After weeks of media-fueled hullabaloo about DNSChanger all but dooming the Internet — what actually happened as July 9 came and went was even less than Y2K-bug worthy — it’s worth pausing to reflect on why some were infected with the Domain Name Service malware and others weren’t.
Most of you, like me, didn’t contract DNSChanger, just as you probably don’t find yourself often engaging in life or death battles with malware, ever-threatening your volatile data’s viability. That’s because you’ve already scooped out your digital moat and lined up your virtual semaphores to keep your computing redoubt as well-fortified as today’s tech allows.
This, with affection, is for the rest of us: the ones who still use “password” as their password for anything, or run their wireless networks like public swimming pools.
Are you running security software? Let’s get the forehead-smacking obvious one out of the way. Most computers that aren’t sold by a certain Cupertino-based company come with preinstalled antivirus utilities, but don’t assume you’re in the clear just because someone put a security vendor sticker on your desktop or laptop’s chassis. Is the tool active? Is it set to autoupdate? Has it been autoupdating?
Yes, most security software falls under the “fire and forget” column, but it’s worth taking a look anyway, just to be sure. When was the last time your antivirus checker updated? That it fully scanned your local drives? If it’s been awhile, has something interfered with its ability to? A router or firewall tweak? Has another user of the computer disabled your security software for some reason, say to get a game working?
Here are some steps to take if you don’t have security software installed:
If you’re a Windows user, Microsoft maintains a list of Windows 7-compatible antivirus vendors, many of them free. And if you’re running older versions of Windows, Microsoft has separate vendor listings for Windows 8 (beta), Windows Vista and — though it’s over a decade old — Windows XP.
Linux users, we’re not forgetting you: Check out Avast! Linux Home Edition or AVG Free Edition for Linux or Bitdefender Antivirus Scanner for Unices (though the very fact that you’ve taken the time to learn how to install Linux suggests you’re the sort of person who’d never run a computer unsecured).
If you have a Mac, you’re not off the hook (you never were, really) and also probably the most likely to be running unsecured, thanks to years of Mac-mythology and Apple marketing contributing to it. Go, as soon as possible, to any of a handful of vendors that offer free antivirus Mac utilities, like Sophos Anti-Virus for Mac Home Edition or iAntivirus by Norton.
And if you want the long list of security software options, Wikipedia maintains a table of international antivirus vendors, sortable by operating system, features, cost, country of manufacture, etc. (with obligatory caveats about Wikipedia’s potential inaccuracies and/or datedness).
Is your computer’s firewall enabled? Your firewall is your computer’s virtual border patrol, checking incoming information (or in some cases, exiting) and either blocking or allowing that information to pass based on your settings. Firewalls aren’t impregnable, but they’re your first line of defense against malware or hacker-related attacks. Leaving them off, whether gaming or simply browsing the web, is a very bad idea.
Windows users, you’re the least likely to run afoul of this principle, since Microsoft’s Security Center won’t stop complaining about its default firewall being disabled (it’s enabled by default on newer versions of Windows, so if it’s off, chances are someone turned it off for some reason).
If you want finer control over your firewall, the days of must-have third-party utilities have come and gone since Microsoft started providing an inbuilt firewall with Windows, but there’s still stuff like ZoneAlarm Free Firewall, Comodo Firewall, or PrivateFirewall to consider, especially if you want to fiddle with how your firewall regulates outbound connections like those originating from your computer.
On Macs, the firewall is bizarrely disabled by default, and Apple doesn’t bother reminding you to turn it on (nor, in my experience, do any of the third-party OS X-based security utilities). I’ve on occasion forgotten myself, when reinstalling OS X, to start up the firewall. If you’ve never checked, it’s time to do so by visiting OS X’s “Security & Privacy” preference pane (under “System Preferences”). You’ll want to make this one of your first stops after buying a new Mac, or when reinstalling the operating system. And if you feel like sending a stern (but diplomatic!) note to Apple asking them to rectify this in future versions, you can do so here.
Note that while your Internet connection (provided by your ISP) probably has its own firewall enabled by default, it’s no reason to disable your computer’s, especially if you’re using a laptop, or connected via a wireless network.
Get the latest OS-level security updates, then make sure you’ve installed them. These are the periodic operating system-level updates released to patch bugs or innate vulnerabilities in an operating system’s underlying architecture (including applications, like browsers). The nagging can sometimes be annoying, but they’re not distributed without reason, and both Apple and Microsoft are doing so these days.
It’s not only important that you’ve downloaded the latest patches, but that you’ve also installed them. I’ve seen legions of computers over the years that sit or weeks or months with patches or updates downloaded and at the ready, but which, for one reason or another, haven’t been rebooted to apply or pick up the changes. Mac users in particular are vulnerable here, since OS X nags much less often than Windows when an update’s ready to roll.
Secure your network. If your router’s firewall isn’t enabled, enable it. If you’re running a wireless network, enable wireless security (I’m still seeing unsecured Wi-Fi devices using default network names like “Linksys” in my neighborhood).
If, for some reason, you’re still running the easily cracked WEP wireless security protocol, switch to the far more secure WPA2 (do this manually and pass on Wi-Fi Protected Setup, which has security flaws — in fact you should disable the latter feature if it’s enabled). See your router’s manual for instructions on how to do this, or contact the manufacturer (or your ISP, if they provided the router) for help.
You might also consider filtering Wi-Fi connections by MAC address, the unique hardware identifier associated with your computer’s network card. And keep tabs on what’s been connecting to your network via your router’s security logs.