Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2013-11-02 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Protecting Your Family's Computers

Published: 2013-11-02
Last Updated: 2013-11-02 03:48:32 UTC
by Rick Wanner (Version: 1)
13 comment(s)

If your family members are anything like mine, by default you wind up being the tech support for your entire family just because you are the “techie” guy (or gal) in the family.  A number of years ago I became frustrated by how often this role became a malware removal or rebuild role. Although there are no silver bullets to prevent a computer from being infected, I came up with a standard configuration that I apply to all of my family’s computers to substantially reduce the likelihood of a serious infection.  I have continually tweaked it over the years, but here is my current standard build:

Malware Protection

Antivirus is rapidly becoming  irrelevant in the current malware world, however,  I don’t think I am willing to go without it yet. There are several free antiviruses available, and I have tried most of them, but the last few years Microsoft Security Essentials is the one I usually install for family use.  I don’t know if it is any more effective than the alternatives, but it  seems to do the job, and it doesn’t expire regularly and leave the machine unprotected. Don’t forget to uninstall the antivirus trial software that comes on nearly every computer.  Two antiviruses running on the same computer rarely get along.

Safe Browsing

I have long run out of patience with Internet Explorer.  For family computers I give them a choice between Firefox or Chrome.  My family are not technical people.  They don’t have the knowledge to judge a good link from a malicious one. I have looked at numerous extensions to reduce the likelihood they will get infected while surfing the Internet.  In the end I settled on only two:  Web of Trust (WOT) and Adblock Plus.  I install Web of Trust (WOT) so at least if they try to go to a bad site they will get a warning. I install Adblock Plus to reduce the likelihood of infection from a malicious ad. It also has the added advantage of speeding up the browser experience for some sites.

I used to install noScript, but found it was too complicated for my average family member.  I have also been experimenting with SSL Everywhere.  I haven’t added it to the toolkit yet, but I probably will in the near future.

Up to date applications

The last tool in the box is Secunia Personal Software Inspector (PSI).  PSI is the free, for non-commercial home use, version of Corporate Software Inspector (CSI).  Its function is to scan the computer for what software is installed and to keep most of the software up to date.  Although PSI will automatically keep most software up to date, some software will require manual intervention to stay up to date so you may need to train your family a bit to  handle those instances.

So that is my toolkit.   I am always looking for improvements.  What is in yours?

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

13 comment(s)
Diary Archives