Re: The importance of Securing Your Home Computer



Sebastian, between the swearing and the oversimplified tidbits of
security steps, is it safe to assume that you are a technical guy, and
not a business guy?

- disable unnecessary services
- use a restricted user account just like any other sane computer user
- don't run defective applications

It works great here on these forums for security people, but if any of
my clients read what you listed, they'd ask you to articular your
thoughts more clearly.

The very fact that ZA DOES alert you to inbound traffic and a user can
choose to deny access, does the job at the outset. The problem is not
necessarily the software, but the education of end users on what is
safe and what isn't safe.

I'm done with this post as any further replies will probably invoke
further flames.

Thanks for sharing though,

Regards


Sebastian Gottschalk wrote:
DigitalFray@xxxxxxxxx wrote:

I appreciate everyone's feedback but clearly I haven't been asked any
qualifying questions about the kinds of people I'm dealing with, other
business services I offer, nor are you recognizing the fact that there
are a lot of people who just aren't computer security experts.

Yeah, these are your fraud targets.

Of course there are loads and loads of ways to be uber secure and
prevent all but a nuclear bomb from going off in your box but some of
the feedback sounds a bit like a flame to me.

Sorry, but this is bullshit. Personal "firewall" don't even increase
security.

The simple fact that pop-up queues exist is because the application
cannot distinguish between legit traffic and illigitiment traffic. The
application (Zone Alarm in this case) asks users on the fly whether to
allow inbound and outbound traffic. I agree the descriptions and aid to
a user could be improved here since half the time they don't know which
button to click "allow / deny."

Not half the time, always. But the malware knows it 100% of the time.
These popups are just useless.

ZoneAlarm Internet Security Suite does
a good job because it handles spyware, viruses, and software firewall
as a single solution.

It doesn't, and a single solution is bad.

To get someone up and running and a first line of
defense, this is what I recommend.

A personal "firewall" being the first line? Then your concept has
already lost.

Again, it works well for many of my customer's needs.

Now, you _believe_ that it works well. Provably it doesn't.

The problem is there is not a straight forward setup for most users to
get as secure as many of you people trolling the security forums are
privy to.

And personal "firewalls" won't help.

This simple explanation is to get people started. What I have outlined
does the job for someone on a budget and not knowing all the ins and
outs of hardware firewalls and other security means.

So why don't you get people "started" instead of offering them bullshit
non-solutions?

Many of my clients do not want to spend a lot of money.

Why spending any money for home computer security at all? A pure waste.

Time. How long does it take to setup a relatively secure home network?

Ehm... about 5 minutes.

How long does it take an amateur?

Ehm... about 2 minutes.

You'd be foolish to assume everyone
has, or even wants, to spend any time at all on setting up a strong
network at home,

So why do you offer personal "firewalls" which requires a lot of time
and knowledge to still achieve nothing at all?

Think of people who don't spend a lot of time thinking about computers
at all, much less security.

Damn, I need a macro for pointing you over the same thing repeatedly.

Again, I would appreciate any feedback that is constructive about ways
to improve the process, additional steps, or effort for helping people
be more secure all around.

You've already got sufficient:

- disable unnecessary services
- use a restricted user account just like any other sane computer user
- don't run defective applications
- don't turn of your brain when turning on the computer

.



Relevant Pages

  • [REVS] Bypassing Client Application Protection Techniques
    ... Get your security news from a reliable source. ... protection programs. ... * Kerio Personal Firewall 4.0 ... And we got actually nothing in the field of client application ...
    (Securiteam)
  • Re: Recycler security issues on IIS server
    ... > latest upates to the server. ... > like to see the server put behind our firewall, ... other software, install all patches, IISlockdown, URLscan, use the correct ... the procedures you follow may vary depending on your security needs. ...
    (microsoft.public.inetserver.iis.security)
  • Why hasnt Symantec addressed nastier Messenger spoofs
    ... Norton / Symantec has been silent on whether Norton Internet Security ... DSL firewall will stop these kinds of pop-ups. ... major ISPs and broadband systems. ...
    (comp.security.misc)
  • Re:RE : suggestions on a good firewall
    ... Subject: RE: suggestions on a good firewall ... CheckPoint does! ... with a url-filtering server. ... IT Technical Security Officer ...
    (Security-Basics)
  • RE: IDS is dead, etc
    ... that in security, there can be no "perfectly implemented" anything. ... How can you make your systems safe? ... > properly configured firewall removes the need for an NIDS. ... Precisely Define and Implement Network Security and Performance Policies ...
    (Focus-IDS)