Business-like, isn't he?



Business in Vancouver logo

    Seven steps to tightening your Internet security

    by  Alan Zisman (c) 2004 First published in Business in Vancouver August 10-16, 2004; issue 772 High Tech Office column

    My neighbourhood has seen more than its share of break-ins and car thefts. As a result, like many homeowners, we've spent time and money upgrading the locks on our doors, putting bars over our windows, and installing alarms. And we've learned that awareness of security is ongoing.

    Like East Vancouver, the Internet started out as a small, friendly community where people knew and trusted their neighbours. But times have changed. Recently, in setting a computer up for Internet access, I performed the digital equivalent of changing the locks and installing alarms.

    Here are the seven steps I took towards making it more secure:

    1. Downloaded and installed a firewall. The time it takes before a new computer online gets probed by hackers is now 15 seconds. A firewall blocks those probes. I installed Zone Alarm (, which will (unlike the firewall included with Windows XP) also inform you of any programs trying to "phone home." Be prepared for a period when you need to click to confirm multiple programs that you do want to allow online.
    2. Downloaded and installed antivirus software. Avast ( is free for home use (with registration). Set its options to update its virus database and core program quietly in the background.
    3. Downloaded and installed Mozilla's Firefox Web browser ( and let it set itself as the default browser and import Internet Explorer favourites. Since this computer will be using webmail sites for e-mail, I didn't bother replacing Outlook Express; otherwise, I might have installed Mozilla's Thunderbird e-mail program, which will import Outlook Express mail and settings and includes spam filtering.
    4. Ran Windows Update repeatedly until it no longer listed any "critical updates." (Note that Microsoft's Windows Update site will only work with Internet Explorer; using the Start Menu's Windows Update link will load that browser if you're using Firefox or some other browser).
    5. Downloaded and installed the free Spybot Search and Destroy (, choosing to install its Teatimer option, which lurks in the background, informing you when something is trying to change your PC's settings to load itself automatically. Again, be prepared for a series of warnings checking whether you really meant to install any new software you're adding. Run Spybot frequently to remove any spyware that might have slipped through.
    6. Visited Steve Gibson's Shield's Up website ( and downloaded and ran a series of tiny utilities, each of which shuts down a Windows security flaw: the DCOMbobulator, Shoot the Messenger, UnPlug 'n' Pray, and XPdite.
    7. Created a new user (using the User accounts control panel and the Computer Management Administrative Tool) with limited rights, making it more difficult to install software or change settings. I set the computer to log into that user account by default. (This can be done with Windows NT, 2000, or XP, but not Windows 95/98 or ME.)

    All of this took the better part of an evening, but at the end of it, I had a computer that could go online relatively safely. At least as long as anyone using the computer pays attention to the various warning messages.

    I did all this using free software; there are alternative programs to do the same things. For example Symantec's Internet Security Suite ($70) includes a good firewall, anti-virus software, spam filtering and spyware monitoring.

    Like securing my house, securing this Windows PC took time and requires an ongoing attention to security. Alternatively, I could pay a premium for fewer security issues by buying a Mac, or I could consider switching from Windows to Linux (the digital equivalent of moving to the country, where housing costs less and there's less crime, but you have to be prepared to do everything for yourself).

Search WWW Search

Alan Zisman is a Vancouver educator, writer, and computer specialist. He can be reached at E-mail Alan