Table of Contents

1. Introduction
2. General Guidelines
3. Windows 95/98/ME
4. Windows 2000
5. Windows XP
6. Apple
7. Linux
8. Conclusion

Introduction

It is exciting to get a new computer. Think of all the applications and games you can now run, the music you can store, and the pictures you can share with friends. Your new computer is delivered, you quickly unpack it, and start plugging it all in. The computer boots up, the desktop appears, and just by clicking on your web browser icon you are suddenly connected to the wide world of the Internet and all the enjoyment you can derive from it.

Did I say enjoyment? I really meant to say Danger! That's right, you have now just connected your computer to the Internet with no protection, and studies show that within the next 24 hours there is a good chance you will be infected with some variant of malware. Whether that is a virus, worm, Trojan, spyware, or browser hijacker, or even hacker, something or someone is itching to infect your machine.

It does not have to be this way though. By following some really simple steps you can set up your new computer without fear of what is lurking out there to infect you. Below I have outlined some general guidelines for all operating systems that you should use. I then go into more specific steps for various operating systems so that when you are connected to the Internet you are prepared for the worst.

General Guidelines

Use a Firewall

The most important step when setting up a new computer is to install a firewall BEFORE you connect it to the Internet. Whether this is a hardware router/firewall or a software firewall it is important that you have immediate protection when you are connecting to the Internet. This is because the minute you connect your computer to the Internet there will be remote computers or worms scanning large blocks of IP addresses looking for computers with security holes. When you connect your computer, if one of these scans find you, it will be able to infect your computer as you do not have the latest security updates. You may be thinking, what are the chances of my computer getting scanned with all the millions of computers active on the Internet. The truth is that your chances are extremely high as there are thousands, if not more, computers scanning at any given time. The best scolution is if you have a hardware router/firewall installed.. This is because you will be behind that device immediately on turning on your computer and there will be no lapse of time between your connecting to the Internet and being secure. If a hardware based firewall is not available then you should use a software based firewall. Many of the newer operating systems contain a built-in firewall that you should immediately turn on. If your operating system does not contain a built-in firewall then you should download and install a free firewall as there are many available. If you have a friend or another computer with a cd rom burner, download the firewall and burn it onto a CD so that you can install it before you even connect your computer to the Internet. We have put together a tutorial on firewalls that you can read by clicking on the link below:

Understanding and Using Firewalls

Disable services that you do not immediately need

Disable any non-essential services or applications that are running on your computer before you connect to the Internet. When an operating system is not patched to the latest security updates there are generally a few applications that have security holes in them. By disabling services that you do not immediately need or plan to use you minimize the risk of these security holes being used by a malicious user or piece of software.

Download the latest security updates

Now that you have a firewall and non-essential services disabled, it is time to connect your computer to the Internet and download all the available security updates for your operating system. By downloading these updates you will ensure that your computer is up to date with all the latest available security patches released for your particular operating system and therefore making it much more difficult for you to get infected with a piece of malware.

Use an Antivirus Software

Many of the programs that will automatically attempt to infect your computer are worms, trojans, and viruses. By using a good and up to date antivirus software you will be able to catch these programs before they can do much harm. You can find a listing of some free antivirus programs at the below link:

Virus and Malware Resources

Browse through the various free antivirus programs at the above list and install one before you connect to the Internet. Download it from another computer and burn it onto a CD so that it is installed before you connect.

Specific Steps for Windows 95/98/ME

Unfortunately these versions of Windows do not come with a built-in firewall. It is therefore recommended that you download a free firewall and antivirus software from another computer and burn it onto a CD. Then install these products on to your computer before you connect to the Internet. If you do not have the ability to do this, then immediately after you determine that you are connected to and are able to use the Internet, you must go to www.windowsupdate.com and download and install all critical updates available for your operating system. Keep going back and visiting this page until all the updates have been installed.

When these updates are finished installing, then download and install a firewall and antivirus software.

Specific Steps for Windows 2000

Windows 2000 does not contain a full featured firewall, but does contain a way for you to get limited security until you update the computer and install a true firewall. Windows 2000 comes with a feature called TCP filtering that we can use as a temporary measure. To set this up follow these steps:

1. Click on Start, then Settings and then Control Panel to enter the control panel.
2. Double-click on the Network and Dial-up Connections control panel icon.
3. Right-click on the connection icon that is currently being used for Internet access and click on properties. The connection icon is usually the one labeled Local Area Connection
4. Double-click on Internet Protocol (TCP/IP) and then click on the Advanced button.
5. Select the Options tab
6. Double-click on TCP/IP Filtering.
7. Put a checkmark in the box labeled Enable TCP/IP Filtering (All Adapters) and change all the radio dial options to Permit Only.
8. Press the OK button.
9. If it asks to reboot, please do so.

After it reboots your computer will now be protected from the majority of attacks from the Internet. Now immediately go to www.windowsupdate.com and download and install all critical updates and service packs available for your operating system. Keep going back and visiting this page until all the updates have been installed.

Once that is completed install an antivirus software and free firewall, and disable the filtering we set up previously.

Specific Steps for Microsoft Windows XP

If you have recently purchased a computer and it came with XP Service Pack 2 installed, then the firewall will be enabled by default and you will not have to do anything but install an antivirus software and check for any new updates at www.windowsupdate.com.

On the other hand, if this is an older computer, or you are re-installing one, then you should follow these steps before you connect to the Internet:

1. Log into Windows XP with an administrator account.
2. Enable the Internet Connection Firewall by following the steps found in the following tutorial link: Configuring Windows XP Internet Connection Firewall
3. Once the firewall has been turned immediately go to www.windowsupdate.com and download and install all critical updates and service packs available for your operating system. Keep going back and visiting this page until all the updates have been installed.
4. Once that is completed install an antivirus software and free firewall.
5. Disable the built in XP firewall.

Specific Steps for MAC OSX

Mac OSX has a built-in firewall that should be used before connecting to the Internet. To turn this firewall on follow these steps:

1. Open up the System Preferences
2. Click on the Sharing icon
3. Click on the Firewall tab
4. Click on the Start button
5. Now the screen should show the status of the Firewall as On.

Now that the firewall is configured you should connect to the Internet and immediately check for new updates from Apple by following these steps:

1. Choose System Preferences from the Apple Menu.
2. Choose Software Update from the View menu.
3. Click Update Now.
4. Select the items you want to install, then click Install.
5. Enter an Admin user name and password.
6. After the update is complete, restart the computer if necessary

Now install an antivirus software on your computer if one is not already.

Specific Steps for Linux/UNIX

Almost all Linux distributions come with a built in firewall which is usually iptables. Make sure that the firewall is starting automatically at boot up and is configured to deny all traffic inbound to your computer except for the services you require like SSH. Unfortunately iptables would require a tutorial all in its own, so I will refer you to this already created tutorial:

iptables tutorial for beginners

Once the firewall is configured, go to the respective site for your Linux distribution and immediately download and install any of the latest security updates that are available. Windows is not the only operating system with security vulnerabilities and it is just as important for Linux users to have an up to date operating system.

Conclusion

As you can see the most important step that should be done before connecting to the Internet is to install a firewall and block all ports that you do not need open. This will assure us that your computer will not become hacked by many of the worms and bots out on the Internet. Once a firewall is installed, updating your computer and installing an antivirus software are the next steps. Please follow these steps, as if it is not done, you computer will ultimately get compromised and then further proliferate the infection of others.