A computer can not be compromissed while turned off. In particular home computers are typically only used a couple of hours a day. So why not turn it off while you don't use it? Some DSL/Cable modems have a 'disconnect' switch. This switch will usually turn off the ethernet interface of the modem. Turning off the modem alltogether is another option.
You have to be a bit careful turning off your PC making sure you still get necessary patches. Typically, the DSL/Cable modem will check for updates whenever you turn it on. For the PC: It should still regularly check for updates while turned on. Rebooting the PC may be useful to make sure all the new code is loaded. In corporate environments: Do not turn off your PC unless you talked to the network administrator first. Techniques like 'Wake on Lan" can be used to turn on the PC remotely if needed to perform backups and to patch.
A turned off PC with a BIOS password is also a reasonable deterant to protect your PC from unauthorized use. In particular at home if you would like to prevent other household members from using your PC. (note however that this will usually not protect you from more sophisticated attacks and theft)
And don't forget that this will save energy as well.
If you have any tips to share, please send them to us via the contact form. I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Spring 2020
Aug 4th 2006
1 decade ago