A layered approach is best to protect your security and privacy:

• Use personal firewall, anti-Spyware, anti-virus, anti-Trojan, anti-spam, anti-phishing, and privacy software on your desktop computer.
• Update and tighten Windows before installing new security software.
• To avoid conflicts, do not use two software firewalls or two anti-virus products at the same time. Completely uninstall one before installing another.
• After installing any security software, immediately check for updates at the vendor's website.

Guidelines to secure your PC on your own

Securing your Windows

Microsoft Windows XP is being used by a growing number of users. Windows XP is potentially much more conducive to security than its predecessors such as Windows 95 and 98-a good reason for you to upgrade your desktop system to Windows XP if you have not already done so. Following checklist describes the measures you will need to take to achieve baseline security in your Windows XP system.

Baseline Security Measures for securing your computer:

Your system will achieve a baseline level of security if you deploy the following measures:

• Use only Windows XP Professional. Windows XP Home has too many major security flaws (e.g., in XP Home every default account has superuser privileges and cannot belong to any domain) to enable it to achieve even a baseline level of security.
  
• Install Windows XP only from trusted media.
  
• Ensure that every partition is an NTFS partition. If any volume is FAT-formatted, enter
  convert <partition letter>: /fs:ntfs
  For example, to convert the D partition into an NTFS partition, enter
  convert d: /fs:ntfs and then reboot your system.
  
• Check to see whether Service Pack 2 (SP2) has been installed by going from Start to Run, then entering “winver”.
  
• Install the latest post-SP2 hotfixes from www.windowsupdate.com
  
• An "unprotected share" is a share that permits everyone to connect to it; the worst case is a share that allows everyone to assume full control or to write and delete. Many Windows systems users have unprotected shares. The result is greater likelihood that their systems will be successfully attacked by hackers, worms, etc. Unprotected shares are one of the major causes of security-related incidents in Windows systems.
  
• Leave the Guest account disabled. Double-click on this account name and ensure that "Account is Disabled" is checked.
  
• Activate the screen saver. This will help protect against unauthorized physical access. Go to the Control Panel, then Display, then Screen Saver (or right click on the desktop to Properties and click on the Screen Saver tab). Be sure to password-enable the screen saver and also to set the activation period to 30 minutes.
  
• Be sure to run AntiVirus on your system, and to keep its signatures updated every day.

Block NetBIOS ports over TCP/IP

Block NeBIOS ports over TCP/IP to all Internet traffic if you need to enable file sharing for your machine so no one from the outside can access the contents of your hard drives through these ports. This can be accomplished with either one of these two methods:

Preferred method: Block incoming and outgoing access to ports 135, 137-139, and 445 with your firewall. ZoneAlarm (a free personall firewall) does this by default when you set the Internet Zone Security to "high". (The "medium" Internet Zone Security default settings only block incoming access to NetBIOS ports and you can manually change that to include outgoing, but remember - any Internet Zone Security setting lower than "high" is not recommended for use in the Internet Zone.)

Backup your files

Keep current backups of all personal and system files. A backup can restore lost data in the event your system's security is compromised or your critical files become corrupt.

Daily backups of your registry files are recommended. In addition, always create a backup before installing any new program or making any changes to your system settings.
Since system files in Windows XP cannot be simply copied while they are in use, XP users should use System Restore to create restore points. (A shortcut is placed by default under System Tools in the Start Menu, or you can find it at %SystemRoot%System32restorerstrui.exe.)

Disable File and Printer Sharing in your network settings if you are using a computer that is not connected to a Local Area Network (LAN). This will shut all NetBIOS ports - those which are used for the sharing of files. Even if you are using a router and a firewall, this is giving you added protection by disabling something you don't need.

1. Ensure your Operating System is up to date and safely configured
   
   Windows 2000, XP or ME can be set to download security updates automatically and prompt you for permission to install them. Microsoft.
   
   Make sure the security settings on your Web browser are at medium or high. If you are using Internet Explorer this can be done by going to Tools>Internet Options>Privacy.
   
   Consider using a more secure browser such as Firefox or Opera.
   
   
2. Check your system for viruses
   
   
   A virus is so called because it reproduces itself by using the facilities of the host PC to copy itself to removable media and attach itself to emails, without your knowledge. There are variants, which may be technically characterised as worms or Trojans, but you don't want any of these. Most commonly you get one by opening an email attachment or copying (from deceptive software on the Internet or a bootleg CD) a program containing the virus, on to an unprotected PC. They take over the compromised PC and either trash your data or use your PC like a zombie to send hundreds or thousands of emails containing copies of itself, and/or spam, maybe with copies of your confidential data, to everybody in your address book.
   There are many virus checking services offered free by the various Anti Virus vendors, such as House Call from Trend Micro
   
   These checks are only effective during the time that they are run and do not provide continued protection afterwards. You will need to install an Anti-Virus package for continuous protection. It is very important that it is updated regularly, ideally every day.
   
   
3. Install a Firewall
   
   A personal firewall blocks unauthorised network connections from either entering or leaving the computer. This helps protect you either from malware entering your PC, or using it to attack others. You can download the following personal firewall from Zonelabs.
   
   
4. Block SpyWare and Identity Theft
   
   "Spyware" is any technology that aids in gathering information about a person or organization without their knowledge. On the Internet, it gathers information such as email addresses, passwords, phone numbers, and credit card numbers, and relays it to advertisers or other interested parties. It is not to be confused with "Cookies" which are small files that contain a record of the last time you visited a web site; many e-commerce sites require their use to recognise returning visitors.
   
   
5. Be vigilant to protect your privacy
   
   Identity theft can ruin your credit rating and take months of effort to recover from. Exercise caution in your business affairs.
   
   If you receive an email allegedly from your bank, or Ebay, PayPal, FedEx, etc, asking you to verify your credit card data, it is almost certainly a scam, called "phishing". Sometimes it is inexpertly done and the web site address is not the real address but some variation on it. For example, ebay-accounts.com rather than ebay.com; or yourbankname.kr rather than yourbankname.ie. Report such attempts to the financial institution involved.
   
   Actually read the privacy policy and terms and conditions of a site before you give them personal data. Look for the check box that sometimes says "Allow third parties to send me emails" and sometimes "I do not want my address given away". Legitimate companies will allow you to unsubscribe from an e-mail list by replying with 'remove'. Best practice is not to send unsolicited commercial email at all. But never reply to spammers, as your reply verifies that they have found a valid e-mail address, and you’ll be on their list and everyone else's that they can sell that verified address.

E-Mail Security

HTML E-Mail

Disable HTML for e-mail or choose to view all messages as plain text if your e-mail client has such options - the better ones do; or use an e-mail content filter for web bugs and embedded content originating from a server other than the one belonging to the sender of the e-mail. Today's cleverly-coded e-mail worms can execute just by viewing HTML-formatted e-mail.

E-Mail Attachments

Never allow your e-mail client to "View Attachment Inline" ...unless you are sure it arrived from a trusted sender.

Never open e-mail attachments from strangers.

Use encryption software for sending your most private e-mail messages. If you don't, keep in mind that what you are sending is the equivalent of a postcard.

Never, ever use e-mail to send confidential information such as credit card numbers, bank account numbers, or your Social Security number.

Never respond to e-mail asking for confidential information. Any e-mail you receive requesting your credit card numbers, bank account numbers, or Social Security number either via e-mail or a web site link is surely an identity theft or phishing scam.

Cookies

Companies try to personalize web site experiences for their visitors. Some remember your login name and password for your convenience upon subsequent visits. Others offer news, stock quotes, and weather tailored to people's interests and location. This is done with a cookie, a small file created by the site, that collects specific information about your preferences or web browsing activities and stores it on your PC. Allowing all cookies, however, is unacceptable for those who care about privacy.