The Home User's Security Checklist for Windows
Rick Hellewell - from DigitalChoke.com

Last Updated  May 23, 2011 07:59 PM

This checklist and associated information will help keep your home computer safe from hackers and attackers. It will also help document things when they are working, so you can fix things when it gets broken.

Each of the links will show additional information in a new window. Print out that information if needed, and add it to your printed copy of this page. (The links will open new windows, and point to external web sites.)  I've gathered this information from many different sources; the original idea for this checklist was found at SecurityFocus.

We also have a "Simple Steps for Computer Security" checklist. It's the basic things that you need to do to keep your computer safe. We strongly suggest that you follow those steps for your computer. Then help your family and friends do the same thing.

Your To-Do List

  • Print out this page, then fill it in and keep it in a safe and secure place. (Print this)
  • Go through each item, and make sure you follow the recommendations (or have a good reason why you don't).
  • Use the links for more information, or do a Google search. Print out any information for reference.
  • Review this information monthly, and make changes as needed.
  • Tell all your friends and family about this page, because they also need to be secure.
  • Add this page to your "Favorites" list so you can check back
  • Send them this link so that they can get the latest information. (http://www.digitalchoke.com/daynotes/reports/homeuser.php)
  • Take a look at our "Simple Steps" -- then do them.

If you have suggestions for additional items or informational links, please send us mail here. Check back often for updates -- Click here to add this checklist to your "Favorites" list.

Windows

I am not running Windows as Administrator.
(Why shouldn't I run as Administrator?)
I picked a good and strong password to log in to Windows: ____________________.
(What are some rules for good passwords?)
I have an administrative-level user id with a strong password .  
I know how to log in as an administrator user,. and do it only when necessary.
 

Windows Update

Windows Update is set to automatically download and install updates from Microsoft.
(How do I set up Windows Update to run automatically?)
(alternative) I run Windows Update manually to download and install updates from Microsoft.
(How do I use Windows Update?)
(alternative) I run Windows Update manually every ____ days (if configured for manual updates)
(How do I use Windows Update?)
I use Windows XP, rather than older versions, because it it more secure.  
I use Windows XP, and have installed Service Patch 2. (Why should I install SP2?)
If I use Microsoft Office, I check Office Update for updates. Plus, I visit Office Update every _____ weeks.
(How do I use Office Update?)
I understand that Microsoft will never send out updates and patches, or announcements about updates and patches, via email (What is phishing?) (Where can I find out more about phishing?)

Anti-Virus

I have anti-virus software installed and running. My anti-virus software is made by this company: ________________. My anti-virus software's title is ____________________.
(Why do I need anti-virus software?)
My anti-virus software automatically updates itself every ______ days. My anti-virus software updates expire on this date: ____________________.  
My anti-virus software automatically scans my computer for viruses every ____ days  
I have my anti-virus software configured to check all files as they are saved to my hard disk or downloaded from the Internet.  
I have my anti-virus software configured to check for dangerous Internet activity.  
My anti-virus software automatically scans my IM (instant messaging) software.
(Why should anti-virus software scan IM software?)
I understand that some so-called viruses are actually hoaxes and I shouldn't worry about them. And I know where to find information about virus hoaxes. (What is a virus hoax? )

Internet

Before I connected to the Internet, I have enabled Windows XP firewall
(How do I enable the Windows XP firewall?)
I've tested my computer's connection to the Internet and my Firewall settings.
(How do I test my computer's connection to the Internet?) (Testing my firewall with "ShieldsUp")

Email

I've configured my email program securely.
(How do I configure my email program securely?)
If I use Outlook, I've configured it securely. (How do I configure Outlook securely?)
If I use Outlook Express, I've configured it securely. (How do I configure Outlook Express securely?)
I keep my preview pane closed. (Why should I close the preview pane?)
I know how to use email attachments securely.  
I have configured Windows to show all file extensions. (How do I configure Windows to show file extensions?)
I never open attachments unless I am expecting them.
(What are some good rules for opening email attachments?)
I never open attachments that are programs (files that end with .bat, .chm, .cmd, .com, .exe, .hta, .ocx, .pif, .scr, .shs, .vbe, .vbs, or .wsf), even if their icon looks safe.  
I never respond to spam, even to "unsubscribe".
(Why shouldn't I try to unsubscribe from spam?)
I understand that AOL, eBay, PayPal, my bank, and other Web sites related to my money will never send out requests for passwords, PINs, credit card numbers, my mother's maiden name, or other sensitive information via email.
(What is phishing?)

The Web

I've configured my Web browser (Internet Explorer, Netscape, Mozilla) securely.
(How do I configure my Web browser securely?)
I've tested my Web browser's security.
(How do I test my Web browser's security?)
I understand that advertisements on Web sites warning me that my computer can be hacked or fixed should be ignored; if I am concerned, I will ask someone knowledgeable.
(What are fake Web ads?)
When I buy online, I make sure that sensitive information is entered only on secure pages (https).
(How can I tell if a Web page is secure?)
If I have children that access the Internet, I have taught them how to be safe on-line. (Where can I get some on-line safety tips?)

Anti-Spyware

I have anti-spyware software installed and running. My anti-spyware software is made by this company: ____________________. My anti-spyware software's title is ____________________.
(What is spyware, and why should I be worried about it?)
My anti-spyware software automatically updates itself every _____ days (Some free anti-spyware programs: "Spybot Search and Destroy" and "Ad-Aware"[free version, also paid versions])
My anti-spyware software must be manually updated, and I know how to do that.  
I run my anti-spyware software every _____ days. (How can I tell if my computer has a spyware problem?)

My Home Network

I have a more than one computer at home, and they are connected via a network. My workgroup/network name is __________________ . My computer name is ____________________ .  
The other computers on my network have names of _______________________.  
My computer's IP address is issued automatically by my _______________ computer. My computer's IP address is ____________________ , with a netmask of _________________ and a gateway IP address of ____________________________ My other computers on my network have these values:
IP Address ___________________ _____________________ ____________________
Netmask ___________________ _____________________ ____________________
Gateway ___________________ _____________________ ____________________
 
My DHCP Server IP address is set Automatically, or
IP Addresses  ____________________  ___________________
 

Personal Firewalls

I have a personal firewall installed and running. My personal firewall software is made by this company: ____________________. My personal firewall's title is ____________________. (What's a personal firewall?)
I understand when to allow software to access the Internet and when to be suspicious.  
If there is a problem, I understand how to shut down all Internet activity using my personal firewall.  

Routers and High-Speed Connections

I have a "broadband" connection (DSL, cable modem), so I have a router/firewall installed and I use it.
(Why should I use a router/firewall? )
I have disabled administrative access to my firewall from outside my home network.  
I changed the default password on my router/firewall, to ____________________.
(What are some rules for good passwords?)
The IP address of my router is ____________________.
 
I have printed out all the settings of my router.

Additional concerns for wireless routers

I have a wireless router/firewall installed and I use it.
(Why should I use a router/firewall? )
I've configured my wireless router/firewall to use encryption (WEP or WPA).  
I'm using WEP, and my keys are ____________________, ____________________, ____________________, and ____________________.
(What is WEP? How do I configure WEP?)
I'm using WPA instead of WEP, and my key is ____________________.
(What is WPA? How do I configure WPA?)
I've changed my wireless router/firewall's SSID or ESSID, or disabled SSID/ESSID broadcast).
(What is an SSID or ESSID? How do I change my wireless router's SSID or ESSID?)

Miscellaneous

I have shared this important checklist with other members of my family and friends, so that they can be protected from attacks when connected to the Internet on their computer. (Click here to add this checklist to your "Favorites" list.)
I know what Mac OS X and Linux are, and I understand that these both have dramatically fewer viruses and spyware issues. I know that some people might also argue that these operating systems have a better security record than Windows, but I'll leave that to the experts to debate. Thanks for mentioning them, but I'm still going to run Windows.
(What's Mac OS X? What's Linux?)
(adapted from SecurityFocus and other sources)

Rick Hellewell -- August 12th, 2004, updated October 19, 2004

Our main site is at http://www.digitalchoke.com

More comments available on our "Daynotes" site: http://www.digitalchoke.com/daynotes. Your are invited to send your comments here.

Copyright © 2004 by Rick Hellewell, All Rights Reserved. Permission granted to reproduce in whole without editing, while providing attribution to the source document and the author. Limited excepts can also be referenced, with links to the original source document and the author. You can share only complete printed copies of this checklist.

The link to this document is below.

http://www.digitalchoke.com/daynotes/reports/home-checklist.php
Page views: