Computer Security

This is a reply to your request to security@saildocs.com. This document is written for Sailmail members, with some advice on keeping your computer secure.

Most of us are well aware of the need to protect our computers from the hazards lurking on the internet, but it is less clear exactly what is needed. The danger is viruses or "worms" or "trojans", different types of malicious programs that can infect your computer. (We'll call them all "viruses" for simplicity). As long as the computer stays on the boat and only connects through Sailmail then it is safe. Viruses cannot get through the server- incoming mail is scanned but more importantly Sailmail does not forward file-attachments (except for certain files which are inherently safe) so there is no way to send a virus via Sailmail. (The same is not true for Winlink, malicious programs can be sent as file-attachments and a brand-new virus will always get past a scanner).

Think of your computer as a fortress surrounded by hordes of bad guys (e.g. the battle for Helms Deep in "Lord of the Rings: The Two Towers"). At sea, you have the world's largest moat with a slender well-fortified bridge (Sailmail). If you connect your computer directly to the internet then you need both strong bastion walls and solders on the inside (firewalls and anti-virus software, respectively). The connections we are concerned about include wireless connections in a marina, a dial-up connection via a cell-phone, or taking the computer ashore and connecting it to a phone line or network connection. These all expose your computer to potential threats. The threats can come from a virus attached to email, or as part of a malicious website, or by a direct connection to your computer (think of ladders over the walls).

So the basic rules are to keep your operating system updated, protect your internet connection, never open a questionable email or a suspicious website, and keep your anti-virus updated.

Operating system updates are important in order to make sure that your computer is secure against known vulnerabilities which have been fixed.

In order to protect your computer from a direct connection you need a "firewall" to block unauthorized connections. Windows includes an effective built-in firewall which should be left turned on, check Windows Security-center on the Windows control-panel. There are normally no programs which require that it be turned off.

There are other firewall software programs available, including various "internet security" packages. Many of these go overboard in terms of protection, adding no security but seriously interfering with normal use of the computer. Also, do not attempt to use more than one software firewall, this can tie things into knots. Our advice is to use Windows firewall (and disable any others).

Most local wired or wireless networks include an internet "router" which also acts as a firewall by blocking direct connections from the internet. But an internet router will not block a connection from a fellow user of the local network, who might themselves be infected. So continue to use your computer firewall.

It is also important to disable file-sharing unless you need this for a local connection. Windows-7 manages this as "private" versus "public" networks. File-sharing is disabled for public networks, be sure this is selected for any sort of internet-connected network, unless you are protected by your own hardware router.

For Windows-XP file-sharing is controlled as part of the TCP/IP properties for the each network connection- uncheck the "File and Printer Sharing" box to disable all file-sharing.

The final level of protection is a good anti-virus program which is kept up-to-date. Most new computers come with a "trial" version of some "all-in-one" internet security program, free for a while and then needs a paid subscription. There are two problems here: The "all-in-one" solutions aren't as good-- and a lot more intrusive-- than Windows firewall plus a good stand-alone anti-virus program; and there are free versions of good programs (supported by their corporate customers) that there is no real advantage to a paid program.

Microsoft Security Essentials is a well-rated anti-virus program that works well without getting in the way, we use that here. AVG/free anti-virus is also good, and Kaspersky and FProt are also good but apparently no longer have free versions. Symantec and Norton anti-virus programs work well, but they tend to be packaged with firewall software as "Internet Security" packages which are overly complex and intrusive, and we have to recommend against them.

Google or any browser search engine can find these, be sure to include "free" in the search as all of these folks like to push the paid version (except Microsoft, they already got your money).

Some folks take the view "anything but Microsoft", ten years ago that was reasonable but things change. Particularly after they got past Vista they seem to "get it" to a much higher degree.

And remember that any anti-virus software is only as good as its most recent update.

There's another tool work considering, and that is an anti-malware program to periodically scan for spyware and other nasties that aren't malicious enough to qualify as a virus or worm, but stuff you definitely don't want it on your computer. MalwareBytes anti-malware free version is highly regarded, as are teh free versions of "Spybot Search & Destroy" and "Ad-Aware".

For all of these (except Microsoft) read the websites carefully, some push paid versions, or "free" upgrades to the full version (only free for a limited time), or try to trick you into installing some other "clean your PC" crap. Read the info carefully.

But remember that anti-virus software only works if it can find the virus in its database. So there is always an opportunity for a new virus to sneak through before the company can update the definitions and you can download them. For this reason it is still necessary to use common sense and not open a file attachment from an unknown sender, and avoid visiting suspicious websites. There are relatively few malicious websites but if you get a note from an unknown person asking you to check out an interesting website then don't.

And lastly, beware of the "phishing" expeditions. If your bank writes to you and asks that you go to a website to re-verify something, don't. Contact the bank first- it may be a pirate website trying to hijack your login and password information.

A few links:
Microsoft Security Essentials: http://windows.microsoft.com/mse
AVG Anti-virus free: http://free.avg.com
MalwareBytes anti-malware: http://www.malwarebytes.org

Good sailing!
Jim
support@sailmail.com

updated 2012-01-08