(Guide) How to safely use Windows without Anti-virus security

Discussion in 'Security and Anti-Virus Software' started by micman, Oct 10, 2010.

Thread Status:
Not open for further replies.
  1. micman

    micman Notebook Evangelist

    Reputations:
    242
    Messages:
    662
    Likes Received:
    119
    Trophy Points:
    56
    ***READ THIS: The following guide should only be used as an informational resource. I am not forcing anyone to follow this guide, nor will I take responsibility for any consequences that result from its use. Please use it at your own risk and please also refrain from using the thread to debate the usefullness or necessity of anti-virus security software.***

    You have been warned.



    Now the good stuff. I'm compiling a list of security measures that can be used as an alternative to the major security programs such as Norton, Macafee, AVG, and others. I'm not saying those programs can't be useful, I just want to expand general security knowledge and give users other options in addition to or besides the mainstream anti-virus programs.

    I tried to list the items in order of how well they can protect you, but without a scientific method of checking, it's purely guesswork. With each item I will assign a security level, such as low, medium or high security. This way you can decide what level of security you might like to use on your system. I'll take suggestions for changing the level of importance for items in the list.

    I'm only adding things to this list that are free to use or that come built into Windows. There are hundreds of security programs out there that you can pay for, but why should you if there are so many useful safety measures for free? Remember that I'm not going to cover free anti-virus programs either. This is meant as an alternative or additive to any anti-virus program.

    Your feedback about how particular security measures has helped protect your system would be appreciated. I haven't used all of them myself on my main system, but I've set them all up at one time or another. In two years on three different computers in my house, I've only contracted one virus using only a few of these methods. Your mileage may vary.




    1. Virtualisation (Level: HIGH) – This includes running your operating system as a virtual machine (VM) or using virtualised processes like sandboxIE. If you run a VM or sandboxed application, any infection you obtain will only affect the VM or sandboxed process. Think of it as a quarantine for your programs or system.

    A few good options for running VM include


    2. User Account Control (Level: MEDIUM) – This is for Vista and 7 users only. UAC is the most annoying and effective measure that Microsoft has made to ensure you don't perform an action you didn't mean to. It also flags inappropriate actions by your computer, such as malware trying to run without your permission. If you click on an unsigned executable (a program) to run or install it (for example), UAC will stop you in your tracks and make sure you meant to do that. If a virus tries to run without your knowledge or permission, UAC will pop up with the usual continue or cancel message giving you one last chance to stop that particular infection. In my opinion, this annoyance is completely unecessary if you just use common sense, but some will find it useful.

    UAC can be adjusted in the Control Panel under User Accounts.


    3. Use Firefox, Chrome, Opera, Internet Explorer 9 or Safari (Level: MEDIUM) – Internet Explorer tends to be the least secure of browsers available on the market out of the box, but properly configured and used it is close to the level of security of other browsers. You should just make sure you have the most updated version of your browser, and no matter what browser you use, make sure you are knowledgeable about the security features it comes with.

    Firefox Security Features
    Chrome Security Features
    IE Security Features
    Safari Security Features
    Opera Security Features


    All the major browsers have support for extensions or add ons, and the options available for each browser increase security against harmful websites or downloadable files. No matter what browser you use, it's a good idea to make sure it always asks you where to download files so no infected downloads sneak up on you. You should also consider using the private browsing feature if available as this can protect you from tracking cookies and other malware.

    You can find them each here:
    Firefox
    Chrome
    Safari
    Opera
    Internet Explorer 9 (Vista and 7 only)


    If you love IE, you can still get away with using it by following a few tips. Make sure you have version 8 with the latest security updates or above by running Windows updates. Any version below 8 is no longer secure enough for today's sophisticated malware attacks. Even version 8 is iffy, but a necessary evil for Windows XP users. Another must is making sure InPrivate and SmartScreen filters are active.

    If you are a Vista or 7 user, you also have the added benefit of running in Protected Mode, which is on by default. This mode works in conjunction with UAC to stop most threats from becoming serious system stoppers. One last piece of advice for IE users, always know what ActiveX you are installing and always know what file you are downloading. The easiest way past IE's security is through you, the user, so don't just say yes to the pop-ups because you don't feel like reading them.

    Please take a look at this link as it will explain some of the best security add-ons for your browser: In-browser security

    One more way to increase IE9 security is through Tracking Protection Lists. You can download them from the link below. These third party lists act just like a "do not call" list, keeping your private data safe from the websites in the TPL.
    Internet Explorer 9 Tracking Protection Lists



    4. OpenDNS (Level: MEDIUM) – Third party DNS servers block malicious sites on the web and can perceptibly speed up your internet experience. When you type a URL into your browser's address bar or click a link on a website your "request" (request to load a new page) is redirected through Domain Name Servers. Think of it as a way for your browser to find a page, just like postal workers find your house by its address. This is not a forum for discussing the finer points of DNS.

    What OpenDNS does is redirects your requests through a third party server which is managed and updated to optimize speed and security. Using the OpenDNS server can keep you from visiting known malicious sites or keep malicious scripts from running. This is especially useful for multi-user environments because you can create an account and manage in more detail what sites your computers are allowed to visit (parental controls).

    This link takes you to their site which includes instructions for setting it up. OpenDNS | Internet Navigation And Security


    5. Safe Interenet Practices/Common Sense (Level: MEDIUM) – Almost nothing is as important as common sense when avoiding viruses. Sadly, common sense is difficult to teach, and I won't be able to sum up how to browse, download, chat, email, etc. safely in this already wordy guide. Do a personal online common sense test by asking yourself a question: "when my anti-virus software catches a virus, do I know where it came from?" If the answer is no, you need to actively be more careful and follow this guide closely.

    This guide is just a fraction of the knowledge and resources available, so it's a start, but don't stop here. Let me list a few good practices to follow when using the internet:


    1. If it's questionable in real life, it's probably the same online. Downloading illegal torrents, visiting shady sites, and looking for bomb-making information is an easy way to ask for a virus infection.
    2. Know what you're clicking on. This sounds very easy, but I have seen Ph.D-smart people get viruses because they said yes to a pop-up box. You have the time to read every pop-up, I promise.
    3. Maintain your computer. When you don't change the oil in your car, the engine dies. When you don't run regular maintainance on your computer, it becomes slow and vulnerable.
    4. Monitor all activity on your computer. If you're not the only user on your computer, make sure the other users are practicing safe internet habits too.
    5. Reach out and ask questions. It's ok not to know if a certain website is safe or if an email is a scam. Ask more knowledgable people or research the subject to find out if it is or not.


    6. Firewall (Level: LOW-MEDIUM) – Windows has a built in firewall that should be activated at all times. This safety measure is a good method for blocking communication on rarely used or unassigned ports, and usually notifies you when a program is trying to access the internet.

    If you prefer using third party firewalls, ZoneAlarm is tough to beat, but the free version is limited: ZoneAlarm Free Firewall - Free software downloads and software reviews - CNET Download.com


    7. Peerblocker (Level: LOW-MEDIUM) – This is a program that has the same idea as using a hosts file. You might find Peerblocker to be more user configurable than a hosts file if you're not used to editing text documents and playing around with IP addresses. It functions like a firewall, except it uses IP address checking instead of port checking. You can find it here: User Guide ? Peerblock Site


    8. Limited User Account (Level: LOW) – A limited user account (LUA) removes Administrative priviledges from your user account. Much of why you hear that Mac users don't have virus troubles is due to Apple's OS restricting user account actions right out of the box. In Windows, you can accomplish the same thing by setting up a limited or standard user account, which would require an administrator password to install programs and drivers, and perform other administrative actions.

    Viruses that depend on a user to install them will be thwarted by this security measure, but only if the user realizes that they didn't intend to install the virus in disguise. If you prefer having the ability to act as your own administrator and install programs without interruption, you may not want to use this measure. If you are unsure of what programs are good to install and what programs are bad, you may want to use LUA and give a more tech savvy person the administrator password. Accountability goes a long way in preventing mistakes.

    You need two separate user accounts to use LUA, one with administrative priviledges, and another with limited priviledges.


    9. Windows Update (Level: LOW) – Windows, as all software, was not created perfectly. Over time hackers and virus programmers discover holes in Windows code that can be exploited. Microsoft often issues critical updates to patch the holes and protect your system. Needless to say, if you're still running XP SP2 because it's your favorite, good luck. XP users can visit the Windows Update website to find the latest updates, and Vista and 7 users can see the updates from within Windows.

    You should never feel that it is too dangerous to run Windows Updates because you have heard stories of people losing all their files and not being able to boot after updating. Yes, this can happen, but if it does there is usually an easy way to fix it and get Windows running again without risking the loss of your files. Besides, the odds of Windows being corrupted when running updates correctly without interruption are very low.


    10. Ccleaner (Level: LOW) – This is a tool for securely deleting temporary files created by the operating system and web browsers. I find this free and lightweight tool very handy for keeping the operating system well maintained and virus free. As you use various programs in Windows and during your web browsing, Windows saves temporary files to your hard drive.

    For example, when you visit a website in your favorite browser, images, stylesheets, cookies and other various files can be downloaded into a temporary folder on your hard drive. The purpose of downloading them is to speed up future visits to that same website or other pages on the same website.

    Malware is like any other software in existence, so it needs a physical location to reside in, like the temporary files on your hard drive. Once the malware is saved to the temp folder, it has a chance to begin attacking your system files or program files, depending on the malware's behavior. Using Ccleaner to frequently and securely remove temporary files increases your chances of deleting malware before it can attack your system.

    To download Ccleaner, visit their website: Piriform - Download CCleaner, Defraggler, Recuva, Speccy - Millions of users worldwide!


    11. Adblock (Level: LOW) – Using an ad blocking service such as Adblock for Firefox or Chrome can eliminate any malware from attacking your system that comes from online advertising. This method isn't foolproof, as not all ads are blocked, and sometimes it may block necessary elements on the page you're viewing. Still, it's better than browsing the internet with all ads displayed. At any time if you wish to view a page's ads you can simply disable Adblock for that page or for all pages.

    Adblock Plus — for annoyance-free web surfing


    12. MVPS Hosts File (Level: LOW) – Flipfire clued me in to this, so credit where it's due. If you use the hosts file found at mvps.org, known bad sites will be blocked because Windows checks the hosts file before it redirects to the IP address. In other words, it's a behind the scenes malicious site blocker. More information can be found on their website: Blocking Unwanted Parasites with a Hosts File


    13. NoScript for Firefox (Level: LOW) – Javascript is pervasive on the internet, and probably every site you visit has some form of it. Unfortunately, malware can be executed through Javascript, so if you don't mind losing a little functionality this extension can help protect you online. It only applies to web browsing, so make sure it's not the only security measure you use. Visit the site here: NoScript - JavaScript/Java/Flash blocker for a safer Firefox experience! - what is it? - InformAction


    14. Data Encryption (Level: MEDIUM) – Encrypting the files on your hard drive or using a flash drive as an encryption key has the potential to slow down or stop hackers and keyloggers in their tracks. As long as you use a strong enough password, you can prevent someone from accessing files on your computer or plugging in a flash drive and transferring a nasty virus into your system.

    If you're one of those people who is paranoid about someone stealing your laptop or accessing your computer without permission, this would be a good idea for you to look into. Two programs get mentioned in this guide, although they are not the only options available. TrueCrypt is an open source project that has powerful tools for encrypting your hard drive, certain files, or even external drives. Use this program carefully, though. Forgetting the password or losing the drive you have your password saved to could lock you out of your own computer for good. TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux

    Encrypt Stick Free is a similar program. Meant to be used as a portable program only, it runs from a flash drive, locking your computer against someone who doesn't have the flash drive key. It's worth noting that neither of these programs are 100% tamper proof, but the time it would take even for an experienced hacker to gain access limits the likelihood that you will be targeted.

    Encrypt Stick Free | Encryption Download | PCWorld

    15. Use Cloud Storage (Level: High)
    If you use cloud storage, your files are stored on a location other than the hard drive of your computer. This is about as close to being virus proof as your files can be, aside from burning them to a removable media and hiding them in a safe. Cloud storage has its pros and cons, but as long as you can deal with needing internet to access your files and you don't mind a third party holding your files on their server, it should all be gravy.

    Free 7GB - Microsoft Cloud
    Free 5GB - Amazon Cloud
    Free 2GB - Dropbox
    Free 5GB - Box.com



    I would love to hear what you think and how any of these security measures has helped you keep your system virus free. Thanks for reading and participating.
     
  2. Lithus

    Lithus NBR Janitor

    Reputations:
    5,504
    Messages:
    9,788
    Likes Received:
    0
    Trophy Points:
    205
    While the things you list may be good security measures to implement, none of them are replacements to antivirus software. It's like telling a bank to hire a bunch of guards, but to leave their vault wide open.
     
  3. Anggrian

    Anggrian Notebook Evangelist

    Reputations:
    0
    Messages:
    341
    Likes Received:
    0
    Trophy Points:
    30
    that is great guide actually.. but in Windows, antivirus software is a must
     
  4. nikeseven

    nikeseven Notebook Deity

    Reputations:
    259
    Messages:
    786
    Likes Received:
    0
    Trophy Points:
    30
    Common sense/IT knowledge is a better defense than any antivirus. Between that and NoScript I've run 2 computers without antivirus for 6+ months without getting a virus.
     
  5. Matt is Pro

    Matt is Pro I'm a PC, so?

    Reputations:
    347
    Messages:
    2,179
    Likes Received:
    0
    Trophy Points:
    55
    While we here at NBR may have the "proper" IT knowledge and common sense, Joe Blow isn't necessarily going to have this.

    An anti-virus is much easier for the majority of users. Users, in general, do not care how or why it works, only that it does. This is why Norton and co are so successful: It just works.
     
  6. weinter

    weinter /dev/null

    Reputations:
    596
    Messages:
    2,798
    Likes Received:
    1
    Trophy Points:
    56
    Why don't you just spare a few clock cycles, to download MSE and be the end of it.
    Virtualisation is great but there are performance penalties and your virtual harddisk (file) is still prone to malware attack then you have to start all over again...
     
  7. NumLock

    NumLock Notebook Evangelist

    Reputations:
    38
    Messages:
    368
    Likes Received:
    1
    Trophy Points:
    31
    thanks for the great guide micman.

    Although the sad fact is that the average joe cannot comprehend all those points you have listed. That is why you see people buying MACs.
     
  8. Indrek

    Indrek Notebook Virtuoso

    Reputations:
    2,264
    Messages:
    2,116
    Likes Received:
    114
    Trophy Points:
    81
    XP Mode is mostly for solving compatibility issues. If you want to use a VM for security purposes, just Virtual PC will do. Though of course if you want to run an XP VM and qualify for XP Mode, the free licence you get is a nice bonus.

    You've misunderstood UAC. It's not there to make sure you don't perform an action you didn't mean to, it's there to make sure the computer doesn't perform a (possibly dangerous) action you didn't mean to. I see this a lot - people think of UAC as the computer demanding that they prove something, whereas it's actually the other way around.

    Also, UAC is triggered for any action that can potentially modify system settings or write to a protected location, not just running unsigned executables.

    Correct me if I'm wrong, but as of right now no other browser offers anything like IE's Protected Mode. I think Chrome has a similar model where it runs some (but not all) parts of the browser in low-integrity processes, and Firefox can be hacked into doing the same, but at least in this aspect they're still playing catch-up to IE (which has had this feature since IE7, by the way).

    Also, when talking about browser security, you should keep in mind protection against social attacks. IE has formidable defences here (InPrivate and SmartScreen filters), no worse than those of other browsers.
     
  9. micman

    micman Notebook Evangelist

    Reputations:
    242
    Messages:
    662
    Likes Received:
    119
    Trophy Points:
    56
    The page you linked to is for Virtual PC, which is exactly what I linked to as well. Unless I'm missing something, they are the same thing.

    I wasn't trying to define UAC, just to describe to users what it essentially does. I gave running unsigned executables as an example, not a complete definition. And yes, UAC stops the computer from performing an action you didn't intend, which would have to be the result of a user action in the first place, so exactly how is my explanation off? Isn't this the same as whether the chicken or the egg came first debate?

    I'll revise my browser section with a discussion on the proper use of IE, but my original intention was to point out that it "tends" to be the least secure out of the box. If you use InPrivate and SmartScreen filters or Protected Mode, yes it adds security. A lot of people don't use those features, they use it how it comes installed out of the box.

    Speaking of out of the box, did you know that roughly 30% of IE users are still using IE6? Source: Internet Explorer Dips Below 50% Market Share | ConceivablyTech

    You can also see that IE has a lot of security holes that are constantly being patched if you look around. Here is one recent example: Microsoft to fix 49 holes in Windows, IE, Office, and .NET | InSecurity Complex - CNET News
     
  10. Indrek

    Indrek Notebook Virtuoso

    Reputations:
    2,264
    Messages:
    2,116
    Likes Received:
    114
    Trophy Points:
    81
    I didn't link to anything, I just quoted your post.

    And no, they're not the same thing. Virtual PC is a program for running virtual machines, whereas XP Mode is a pre-configured virtual machine running Windows XP, with additional functionality for integrating it into your host OS' desktop.

    If everything that triggers UAC was the result of a user action, there would be no need for UAC at all. Unfortunately, that's not the case. Malware can exploit security holes in software to run without any action required on the user's part. UAC stops that, or at the very least makes you aware that something's happening on your computer. As always, it's up to the user to actually pay attention to the prompt and make an educated decision rather than blindly clicking Yes/Continue, but at any rate it's better than the malware automatically executing with the user's privileges.

    Out of the box, IE comes with Protected Mode enabled, and I'm pretty sure InPrivate Filtering and SmartScreen are enabled as well, or if not, you can easily enable them in the first run setup wizard.

    This doesn't justify a blanket statement that "IE is less secure". Modern versions of IE are significantly more secure than IE6, so any serious discussion about browser security should address them separately.

    Every browser has security holes that are constantly being patched. In addition, every browser plug-in has security holes that are constantly being patched. While there's some merit to comparing browsers' vulnerability histories, having a low exploit count in the past doesn't guarantee that nothing critical pops up in the future. Having an extra layer of protection like Protected Mode is a definite advantage IE has over its competition.
     
Thread Status:
Not open for further replies.

Share This Page