This checklist and associated information will help keep your home computer safe from hackers and attackers. It will also help document things when they are working, so you can fix things when it gets broken.
Each of the links will show additional information in a new window. Print out that information if needed, and add it to your printed copy of this page. (The links will open new windows, and point to external web sites.) I've gathered this information from many different sources; the original idea for this checklist was found at SecurityFocus.
We also have a "Simple Steps for Computer Security" checklist. It's the basic things that you need to do to keep your computer safe. We strongly suggest that you follow those steps for your computer. Then help your family and friends do the same thing.
Your To-Do List
- Print out this page, then fill it in and keep it in
a safe
and secure place. (Print this)
- Go through each item, and make sure you follow the recommendations (or have a good reason why you don't).
- Use the links for more information, or do a Google search. Print out any information for reference.
- Review this information monthly, and make changes as needed.
- Tell all your friends and family about this page, because they also need to be secure.
- Add this page to your "Favorites" list so you can check back
- Send them this link so that they can get the latest information. (http://www.digitalchoke.com/daynotes/reports/homeuser.php)
- Take a look at our "Simple Steps" -- then do them.
If you have suggestions for additional items or informational links,
please send us mail
here. Check back often for updates -- 
Click
here to add this checklist to your "Favorites" list.
Windows
I am not running Windows as Administrator.
I picked a good and strong password to log in to Windows: ____________________.
I have an administrative-level user id with a strong password .
I know how to log in as an administrator user,. and do it only when
necessary.Windows Update
Windows Update is set to automatically download and install updates from
Microsoft.
(alternative) I run Windows Update manually
to download and install updates from Microsoft.
(alternative) I run Windows Update manually every ____ days (if configured
for manual updates)
I use Windows XP, rather than older versions, because it it more secure.
I use Windows XP, and have installed Service Patch 2.
If I use Microsoft Office, I check Office Update for updates. Plus, I
visit Office Update every _____ weeks.
I understand that Microsoft will never send out updates and patches,
or announcements about updates and patches, via emailAnti-Virus
I have anti-virus software installed and running. My anti-virus software
is made by this company: ________________. My anti-virus software's title
is ____________________.
My anti-virus software automatically updates itself every ______ days.
My anti-virus software updates expire on this date: ____________________.
My anti-virus software automatically scans my computer for viruses every
____ days
I have my anti-virus software configured to check all files as they are
saved to my hard disk or downloaded from the Internet.
I have my anti-virus software configured to check for dangerous Internet
activity.
My anti-virus software automatically scans my IM (instant messaging)
software.
I understand that some so-called viruses are actually hoaxes and I shouldn't
worry about them. And I know where to find information about virus hoaxes.Internet
Before I connected to the Internet, I have enabled Windows
XP firewall
I've tested my computer's connection to the Internet and my Firewall
settings.
I've configured my email program securely.
If I use Outlook, I've configured it securely.
If I use Outlook Express, I've configured it securely.
I keep my preview pane closed.
I know how to use email attachments securely.
I have configured Windows to show all file extensions.
I never open attachments unless I am expecting them.
I never open attachments that are programs (files that end with .bat,
.chm, .cmd, .com, .exe, .hta, .ocx, .pif, .scr, .shs, .vbe, .vbs, or
.wsf), even if their icon looks safe.
I never respond to spam, even to "unsubscribe".
I understand that AOL, eBay, PayPal, my bank, and other Web sites related
to my money will never send out requests for passwords, PINs, credit
card numbers, my mother's maiden name, or other sensitive information
via email. The Web
I've configured my Web browser (Internet Explorer, Netscape, Mozilla)
securely.
I've tested my Web browser's security.
I understand that advertisements on Web sites warning me that my computer
can be hacked or fixed should be ignored; if I am concerned, I will ask
someone knowledgeable.
When I buy online, I make sure that sensitive information is entered
only on secure pages (https).
If I have children that access the Internet, I have taught them how to be safe on-line.
Anti-Spyware
I have anti-spyware software installed and running. My anti-spyware software
is made by this company: ____________________. My anti-spyware software's
title is ____________________.
My anti-spyware software automatically updates itself every _____ days
My anti-spyware software must be manually updated, and I know how to
do that.
I run my anti-spyware software every _____ days.My Home Network
I have a more than one computer at home, and they are connected via a
network. My workgroup/network name is __________________ . My computer
name is ____________________ .
The other computers on my network have names of _______________________.
My computer's IP address is issued automatically by my _______________
computer. My computer's IP address is ____________________ , with a netmask
of _________________ and a gateway IP address of ____________________________
My other computers on my network have these values:IP Address ___________________ _____________________ ____________________
Netmask ___________________ _____________________ ____________________
Gateway ___________________ _____________________ ____________________
My DHCP Server IP address is set Automatically, orIP Addresses ____________________ ___________________
Personal Firewalls
I have a personal firewall installed and running. My personal firewall
software is made by this company: ____________________. My personal firewall's
title is ____________________.
I understand when to allow software to access the Internet and when to
be suspicious.
If there is a problem, I understand how to shut down all Internet activity
using my personal firewall.Routers and High-Speed Connections
I have a "broadband" connection (DSL, cable modem), so I have
a router/firewall installed and I use it.
I have disabled administrative access to my firewall from outside my
home network.
I changed the default password on my router/firewall, to ____________________.
The IP address of my router is ____________________.
I have printed out all the settings of my router. Additional concerns for wireless routers
I have a wireless router/firewall installed and I use it.
I've configured my wireless router/firewall to use encryption (WEP or
WPA).
I'm using WEP, and my keys are ____________________, ____________________,
____________________, and ____________________.
I'm using WPA instead of WEP, and my key is ____________________.
I've changed my wireless router/firewall's SSID or ESSID, or disabled
SSID/ESSID broadcast). Miscellaneous
I have shared this important checklist with other members of my family
and friends, so that they can be protected from attacks when connected
to
the Internet on their computer.Click
here to add this checklist to your "Favorites" list.)
I know what Mac OS X and Linux are, and I understand that these both
have dramatically fewer viruses and spyware issues. I know that some
people might also argue that these operating systems have a better security
record than Windows, but I'll leave that to the experts to debate. Thanks
for mentioning them, but I'm still going to run Windows.