Windows Vista is the most secure OS available from Microsoft till date, but it takes some extra steps to keep the bad guys at bay. There is a wealth of in-box features available in Vista to accomplish this and in some cases adding a few pieces of software would help lock down your computer.
Windows Update:
Run Windows Update frequently to keep updated with latest critical Microsoft updates. Type Windows Update in the Start menu search box (Press Start button and type)
Windows Security Center:
Current health status of your computer can be monitored at Windows Health Center (Click Start, Control Panel, Security Center, or you can simply type 'security' in the Control Panel Search box). Red or Yellow status implies you are not fully protected. There is no in-box antivirus software, I would recommend AVG Anti-Virus 8, its free.
Windows Defender :
Windows Vista ships with Windows Defender in-box and protects your computer against pop-ups, slow performance and security threats caused by spyware and other potentially unwanted software. Easy way to find out this application is to type 'Defender' in your Start menu search (Hit WinKey and start typing).
Enable Windows Firewall for Inbound and Outbound connections:
Windows Firewall in Vista blocks incoming traffic that is considered malicious or suspicious by default, but outbound traffic flies under the radar. This setting can be changed via Windows Firewall Advanced Security option. Open Start menu or click on start button and type wf.msc and hit enter. For each profile--Domain, Private, and Public--change the setting to Block, and then click OK.
3rd party firewall protection:
I recommend adding a more robust third-party firewall. I suggest either Comodo Firewall Pro or ZoneAlarm, both of which are free and fare very well in independent firewall testing.
Restrict Unwanted Guests:
If you share your computer, you don’t want the other users to guess the Admin password.
Here's how to limit the guesses.
- Click Start, type Local Security Policy.
- Click Account Lockout Policy.
- Choose Account Lockout Threshold.
- At the prompt, enter the number of invalid log-ins you'll accept (say, 3).
- Click OK and close
Secure Your Internet Explorer Settings
Windows Security Center also monitors your Internet Explorer Security settings and alerts you if they aren’t at recommended levels.
You can adjust the settings in your IE to make it more secure by doing the following,
- Within Internet Explorer, click Tools in the menu bar.
- From the drop-down menu, click Internet Options.
- Choose the Security tab.
- Within the Security tab, click Custom Level.
Secure your DNS with OpenDNS
Domain Name System (DNS) is an internet service that translates domain names in to IP addresses. For example, the domain name www.example.com might translate to 198.105.232.4. Lately, DNS servers have come under attack, where crooks try to redirect commonly used DNS names to their own servers. One way to stop such attacks is by using OpenDNS.
Go to Start, Control Panel, Network and Internet, and then click Network and Sharing Center. Under the tasks listed on the left, click Manage Network Connections. In the Manage Network Connections window, do the following.
- Right-click on the icon representing your network card.
- Click Properties.
- Click Internet Protocol Version 4.
- Click the Properties button.
- Select the Use the following DNS server addresses radio button.
- Type in a primary address of 208.67.222.222.
- Type in a secondary address of 208.67.220.220.
- Click OK.
Live With User Account Control
UAC is one of the controversial security features in Vista, but UAC is meant to warn you of potential danger. So if you wish not to deal with UAC frustrations and don’t want to turn off this setting, try TweakUAC instead, a free utility that offers the ability to turn UAC on or off as well as an intermediate "quiet" mode that keeps UAC on but suppresses administration elevation prompts.
Check my previous blog to Dealing with UAC frustrations
Generate System Health Report:
Generate a system health report to check all your tweaks are in place. Open the Control panel and type Generate a system health report in the search box.
*adapted from PC World with more info.
Posts
No comments:
Post a Comment