Basic steps to protection

(or How I protected myself and learned to love the Internet)

  1. Firefox: (Geek level: 3) The only thing that Internet Explorer (IE) should be used for is to download a more secure web browser! My favorite is Mozilla Firefox. It's faster, expandable and more secure than IE. You can find it here.
  2. Adblock: (Geek level: 4) This and the next five entries are add-ons for Firefox. Once you download and install Firefox, run it and then open the menu Tools > Add-ons. At the bottom of the Add-ons window you can click on the "Get Extensions" link where you can find this and other add-ons. "Ever been annoyed by all those ads and banners on the internet that often take longer to download than everything else on the page? Install Adblock Plus now and get rid of them." **
  3. PhishTank: (Geek level: 4) Firefox add-on (Tools > Add-ons > Get Extensions). PhishTank is a collaborative clearing house for data and information about phishing on the Internet. "PhishTank SiteChecker gives Firefox users a way to bring the community judgment of PhishTank (http://www.phishtank.com/) into their favorite browser, for extra protection against phishing..."
  4. SiteAdvisor: (Geek level: 4*) McAfee makes this add-on for Internet Explorer and Firefox It does it's job at search sites Google, Yahoo and MSN. "Our easy to use software for Internet Explorer and Firefox summarizes our safety results into intuitive red, yellow and green ratings to help Web users stay safe as they search, browse and transact online." You can find it here. Test it here.
  5. Hosts file: (Geek level: 6) Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS. This prevents access to the listed sites by redirecting any connection attempts back to the local machine. You can use a HOSTS file to block ads, banners, 3rd-party Cookies, page counters, web bugs, and even most hijackers. This is accomplished by blocking the connection that supplies these little gems. Changing this file will basically send references to bad sites into your computers "bit bucket." You can find a replacement HOSTS file here. Test it here.
  6. DNS: (Geek level: 7) Change the settings for your Domain Name System. There is a free DNS system called OpenDNS that will help block web sites that "phish" (pronounced "fish") your system for information. The bad guys do this by probing your computer for vulnerabilities, planting spyware, mis-leading, mis-directing and outright intimidation. You can find instructions for changing your settings here.
  7. Secunia Online Software Inspector: (Geek level: 3) or OSI, is a fast way to scan your PC for the most common programs and vulnerabilities, thus checking if your PC has a minimum security baseline against known patched vulnerabilities. Use the Secunia OSI to get a feel for the Secunia Software Inspector technology, then upgrade to the Secunia PSI or NSI, which covers practically all programs on your PC, whereas the OSI checks less than 100 programs.
  8. NoScript: (Geek level: 4) Firefox add-on (Tools > Add-ons > Get Extensions). This one will have settings that you can change on a per site basis and requires a more interaction from the user while browsing; the benefit is that web sites aren't allowed to do ANYTHING without your express permission.. "Winner of the '2006 PC World World Class Award', this tool makes Firefox the safest browser around." This add-on can be kind of a pain, so I don't recommend it for anyone except the most paranoid of users!
  9. CustomizeGoogle: (Geek level: 4) Almost all Web-based e-mail and other collaborative services just aren’t safe to use over public Wi-Fi. “If I sniff your [signal] and get all your cookies ... I now become you, I clone you.” The one exception is Google, and only if the CustomizeGoogle firefox extension is set to lock Gmail, Google Calendar, and Google Docs into requiring SSL encryption for their entire sessions.

Minimum configuration: Firefox with AdBlock, PhishTank and SiteAdvisor
Moderate configuration: the above plus Hosts file and OpenDNS
Best configuration: both of the above plus NoScript and and Secunia PSI

* Geek levels used:

  1. change wallpaper/screensaver
  2. find web sites and send email
  3. find and download software from web
  4. copy, move, rename, delete files on computer
  5. find "lost" and accidentally deleted files and folders
  6. friends call you for basic Windows help
  7. edit system files and change basic settings
  8. Computer hobbyist (pay for play); level 1 guru
  9. Computer Service Technician (play for pay); level 2 guru
  10. System Administrator, L33T-speaking Uber-geek! Level 3 guru

** A web site has sprung up complaining that AdBlock for Firefox works TOO well. He is telling people to go back to Internet Explorer (IE) or use a different browser, such as Opera, that doesn't have ad blocking abilities. Well, I say if it works so well that they whine about it... it's doing exactly what I want it to do! Isn't it? Needless to say, the users at Slashdot and Digg are amused. If you'd like to make Firefox tell web sites that it's IE, get the add-on User Agent Switcher (Geek level: 4). This add-on "Adds a menu and a toolbar button to switch the user agent of the browser."  (PS. I went to the site mentioned with IE and was told that my browser was Firefox and had been blocked by his site. Seems that the guy can't even tell the difference! Hahaha...)