The Home User's Security Checklist for Windows
Rick Hellewell - from DigitalChoke.com
Last Updated May 23, 2011 07:45 PM
This checklist and associated information will help keep your home computer safe from hackers and attackers. It will also help document things when they are working, so you can fix things when it gets broken. Each of the links will show additional information in a new window. Print out that information if needed, and add it to your printed copy of this page. (The links will open new windows, and point to external web sites.) I've gathered this information from many different sources; the original idea for this checklist was found at SecurityFocus. We also have a "Simple Steps for Computer Security" checklist. It's the basic things that you need to do to keep your computer safe. We strongly suggest that you follow those steps for your computer. Then help your family and friends do the same thing. Your To-Do List
If you have suggestions for additional items or informational links,
please send us mail
here. Check back often for updates -- |
|
Windows |
|
I am not running Windows as Administrator. |
(Why shouldn't I run as Administrator?) |
|
I picked a good and strong password to log in to Windows: ____________________. |
(What are some rules for good passwords?) |
|
I have an administrative-level user id with a strong password . |
|
|
I know how to log in as an administrator user,. and do it only when
necessary. |
|
Windows Update |
|
|
Windows Update is set to automatically download and install updates from
Microsoft. |
(How do I set up Windows Update to run automatically?) |
|
(alternative) I run Windows Update manually
to download and install updates from Microsoft. |
(How do I use Windows Update?) |
|
(alternative) I run Windows Update manually every ____ days (if configured
for manual updates) |
(How do I use Windows Update?) |
|
I use Windows XP, rather than older versions, because it it more secure.
|
|
|
I use Windows XP, and have installed Service Patch 2. |
(Why should I install SP2?) |
|
If I use Microsoft Office, I check Office Update for updates. Plus, I
visit Office Update every _____ weeks. |
(How do I use Office Update?) |
|
I understand that Microsoft will never send out updates and patches,
or announcements about updates and patches, via email |
(What is phishing?) (Where can I find out more about phishing?) |
Anti-Virus |
|
|
I have anti-virus software installed and running. My anti-virus software
is made by this company: ________________. My anti-virus software's title
is ____________________. |
(Why do I need anti-virus software?) |
|
My anti-virus software automatically updates itself every ______ days.
My anti-virus software updates expire on this date: ____________________.
| |
|
My anti-virus software automatically scans my computer for viruses every
____ days |
|
|
I have my anti-virus software configured to check all files as they are
saved to my hard disk or downloaded from the Internet. |
|
|
I have my anti-virus software configured to check for dangerous Internet
activity. |
|
|
My anti-virus software automatically scans my IM (instant messaging)
software. |
(Why should anti-virus software scan IM software?) |
|
I understand that some so-called viruses are actually hoaxes and I shouldn't
worry about them. And I know where to find information about virus hoaxes. |
(What is a virus hoax? ) |
Internet |
|
|
Before I connected to the Internet, I have enabled Windows
XP firewall |
(How do I enable the Windows XP firewall?) |
I've tested my computer's connection to the Internet and my Firewall
settings. |
(How do I test my computer's connection to the Internet?) (Testing my firewall with "ShieldsUp") |
|
I've configured my email program securely. |
(How
do I configure my email program securely?) |
|
If I use Outlook, I've configured it securely. |
(How
do I configure Outlook securely?) |
|
If I use Outlook Express, I've configured it securely. |
(How
do I configure Outlook Express securely?) |
|
I keep my preview pane closed. |
(Why should I close the preview pane?) |
|
I know how to use email attachments securely. |
|
|
I have configured Windows to show all file extensions. |
(How
do I configure Windows to show file extensions?) |
I never open attachments unless I am expecting them. |
(What are some good rules for opening email attachments?) |
|
I never open attachments that are programs (files that end with .bat,
.chm, .cmd, .com, .exe, .hta, .ocx, .pif, .scr, .shs, .vbe, .vbs, or
.wsf), even if their icon looks safe. |
|
|
I never respond to spam, even to "unsubscribe". |
(Why shouldn't I try to unsubscribe from spam?) |
|
I understand that AOL, eBay, PayPal, my bank, and other Web sites related
to my money will never send out requests for passwords, PINs, credit
card numbers, my mother's maiden name, or other sensitive information
via email. |
(What is phishing?) |
The Web |
|
|
I've configured my Web browser (Internet Explorer, Netscape, Mozilla)
securely. |
(How do I configure my Web browser securely?) |
|
I've tested my Web browser's security. |
(How do I test my Web browser's security?) |
|
I understand that advertisements on Web sites warning me that my computer
can be hacked or fixed should be ignored; if I am concerned, I will ask
someone knowledgeable. |
(What are fake Web ads?) |
|
When I buy online, I make sure that sensitive information is entered
only on secure pages (https). |
(How can I tell if a Web page is secure?) |
|
If I have children that access the Internet, I have taught them how to be safe on-line.
|
(Where can I get some on-line safety tips?) |
Anti-Spyware |
|
|
I have anti-spyware software installed and running. My anti-spyware software
is made by this company: ____________________. My anti-spyware software's
title is ____________________. |
(What is spyware, and why should I be worried about it?) |
|
My anti-spyware software automatically updates itself every _____ days |
(Some free anti-spyware programs: "Spybot Search and Destroy" and "Ad-Aware"[free version, also paid versions]) |
|
My anti-spyware software must be manually updated, and I know how to
do that. |
|
|
I run my anti-spyware software every _____ days. |
(How can I tell if my computer has a spyware problem?) |
My Home Network |
|
|
I have a more than one computer at home, and they are connected via a
network. My workgroup/network name is __________________ . My computer
name is ____________________ . |
|
|
The other computers on my network have names of _______________________. |
|
|
My computer's IP address is issued automatically by my _______________
computer. My computer's IP address is ____________________ , with a netmask
of _________________ and a gateway IP address of ____________________________
My other computers on my network have these values: IP Address ___________________ _____________________ ____________________ Netmask ___________________ _____________________ ____________________ Gateway ___________________ _____________________ ____________________ |
|
|
My DHCP Server IP address is set Automatically, or IP Addresses ____________________ ___________________ |
|
Personal Firewalls |
|
|
I have a personal firewall installed and running. My personal firewall
software is made by this company: ____________________. My personal firewall's
title is ____________________. |
(What's a personal firewall?) |
|
I understand when to allow software to access the Internet and when to
be suspicious. |
|
|
If there is a problem, I understand how to shut down all Internet activity
using my personal firewall. |
|
Routers and High-Speed Connections |
|
|
I have a "broadband" connection (DSL, cable modem), so I have
a router/firewall installed and I use it. |
(Why should I use a router/firewall? ) |
|
I have disabled administrative access to my firewall from outside my
home network. |
|
|
I changed the default password on my router/firewall, to ____________________. |
(What are some rules for good passwords?) |
|
The IP address of my router is ____________________. |
|
|
I have printed out all the settings of my router. |
|
Additional concerns for wireless routers |
|
|
I have a wireless router/firewall installed and I use it. |
(Why should I use a router/firewall? ) |
|
I've configured my wireless router/firewall to use encryption (WEP or
WPA). |
|
|
I'm using WEP, and my keys are ____________________, ____________________,
____________________, and ____________________. |
(What is WEP? How do I configure WEP?) |
|
I'm using WPA instead of WEP, and my key is ____________________. |
(What is WPA? How do I configure WPA?) |
|
I've changed my wireless router/firewall's SSID or ESSID, or disabled
SSID/ESSID broadcast). |
(What is an SSID or ESSID? How do I change my wireless router's SSID or ESSID?) |
Miscellaneous |
|
|
I have shared this important checklist with other members of my family
and friends, so that they can be protected from attacks when connected
to
the Internet on their computer. |
( Click
here to add this checklist to your "Favorites" list.) |
|
I know what Mac OS X and Linux are, and I understand that these both
have dramatically fewer viruses and spyware issues. I know that some
people might also argue that these operating systems have a better security
record than Windows, but I'll leave that to the experts to debate. Thanks
for mentioning them, but I'm still going to run Windows. |
(What's Mac OS X? What's Linux?) |
(adapted from SecurityFocus and other sources) |
|
Rick Hellewell -- August 12th, 2004, updated October 19, 2004
Our main site is at http://www.digitalchoke.com
More comments available on our "Daynotes" site: http://www.digitalchoke.com/daynotes. Your are invited to send your comments here.
Copyright © 2004 by Rick Hellewell,
All Rights Reserved. Permission granted to reproduce in whole without editing,
while providing attribution to the source document and the author. Limited
excepts can also be referenced, with links to the original source document
and the author. You can share only complete printed copies of this checklist.
The link to this document is below.
Page views: