{{tag>blog english it-security windows_10 windows_11 windows}}

====== Security on the net ======

<mermaid>
  timeline
      title version history
      2005 : 1.00 - Win XP
      2008 : 1.01 - Win XP / 7
      2023 : 2.00 - Win 10 / 11
</mermaid>

===== 1. general security =====

Passwords should never be stored in plain text on a PC. The use of a password manager is recommended to protect passwords. It should also be avoided at all costs to always use the same password. Ideally, there should be a separate cryptic password for each service or website. More information about [[en:it-security:passwords|password security can be found here]].

With the open source tool [[https://keepass.info/download.html|KeePass]], you can create and manage your passwords securely. If you store the portable version in the cloud, you can access it from multiple devices.

It is also advisable to encrypt sensitive data using container software. A good freeware solution is veracrypt. Available at [[https://www.veracrypt.fr/code/VeraCrypt/]]. To protect sub-areas in a cloud, you can use [[https://cryptomator.org/de/downloads/|Cryptomator]] can be used.

/*In order to be able to deal with the topic of firewalls in the next section, I will first introduce general ports that should definitely be closed and those that must be opened or forwarded for special applications.

  * the NetBIOS TCP port range 135-139 should be blocked
  * DCOM TCP port 445 is also a major target*/

==== Further security tips: ====

  * Firewalls and anti-virus programmes should ALWAYS be switched on. A PC on which the firewall is only switched off for 5 minutes for testing purposes is potentially at risk

===== 2. protection through hardware =====

==== I. Hardware firewalls ====

Hardware firewalls are available in different versions - I will introduce the most common variant:

>DSL routers normally take over the routing functionality and can block access from the Internet to the local network (port filter functionality). With the help of NAT, it is possible to operate several computers on one DSL modem. Such products usually do not include a content filter." <sup>[[wp>Firewall]]</sup>
 
===== 3. protection through software =====

==== I. Personal firewalls ====

>A personal firewall (PFW, also known as a desktop firewall) is software that filters the incoming and outgoing data traffic of a PC on the computer itself. This is intended to protect the computer, but its effectiveness is controversial. While the newsgroup de.comp.security.firewall doubts the effectiveness of personal firewalls, the German Federal Office for Information Security (BSI) has listed the personal firewall as a recommended protective measure for Internet users." <sup>[[wp>Personal_Firewall]]</sup>

==== II. Antivirus programmes ====

>"An antivirus programme (also known as a virus scanner or virus protection) is software that is designed to detect, block and, if necessary, eliminate known computer viruses, computer worms and Trojan horses."<sup>[[wp>Antivirus]]</sup>

Windows Defender offers sufficient basic protection under Windows 10 and 11.

==== III Anti-spyware programmes ====

>Spyware (a combination of spy, the English word for spy, and -ware as the ending of software, i.e. programs for the computer) is usually referred to as software that sends a computer user's data to the manufacturer of the software (Call Home) or third parties without their knowledge or consent, or is used to offer products to the user via adverts. Intelligence services also use spyware to collect information about individuals.<sup>[[wp>Spyware]]</sup>

A freeware solution against such software (Spybot Search and Destroy Portable) is available here:

[[https://portableapps.com/apps/security/spybot_portable]]

==== IV. Windows Updates ====

It is essential to avoid deactivating automatic Windows updates. These days, security vulnerabilities are attacked just hours after they become known.

==== V. Software updates ====

Not only Windows updates are important! It is advisable to keep all software up to date.

===== 4. check and evaluate information =====

Another important building block for security is checking and evaluating information. Software should only be installed from trustworthy sources. E-mails should also always be checked for authenticity first (check sender, evaluate content).

Further information from the BSI can be found in the appendix.

===================================================================================

===== 5. appendix =====

Further sources of information:

https://www.bsi.de/