RE: lock down personal Win XP workstation



Hi there,

Most of the trapdoors, Trojans and backdoors are pre-defined along with
locations like c:\programs files .. etc ... that installs it self if
once you access HTTP.

Windows firewall blocks the services, ports but it does not block the
specific viruses, Trojan horses which normally anti viruses companies
do.

Kind Regards,

Kami

-----Original Message-----
From: sun sadm [mailto:sunsadm@xxxxxxxxx]
Sent: 31 July 2006 17:45
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: lock down personal Win XP workstationher

Hi colleague,

Sometimes I am forced to use Windows XP. I only run a Usenet, web,
IRC, mail, ssh client and music player. I regularly check for security
fixes.

To lock down my workstation I enable "Windows Firewall" to block all
traffic expect the applications mentioned above. I enabled "Automatic
Updates". Additionally I use "Security Configuration and Analysis" MMC
console and apply the predefined security template called hisecws.inf.
I don't use a virus scanner because I am not a license owner.

How secure is this setup? Are there ways an attacker can break my
system? Where are vulnerabilities? How would you break my system?

Nico

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence
in Information Security. Our program offers unparalleled Infosec
management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this esteemed
degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---






---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------



Relevant Pages

  • RE: A degree in MSIA - the various programs
    ... I am a 2005 graduate of the Norwich University Information Assurance ... Norwich is the well-known Information Security Specialist, ...
    (Security-Basics)
  • How to get into Penetration testing?
    ... I think it is very good for a pen tester to have programming ... security company's position. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
    (Security-Basics)
  • Re: Changing user password policy
    ... doing this with good security. ... > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... > The NSA has designated Norwich University a center of Academic Excellence ... Our program offers unparalleled Infosec management ...
    (Security-Basics)
  • RE: Sandboxie
    ... No sandbox product is fool proof. ... Java's first security model was fairly secure. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic ...
    (Security-Basics)
  • Re: lock down personal Win XP workstation
    ... IRC over public wireless sparingly. ... Additionally I use "Security Configuration and Analysis" MMC ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic ...
    (Security-Basics)