Network Security guide for the home or small business network – Part 4 – Know your software



Ok, so you’ve got a hardware firewall and you’ve got antivirus. You’re safe right? Well, not entirely. I’ve mentioned the flaws of antivirus. It’s always a step behind. A firewall doesn’t protect against unknown viruses, so what else is there to do? I’m going to tackle this in two steps. The first is to know what software is running on your system. Isn’t there a lot of that? How can I keep up?


Take an inventory of what software you typically use. Email program (maybe outlook express), web browser (internet explorer), are there any programs that you’ve given permission to listen for remote access on? (telnet servers, web servers, ssh servers, ftp servers???) inventory everything that either you run, or you have allowed through your firewall.

Beyond that, I would suggest you take a good look at the programs that run when your computer boots. (ctrl-alt-del should give a list of running processes under windows.) *(msconfig gives you options to control things starting at boot under windows). Identify what each one is. Search online, get an idea of what is “normal” for your system. systray is normally running for instance, explorer, make a list and make sure you know what they are. You don’t have to know what they DO, just identify them as “friendly”.

When I see an infested system, one of the first things I do is skim the msconfig list of what will run at startup and the ctrl-alt-del list of what IS running to see what looks safe and what might be questionable. Anything that I can’t identify I consider suspect and disable until I see evidence that it may be legit. In other words if a web search doesn’t turn up a conclusive “it’s ok”, I disable it. One problem is that I rarely know what is normal for the specific system I’m looking at. Yes, there are some things that are generic to most any windows system, others that I commonly run across, but some, more obscure, programs may look suspicious to someone unfamiliar with the system.

So, know what you run and use on a frequent basis and know what your computer loads at startup and is normal. Also, know if you’ve allowed any program to actively listen for connections as a server from your pc. (FTP server, http server, etc.)

   Send article as PDF   

Similar Posts