Untitled Document

Securing your stand alone or network node machine

Keeping updated

One of the most important aspects of computer security is the updating of software packages. Software programs are continually probed for insecurities by people who have a interest in finding vulnerabilities. For example, many security problems have been found in Microsoft browsers and email agents such as Internet Explorer and Outlook Express.

Taking Internet explorer as an example let's see if we can make it more secure by downloading Microsoft's latest pages for security. In this example I am going to find the latest patches for Explorer Version 6.0. To do this I go to http://www.microsoft.com and look for a link for making windows more secure. When I am writing this there is a link pointing to http://www.microsoft.com/windows/ie/security/default.asp

If we visit that page there is usually a link there that has bundled various updates into one package which Microsoft calls a service pack. I will download and install the service pack for Microsoft Version 6 - Service Pack one dated September 2002. This is a 2 stage affair involving downloading one file called, on this occasion, ie6setup.exe, which you then run. This program then connects up to the nearest available server and installs the appropriate patches for your version of Explorer. BE WARNED - the files can be quite large - sometimes 10-20 Mb.

Needless to say you have to keep abreast of the latest patches available for your operating system and software on a regular basis. Microsoft have their own update feature that constantly monitors your machine and connects up to Microsoft to see if there are any patches you need. However, this only checks for Microsoft patches and bug-fixes.

Another option you might like to consider is to employ some form of checking program which can monitor the software installed on your machine for you. One I have tried recently seems to do the job called BigFix available from http://www.bigfix.com. This employs a client/server model meaning you run the client on your PC and it connects up the server at BigFix.com to download what it refers to as fixlets. Rather naff name but the system seems to work. Needless to say, you have to allow BigFix to connect up to the internet through your firewall such as zonealarm. When it detects that you need an update to a piece of software it tells you by popping up a box. If you click on the box at the bottom right hand corner of the screen it gives you more details as below:-

Of course, whether you decide to install this patch is up to you. Some of the patches offered may be for software you are not intending to use. However, if you are not intending to use that piece of software it begs the question as to why it is installed at all. For example, BigFix has suggested I install patches recently for MS media player which I do not intend using. In my case this has prompted me to delete the BigFix suggestion for this, (simply press delete on the fixlet), and uninstall MS media player, (it's in 'Control Panel' - 'Add/Remove programs' - 'Windows setup' - 'Multimedia') to avoid the problem. How you respond is, of course, up to you.

Click on the subscribe icon, (the little house on the toolbar at the top), to connect to more fixlet sites. I suggest you connect up to at least your operating system site - for me that's Windows '98.

Passwords < Previous - Next > Opening Page