hello

let me start off by admitting that i am completely and utterly ignorant when it comes to computer tech (i only use
it for minimal purposes).. that being said, i have a couple of security concerns i would appreciate if any one give
me some feedback on them...

i ve just bought a new computer.. after i installed the OS (win xp home sp2) i immediately installed kaspersky
Internet security 7.0... and then i had to update it so i connected to the Internet and KIS updates takes forever
and my connection was slow also.. so the computer was connected to the Internet for a very long time was no
protection (or obsolete protection as KIS was updating)....



1- what are the security risks of connecting to the Internet BUT not doing any browsing or downloading except the KIS update definition files downloads...?


2- what are the security risks if i connect to the Internet (ie hook the ethernet ADSL cable coming from a routerand
have no antivirus suite installed.. but DONT DO ANY BROWSING or DOWNLOADING..... i had to connect to the Internet
before i installed KIS so as to activate my OS from Microsoft?


also windows not updated until KIS finished (after a long time) then i ran windows update which took even LONGER
time


N.B. i have been attacked before on a different computer but on the same network by an ip from china (i dont know the type but i think its the one that over traffic the Internet?!?)but KIS blocked it.. so i am concerned that this guy who might know my ip address, attack the new computer during the time where KIS was updating.. esp when the attack hit when i opened an email (spam) that had the subject of my financial advisor company name..


i will be using this computer to access sensitive financial online data.. and i am PARANOID about my safety and
security online esp of the issues mentioned above.....
currently
i have windows updated ........KIS 7 running and updated with firewall to max... and thats it
before i start using it for sensitive online action.. i need to feel more protected.. i am still concerned about
keyloggers, rootkit virus, trojans,...etc...


3-how to 100 % check that the computer was not infected by anything of anytype during the updates download?

4-how to add more protection for the future?

i am actually considering to write zeros to the WD 160 hard drive.. is that reasonable

please any feedback is immensely appreciated
thanks

Greetings moe_8

Welcome to WhatTheTech.

Not sure I can answer all of your questions in just one post. Your are asking alot of good questions and the answers can lead to quite lengthy discussions.

First and formost the safest tool you can have to be 100 percent sure you will never get malware is a pair of wire cutters. Walk right up to the cable that provides you internet connection and cut it in two. That is a 100 percent firewall.

Not very practical, but you would be 100 percent sure right? Like life, nothing is 100 percent for sure.

The second most important tool, is you. Safe practices such as know what you are downloading, who the email is from, why you are installing anything. Having a up to date Operating system, up to date antivirus, up to date anti-malware, and a personal firewall.

You can take comfort in that out of the billions of people on line, you really are not that interesting. Not like you are a bank, business, military installation,goverment, university ect ect.
The malware, virus, hackers, rootkitters, foistware writers want easy targets. Plenty of them about to have to try to break into a shielded machines. Way to much work. You are not that interesting.

So if you are afraid, paranoid, nervious about the evil internet, the pliers may be your route.



minimal, not worth mentioning.



Again minimal. But take note that you have only one and one only of antivirus aplications software running. Will cause all sorts of performance issues due to a feature called realtime scanning. Both apps will want to scan the same file at the sametime and interfer with each other and you will be quite frustrated.



A little knowledge would be a good thing. There is always traffic on the internet looking for a response from somebodys computer. The spam traffic is not sent to only one computer alone it was sent to a random or specific block of addresses looking for that unprotected machine. Your KIS did its job. If you use the internet at all there is always traffic looking for the destination. Emails are sent the same way, not specific to your machine but a block of email addresses. a_whole_bunch_of_letters@somebodies-isp. Maybe they get a hit, maybe not....

If you know the difference between a static ip address (never changes) vs a dynamic ip address (changes on renew or release ) The odds of somebody getting at you is pretty minimal. Remember the computer has a off switch, so does the modem you have connected to the internet. So when you aint there....off she goes.

Go learn about a topic called Phishing (pronounced Fishing)

Recognize Phishing Scams.

The above will explain about your Funny Email.



Again, pretty minimal risk. Run your tools. Know your machine and its function. You are not that interesting really. Learn about your firewall and restrictions. You can configure what comes in and out of your computer in terms of addresses, ports, names, function and a whole host of allows and blocks.



Keep up with the technology, gain knowledge, participate in forums such as this one.



yeah, if you want a blank drive with nothing but zeros on it. I prefer smashing with a big hammer myself. Plan on using the drive again?



Learn the difference between, http vs https when online.
You should always be doing sensitive business with https. It is secure and encrypted.

In conclusion, you can learn to protect yourself or hire out for the expertise. There is a big learning curve if you want to know everything.

People have made careers out of Security and can not begin to give you all aspects of this in one post. Its taken them years. For the average user, up to date OS, antivirus/firewall/malware software. Plus good browsing habits are the key.

In the end there is still that pair of wire cutters.....

Regards

Kaz

Hi Kaz,
Just caught up with your reply here.
Liked the post.
Good advice.
Now...where's my wire cutter!

Regards
paws

They are correct in saying that the only safe computer is a disconnected computer. I had a client that hooked into his DSL and immediately was hit with some spyware and viruses. (I had the job of removing them)

We have started using a hardware firewall:

http://www.watchguard.com/

I believe they are a bit expensive but if you are paranoid, they should alleviate that. They are totally configurable and very effective. (I am not a salesman, just a user)

If your stuff is that important, the cost shouldn't be a deciding factor.

Good luck.

DR