Wrong Install Instructions

There are going to be occassions where you decide that you want to install new software onto your computer. In most cases the install process is either extremely straightforward and all you need to do is to run the install program and it will take you straight through the process or if the install is slightly more complex then it will have some instructions with it oo run the install. These instructions are usually accurate but there are a couple of things that the instructions sometimes say which is completely the wrong thing for you to do.

You can tell that the instructions are wrong when you find install instructions that tell you that you need to turn off your antivirus program or firewall while running the install. At least those statements are incorrect for all circumstances except where you are installing a new antivirus program or firewall where you do need to turn the old one off in order that it can be uninstalled and replaced with the new version.

For all other software, turning off your antivirus or firewall while installing it is the worst thing you can do.

The correct way to have your computer configured is with an administrator account and a separate regular user account where you normally do all your work in the regular user account and only use "Run As" to run programs using the admin account or log into the admin account itself in order to run program installs and uninstalls and utility programs that need access to the entire systemsuch as programs to defrag the hard drive or clean junk out of the registry. Running all of your normal processing in a regular user account means that the account you are using doesn't have access to be able to do certain things that you don't need to do as part of your regular processing but which malware such as viruses will probably try to do. This provides you an additional layer of protection in that any malware that successfully gets past your antivirus program still can't install what it wants onto your system since your user account doesn't have that access.

When you are actually running an install of a new program you have to use the admin account and so this extra layer of protection that you normally have isn't there while the install is running.The very last thing you want to do in situations where you have to lose one layer of protection is to deliberately turn off one or both of the other two layers of protection that your antivirus and firewall provide.

So if the instructions for installing a program say that you should turn off either of those two programs and you are not actually trying to replace either of those programs directly then you need to ignore that step in their instructions. Your antivirus program should not interfere with a legitimate program install at all since it is intended to prevent viruses being installed. The only time that such a program would interfere with your install is if the program you are trying to install actually contains a virus or if it contains something that your antivirus program misidentifies as a virus. If your antivirus program does trigger an alert and prevent your installing the program then you definitely need to perform a lot of additional investigations in order to determine whether the copy of the program is infected with a virus before you consider telling your antivirus program to ignore the alert and proceed with the install anyway. In almost every case the program install will proceed with your antivirus still enabled without any problems. In almost every case where it does give problems the antivirus program is doing its job correctly and the program you are trying to install is infected. The situation where the antivirus program gives a false positive and prevents the install of a legitimate program is very slight. In that remote instance the appropriate action to take is to report the problem to the antivirus company so that they can make the necessary corrections so that the program does not get misidentified as a virus. This may result in a few days delay in being able to install a program but it isn't at all likely to be the case to start with and is the by far safer option.

Turning off your firewall is an even worse suggestion. Before turning off your firewall you should turn off your internet connection. It only takes a few minutes for a computer connected to the internet without the protection of a firewall for who knows what to get loaded onto your computer. I have heard of computers that were accidentally left connected to the internet when a brand new install of Windows was being done where by the time the Windows install was finished several thousand different viruses had installed themselves as well. Only if your computers are on a local network where there is an additional firewall in the router connecting the network to the internet is it safe to turn off the firewall on an individual computer and then only if you are absolutely certain that there is nothing already on the computer that will be able to take the opportunity to send outgoing messages while the program blocking its internet access is turned off.

I therefore recommend that apart form when you are actually installing a new version of your firewall that you never turn the firewall off.

Now if your newly installed software does require access either to your local network or to the internet during the install process then your firewall should pop up an alert telling you what program is asking for what access. If you approve all of these accesses as a one time thing during the install then it is no different from your having turned off the outgoing half of your firewall while leaving the incoming half of the firewall enabled. The one difference though is that you actually get a list of exactly what has requested the access and have the opportunity to consider denying access to anything that looks suspicious or to research what something is before giving it access. The worst that can happen if you deny some part of the installer the access that it needs is that the install will fail. Since you are not setting up permanent instructions to the firewall you can simply rerun the install and give the necessary access permissions if you made a wrong decision the time before. The important thing is that the incoming half of your firewall remains enabled and so nothing can sneak into your system while you are running the install unless there is already something on your system to request it.

The only time you should set up permanent instructions for your firewall to follow in what does and doesn't have outwards access through it is when you come to running the actual program that you have installed. Here I suggest that you do it the following way so as to reduce the chances of your accidentally granting something access that shouldn't be given access. If the program runs the first time using the admin account then temporarily deny everything. Don't start giving the program access out from your computer until you can switch to your regular user account and run it from there. On the first occassion you run it from your regular account you can approve the accesses temporarily and make a list of what it asked for. Then when you run it a second time from your regular user account and it asks for the same accesses again as it did the first time then and only then do you make them permanent. By leaving it until then to grant any permanent accesses required you avoid granting permanent access to anything that is only needed while the program is being installed and configured in the first place and hence keep the number of permanent entries that you set up to a minimum.

Keeping your antivirus and firewall enabled when installing new programs will help to maintain at least some protection on your computer during the install process as well as providing you with some information on what accesses are being requested to do the actual install. If you keep a list of all the access requests then at least you'd have something to help in working out what happened if somehow something manages to get into your computer at the exact same time as you are doing the install and you accidentally approve it to access the internet along with the requests made by the program you are installing


This article written by Stephen Chapman, Felgall Pty Ltd.

go to top

FaceBook Follow
Twitter Follow