Re: Is complete home security possible?

From: Charles Newman (charlesnewman1_at_comcast.net.spammers.will.be.shot.on.sight)
Date: 02/06/05 

Date: Sat, 5 Feb 2005 23:17:26 -0800

"Leythos" <void@nowhere.lan> wrote in message
news:pan.2005.02.05.20.50.41.170111@nowhere.lan...

> 3) Block outbound ports 135,136,137,138,139,445,1433,1434 (these are

     1433 and 1434 should also be blocked to prevent Kazaa from being
used on your network. Kazaa uses port 80, and ports 1000-5300

> destination port blocks, not local port blocks).
>
> 4) Install a quality antivirus program - one that gets frequent updates
> and ranks in the top 3 by most corporate users.

   The thing is that the major antivirus makers want you to pay a
subscription fee now. Avast is free for home use, and no subscription
fee, and it will scan everything on your PC that goes in or out of your
network.

>
> 5) Setup Windows Updates to install at 3AM every day.

    The best way is to have it search for and download updates
every time the machine is booted.

>
> 6) Download and install FireFox and ThunderBird - free browser and email
> clients.

     If you wamt to use Usenet, you will need Outlook Express installed.

> 9) Create a "User" type account and use it instead of an "Administrator"
> level account - only use Administrator to install software or to run
> programs that won't run as User - do not play with email/web when as
> Administrator.

    If you are a gamer, some computer games will only run in administrator
mode. Flight Simulator does this I know. If I log in under anything other
than an administrator level account, I will an error message on FS98,
FS2002, and FS2004, sayying that I need to be an administrator to
use the program, and I have heard of a lot of other games having this
problem.

>
> 10) Monitor the in/outbound logs from your NAT router - this will tell you
> what's going on with the public network connection. If you get a linksys
> router you can download WallWatcher for free and it's very clear as to
> what's happening with your Internet connection.
>
> 11) If you're machine is compromised, get a router with NAT, get behind
> it, and then wipe/reinstall your system - while you're get people telling
> you that you don't have to go to that extreme, do you know of any way YOU
> can be sure that you have a clean machine? I've never signed a document
> saying a compromised system was clean unless I wipe/reinstall it, and I
> won't either.

     No argument there. I have a clean disk image made from Norton Ghost,
and I regularly ghost my machines once a month. You should regulrly ghost
your machines once a month.
     In another newsgroup, one guy called my crazy for regularly ghosting
my machines to get rid of any malware, but it is the only way to be sure
nothing bad is lurking inside your machine. Where I went to college, they
had a program they ran daily before closing the labs for the night which
restored the machines to a specific configuration and got rid of any
software that any students may have installed during the day, as well as
any viruses and the like that may have come in.

>
> --
> spam999free@rrohio.com
> remove 999 in order to email me
>

Relevant Pages

  • Re: Re[6]: [Full-Disclosure] Response to comments on Security and Obscurity
    ... > Security policy is never our of date because it's reviewed on regular ... > your internal network) and filter some junk mail on your mail server, ... administrator could filter all that data by hand. ... > port. ...
    (Full-Disclosure)
  • RE: Having problems adjusting to XP
    ... How can I learn about Network Places, and possibly get rid of ... My Network Places - which I don't understand ... I am the administrator, I am all users, I am the ... I am very jealous of the amount of disk space given over to keeping things ...
    (microsoft.public.windowsxp.basics)
  • Re: Having problems adjusting to XP
    ... the wonderful ways I can use Network Places, but did not suggest how to get ... rid of them. ... "P D Sterling" wrote: ... I am the administrator, I am all users, I am the ...
    (microsoft.public.windowsxp.basics)
  • How can I open a firewall port?
    ... I know that it is a stupid question, but I´m not a network ... administrator, and I need to open a port on my firewall. ...
    (comp.security.firewalls)
  • Re: Windows XP and Viruses
    ... Other than that there is no need to be on the network but we ... port number. ... Isn't a simpler concept to not install the malware in the first place? ... as a non-privileged user NOT ADMINISTRATOR. ...
    (comp.security.firewalls)