This is mainly for Windows users – sorry all Mac and Linux users!
The main subject was supposed to be creating backup images of your hard drive, or your partition, for security reasons. But of course I can’t resist some preliminary comments on security, to have it all in one place.
Firewall(s) and anti-malware applicationsI’d say that basic security measures consist in running at least a software firewall, preferably a hardware firewall
and a software firewall, an anti-virus program, and a couple of extra programs for scanning for malware that the anti-virus program might have missed. Those applications need to be regularly updated, of course, or else they will not detect the latest threats.
IMO you should not use the Windows firewall. Why not? Because it only blocks incoming connection (like a hardware firewall does by default), but not outgoing connections. Thus, if you have the misfortune to get some malware that wants to “phone home”, or if your computer gets a virus that is designed to make it usable for DoS attacks and similar sabotages, the Windows firewall offers no protection. There are several free firewalls that you can download and use instead of the Windows one, for example
ZoneAlarm,
Comodo and ex-Kerio, now
Sunbelt. They all offer control over outgoing connections (application behaviour) in addition to control over incoming connections.
You should not try to run more than one software firewall (or more than one anti-virus program) at the same time. They may conflict with each other and leave you without the protection you think you have. So, if you decide to replace the Windows firewall with a more effective software solution, you need to disable it. Go to the Security Centre (from the Control Panel) and turn the Windows firewall OFF. In addition, you might want to disable the service – it keeps running unnecessarily even if you turn off the Windows firewall in the Security Centre. From the Control Panel, go to Performance and Maintenance – Administrative Tools – Services, scroll down to Windows firewall, right-click it and choose ‘Stop’ if it is running, then right-click and choose ‘Properties’, then choose ‘Disable’. Click OK.
While you're at it, there are a couple of other services that may pose security threats; I list them below with simple descriptions of what they do. You have to decide for yourself if you want to disable them, of course. If you use features that depend on these services, you should of course not disable them. It's your choice.
- 'NetMeeting Remote Desktop Sharing' - allows a user within the local network to access the computer.
- 'Remote Desktop Help Session Manager' - allows a user outside the local network to access the computer (with the computer owner's permission, hopefully).
- 'Remote Registry' (XP Pro only) - allows a user outside the local network to apply changes to the registry.
- 'SSDP Discovery Service' and 'Universal Plug and Play Device Host' - together they make UPnP possible. UPnP is "automatic" port forwarding; a program that needs to listen to an incoming port asks the router to open that port, and the router (presumed that it runs the UPnP service) obliges. The security problem should be obvious: malware can use UPnP, too. I'd recommend forwarding ports manually instead - there's a link to portforward.com further down for help with that.
You can read more about these services (
all the XP services) here:
http://www.blackviper.com/WinXP/service411.htm - there's a lot of other useful information at the BlackViper site, such as install guides for XP and Vista (and a list of Vista services like the XP one I linked to).
I have tried some of the commercial anti-virus/security packages over the years, and I found them simply not worth the money, so these days I run freeware, previously
AVG and presently
Avast. I can’t tell how to choose between them – IMO they are both decent enough, and are regularly updated. In addition I scan with
Ad-Aware, the free personal version, and
Spybot SD (that is also free) once in a while. Ad-Aware will often find tracking cookies that stay even if you delete cookies from your browser.
A couple of extra resources:
For help with forwarding port(s), which you need to do if you use bittorent and run a hardware firewall (or a router that contains a firewall, too):
http://portforward.com/For checking the efficiency of your firewall(s):
https://www.grc.com/x/ne.dll?bh0bkyd2Sometimes anti-malware programs will give false positives – they will claim that a harmless file is some kind of threat. In addition to googling for the file name in order to find out what it is, you can upload suspicious files to
http://virusscan.jotti.org/ and see what 20 different scanning programs say about it.
Sandboxes and Virtual MachinesFor all those applications that can help protect you, I’d say that they best protection is common sense. Don’t visit suspicious sites as you go browsing the World Wild Web, don’t download unknown software.
Only, sometimes you do get curious… If you want to check out possibly dangerous websites or try out suspicious software, there are precautions you can take in order to keep your computer safe all the same. For just visiting sites, I recommend browsing “sandboxed”. The small
Sandboxie application runs like a minimal virtual machine – anything that you encounter as you browse “sandboxed” is kept in the “sandbox” so that it can’t affect your computer. You can also download files to the sandbox, and scan them with your anti-virus program before deciding if you think they are safe to download for real. You can sometimes, but not always, install and test programs in the sandbox, too.
If you often want to try new programs, but don’t want to take risks with your computer, you might want to install a virtual machine. NB it takes good memory resources, though – it’s a matter of simultaneously running more than one OS, along with applications, on one computer. The benefit is that you can toy with settings, installations, etc., on the virtual machine with no risk to the actual computer, and you can decide not to keep the changes you have made to the virtual machine, keeping it clean in the end, too.
Microsoft offers a
Virtual PC for free. There is also
VMware Workstation for a cost – you may try it for 30 days, though, before buying a license, so if you are interested in running one or more virtual machines on your PC, you can try them both out before making up your mind. (The
VMWare Player is free – you can use it, for example, for trying out pre-made Linux machines, but you can’t create your own virtual machines with it.)
Backup ImagesUnlike all the security measures that has been mentioned previously in this post, there are no decent freeware alternatives for creating image backups AFAIK. The Windows XP restore points are not comparable – they are just "snapshots" of critical system files and some program files (quote from
MS Help and Support). If you have happened to get some malware on your computer, it can be a right mess (including working in safe mode) to try to find a restore point that will make your computer un-infected and still running any software you may have installed in the mean time.
I have previously tried
Norton Ghost, but settled for
Acronis True Image. Rumour has it that the Ghost was better before Symantec took over. In any case, buying this kind of software is a small investment. (Unless you have an employer that will buy the software for you.
) The principle behind both programs is the same: software to create a perfect copy of the hard drive (or partition), compressed in order to save storage space, and software to easily replace whatever is stored on an existing hard drive (or partition) with that saved copy. If you have ever battled with some dang piece of malware that keeps recreating itself under different names as you keep deleting it, and ended up reformatting and reinstalling OS and all the applications because you never felt sure you had managed to clean your computer, then you will realize how nice it is to have a backup image of your OS partition. In addition, you can use it if you install software that causes problems and won’t uninstall completely, or if your OS has crashed for whatever reason. Last time I restored to a saved image, the whole process took about 30 minutes, of which the actual replacing of the partition was less than 15 minutes.
Using it is easy. Creating a backup image is a matter of clicking through a few alternatives (basically what to store and where to save it). Using it as a means to keep your computer clean takes a little bit of planning. I start by collecting installers for the programs I don’t have on CDs (like Avast, Spybot, etc), and save them on another HD. Then I partition the hard drive (if not done before), creating a partition sized about 20-25 GB for Windows XP. It’s far more space than needed – right now about 5 GB of that partition is actually used, with XP and a number of programs installed, but I like to have the space to install just about anything I might need. Then I reformat that partition (NTFS) and install XP from scratch. The idea is to have a reasonably small partition that will be the only thing I need to restore if things should go bad. Data stored on other partitions on the same physical hard drive won’t be affected if I need to restore the OS.
Next, download and install Windows updates. Visit the update site again after completing the updates, there may be more updates that would not be offered until you had installed the previous ones. Then install your basic software – the security applications, including updates for them (and don’t forget to disable Windows firewall if you install another software firewall), and anything else you consider so basic you think you want to keep it for a long time – word processor, music player, image editing software, etc… Do
not browse the web for anything but updates. You do not want to take the risk of including some malware in your supposedly clean first backup image. If you (very wisely) run a software firewall with application control behaviour, be sure to open each application and create rules for it (by allowing it to always open, always connect to the internet, if that’s what you want, etc). Create a password for changing software firewall settings if possible (and of course you should also password protect your Windows account(s).)
After all the installations are done, you may choose to run a clean-up program such as the freeware
CCleaner, if you have it among your basic programs, and maybe also clean up the registry. I wouldn’t use the registry cleaner of CCleaner, but rather
RegSeeker (also freeware). It’s a personal choice, but make sure you always make backups of the registry before cleaning it, no matter which software you use. Last, before creating the backup image, defragment the partition. To be sure, these last measures are not security measures as such – they are just for assuring that the image you will eventually restore to is one that allows your computer to run as smoothly as possible.
Then use your Ghost or True Image to create the backup. Clickety-click, choose to save on another partition or another hard drive, wait 5-10 minutes, and you’re done.
This is where the hard work begins.
It consists in taking notes. If you want to be sure that your system is clean, that there is no undetected malware running on your computer, you will want to make new clean updated backup images over time. It means that you will need to restore your partition to the clean image you have saved, then apply updates and other changes, then save that clean image. An old clean backup image is not much of a time saver. So, you need take notes of crucial changes to your OS partition in preparation for the creation of the next backup image: installation of new software (that you want to keep), replacing software (such as music players or instant messengers) with new versions, system settings. Make a list. No need to include Windows and security software updates, though – you will update those as a matter of course after restoring to the backup image.
After roughly a month you will notice that new Windows updates are available. (I do not use automatic updates, since I prefer to check what they offer first, so I visit the site at least every second Tuesday of each month). That is a good time to restore to the previous clean image: a matter of clicking (restore from the same partition, for example C:\ to the same partition) and waiting 10-15 minutes. But, before you start restoring, you may want to save some settings. I save the bookmarks from Firefox (both the .htm and the .bak file, to be found in your profile in C:\Documents and Settings\*user name*\Application Data\Mozilla\Firefox\Profiles), and I save the Azureus and uTorrent folders in C:\Documents and Settings\*user name*\Application Data. I save them to another partition,
not the C:\ that I am about to restore, of course.
After restoring to the clean backup image, update Windows and the security software, (re-)install any software and apply any changes that you have on your list. Put Firefox bookmarks and other saved settings from C:\Documents and Settings\*user name*\Application Data back in place. Run CCleaner and RegSeeker (or similar) if you so choose, defragment the partition, and then create a new clean updated backup image. It will be the one you restore to next time; you always restore to the latest clean backup image. (Which means that you don’t need to keep all the old ones around, unless you have chosen to make incremental backups. I make full backups each time.)
In all, this takes maybe 45 minutes per month. In exchange, your system will be clean and running smoothly almost all the time, and you will save massive amounts of time if something goes wrong with your current OS partition.
Finally: of course you can use Ghost or True Image for backing up data as well. They both have scheduling options, and options to create incremental backups, meaning that only the data that has been changed since last time gets backed up. Quite useful if you write a lot, not to mention for backing up music files to an external hard drive or so.
