Operating system security
We need to start this by stating that Windows 9.xx (Win95/98/ME) is not a secure OS.  There are things that you can do to enhance its security.  The first step is to log onto the Microsoft Web site and check for any patches or upgrades to your current version of Windows 9.xx.  If your Win 98 version is not Win 98 Second Edition, then find a way to upgrade to SE.  The second step is to open the <Control Panel> by selecting <Start> <Settings> <Control Panel> from the pull-down menu, then select the <Add/Remove Programs> icon, and open the second <Tab> , then select <Assessories> , then the <Details> button to scroll down to <Windows Scripting Host> and uncheck it.  This will go to a great length to stop the Script type viruses from attaching a Windows 9.xx machine.  Updates to the Windows 9.xx OS are about the only other thing that can be done.

A third party utility must be used with the Windows 9.xx/ME OSs to implement any level of personal computer security.  Some level of security is afforded the computer when Windows 9.xx/ME is used in a NT/2000 controlled network.  No security is afforded at the local Windows 9.xx/ME computer.

The NT/Win2000 OSs have been designed as being secure.  This series of OSs from Microsoft can be made secure at the user/directory/file level.  User security can be locally administered, or, administered from the network level or domain level.  These OSs must be started by restarting the computer from the <Ctrl-Alt-Del> key stroke combination to start the computer.  This form of starting cleans the RAM (Random Access Memory) and starts the computer from the BIOS.  This precludes unauthorized users from starting the computer with outside boot disks.  The setup procedure for Windows NT 4.0 and Windows 2000 Pro is a little different, but the security features are the same.

The NT 4.0 Workstation/windows2000 Pro versions of this OS.  Security can be set at the password.  The password history, age, length, complexity, and domain characteristics can be set at the local machine.  The user identification (ID) and password are required for all local use of the OS.  User accounts can have lockout duration, threshold, and reset characteristics implemented.

Both NT Workstation and Windows 2000 Pro provide for audit of local user accounts.  User and account logon event, account management, directory and object access, policy change, privilege use, process tracking, and system events can be audited.

User Rights Assignment includes settings to allow access from the network, control the computer device drivers, backup, restore, take ownership of files and directories, and deny logon from the local computer.  There are many other settings in this category for controlling the local computer.  Security Options are even more numerous with over thirty-eight functions directly controllable from the system OS settings.  Encryption policies are also controllable.

Both NT Workstation and Windows 2000 Pro provide means of setting individual user and group Local Users and Groups.  There are default (built-in) Users and Groups as well as locally added users and groups.  The User Properties settings control settings for administration of the user password.  It also controls what Groups the user may belong to on the local computer.  Using these settings, more than one user may be assigned to a computer without compromising other local users.

Additionally, directories and files can be shared or restricted.  This is completely capable when the NT/Windows 2000 Pro HDD (Hard Disk Drive) is formatted as NTFS.  Partial restriction is possible when the Windows 2000 Pro HDD is formatted as a FAT32 drive.  It is key that you understand that for complete security benefit, the HDDs must be formatted as NTFS to gain both local and network security with NT/Windows 2000.

Internet Explorer
It is suggested that Internet Explorer (IE) version 5.0 or 5.5 be used.  If you are using Windows 95, then use IE version 5.0.  Upgrade to IE version 5.5 if you are using Windows 98/ME or NT/Windows 2000 Pro.  

There are settings in the IE <Tools> pull down menu that open to change IE settings.  This settings menu is reached by selecting <Tools> pull down menu, then selecting <Internet Options...> to open the settings Internet Options window.  There are six Tabs, General, Security, Content, Connections, Programs, and Advanced.  Each Tab has several settings.

The General Tab has three areas.  The middle area contains settings for the Temporary Internet Files.  Two buttons, Delete Files..., and Settings... are available for changes.  Temporary Internet Files contains the images, cookies, and other temporary files that the browser uses to speed its viewing and accessing capabilities. <Delete Files...> does that to the temporary Internet files, deletes them, no harm done.  The <Settings...> button manages those temporary files.  The Settings page determines when to renew these files.  It also determines how big the temporary holding directory is to be.  It allows you to view these temporary files.  The bottom section of the General Tab determines how long to hold the history of the sites visited by the browser.  It can be managed.

The Security Tab contains four icons at the top.  Each is concerned with part of the IE’s ability to access the Internet, the intranet ( local network), Trusted Sites, and Restricted Sites.  Each of these icons can be left at the Default Level..., or changed by the Custom Level... button found in the lower middle of the page window.  Use the Custom button to change the security level of the Internet icon.  Click the <Custom Level...> button to open a scrolling radio button list of settings concerning the use of the browser.  A series of headings concerned with the browser utilities are found by scrolling the list.  The first major heading concerns ActiveX plug-ins.  ActiveX plug-ins are utilities that make scripting easy for Web sites.  ActiveX utilities are also easy for hackers to place virus code in to attach one’s computer.  ActiveX utilities are also essential for accessing some sites, especially if data is to be moved. Settings for these utilities are enabled, disabled, or set to prompt by clicking on the radio button beside the feature wanted.  The list recommended may change as you use your browser.  Here is a cut I have made.

ActiveX controls and plug-ins: Download signed ActiveX controls-enable; Download unsigned ActiveX controls-disable; Initialize and script ActiveX controls not marked as safe-disable; Run ActiveX controls and plug-ins-prompt; Script ActiveX controls marked as safe for scripting-prompt.  The next group concerns cookies.  Allow cookies that are stored on your computer-prompt; allow per-session cookies, Not stored-prompt.  Downloads are the next category.  File download-enable; font download-enable.  Microsoft VM is the next category.  This category has to do with java scripting.  Java permissions is the category, set it to High Safety.  The Miscellaneous category contains all those Microsoft and HTML settings necessary for good browsing.  Access data sources across domains-prompt; Don’t prompt for client certificate selection when no certificates or only one certificate exists-disable; Drag and drop or copy and paste files-enable; Installation of desktop items-prompt; Launching programs and files in an IFRAME-prompt; Navigate sub-frames across different domains-prompt; Software channel permissions-medium or high safety; Submit non-encrypted data-prompt; Userdata persistence-enable; the next-to-last category concerns scripting.  Active scripting-prompt; Allow paste operations via scripting-prompt; Scripting of Java applets-prompt; the last category concerns User Authentication. Logon-prompt for user name and password.  In the Reset Custom Settings pull-down menu, set to medium.  If some Web sites such as Microsoft Support do not let you on, then change the scripting settings to enable for the duration of the browser search.

The Content Tab Sets up how you want your browser to look at Web sites.  If you are concerned about language, nudity, sex, or violence, then enable these under the Content Advisor button.  This may be handy if children are using the computer.  Set the Slider Bar for each rating you want to control.  A list of Approved sites can be set up on the Approved Sites Tab.  User options and passwords are set on the General Tab.  The Advanced Tab sets Ratings Bureau settings that can be obtained from other sources.

The Internet Options Advanced Tab is the last place to set up in the IE browser.  The list is long.  No Assessability boxes need to be checked unless there is a specific need.  The Browsing section boxes I have checked includes the defaults with these exceptions; uncheck Automatically check for IE updates; Disable script debugging; Enable Install on Demand; and the remainder are default by my useage.

Firewalls and anti-virus programs
I have written about these two subjects in past columns.  If you have broadband connected directly to your computer, then install a software firewall.  I recommend ZoneAlarm  .  ZoneAlarm is a free program to individual users.  I will be able to tell more about Norton Internet Security within the next few months as I a testing two versions at this time.  

Use a good Anti-virus program from one of the known developers such as Symantec Norton AntiVirus or McAfee.  Keep their signature files up to date.

Conclusion
Keeping one’s OS up to date along with the browser will go a long way to keeping one’s computer safe.  Protect against intrusion by keeping software or hardware between you and the world with firewalls and anti-virus programs.