So far, Windows Vista can be considered the safest
operating system but not most perfect one. In its early configuration,
Vista still uncovers the possibility of leaking out the user's data to
Internet through Windows Firewall, or some bots which can change
settings without letting you know.
Consult the WINDOWS SECURITY CENTER
In
order to have an overview of security settings, come to Windows
Security Center where you can see the status of firewall system,
automatic updating, malware protection and other security settings.
Press "Start" - "Control Panel" - "Security Center", or simply click
the shield-shaped icon on the taskbar.
If there are any red or
yellow entries, it means that you are not completely protected. If you
have not installed antivirus software, for example, or the existing
antivirus program is expired, the "Malware" entry in Security Center
will be marked yellow. Windows does not integrate any antivirus
software so that you have to install yourself.
Use WINDOWS DEFENDER as a diagnosis device
Malware
entry in Security Center is also supposed to report the anti-spyware
capacity, and Vista depends on Windows Defender to do this job.
Although anti-spyware capacity in security or anti-virus utilities is
usually better than that of Windows, there are some good reasons to
maintain the existence of Windows Defender. One of those is that each
spyware utility uses a different definition to identify the spyware.
Therefore, an abundant protection sometimes brings about practical
benefit.
Another reason to keep Windows Defender in standby
status is diagnosis capacity. Click "Tools", select "Software
Explorer". Here you will find a list of all programs by category:
Currently Running Programs, Network Connected Programs and Winsock
Service Providers, but Startup Programs seems to be the most useful.
Click ant names in the left window, the full details will display on
the right. By checking any listed program, you can uninstall,
deactivate or reactivate that one.
Deactivate the Start Up
Windows
Vista monitors all documents and programs you generate in Start Up.
This is convenient for some users, but on the other hands, it can be
harmful for your privacy if the computer is shared in office or family.
Fortunately, Window Vista provides a simple way to change this setting.
The steps should be taken as follow:
Right-click the taskbar and select Properties, then select "Start Menu" tab
Uncheck "Store and Display a list of recently opened files"
Uncheck "Store and Display a list of recently opened programs"
Press OK.
2-way Firewall
Almost every PC is equipped
with Firewall software, currently. However, even when Security Center
states that you are protected, you might not be protected at all.
The
Windows Firewall function in Vista is able to "block" any input data
which can endanger system, and that is really a good thing.
Nevertheless, the off-line security function is not activated by
default, so that this may be a dangerous situation if some new harmful
software finds a way to break into your PC.
Microsoft has
equipped Windows Vista with tools to deploy 2-way firewall feature, but
finding these settings is a little complicated. In order to activate
2-way firewall feature of Windows Vista, press "Start", select "Run",
then type "wf.msc", then press "Enter". Click the icon of "Windows
Firewall with Advanced Security". This interface will display the
principles of monitoring system inbound/outbound information. Select
"Windows Firewalls Properties". You can see a dialog box containing
some tabs. For the profiles: Domain, Private and Public, you should
change the settings of "Block", then press "OK".
However, 2-way
firewall activation can prevent all the applications from connecting to
Internet. Therefore, before getting out of "Windows Firewall with
Advanced Security", scroll down, select "Outbound Rules" and "New
Rules" on the top right of the screen. Select "Program", on the next
screen. Then select the path for Internet Explorer, iTunes or some of
your applications requesting to connect to Internet. For each program,
on the next screen, select "Allow the Connection", then name each
principle/rule created. You will have to set a new rule for all
applications which have access to the Internet.
Besides, you can
use a firewall utility of third party such as Comodo Firewall Pro or
ZoneAlarm, which are all free and able to offer other features in
addition to firewall.
Close the doors to unexpected guests
If
you share your computer with others (even if you don't), Windows Vista
provides a good way to prevent unexpected guests from guessing your
password of admin account. When you create a new user and assign
someone to be admin (with full rights and authority), Windows Vista
allows other users to guess your selected password. The following steps
are to restrain the penetration of strangers:
Select "Start", type "Local Security Policy".
Press "Account Lockout Policy"
Select "Account Lockout Threshold"
At the prompt, fill the maximum allowed invalid log-on attempts (e.g.: 3).
Press "OK" and close the window.
Verify the attackers
With
proper Account Lockout policy, you can activate the feature of
verifying attempts to attack your account. In order to start verify the
invalid log-on, the steps are as follow:
Select "Start", type "secpol.msc, click "secpol" icon.
Press Local Policies then press "Audit Policy"
Right-click "Audit account logon events policy" option and select "Properties".
Check the dialog box "Failure" and press OK
Close "Local Security Policy" window.
Now, you can use Event Viewer feature (by typing the command:
eventvwr.msc) to view the log-on history recorded in Windows Logs and
Security.
INTERNET EXPLORER settings security
Windows
Security Center also has function of reporting if security status of
Internet Explorer 7 and Internet Explorer 8 is as required or not. If
the status is marked red, you should rapidly modify the IE settings
In the menu, select Tools, then select Internet Options
Select Security tab
Select Custom Level
Now you will see a window containing all
options relating to IE's security issue. If the options are lower than
required (can be changed by some malwares), those will be marked red.
To modify a setting, click the corresponding one. In order to reset the
original settings, press "Reset" button at the bottom of the tab. If
you want, you can change the general security settings of the browser
from Medium - High (by default) to High or Medium as required. Press
"OK" to save these changes
Use OPEN DNS
DNS (Domain Name
System) servers play the role of a telephone directory. When you type a
domain name dantri.com.vn, for example, in the address bar, Internet
Explorer will send the requirement of common domain name to DNS servers
of the your ISP, then these servers are supposed to transform the
character sequence to a string of numbers or an IP address. The DNS
servers have been attacked over the past few years because the hackers
have tried every possible way to redirect the common DNSs to the
servers which they can control. A solution to prevent this abuse is to
use Open DNS.
Click "Start" à "Control Panel" à "Network and Internet"
Select "Network and Sharing Center". Under the taskbars listed on
the left, select "Manage Network Connections". In the window of "Manage
Network Connections", follow these steps:
Right-click the icon of your network card
Select Properties.
Then select "Internet Protocol Version 4".
Click "Properties" in the next displayed screen.
Select "Use the following DNS server addresses".
Input 208.67.222.222 into the primary address
Input 208.67.220.220 into the secondary address
Press OK
Cohabit with USER ACCOUNT CONTROL
There is a
setting status that some users want it marked red. That is Vista's User
Account Control (UAC) - the controversial security function of Vista
operating system.
Designed to prevent the remote malware/spyware
from automatically installing or modifying system settings, UAC tends
to block legal installations by stopping the ongoing process with
unnecessary error messages. In Windows 7, you can set up UAC as you
want. Up to then, you will have more options.
There is an option
of invalidating UAC. However, you should consider this risky choice
because UAC can warn you of potential dangers. Instead, install Tweak
UAC - a free utility that allows you to turn on or turn off UAC and
simultaneously provides an intermediate "quiet" mode (this mode keeps
UAC on but suppresses administration elevation prompts). With TweakUAC
in "quiet" mode, UAC seem to be turned off to those who use
administration accounts, but those who use standard account will still
receive the warning messages.
Verify the results
By
modifying the security settings of Windows Vista, now you can monitor
the safety of system via System Health Report. This diagnosis tool
receives the input date from Performance and Reliability Monitor and
transforms them into a report with general information. To some extent,
this report can provides you with information of potential security
issues.
Open Control Panel.
Click System.
In Tasks list, select Performance (near the bottom of the list).
In resulting Tasks list, click Advanced tools (near the top of the list).
Click the last item on the resulting Task list: Generate a system health report.
This report will list any missing drivers which can cause errors,
reporting to you if the antivirus protection is installed or not, or if
the UAC is on or off. To make sure of the best condition of your Pc,
run this report monthly.
Article Source: http://EzineArticles.com/?expert=Dinh_Cong_Tuan
Comments for this post
