I was reading an article the other day stating that a computer directly connected to the Internet without any protection (firewall, antivirus etc) will be hacked in less than 10 minutes. To resist the million attacks that your home computer will receive when connected to the Internet “jungle”, I would recommend the following security protection mechanisms:
- Use a hardware or software firewall. A hardware firewall is usually embedded in the Internet gateway router, and provides pretty good protection from attacks originated from the Internet. A software firewall installed on your computer can be also a very good solution, because it can provide firewall access protection to both inbound and outbound traffic from your computer.
- Use a good antivirus security suit. I would recommend a complete security suit which protects for different kind of malware, such as viruses, trojans, adware, worms etc.
- Use strong passwords for all the user accounts configured on your personal computer.
- Keep your operating system and other applications up to date with the latest security patches.
- Use a network monitoring tool to observe what connections are running on your computer. An example of a free tool is TCPView for Windows which shows you detailed listings of all TCP and UDP connections on your computer. This program can be used to observe if any hidden code is sending data from your computer without you knowing about it.
Now, what can happen if your computer is directly connected to the Internet without the security protections described above?
- Information or data theft: Your Credit Card number, email passwords, computer login passwords, personal details etc can be easily stolen with a keylogger, trojan etc.
- Spam: Your computer can be compromised and become an email spam sender to other computers.
- BotNet: The BotNet is a remotely-controlled network of “zombie” computers that are fully controlled and managed by a central location. If your unprotected computer is compromised, it can be used as a member of the BotNet network, launching attacks to other computers. This can lead to legal actions against you.