Guest Post: How to Test Your Online Security

Erik Bernstein information security Leave a Comment

[Editor’s note: This guest post comes to us courtesy of tech enthusiast and blogger Cassie Phillips. Thanks Cassie!]

Tips to help you see just how secure your ‘net use really is

Have you ever wondered just how secure your internet usage really is? Are you truly secure, or are there perhaps vulnerabilities you’ve yet to consider? We’re going to have a look at some common, but effective, ways to test just how protected you really are.

For reference, you should never test your security by intentionally engaging in risky behaviors, such as downloading viruses, clicking on links you know are bad, etc. That said, you should first ensure you actually have the security software we’ll be looking at testing.

Online Security Software

There are three main types of software you should have installed on any of your devices before you begin testing your security: an anti-virus program, a Virtual Private Network (VPN) and a firewall. Each covers a different area of online security.

An anti-virus, as you likely know, handles different forms of malware, typically viruses. You’ll want to ensure yours is up to date and activated. If you were using a trial version or paid version and let the license expire, you could be in for some trouble. Consider a free anti-virus software, such as AVG or Avast, as they work great for personal use.

A VPN is typically a paid service that allows you to connect to a remote server which will conceal your IP address with its own and encrypt your inbound and outbound traffic. Having a VPN is one of the best ways to deter hackers from getting into your devices and injecting malware or stealing information. Consider a service, such as ExpressVPN, which offers unlimited bandwidth, so it won’t slow down your connection.

Firewalls are usually included in desktop services (Windows and Mac), but you’ll want to ensure they’re turned on. A third-party firewall can do some good, particularly on mobile devices. A firewall closes ports to outside traffic and hides your computer from other users on the internet, so long as it’s configured properly. If you’re behind a router, that can also act as a firewall.

Testing the Waters

There are a number of different ways to test a firewall, but the easiest is probably the ShieldsUP! website. There, you can have your ports individually scanned to see if they are visible or vulnerable to outside attack. Because they are the easiest way for someone to get into your devices, it’s the first place you should start.

As I mentioned earlier in the article, you don’t want to test your anti-virus by trying to find a virus. Instead, there are files designed to register similarly to actual malware to ensure your anti-virus is actually picking things up.

If you check out Eicar’s website, you’ll find a file very close to their name: an EICAR. This is essentially a harmless file that you can download to see if your anti-virus reacts. If it doesn’t, check to ensure your anti-virus software is up to the most current version or consider using a different program.

To ensure your VPN is working correctly, visit a website that displays your current IP address. In fact, all you really need to do is Google “IP address,” and yours should show up as the first result. That IP address should be different depending on whether or not you’re currently connected to your VPN.

Some VPNs, however, may be vulnerable to JavaScript exploits. If you’re using Firefox or Chrome, it may be possible to get your real IP address even if you’re using some VPNs. To verify this, you can find your IP address with and without your VPN, then check it on the WebRTC test page. If your normal IP address shows up despite using your VPN, that means you have a vulnerability.

Out of Date Plugins

Another software-related problem you may encounter is with outdated programs or plugins. Increasingly older versions of software are being exploited for security vulnerabilities that have been fixed in newer versions. That means if you aren’t staying up to date, someone may be able to use that exploit to infiltrate your machine and steal your information.

Mozilla has a useful tool for checking if plugins are up to date, and you can even use it for other browsers. As for other types of software, consider turning on automatic updates or checking each program to see whether or not there is a newer version. Though occasionally updates can cause problems, most are generally aimed at solving previous issues.


Even though you might have good security software and current plugins, your online accounts may be in danger if their passwords are weak. Although websites vary in the type of passwords they will allow, you’ll want to adhere to a few guidelines whenever possible.

Strong passwords are longer passwords; at least eight characters constitutes a good minimum, although if a service allows you should try to make it bigger. A combination of uppercase and lowercase letters, as well as numbers and symbols, helps to create a stronger password. Also check that none of your passwords are over a year old; the longer you have the same password, the greater the chance it will be found out.

Unfortunately using the same password on multiple accounts is also a big problem. If you’re guilty of this common mistake, consider changing any offending passwords. The main concern is if a service gets hacked, multiple accounts in your name could become vulnerable.

Security Checklist

In short, there’s really no panacea for online security. Many different avenues exist to threaten the integrity of your devices and each must be addressed separately. It isn’t necessary, nor is it desirable to perform security checks on a personal device all the time, but it is something you should definitely get around to now and then.

The only thing that shouldn’t wait is updating your software. Although you may sometimes be forced to wait for a program to update, it’s certainly worth the headaches you avoid by not having your systems compromised.

Cassie is a technology and internet security enthusiast. She enjoys sharing her knowledge with those who can benefit.

Leave a Reply