Re: Multi spyware
From: winged (winged_at_nofollow.com)
Date: 01/19/05
- Next message: winged: "Re: Dial Up Networking window popping up problem."
- Previous message: Technobarbarian: "Re: What about this!!!"
- In reply to: lorrie veigel: "Re: Multi spyware"
- Next in thread: John Hyde: "Re: Multi spyware"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 18 Jan 2005 23:59:54 EST
lorrie veigel wrote:
> Well I hate to get in this, but I speak as a 77yo gray haired woman who
> managed a BS in Science in my day, I must say that newbie is right, and
> the "fixing" of the browser makes the study of immuno- physiology seem
> like a piece of cake.
>
> Now I just had this PC of mine updated to the very latest sp2 with new
> AV, Spycatchers, firewalls etal. Then I began to read the MS site on
> how to fix IE Browser. I figure if I keep at it, I may be able to
> accomplish it in another week. After I get thru all the tabs, tools,
> advanced, properties etal.
>
> However, my thanks to all those who patiently help on these forums.
> They are great.
>
My recommendation is do not use IE as your default browser. While it
seems to be problematic to remove IE from MS OS you can have a different
browser by default. My Personal choice is Mozilla Firefox
(www.mozilla.org), but there are others. You still have to continue to
feed the IE maintenance engine, but you won't be compromised while
waiting for the outstanding fixes. There are currently 3 unfixed
exploits in IE after you get all your current patches up to date.
If you must use IE disable activeX controls from all zones if possible.
Do not use outlook or outlook express as your e-mail client. In the
case of the web it is best to get e-mail and the browser seperated from
the OS as far as possible. There is a new ActiveX cross zone exploit
out there which allows the script of the bad guys choice to run with the
perms of the operator. Outlook has all the compromises of IE. There is
an additional open IE exploit that, when script is run in the local zone
it elevates permission level of the script to run with System perms
(root). Outlook induces the same vulnerabilities to the system as the
IE browser has. It is a very integrated package. My personal choice is
Mozilla Thunderbird, but there are many fine e-mail clients out there
that do not allow scripts to run inside the e-mail viewer.
While I do understand there have been security issues with the Mozilla
clients none of them have allowed an anonymous attacker to take over a
system by sending an e-mail.
Just as in the old days, don't run as administrator (root) when
processing external data (e-mail, browsing etc).
Ensure the administrator account is renamed and the guest account is
renamed, passworded then disabled (Ok call me paranoid). Ensure all
passwords are complex and are 10chars or longer. Recommend ensuring
that all 4 char sets are used (Upper, lower, number, and special).
Remember alt chars can also be used in password creation.
NetBIOS ports 135-139 should be blocked by the system firewall. Most
people do not need to expose these ports to the Internet. If you must
enable Netbios (some net games require this for access), ensure to only
allow the netbios server involved to talk to the port and deny access to
all others. If someone can see your netbios, the OS can provide all
kinds of wonderful information to an attacker to compromise the system
to include all accounts on a system and whether the account has a password.
Block Trivial FTP (TFTP (69) and Port 445 From communication outside
your network.
Ensure the software firewall on system allows you to limit what software
is allowed to communicate and ensure you know every application allowed
to communicate. If you can't identify the application, it probably
don't need to talk.
Beware of chat tools, yea verily several lead to a path of compromise.
Yahoo chat, MSN chat and AOL AIM have all had compromises that allowed
remote attackers to take over a system.
Turn off unneeded services.
http://www.blackviper.com/WinXP/Archive/servicecfg.htm is a good general
reference to what services are needed. If you have services running not
listed, search and find out what the service does. An easy trick is to
put the service name in google and google it. I will never understand
MS approach of turning everything on whether or not it is needed.
I guess this will give you something to do while waiting for those
downloads...
Regards,
Winged
- Next message: winged: "Re: Dial Up Networking window popping up problem."
- Previous message: Technobarbarian: "Re: What about this!!!"
- In reply to: lorrie veigel: "Re: Multi spyware"
- Next in thread: John Hyde: "Re: Multi spyware"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
