Home Computer Security
By Laurie Walters
If you are like the majority of Americans, you have a computer at home that is connected to the Internet. To sell more computers, companies make computers relatively easy to use, often at the expense of computer security. Do you know if your computer is protected from the constant probes of other infected computers and hackers?
This article will focus on steps to adequately safeguard against the real threats against your machine.
Am I at Risk at Home? Why?
- Common security problems for home machines may include privacy invasions, destruction of files, spyware,
virus and worm infections, and backdoor/trojan horse infections where an unauthorized person remotely has
complete control of your computer and may use it to attack other machines or to host illegal software.
- Cable modem and DSL connections are fast and provide a constant flow to the Internet. With this "always on"
connection, it is easy for a hacker to identify a weakness on your system and then return to your machine at
a later date to take advantage of it. This atmosphere also provides a good breeding ground for viruses and
- If you connect to the Internet via a dial-up modem, your risk increases with the duration that you remain
How to Make Your Home Machine as Secure as at Work
- Make sure your computer has good passwords.
- Patch your machine regularly.
- Install an anti-spyware product.
- Use an anti-virus product and update it regularly.
- Use a router-based firewall or install a personal firewall.
- Use a VPN to connect to Penn State resources.
- Know what is running on your system.
- Use caution when making online purchases.
- Use good Internet hygiene.
Make Sure Your Machine Has Good Passwords
- Most operating systems require a login username and password to protect your computer from unauthorized
access by virus, worms, and hackers. For details on how to create a logon password for many of the common
operating systems see http://sos.its.psu.edu/passwd.html.
- Passwords should not be dictionary words and should consist of 7+ characters of mixed case including
numbers, letters, and symbols. Some guidelines for selecting and remembering a strong password can be
found at http://www.alw.nih.gov/Security/Docs/passwd.html.
Patch Your Machine Regularly
- Computer software vendors provide regular updates for their products that can protect against known security
vulnerabilities. These updates are called patches. The patches protect your machine from operating system
or application weaknesses (e.g. Internet Explorer holes). When patching the operating system, use automatic
updates where possible (e.g. Windows Update) or download updates manually from vendors. Try to download
"critical" patches to removable media such as CD and install them before putting your computer on the
Internet for the first time. When you hear of a new major vulnerability or patch, try to install it as
soon as possible. You will need to install the patch from an administrator account.
- All Windows OS patches can be manually downloaded and installed from
- If you don't want to manually check for patches, you can set up your Microsoft operating system to check
for updates automatically. Instructions on how to do so can be found at http://sos.its.psu.edu/autoupdates/.
- On a Macintosh computer, Automatic Software Update is available from System Preferences under the Apple
menu, or you can download software updates manually from http://www.apple.com/support/downloads/.
Download Updates for the Software You Have Installed on Your Computer
- Just as the operating system has vulnerabilities, so do the programs you have installed on your computer.
For example, if you are running Microsoft Office, there are a number of patches to protect your computer. They
can be downloaded at http://www.officeupdate.microsoft.com.
If you are using Eudora as a mail client, updates can be downloaded from http://www.eudora.com.
Protect Your Computer from Malware, Viruses and Worms, Blended Threats, and Spyware
- Malware is software which has malicious intent that is usually installed without the owner's knowledge.
Malware may be disguised to look like benevolent software. One example of malware is a software called a
keylogger which is hidden on the computer and records every stroke you enter into your keyboard. The keylogger
may record a wealth of information: credit card information, passwords, chat room transcripts, private e-mail
- Viruses are computer programs which cause some unexpected event on a computer and automatically spread to
other computers via e-mail, open file shares, and applications installed on the computer (e.g. Kazaa, AOL
Instant Messenger, etc). Worms are self-replicating viruses that are loaded into computer memory rather than altering files on the machine.
A worm's main goal in life is to spread to as many other machines as possible.
- Most computer security problems arise these days from blended threats: attacks that combine the
characteristics of malware, viruses, worms and use multiple avenues to attempt to infect as well as attack
other computers connected to the Internet. There are many consequences of viruses, worms, and especially
blended threats such as the infected machine attacking others (which also generates a lot of unnecessary
Internet activity), harm to files on the infected computer or remote machines, and the infected computer
having a backdoor implanted on it which allows a hacker to gain full access of your machine remotely!
- Spyware is a type of malware that is installed on a
computer without the user's knowledge which monitors user activity and transmits it to another computer. Many
spyware programs are set to monitor what web sites you visit and how long you visit them, generally for
marketing purposes. Spyware is usually bundled with other software such as shareware or freeware programs
(e.g. peer to peer file-sharing programs, games, etc.). The disclosure for the spyware is usually in the
fine print of the licensing agreement. Who reads these anyway?!? Another way to get spyware on your machine
is by clicking on a deceptive pop-up message.
- Spyware has many consequences as it runs in the background using your computer's system resources and memory
to log what you are doing. This could interfere with other programs on your computer, and could even cause
your computer to frequently crash or lock up. Spyware also uses your Internet connection to send information
about your activities to someone else. This could cause your Internet connection to slow significantly.
- According to Steve Pierce, ITS Willard Building HelpDesk manager, "Spyware, adware, malware, or whatever
you wish to call it has become a huge problem for many Windows users over the last year. Many of the machines
we see at the Help Desk workbench are heavily infested with these types of programs. Users often believe they
have viruses because their machines no longer work correctly, and they don't know what to do."
Scared Yet? Protect Your Privacy!
- Install Adaware and Spybot software to detect and remove spyware, adware, and malware. There are free
versions of the software that must be manually run (on a regular basis of course) or versions you must
buy but constantly run in the background on your machine and detect any malware that attempts to invade
your computer. Each company writes updates to detect new spyware that has been written recently. It is
recommended that you check for updates in the anti-spyware program at least weekly to protect
your computer from the latest threats. Adaware is free for personal machines but must be purchased for
- Adaware can be downloaded at
- Spybot S&D can be downloaded at http://www.safer-networking.org/index.php?page=download
Install an Anti-virus Product and Keep it Up to Date
- Penn State has purchased a site license for Symantec's Norton Antivirus Corporate Edition. Consulting and
Support Services (CSS) provides user support if you have any questions or problems with downloading,
installing, or configuring the product. Norton AV Corporate Edition can be downloaded at:
https://downloadsym.cac.psu.edu (note: it's 33MB). The PAC-ITS CD-ROM with Norton AV is available at
the ITS Helpdesks, campus Helpdesks, and at all ResCom locations.
- Update virus definitions weekly or more often if you hear of a new virus. Virus definition files allow
your anti-virus program to be aware of the latest threats. Set virus protection to automatically download
virus definition updates if possible by navigating to the file menu and choosing "Schedule Updates" and
then choose the frequency of updates. If your machine is not constantly connected to the Internet, you can
manually update your virus by clicking on the "Live Update" button after you open Symantec Norton Antivirus.
Live updates are usually available once a week. However, Symantec usually creates updates of the newest
viruses that can manually be downloaded and installed several times a week. These updates are available at
- Perform a full virus scan of your hard drive(s) at least monthly (if not more often).
Install a Personal Firewall
- A personal firewall is a software-based filter between your computer and the outside world that is installed
on your computer to protect it from unauthorized access by other external users. Personal firewalls are
configurable to specify which incoming and outgoing programs, ports, and IP addresses can be accessed.
Recommended personal firewalls that are free for personal use include Zone Alarm and Tiny Personal Firewall:
- ZoneAlarm can be downloaded at: http://www.zonealarm.com
- Tiny Personal Firewall can be downloaded at: http://www.tinysoftware.com
- A firmware or hardware based firewall is a separate device that physically sits between your computer and an
Internet connection. This type of firewall is generally more secure than a personal firewall and saves
processing time on the computer that the personal firewall would otherwise be using.
Router-based firewalls can range in price from relatively inexpensive ($50) to thousands of dollars.
This type of firewall device is highly recommended for home use and can protect many types of connections
including dialup modem, cable modem, DSL, etc.
- Linksys Cable/DSL Router BEFSR41 at Micro Warehouse ($55) is for Cable/DSL and quite usable for home
use (1 to 4 ports): http://www.cdw.com/shop/products/default.aspx?EDC=196823.
- SMC 7004ABR ($80) is for Cable/DSL and also has an RS-232 port (for Internet connection via modem):
Use a VPN to Connect to Penn State Resources
- A Virtual Private Network (VPN) is an encrypted tunnel between your computer and a remote machine.
There are several benefits to using a VPN, including encryption, authorization, and privacy (e.g. data between
your home machine and Penn State cannot be intercepted). The Penn State VPN service enables your remote computer
to appear to be a part of the psu.edu domain. It is provided free of charge to anyone with a valid Penn State
Access Account. A simple download and configuration of the VPN client software is required in order to use the
service. See http://aset.psu.edu/vpn/index.html for further information.
Know What Is on Your System
- You should periodically determine what your running processes are on your computer and if they
are valid. You can analyze what processes are on your Windows system by downloading a tool such as TCPView,
Fport, Inzider, or Active Ports. They can be downloaded from the links at
- These programs will show you the name and location of the processes that are running on your machine.
If you are not familiar with the process, you can perform a search of the Internet to determine if it is
something that you should be running on your machine.
Prevent Identity Theft When Making Online Purchases
- Look for a padlock at the bottom of web pages, indicating that the site is secured by encrypting data when
submitting sensitive information such as credit card numbers or a SSN. Be aware that a secure site means
that your data is encrypted during transmission. Keep in mind that it says NOTHING about how secure the data
is once it is stored on a remote computer. Thus, purchase from well-known companies only. Don't buy from a
company you are not familiar with or from mass e-mail solicitation. Make purchases using a one-time credit
card number or a card with a low credit limit. Realize that reputable web sites will never e-mail a request
for any personal information such as SSN, password, credit card or bank account number, etc.
Use Good Computer Hygiene-Think Before You Click
- Be careful with e-mail attachments. Call or write back to confirm before opening.
- Be careful about what web sites you visit.
- Be careful when prompted to download software.
- Use good passwords and change them period cally for both machine and web sites you visit.
- Don't create non-password protected file shares.
- Backup your data such as important document frequently.
- Remove Internet access when it is not needed. Either unplug from the Internet or shut down your computer
when it is not in use. The less you are connected to the Internet, the less vulnerable you are.
- Only install the applications and services that you really need to use. The fewer programs you have running
on your machine, the smaller number of holes you will have for someone to potentially exploit.
Personal Computer Security Checklist
Newsletter Home Page