Get Two-Way Firewall Protection

No desktop should be without a personal firewall, but even if the Security Center says you're protected, you may not be. The Windows Firewall within Vista blocks all incoming traffic that might be malicious or suspicious—and that's good. But outbound protection is not enabled by default. That's a dangerous situation if some new malicious software finds its way onto your PC. Microsoft did include the tools for Windows Vista to have a true two-way firewall, but finding the setting is a little complicated. (Hint: Don't go looking the Windows Firewall settings dialog box.)

To get two-way protection in Windows Vista, click on the Start button; in the search space, type wf.msc and press Enter. Click on the Windows Firewall with Advanced Security icon. This management interface displays the inbound and outbound rules. Click on Windows Firewalls Properties. You should now see a dialog box with several tabs. For each profile—Domain, Private, and Public—change the setting to Block, and then click OK.

Even if you do this tweak, I recommend adding a more robust third-party firewall. I suggest either Comodo Firewall Pro or ZoneAlarm, both of which are free and fare very well in independent firewall testing.

Lock Out Unwanted Guests

If you share your computer with others (and even if you don't), Windows Vista includes a neat way to keep unwanted guests from guessing your system administrator password. When you set up users and declare one user as administrator (with full privileges), Windows Vista allows outsiders unlimited guesses at the password you chose. Here's how to limit the guesses.

1. Click Start, type Local Security Policy.
2. Click Account Lockout Policy.
3. Choose Account Lockout Threshold.
4. At the prompt, enter the number of invalid log-ins you'll accept (say, 3).
5. Click OK and close.

Now Audit Your Attackers

With the Account Lockout policy in place, you can now enable auditing to see any account attacks. To turn on auditing for failed log-on events, do the following:

1. Click the Start button, type secpol.msc, and click the secpol icon.
2. Click on Local Policies and then Audit Policy.
3. Right-click on Audit account logon events policy and select Properties.
4. Check the Failure box and click OK.
5. Right-click on Audit logon events policy and select Properties.
6. Check the Failure box and click OK.
7. Close the Local Security Policy window.

You can then use the Event Viewer (by running eventvwr.msc) to view the logs under Windows Logs and Security.

Secure Your Internet Explorer Settings

The Windows Security Center will also report whether your Internet Explorer 7 (or IE 8) security settings are at their recommended levels. If the screen shows this section as red, you can adjust the settings within the browser itself.

1. Within Internet Explorer, click Tools in the menu bar.
2. From the drop-down menu, click Internet Options.
3. Choose the Security tab.
4. Within the Security tab, click Custom Level.

Here you'll see a window with all the security options for the browser. If any are below the recommended level (if, say, some kind of malware reconfigured your browser settings), these options will be highlighted in red. To change an individual setting, click the appropriate radio button. To reset them all, use the button near the bottom of the tab. You can also change the overall security setting for Internet Explorer from the default Medium-High setting to the recommended High or Medium, if you wish. Click OK to save and close.