Basic Help and Guides

The following guides are intended to give you some tips on what sort of features you should be looking to set up in terms of firewalls, antivirus etc. They are not step-by-step guides, but more general concepts for a good set up.

What to do when compromised

When your system has been compromised it is vital to attempt to remove the infection as soon as possible. Under no circumstances should the compromised machine be used to access any confidential information until it has been confirmed as being free of risk. Otherwise it is likely someone will get access to your information.

It is best to approach the issue in a manner similar to the following:

1. Disconnect your computer from any network it is currently connected to. This is to ensure that external attackers will no longer be able to access your files, as well as stop the spread of infections to other computers on your network.
2. Perform full Malware and AntiVirus scans of any other computers connected to your network, to make sure the infection has not spread. For Windows systems, it is recommended that this is done in safe mode. If the infection has spread then repeat this process for each infected system.
3. If the system is progressively failing, or is nearing the point where it is still accessible but beyond the point of restoration, backups may be wise to undertake for vital and irreplaceable data. Keep in mind however these files can carry the infection and as such should be treated with care, scanned and cleaned before restoration.
4. If worst comes to worst and the system is beyond restoration with normal recovery tools, it is best to perform a complete system reformat and reinstall, removing all traces where the infection could hide.
5. Change passwords on all critical accounts. There is potential that your accounts may have been compromised so it is recommended to change your password on all your commonly used accounts or important accounts. This is vital to protect your various accounts and banking details.

If you don't feel confident in handling any of the above yourself, a skilled computer technician should be able to assist you with recovering your system.

Basic set up for a firewall

With any firewall in a home environment you want them to generally allow all traffic to flow within your local network. This allows your home computers to function in your home environment.

Many modern firewall programs support multiple profiles and as a result support a more limited profile for public networks such as wireless hotspots, or non trusted networks. This allows one to keep settings for work, home and travel separate and without conflict.

When it comes to traffic from outside your local network, such as from the Internet, it is best to limit this to what is needed and no more. In most cases all you need are email, web browsing and any particular software you might use that requires direct outbound access.

Alternatively you may wish to allow everything to leave and only replies to sent out traffic to enter. This 'stateful' approach will limit traffic to only what applications you opt to have send traffic out (such as games or web browsers), and provides generally good protection.

Basic set up for Antivirus Software

Most antivirus programs set themselves up securely by default, and don't need to be touched beyond minor tweaking.

However not all do, especially those that are part of complex internet security suites, so here are some key features to ensure are enabled. Keep in mind some free or limited versions may lack these features, so an up-to-date antivirus suite supported via subscription is best.

Resident Scanner

All good anti-virus programs contain resident or background scanners that scan every file activity to occur on your system. This is designed to ensure that infections can be stopped as they begin.

Ensure that resident scanners are enabled.

Opt for quarantine over outright deletion of files that cannot be 'healed'. That way you can save any vital documents that have been either falsely accused or you require, even if they are infected. For more specific information refer to your antivirus documentation.

Email Scanner

An email scanner is useful feature many anti-virus packages include. They scan POP3 inbound and SMTP outbound unencrypted email when they detect incoming or outgoing email.

Ensured these are configured correctly. There are occasions where it may need to be disabled, such as very slow connections where issues result due to the extreme times to send the email. This should only be considered when absolutely required, as it does add risk of infested emails from passing through unchecked.

Full system scan

Regular full system scans are much more in-depth then the resident scanners and as such can catch what is missed by the resident scanner. Generally a weekly or daily scan recommended, especially if your PC is typically switched on for long periods. It is best to have it run when you are not using the computer so it does not impact your use.

Oddly enough, switching off your PC when not in use can offer some level of virus protection against zero day exploits.

Additionally, set the behaviors of what the scanner will do upon detection, so it will not impact too much on your general use, and be as seamless as possible.

Update schedule

Having the antivirus automatically update means it is an even simpler process for your usage. Most antivirus programs include a default update schedule, however it is generally set for an update in the early hours when the computer is likely to be off. This means it either fails to run or runs on the next computer start up.

By default most automatic update functions update at most once per day. Many allow for multiple hourly checks for updates and this is recommended.

Email Client Setup

For those concerned about the security of what they receive and send in email, Internode provide secure-mail. Secure-mail is encrypted between your machine and our mail server. As a result it is safe from prying eyes for this portion of the journey.

If you wish to configure secure-mail to keep your private emails confidential you can use our secure-mail guides to assist you.

How to get more information

There are several good sources all around the Internet that can and will help you with online security.

Both Stay Smart Online and Cybersmart have excellent online guides to explain the basic concepts to children and adults in a fun and interesting manner. A great way to get kids to understand how and why it is important to stay safe online.

• http://www.cybersmart.gov.au/
• http://www.staysmartonline.gov.au/