Do not run programs from unknown sources, especially the ones you get from email. In Windows, running a hostile .vbs, .exe or .com usually gives the attacker superuser access to victim system, bypassing all security. In Linux, a hostile application can take over a single user, but other users of the same system are still safe.
All software contains bugs, and software from certain company from Redmond contains a lot of serious bugs. System without security updates can be cracked with tools available freely from the internet.
In Windows, updating is done by browsing to http://windowsupdate.microsoft.com with Internet Explorer. Accept Microsoft security sertificate, install all security updates. Accepting licenses, clicking "next" many times and rebooting computer are normal parts of Windows update. Windows also needs an up to date virus scanner and virus database.
In Linux, use apt or yum. With yum, all your software is updated to latest versions when you are not using your computer. Linux security is superior to Windows, and no virus checker is needed.
Firewall limits access to your computer from the internet. A workstation firewall blocks all traffic not initiated by the user.
For Windows, install a firewall such as Kerio Personal Firewall (more features, harder to use) or Zonealarm (simple, ugly graphics, easy).
Most Linux distributions, such as redhat, come with iptables firewall. For example, in Red Hat installation, network security, choose "Security level:High", leave other settings to their defaults.
Encrypting means using secret language to transfer data. Computers do this automatically, when you use the right software. You should allways encrypt your traffic, or else anyone on the route can see your passwords and personal files. The most important security tools are GnuPG and SSH. Many countries think they are weapons and try limit their export and import.
For Windows, use putty ssh client to connect to kyyppari in text mode. For graphical file transfer, use WinSCP.
Linux distributions come with ssh. Use ssh k12345@ky.hkkk.fi
to connect to kyyppari, scp k1234@ky.hkkk.fi: .
to copy everything from kyyppari home directory to your computer. GFTP can transfer files graphically, just enable FTP:Options:Ssh:Use ssh2 subsystem.
Encrypting email is best done with GnuPG, gnupg.org. Graphical frontends are available for both Windows (WinPT) and Linux.
Backup your documents, mostly the stuff that you made yourself. Backing up a workstation is easiest with a CD-R burner.
In addition to clearly hostile software, there are many buggy ones that can leave security holes for attackers. Such problem software includes MS Internet Information Server and MS Outlook. Some software secretly monitors your computer usage, such as RealPlayer or Bonzi buddy. These should be avoided, even though it is not yet possible in all firms to work without Outlook or RealPlayer.
Don't run all the crap you get from email, update your system, use a firewall, encrypt and backup. By following the guidance above, even a Windows computer can be relatively safe. If security is really close to your heart, upgrade to Linux.
Copyright 2003-07-17 Tero Karvinen. GNU Free Documentation License. XHTML Basic 1.0