Configuring Free Anti-virus Protection

Anti-virus software shouldn't be your only defense against malicious programs lurking on the Web. Rather, it should be one component of a layered security approach consisting of at least router configuration and a software firewall. This may sound too complicated for home or or home office users, but it is actually pretty simple. Larger organizations should already have these controls in place.

Layered security controls for medium and large businesses are outside the scope of this article. For more information on this topic, see Endpoint hardening and defense: Overview of layered security. What follows is a model for securing your home, home office, or small business to the level at which you can use free malware removal tools.

The first step in securing your computers from incoming malware is router configuration. The simplest routers cost around $60 and come with wireless networking capability. Connecting them as shown in Figure 1 builds a barrier between the Internet and your internal systems.

Larger organizations will likely place a standard, non-wireless router at the Internet/internal network boundary. However, the principle is the same. Keep the bad stuff, and the black hats, off your network in the first place.

The next step is making sure your router is properly configured. Most small office and home routers come with a secure configuration. The only thing you have to do is CHANGE THE DEFAULT PASSWORD.

It's easy to check your configuration for holes. Simply use the free online service provided at Steve Gibson's Web site. The service, ShieldsUp!, let's you know if one or more of your router configurations is unsafe (i.e. open). Your results should look like those in Figure 2. You may have some blue boxes. That's OK. However, red boxes mean you have ports open which may allow unwanted visitors.

If you're unsure about how to configure your router's settings, buying a popular router brand like Linksys or D-Link ensures pretty good telephone support.

Now that your perimeter is secure, the next step is to prevent intentional or unintentional visits to known high risk sites. High risk sites include those known to host malware or certain site types (online free games, pornography, pirated music sharing, celebrity sites, etc.). You can purchase software to do this, or you can use a free service like OpenDNS. Using a free service ensures you are getting regular site updates. It also keeps site processing resource use off your computers.

Finally, make sure your computer's firewall is turned on and up-to-date. Windows-based systems (XP SP2, Vista, and Windows 7) have the firewall turned on by default. Unless you specifically turn if off, this provides your last layer of defense--before hitting your anti-virus software--against unwanted activities which make it through your other controls. And don't assume if you have an operating system other than Windows that you're safe. The only thing keeping Windows at the top of the black hat hit list is popularity--the most number of installed systems. Make sure your Linux and Apple OS computers are also running firewalls.

Now that the network is configured, let's talk about the final component in our layered malware defense--antivirus (AV) software. In this article, I focus on free applications which answer the question, "How do I remove malware?" Although they are listed below in no particular order, they vary in effectiveness. However, they all tested as basically effective by AV-Comparatives.

• Avira AntiVir Personal
• Avast! Home Edition
• AVG Free Edition 9.0
• Microsoft Security Essentials

There are many others. However, these I've tried, researched, and can recommend. When selecting a free AV product, follow the following guidelines:

1. Make sure the software was tested and is found effective by an INDEPENDENT testing organization, like AV-Comparatives or AV-Test
2. Don't fall for black hat offerings which appear authentic but which actually install malware on your machine; examples include Antivirus 2009 and Doctor Antivirus
3. If you decide to use free AV software, be aware that these products don't include a full set of protection components; so don't forget to implement the basic security described earlier in this article
4. Ensure there are no "gotcha's" associated with regular (daily) updates of your AV software's list of malware it can identify and remove

In addition to price, free malware removal tools have one other feature I like. A lot of "security stuff" isn't installed on my computer, slowing it down or causing problems with other loaded software. However, if you like full-featured security suites, be sure to read the next article in this series on that very topic.