply updates you should go back and check to make sure all
updates were applied correctly
Trang 81 After the reboot, go back to the updates window by going to the Control Panel and selecting Check for Updates from the Security menu.
Figure 3-14 shows that there is one important update and 20 optional updates
2 Click on View available updates to get details of these 21 updates.
Figure 3-15 shows the available updates The important update is a security update, and most of the rest are regular system updates If you are curious, you can enter the identification next to the update, such as KB931099, into the search engine at Microsoft.com to find out the details
Trang 9Book IV Chapter 3
3 Choose the updates you want to install by checking the box next to
the name If you want to select them all, you can check the button at the top of the dialog.
4 Finally, click on Install to begin the update process.
You might have to go through this a couple more times before you’re all up to date However, after you’re done, you are told that there are no new updates available, as in Figure 3-16
Figure 3-16:
No new
updates are
available
After all of that, your automatic updates take care of you, and all you have to
worry about is performing the odd reboot
Protecting against malware
Microsoft Windows spawned an industry of malware authors eager to make
a buck off of computer users The malware authors were fairly successful,
which itself was the drive behind the good guys to come out with
anti-malware products
Anti-virus products have been available long before the Internet was
com-monplace and have managed to keep pace with the virus authors
Anti-malware software has not been as successful as its anti-virus brethren
Finally, with the release of Windows Vista, Microsoft bundled its own
anti-malware software with the operating system
Microsoft calls this software Windows Defender It is bundled with Vista and
also downloadable from Microsoft.com for Windows XP and 2003
Trang 10Sadly, Windows Defender doesn’t do anything for viruses You’re on your own there, so I’ve got a free alternative for you later on in this chapter.
Looking at Windows Defender
1 From the Control Panel choose Security and then click on Windows Defender to open Windows Defender, shown in Figure 3-17.
In the figure you can see that everything is just fine according to Defender
2 If you want to scan your computer right away, click the Scan button at the top If anything pops up, you can deal with it right there.
Bundled security software
If you’ve bought a computer recently,
espe-cially from a retail outlet, you might find that it
comes with anti-virus and anti-malware
soft-ware If so, great! But, please check carefully,
because many of these are time-limited trials
and will stop working after 30, 60, or 90 days
If, after the trial, you’re happy with the
soft-ware, then by all means buy it Windows Vista
was designed to work with third-party virus and anti-malware products Make sure that you understand what you’re signing up for, such as recurring billing
anti-If you don’t want to keep the software, make sure to uninstall it to avoid being nagged about buying it
Trang 11Book IV Chapter 3
Other than that, Windows Defender doesn’t provide a whole lot of options
It’s nowhere near as interesting as anti-virus
Installing anti-virus software
Many companies are selling anti-virus software You can expect to pay
around $30–$60 for the software, depending on the features, and to pay that
every year for upgrades and updates to the virus signatures Packages at the
upper end (and higher) include more than just anti-virus and anti-spyware;
they help you with spam, identity theft, and a whole host of other problems
There is, however, a free anti-virus package out there AVG is a company
that produces anti-virus and anti-spyware software with various features
They offer their base package free for noncommercial use If you don’t
already have anything else, I highly recommend AVG
If you scroll to the bottom, you can see the download link, which is shown in
Figure 3-18
Upon clicking the download link, you are redirected to another site for the
download If you are using Internet Explorer, you might get the warning shown
in Figure 3-19 If so, click on the warning bar and then click Download File
Trang 12Grab a coffee, because the download takes a couple of minutes If you want
to grab one for me, I take mine black, please, and thank you
Trang 13Book IV Chapter 3
The AVG toolbar provides some enhancements to Internet Explorer that can
help keep you safe, so it is worth installing the toolbar
Be careful about which toolbars you install because you don’t know if they
contain malware The AVG toolbar is a helpful toolbar and alerts you if you
try to install a toolbar containing malware
Continue following the prompts until the software reports that installation is
complete
Configuring the first run
After you install the AVG anti-virus software, you are prompted to configure
it through the first run wizard For the most part, you can accept all the
defaults, though there are a couple of screens where you might choose to
select an alternate option to the default
Trang 14The first screen is shown in Figure 3-23 Click Next to continue.
Follow the instructions on the screens to complete the installation You may
or may not want to choose the following options:
Trang 15Book IV Chapter 3
✦ Agree to provide information about detected threats to AVG: This
option is disabled by default, and you may want to consider enabling it
Turning on this option sends information about what the software finds back to AVG for product improvements and virus research Any informa-tion that could identify you is stripped before it is sent
✦ Change my default search engine to Yahoo!: If you installed the
tool-bar, this option changes your default search engine to Yahoo! By default this is selected; if you prefer a different search engine, then deselect it
You go through a few screens, the software updates itself with the latest
virus definitions, and then you are protected
Verifying that you’re protected
You know you’re protected from viruses two ways, as shown in Figure 3-25
The first indication is that the Windows Security Center isn’t complaining
about the anti-virus (go to the Control Panel and then find Check this
com-puter’s security status, or see the earlier section called Visiting the Windows
Security Center) In fact, if you look at the Malware protection section, you
see the following:
✦ Virus Protection: AVG Antivirus Free reports that it is up to date and
virus scanning is on
✦ Spyware and other malware protection: Windows Defender and AVG
Anti-Virus both report that they are turned on
Trang 16Finally, look in the system tray to see the new AVG icon (the four colored boxes).
You’ve got virus protection You’ve got spyware protection Let’s move on
Other security settings
By now you’ve set up some pretty good defenses Your computer updates itself regularly It has a firewall, and its anti-virus and anti-spyware sensors are busy looking for any signs of malware
You could stop right here and be fairly worry free when browsing the
Internet But being safe on the Internet is much more than the software you run; it’s also the decisions you make
I’m pretty sure you’re going to approach the Internet with a cautious eye and make good decisions, but even the best of us clicks the odd dialog box with-out reading it too closely So, I’m going to show you a couple of safeguards that you can use to further protect yourself against the bad things out there
Creating separate accounts for administrators and users
Windows Vista is a multiuser operating system This means that the system recognizes that you are different from someone else based on a username
that you provide Vista recognizes you by your account, which has a name
and a password
Using separate accounts means that you can keep your files separate from other people that use your computer Maybe you want to protect stuff from being deleted; maybe you want your nosey sister to stay out of your stuff Either way, one user can’t touch another user’s stuff
Accounts also have privilege levels — either a standard user or administrator —
in Vista The account you’re using now is probably the one you created when you set up the system and is an administrator In this section, you create a stan-dard user account for day-to-day use which limits your exposure if something gets by your malware filters Follow these steps:
1 Go to Control Panel and select Add or Remove user accounts.
The list of user accounts appears, as shown in Figure 3-26
In the figure you see that there is a user called Sean, who is an trator and has a password You can also see a disabled guest account that you will not use
adminis-2 Select Create a new account to start creating the new account.
The form you see is shown in Figure 3-27.