Beginners Guides: Ten Steps to a Secure PC
The Internet can hold
a host of dangers for the unwary computer user. Without proper precautions, your
data is at risk every minute your system is connected to the web. - Version 1.2.0
With this guide, PCSTATS has set out to inform
you clearly and concisely of the dangers you face, and the steps you can take to
avoid them. Once you look through, I think you'll be struck by how little
effort is required to make your PC more secure. Even performing the first
five steps of this guide will make your system better protected than the vast
majority of Internet connected PCs. It is not wise to rely on the comparative anonymity of the Internet to keep
you safe. If you do, you will be burned eventually and inevitably.
Secure your PC now to avoid future regrets.
The next five procedures can be considered
essential for any computer user that values the sanctity of his or her
data. By following these five easy steps, you can avoid 99% of the
potential trouble lying in wait for you on the Internet.
Step 1. Use a strong password
The danger: malicious
computer users can gain access to your computer over the Internet, stealing and
deleting data and potentially implanting viruses and Trojan horses.
The major irony of
Microsoft's shift from non-password protected home operating systems like
Windows 98 and ME to the password and access-list based 'security' of Windows
2000 and XP is that your data is actually less secure by default.
Sure, the new operating systems give security
conscious users all the tools they need to protect their data, but what if the
users are not aware of the risks? During the install process, you are
prompted to create a password for the built-in 'administrator' user
account. Users accustomed to Windows 9X/ME's pointless passwords often
decide to bypass this by entering a blank password, thus opening up their entire
computer to anyone who takes the trouble to look twice at their Internet
There are two reasons for this vulnerability:
One, every Microsoft Windows XP and 2000 system has a built-in account called
'administrator' which has full access to all files and configuration settings of
the computer. Anyone who is remotely familiar with these operating systems
knows of this account's existence. This definitely includes anyone who
might try to break into your computer.
The other factor in Windows 2000 and XP's
vulnerability is the presence of hidden administrative shares. Each
logical drive (C:, D:, etc.) on your system, plus the Windows directory, is
actually shared (made available for remote access) by default. These
hidden shares are only accessible to Users with administrative privileges, but
once an intruder has your administrator account password, he has your entire
system laid open for him.
By using one of a multitude of free and legal
software tools, a potential intruder can easily locate and gain access to your
data by finding your IP address and attempting to connect using the
administrator account. Obviously, if there is no password on the account,
you are defenseless.
Even if you have put a password on the account, you
may not be safe. Simple passwords can easily be discovered by an intruder
using a 'dictionary attack' software tool, which can try words and combinations
of letters until your password is compromised.
The administrator account is uniquely open to this
style of attack, because while other user accounts can be 'locked' by the
operating system if an incorrect password is entered too many times, the
administrator account cannot be locked out. This means that an intruder is
free to try as many password possibilities as he or she wants, without worrying
about losing access to your system.
For a more detailed examination of this issue, see
our Guide to forgotten password recovery methods.