| Use a virus scanner. | An easy way for you to become a victim, even if you have a strong perimeter network, good monitoring capabilities, and updated security patches, is to let a virus enter your network. A virus can use an application such as e-mail to get by your firewall and destroy the network from the inside. |
| Use a robust firewall. | A firewall that does not provide robust capabilities and allow you to network your entire home will be limiting and might even be vulnerable to certain attacks. |
| Restrict applications. | Don't run an application unless you are familiar with it. You have to be careful of what you download and execute on your home network. |
| Update the operating system and applications with patches. | Many security patches and updates to applications and operating systems are available. These should be applied religiously to ensure you are up-to-date. |
| Disable Java, JavaScript, and ActiveX. | These programs can be used for malicious purposes when you visit a Web site. Although too many valid reasons exist for using these programs to enhance a Web site, you should be cautious in allowing your browser to run them. You can disable these programs in each browser. In Internet Explorer, you can disable, enable, or prompt for action when encountering ActiveX and Java by selecting Tools, Internet Options, Security, Internet, Custom Level. In Netscape, you can change these options by selecting Edit, Preferences, Advanced. |
| Back up important data. | You should treat your data like a company would. Back up your files and keep them safe in case your system is compromised. |
| Test your security periodically. | Just because you ran a security test and checked your passwords once doesn't mean your system is secure. Testing your site by checking for open ports and vulnerable applications should be a continuous process. |
| Make a boot disk. | Have a bootable disk in case you have been compromised and need a clean boot of your system. A complete backup would be better; you can restore the entire system from a known safe backup if you get attacked. New in Windows 2000, you can create an emergency repair disk using the command NTBackup. |
| Disable scripting in e-mail applications.
| We have seen a number of viruses in the past year that use e-mail programs to execute code. Many e-mail applications have the ability to disable scripting and execution of programs from within the e-mail program. Check your e-mail program and see if this is possible.
|
| Deny everything except what is explicitly allowed. | This rule means to deny everything unless you specifically allow access. Your first firewall rule is to deny all traffic. Then, open up traffic for specific functions you need the firewall to perform. If you don't need it, turn it off. |
