The steps to safeguarding your computer make more sense when you understand the nature of the threats you’re dealing with. Here’s the Internet’s Seven Most Wanted:

Sadly, computers were a lot safer before people figured out how to link them into the giant network called the Internet. Although viruses dominate today’s technology news, they first appeared on PCs in 1986. Back then, just about the only way a virus could travel from one desktop computer to another was on an infected floppy disk. So although viruses have been around for a couple of decades, it took the Internet to make them truly dangerous.

Nowadays, malicious programs can email themselves to everyone in your Windows computer’s address book before you know it. They can secretly transmit information about your shopping and surfing habits back to unseen companies and pepper your screen with advertisements. A particularly virulent outbreak of nasty programming code can even crash Windows computers and grind the Internet to a halt.

Viruses, worms, and their ilk usually hitch rides on email messages sent from infected computers (whose owners probably have no idea they’re infected). Or perhaps yet another angry, frustrated programmer launches a mass mailing of malicious code in a desperate cry for attention.

Fortunately, plenty of antivirus programs can swat down pestware before it has a chance to infest your PC. A good antivirus program also screens your mail for you. (A decent junk mail or spam filter on your email program can isolate messages emailed to a ton of people. See Section 14.4.3 for more on how to activate the built-in spam filters you may already have in your email program.)

Many antivirus programs act like sentinels, performing real-time monitoring of your computer as you use it. These programs do things like check incoming email for infected attachments and screen CDs and other removable drives for evil code. You can also run periodic scans that sweep your entire system looking for viruses.

Every virus has its own telltale signature or pattern, sort of like the computer equivalent of a dirty fingerprint, that can be used to identify the malicious code. Antivirus programs keep a library of these virus patterns and use them to identify any viruses that may be lurking on, or about to enter, your computer. If the antivirus program finds a virus, it zaps it off your hard drive. To protect against the new viruses released into the wild every week, the antivirus program grabs updates from its manufacturer’s virus patterns library. Figure 21-1 shows an automatic update in progress.

Figure 21-1. As Trend Micro PC-cillin Internet Security suite updates itself with a fresh batch of virus definitions, you can watch its progress. Antivirus software usually checks for updates automatically, so you don’t have to worry about downloading them manually.

These pattern updates are also called antivirus subscriptions. After a year of use, your antivirus program will likely start popping up alert boxes, reminding you to renew your subscription so you can keep getting updates. You may resent having to pony up $25 or $30 again, even though you paid $40 or $50 dollars for the software in the first place. But it costs the manufacturer money to update the pattern files as new viruses appear, and those files are what keep your PC virus-free throughout the year.

Depending on your PC manufacturer, you may be able to buy antivirus software separately or, for around $20 more, as part of an Internet security suite. These security suites, which range in price from about $50 to $70, offer protection from an assortment of Internet hazards. In addition to antivirus protection, you get firewall software (Section 21.6.2) to shield your machine from Internet intruders, spam filters to weed out junk mail from real messages (Section 14.5.1), spyware stompers to block sneaky programs from running around on your PC (Section 21.3), and other components that turn your computer into a wellguarded fortress.

An unprotected Windows PC can be invaded and infected after less than 15 minutes on the Internet. Security software is an absolute necessity for safe computing. In fact, your new computer may have included a trial version of security software. But if you have to shop for your own software bodyguard, here are some popular options:

In most cases, once you install your antivirus or security program, your work is done. Companies usually design antivirus software to start protecting your computer automatically, right out of the box. But you’re free to adjust the program’s settings if you feel the antivirus program is doing too much or too little. For example, if the automatic update window always seems to pop up while you’re working, you can change the schedule to another time. Or if you’re super paranoid, you can have it check for virus pattern updates more frequently.

Spyware often arrives on your machine nestled inside the installer files for free software you download from the Internet—a game or file-sharing program, for example. Unfortunately for Windows fans, your operating system is spyware’s prime target. Some spyware hogs your computer’s processor, slowing it to a crawl and even causing other programs to crash. More belligerent types of spyware and overly aggressive adware give new meaning to the word nuisance—constantly changing your browser’s home page, adding unwanted bookmarks, or pestering you with pop-up ads. And as it transfers information about you across the Internet, spyware can even create holes in your computer’s security.

Sadly, it was probably you—yes, you—who let that spyware onto your computer in the first place. If you’re like most people, you probably never read all the fine print on that dreary screen of legalese that you have to click through every time you install new software. But if you’d read the user agreement, you may have seen that you were agreeing to allow the software’s maker to monitor and collect information about your computer or Web-surfing habits. (Some spyware is so sneaky, though, that it may not even come with a legal agreement; it will just slither onto your PC without announcing itself.)

Here’s a representative bit of creepy fine-print legalese, whereby you install a program: “…in exchange for your agreement to also install ad-serving software, which will display pop-up, pop-under, and other types of ads on your computer based on the information we collect as stated in this Privacy Statement.”

Needless to say, you don’t need a Harvard law degree to see that this software is going to flood your screen with pop-up advertisements. Unless you want a screen full of ads, click the “I don’t accept” box on the user-agreement screen or cancel the software installation (which probably happens anyway if you reject the user agreement).

Trying to pry spyware off your system if you’ve gone ahead and installed it can be an exercise in frustration. If you try to uninstall it with the Windows Add/ Remove control panel (Start → Control Panel → Add or Remove Programs), you’ll find that it reappears the next time you start your PC. (Technically, that’s because it’s buried a backup copy of itself somewhere on your hard drive or added multiple entries for itself in your Windows registry file.)

Yanking out the spyware may also cause that free game or program you wanted in the first place to stop working, but you may not even care about that by then because you just want your computer back. Whatever your current relationship with spyware is, you may want to look into a rising new category of protective programs: antispyware software.

Most of the Internet security suites mentioned in Section 7.2.2.1 include protection against spyware infestation. But if antispyware is all you need, here are a few to consider for your Windows PC:

At this writing, " Macintosh spyware” is still an oxymoron. If you’re worried that the Mac’s freedom from spyware may one day change, though, antispyware software companies are only too happy to take your money.

For example, SecureMac (www.securemac.com) has the latest news on every known Mac security issue and how to deal with it. The news and information are free, but SecureMac also sells its own antispyware program—MacScan. For $25, it promises to remove Trojan horses, spyware, and other Mac attackers.

The cookies that Web sites silently and invisibly deposit on your hard drive are usually as sweet and harmless as they sound. These tiny text files are preference-setting files for individual Web sites. When Amazon.com greets you with “Welcome, Casey!” (or whatever your name is), or when NYTimes.com gives you access to the special, fee-only articles you’ve paid for, you know they’ve stored a cookie on your hard drive so they can recognize you when you return.

But when an advertiser on a Web site gives your computer a cookie, it does you no good at all. Called third-party or tracking cookies, these text files benefit only the advertiser. As long as you carry that cookie, the advertiser can keep track of your surfing habits. When you visit one of its affiliated Web sites, the company can use that information to show you ads likely to tempt you into clicking. If you think tracking cookies are an invasion of your privacy, you’re not alone.

Fortunately, Web browsers have no trouble spotting—and refusing—third-party cookies. You simply set your browser to block cookies that come from sites other than the one you’re visiting. To change your cookie settings, proceed like this:

Phishing is the 21st-century version of a tired old con. You get an email message from eBay (or PayPal, or your credit card company, ISP, or bank) urging you to update or correct your account information. There’s even a link considerately offering to take you to the form you need to fill out. Should you do it? Well, would you let a stranger into your house just because he’s carrying a clipboard and says the gas company needs to check your furnace?

In a word, no. Don’t even think about it. Don’t click any links in the email body. Don’t reply to the message or attempt to contact the sender. Even if the email address or URL looks like it’s from a legitimate company—PayPal, Visa Card Services, or whatever—it never is. These links redirect you to a different Web site, a phony one, set up by the perpetrators to rob you of your passwords, credit card numbers, and even your identity. The perpetrator is just fishing for your personal information (get it?). Unfortunately, these scams go on year after year because people keep falling for them.

As phishing has gotten more sophisticated, software to combat it has also stepped up. Some Internet security suites (like Trend Micro) now include phishing protection. Newer email programs like Mozilla Thunderbird even alert you to suspicious messages (Figure 21-3). The latest browsers, including Internet Explorer 7, also let you know, with all the subtlety of a sledgehammer, when you’ve visited a Web site that’s not what it pretends to be.

Figure 21-3. Phishing lures are cast far and wide around the Internet. Fortunately, newer email programs like Thunderbird are equipped to help you spot scams. Look at the warning bar across the top of this phishy email message. For more tips on managing email, see Chapter 14.

There’s a simple way to avoid phishing altogether: Never, ever give a Web site personal information like Social Security numbers, account numbers, or passwords unless you initiated the communication. Ignore any email that asks you to supply personal or financial information. If a legitimate company needs to contact you, it will send you a letter or wait until the next time you log into your account.

Believe it or not, there are even more bad things that can happen when you’re online. Total strangers, next door or in Eastern Europe, can connect to your Windows PC, invisibly take control of it, and turn it into, for example, a relay station that helps them pump out millions of pieces of spam (junk email) every day. You might notice that your PC has slowed down, and you might not. But you’ve just become part of the problem.

How is this possible? To understand the technical underpinnings, you need to know about ports.

Ports are like TV channels. Your PC has a bunch of them, each one dedicated to letting certain kinds of Internet information pass through: surfing the Web, sending email, downloading files, playing videos, and so on. Trouble is, Internet intruders roaming around online know how to use these ports to their advantage. They use software that can slip into your PC through one of these ports.

Ready to yank your modem cable out of the wall yet? Relax. You can stop the baddies just by using a firewall, a security barrier that prevents people or programs from sneaking into your machine via your Internet connection. A firewall can be a software program or a physical piece of hardware.

Good firewalls can monitor both incoming and outgoing traffic. So, in addition to keeping out intruders, your firewall can detect—and stop—spyware or a virus trying to transmit information from your computer.

Software Firewalls

A software firewall is good protection, too. No wonder both Windows and Mac OS X come with such a feature built right in. (All the Internet security suites described in Section 7.2.2.1 include firewall programs as well.)

Figure 21-4. Occasionally, to get a program through the firewall, you must open the port it wants to use. On the Windows Firewall Exceptions tab, click the Add Port button. In the “Add a Port” dialog box, type a name (so you’ll remember why you’re opening that particular port) and enter the port number, which you can usually find in the program’s manual or Web site.

Tip

If you have a hardware firewall (like a router), you don’t need to turn on a software firewall too.

The Windows XP Firewall

When Windows XP first appeared back in 2001, it came with a nifty new feature—built-in firewall software. Unfortunately, Microsoft left the firewall turned off, and few people could find it to turn it on. So, in the interest of greater security, Service Pack 2 (which Microsoft released a few years later) automatically flips the Windows Firewall on. In fact, once you install this update, Windows XP pesters you (by popping up yellow warning balloons from the taskbar) if you turn the firewall off.

If you do have Service Pack 2 installed—either because you installed it or because you bought your computer after October 2004—you can find the on/off switch for the firewall like this. Choose Start → Control Panel → Security Center → Windows Firewall. (If you use the Control Panel’s Classic view, choose Start → Control Panel → Windows Firewall.) On the General tab of the Windows Firewall control panel, click the button next to “On (recommended)” and then click OK. The firewall’s off button is here, too, if you need to shut it down for a minute to troubleshoot your Internet connection or something.

Note

If you like the sound of a sturdy, free firewall that’s more powerful (because it blocks traffic coming and going through your computer) check out ZoneAlarm (www.zonelabs.com). With a friendlier interface, ZoneAlarm is often easier to use than the built-in Windows Firewall, which is set to block unauthorized traffic coming to your PC from the outside world, but it may not be much help against programs on your PC trying to sneak out to the Internet without your permission. ZoneAlarm works with systems as far back as Windows 98SE, so it gives you a firewall option if your PC is too old to run Windows XP. (And if you do have Windows XP, you can still use ZoneAlarm. The Windows Firewall is savvy enough to get out of the way when you install an alternative program.)

To try the software, scroll down to the bottom of ZoneLabs’ home page and click “Free ZoneAlarm and Trials.” You can get the free version here or buy the $50 full-featured edition with more controls and technical support. Once you download and install the program, ZoneAlarm makes your machine invisible to other computers nosing around on the Net.

Setting up the Mac OS X firewall

Apple’s system security for its Mac OS X Tiger system is even stricter than Microsoft’s: Out of the box, all communication ports and services on the Mac are closed to the outside. (That’s one reason the Mac hasn’t attracted hackers like Windows has.) The Mac also comes with its own built-in firewall that blocks all incoming Internet traffic except for the programs you allow through.

Its factory setting is Off, though, so you need to give it a little click-start.

To turn on the Mac OS X firewall, follow these steps:

1. Go to → System Preferences → Sharing. Click the Firewall tab, and then click the Start button.

   The Mac fires up its firewall software. Again, the firewall starts out blocking every sort of Internet communication, so you must turn on the ones you want to use.

2. In the Allow list, select the programs or functions you want to let through the firewall.

   As shown in Figure 21-5, turn on the checkboxes next to, say, iTunes Music Sharing and other network services you plan to use.

Figure 21-5. Mac OS X starts out fully barricaded against Internet intrusions. However, you can let programs and services through the firewall by simply selecting them in the Firewall tab on the Sharing preferences window.

Tip

Want to make sure your computer’s firewall is doing its job? Several online sites offer to knock on your computer’s ports and see if there are any openings for intruders to slither through. Check out ShieldsUP (www.grc.com), Hackercheck (www.hackercheck.com ), or Planet Security’s firewall check (www.planet-security.net ).

The Internet appeals to children’s uninhibited, adventurous spirits. Kids find it rewarding to look up information themselves, explore online museum exhibits, and try their hand at interactive games. But the Internet isn’t a babysitter, and it has millions of people prowling around on it. Some sites and services (and, quite frankly, some of the aforementioned people) just aren’t suitable for children.