The countermeasures to these threats involve three elements, people, technology and policy. People will be concerned on the awareness, knowledge and skills as countermeasures, technology will be concerned on tools and programs as countermeasures and policies and Standard Operating Procedures to govern the implementation of the countermeasures. Secure DSL connection A secure DSL connections depends on the topology of the component in a DSL connection. The most wide spread use of the DSL format is ADSL which stands for Asymmetric Digital Subscriber Line and is used for residential and small businesses to connect to the Internet at high speeds. 

Sean Boran in his article at http://www.securityportal.com  has recommended modem topology for a secure ADSL connection. We find this is a good and secure topology for home users using DSL connection. Recommended secure ADSL connection topology: NOTE: The modem must be external and not an internal card in a PC. Assuming a single PC is protected: ADSL Modem Internal PC Phone line Personal Firewall Assuming a small network of up to a few PCs are protected 

Generally, another way is to turn off your computer or disconnect its Ethernet interface when you are not using your computer as an intruder cannot attack your computer if it is powered off or otherwise completely disconnected from the network. Patch your system with latest patches as many security incidents are attributed to .vbs virus and unprotected file sharing are as a result of not keeping updated with Microsoft's latest patches. Microsoft (http://www.microsoft.com) is always coming up with latest patches to patch any vulnerabilities discovered on Windows operating systems. These patches are critical to defend against vulnerabilities in Windows and Internet Explorer. 

Basically, a personal firewall defends computers and networks from malicious and unauthorized access or connections. Personal firewall alerts users when someone is attempting unauthorized connection to their PCs and has the ability to block intruders from connecting to the computer again. The following personal firewalls are good defense mechanism against these threats. Zone Alarm has the capability to close netbios port and other ports in Windows operating systems, will stealth ports and stop covert information exchange in the system. It is available at http:// www.zonelabs.com . Zone Alarm's newest version also has a feature to help guard against .vbs viruses. These programs are also good to use for small networks using a dial up connection, DSL or cable modems. ATGuard can be configured to handle ActiveX and JavaScript and restrict access to other areas of your system. BlackIce Defender has the packet-filtering firewall component and intrusion detection component which has stateful inspection capabilities to monitor the system. Interestingly, Black Ice Defender can identify a malicious traffic before permitting the traffic in and upon detection it will alert you, log the activities and block it. Black Ice Defender is also able to gather information about the attacker such as host name and MAC address.