We seem to regularly receive calls from people having problems or concerns with their computer when connecting it to the Internet. Viruses, hackers, worms, spyware, tojans, and the list goes on. All this craziness to worry about when simply plugging your computer into a cable modem, and then having to wonder if you will be able to login to your own computer the next day. Has my computer been "owned" ("pwn3d" for you uber 3733t [elite] geeks out there)? What can I do to try and protect my computer?

The problem of protecting your computer from Internet-based threats is not a very easy one. It's nearly impossible to say you're 100% safe, unless you unplug your computer from the network and the power socket. So, what we all need to do is try to manage the risk to safe enough levels that we can feel comfortable using our computers without wondering if some hacker has access to our files or is capturing the password to my bank account when I check my online statement. And if you didn't already know that was a concern, I apologize for adding to your paranoia.

Basic Connectivity
Connectivity is simply talking about having your computer connected to the Internet. This could be a matter of plugging your phone line into your modem and dialing out, like in the older days for many of us. Or it could be connecting your computer to a wireless network. Both of these methods connect your computer to a network. It is important to understand that connecting your computer directly to a network may expose your computer to attacks by other computers on that same network or possibly remotely if the network itself is not secured.

A network can be partially isolated from other networks (or the Internet). This helps protect computers connected to that network from many "outside" threats. If you plug your computer directly into your cable modem or your DSL modem, your computer may end up being directly exposed to a hostile environment. It is best to put something in between your computer and that hostile environment.

A device called an Internet Gateway is one method of separating yourself from those hostile environments. Other names for these devices are Internet Router or Broadband Router. They are made by many companies, including D-Link, Linksys, and NetGear. Effectively, you plug your computer into the router, the router plugs into your cable or DSL modem, and then your modem connects to your wall. The router then establishes the connection with your Internet provider, passes your requests to connect out to the Internet, and filters anyone trying to connect directly to you from the outside.

To provide a metaphor, imagine that you're a witness to a high profile case and that people want to hurt or threaten you. Instead of roaming the streets alone, you keep a tough security guard with you. If someone approaches you, the security guard stops them. However, you may choose to talk to anyone you want to. In this metaphor, you are the computer, and the security guard is the router/gateway.

For the most part, an Internet router is plug and play, providing you plug it into the right places. But many Internet providers do require that computers login in order to access the Internet. All current home routers support doing this on behalf of your computers, but will take a little extra work on your part to setup your router to do so. You would need to review the documentation that comes with your chosen router, however a typical setup would be to plug your computer into the router, open up a web browser to access a special URL that will provide you with an administrative interface, and configure the authentication settings for the router.

Do I Already Have a Router?
Many people are not sure if they already have a gateway or router. We understand that at GeekSpeak, so I will offer some tips to help you determine what you have. Typically at home, a computer needs to plug into another device and that device connects to your wall (be it a phone line or a coaxial cable). These modems usually have 2 ports. One port is where your cable or phone line plugs in that leads to the wall on the other end. The other is where your computer is supposed to plug in. And technically, there is a 3rd, which is the power cable. To the right is an example of my own DSL modem. The white cable on the left goes to my phone jack. The green cable on the right goes to my wireless Internet Router. For people who do not have an Internet Router (wireless or otherwise), that green cable would go directly to your computer.

The image to the left is my Linksys Wireless Broadband Router. An Internet router will have several ports on the back of it. One of them connects out to the Internet (usually by plugging into your DSL or cable modem). In this case, that would be the same green cable that you can see here on the left. The other ports are intended for your computers to plug into. The primary purpose of routers, such as this one, is to allow multiple computers to connect out through one connection. The blue cable connects to my Windows PC directly. The antenna on the far left is what allows my laptops to wirelessly connect to the router. Effectively, just imagine that the antenna is just another one of the ports to the right of the blue cable (or the one the blue cable is plugged into). Everything plugged into one of those open ports or connected to the router wirelessly has the benefit of the router's protection against anything trying to get in directly through that green cable (which, I will remind you connects to the Internet directly via the DSL or cable modem).

So, if you are unsure if you have an Internet Router, look at the back of the devices that are between your computer and the wall. If the device has more multiple ports for your computer(s) to connect to, then it is most likely a router. A better way to determine would be to look for something on the device that says "router" or "gateway". If you only have once device between your computer and the wall, odds are you only have a DSL or cable modem.

Wireless Networks
Now, I think it is very important that I stress that should you be setting up a wireless network in your home, using a wireless Internet router, you should not just plug it in and use it. You should always go into the administrative interface and at minimum change the administrative password and the SSID (the name of the wireless network). Aside from security, this will help you avoid conflicts with your neighbor who happens to buy the same wireless router.

To explain what could happen if you don't change the default settings on a wireless (note this only applies to wireless routers), if I look on my computer to see what wireless networks are available from my condo, I frequently see 4 different wireless networks. I've successfully connected to those wireless networks and connected to the administrative interfaces for those routers. Once I do that, I could block out the owner, open their network to exposure on the Internet and all sorts of other malicious things. But I'm a nice guy, so I just disconnected and shook my head knowing that far too many people do not understand the risks. So, be sure to lock down your wireless networks! Your neighbor might not be as nice as me.

Virus and Spyware Protection
Now that we've discussed making sure that your computer is relatively safe from direct attacks from the network, there are other ways that bad things can get onto your computer. These ways are commonly called "attack vectors" in the security world. So, what are the common attack vectors?

Email is one of the more common attack vectors. I'm sure you've heard this a million times, but I'm going to make it a million and one; Do not open attachments from people you do not know or were not expecting!!! I can't stress this enough. The simple act of double clicking on an attachment in an email could infect your computer with a small virus that runs and then connects out to the Internet on its own (unbeknownst to you) to download a more malicious program that will monitor your typing looking for usernames and passwords and quietly sending them to some computer hosted in some other country. Think this isn't a big deal? I've personally had to examine systems where this occurred and was only discovered when the owner saw a sizable withdrawal of funds that they didn't initiate.

Another common attack vector is to take advantage of vulnerabilities in software. These are basically bugs in some program you use (or even the operating system itself) that could enable an attacker to run an unexpected piece of code on your computer (like in the example above). These can be even more of a threat as it doesn't always require you to do anything that you normally wouldn't do (like opening an attachment from a stranger). You could get infected with something like this by simply going to a website that either has malicious intent or has been compromised to serve a malicious web page. Internet Explorer 6 has been known to be one of the biggest sources of these type of vulnerabilities.

Spyware, pop-ups, Adware... these are all more of the same as viruses. They are programs that somehow were able to get installed and run on your computer. Some are just annoying, others are more malicious in intent. None are good for your average consumer.

So, what can you do to help protect yourself from all these malicious pieces of software?

1. Update your software!!! You must make sure that you are running your Windows updates at LEAST once a month. Many popular software programs default to checking for their own updates and tell you when a new update is available. Make sure you install those regular updates as they fix newly discovered vulnerabilities that viruses are sure to start exploiting. By being up to date, up significantly minimize the holes that such viruses can take advantage of on your computer.

2. Install an adware/spyware blocking program. AdAware from LavaSoft is a good option.

3. Install a decent and known virus protection program. AVG and Avira are a couple of the non-mainstream anti-virus programs out there that do a good job. I recommend them even over the more popular McAfee and Norton anti-virus options as they provide a better detection of "new" viruses. And of course, make sure your anti-virus is receiving its updates very regularly (daily is ideal) as that is the way the software is told about the newest attacks and how to detect and block them. And please make sure you ONLY download the anti-virus programs from their original sources.

4. Stop using Internet Explorer 6!!! Some of you may think, "here we go. The Mac guy is bashing an Microsoft product." But seriously, regardless of my opinion about Windows, IE 6 is nightmare when it comes to security vulnerabilities. Every month that Microsoft releases it patches (next week is the next schedule patch release), Internet Explorer is almost always the one with the worst of the holes reported. And it is also one of the easiest ways for attackers to exploit since they often just take having a user click on a link. If you feel you must stick to the Microsoft browser, please upgrade to Internet Explorer 7. While still a high profile target for hackers looking for holes, it is a much better designed piece of software over IE 6. But I would much rather see people use other browsers, such as Firefox, Opera, or Safari.

In summary
If you make sure that your computer is securely connected to the internet, that you have a good anti-virus and spyware blocker program, you're keeping your computer software up-to-date, and you are practicing safer computer use (don't take attachments from strangers), you should have a more pleasant experience with your computer and Internet use. I know it sounds like a lot, but once much of this is setup, it should be fairly seamless. Software updates usually run on their own with an occasional prompt for you to click on, and the rest is typically a one-time setup.

Happy browsing and safe computing.