Hey Hey,

You have two different questions albeit similar. Your topic is 'What do you need for a secure computer?'... There's no definate answer for this other than to say an educated user... That's the best security... Give an idiot the most secure computer in the world and they'll find a way to infect it with spyware or a virus (BTW virii isn't a word.. this was discussed before :P).

The other is how can you improve your setup.... I'll give you a few answers... some of which may or may not be agreed with.

1. Disable non-essential services. Disable Messenger service.. if you don't have wireless disable the Wireless Zero service. For more information on services check out http://www.blackviper.com/WinXP/servicecfg.htm

2. Create a standard user account and restrict the hell out of it. Use it for your day to day computer activities... Use the administrator/power user account only for installing/configuring software

3. Be Aware of patches for software other than your OS... MS Office (if you use it) is a big one... regularly check http://office.microsoft.com for updates.

4. Do you live in residence? If you do then I guarentee someone is watching what you do.. in some way, shape, or form... If you want this to be a big learning experience you could setup an SSH Tunnel to another computer (assuming you have a second machine at your parents home or anything like this)... You could then encrypt everything until it leaves the college.. ensuring that no one is snooping on what you do.

5. You could setup and deploy an IDS.. It'll let you know if people are trying to access your computer.. but you can add your own signatures in most cases and set it up to watch for network viruses... You could begin to watch trends... and this knowledge will show you the most common patterns that viruses take... you could then protect against these. Hell with a little bit of VBS knowledge and a cell phone you could create a script that would notify you when certain actions occur with your computer even when you're away

6. Avoid P2P apps... I can't stress this enough... everyone goes away to college and starts whoring bandwidth and downloading like crazy... This is the cause of half of our problems with students.. they download everything and don't pay attention.

7. Make sure that in Explorer, under Tools --> Folder Options --> View that you
- Uncheck Hide Protected Operating System Files
- Uncheck Hide Extensions for known file types
- Select the Show Hidden Files and Folders radio button

8. Verify attachments. Even if you trust the person. We had an employee infected with mugly because he trusted the person the attachment come from... If you aren't expecting something... don't open it.. verify the authenticity with the person.

9. If you are worried about network attacks as well as viruses and malware.. install a home router (if you can afford it)...or find an old PC and download FreeSco or some other router on a disk..( this way you don't require a hard drive)... While hiding behind a NAT device isn't the greatest means of security (it's security through obscurity in many ways) ... but it's still keeping your machine directly off the network... This will also help protect against most Network Aware malware and viruses

10. I wanted to round this list off with an even 10 items... so last but not least ensure you keep your current defense arsenal up to date.... AVG by default (last time I checked) only updates every 14 days... I changed mine to a daily update... Also check for updates to other programs regularly.

Anyways... that's my list... love it or leave it... it's your choice...
Good luck with your quest.

Peace,
HT