Re: Home Networking/Firewall problem

Ben Hardy <ben@xxxxxxxxxx> wrote:
OK, so although many millions of users have been mislead, MSIE is not a
web browser!

It depends on the definition. I'd say it's a very buggy web browser,
while Sebastian insists, that a web browser is a software, which
correctly implements HTML and XHTML ;-)

No, I haven't noticed this. I've used it for a while and haven't been
aware that it can be bypassed, I haven't been subject to DoS attacks and
have no idea what you mean by 'certain vectors of privilege escalation'.
Are you showing off or have you lost the ability to communicate in English?

Hm... Sebastian is communicating using technical terms. One of the
disadvantages of many "Personal Firewalls" is that they're implementing
security design flaws. Some of them can be abused by attackers and make
your PC more insecure instead of more secure.

A common design flaw is that many "Personal Firewall" implementations
like for example Outpost, Sygate, Lavasoft, Novell Border Manager are
installing system services, which open windows (i.e. popup windows).
This they shouldn't do, because this opens possibilities to compromise
security on your PC. Sebastian calles this an "attack vector", a possible
way to attack.

Here you can see a recent example:

http://www.ben.goulding.com.au/secad.html

Regarding 'restricted privileges' I will have to look into that as
currently I'm not familiar with how or what to implement.

Add an extra user account. Don't make this user an administrator.
Use this user to work, not the administrator user you created with
setup.

I think that either you or I am losing the plot here somewhere.
I restate that I and many millions of other PC users are *NOT* network
specialists. We all use the Internet daily for purchasing goods, running
our Bank accounts and much else besides. If all of the software we use
is so useless and defective then surely we would have had our PCs
mashed, our Bank accounts emptied and our IDs stolen by now and hardly
anyone would use the Net at all.

As a matter of fact, crime is very common in the Internet,
unfortunately. And you're giving the reason for it: unsecure user
systems, which are commonly abused.

More seldomly they're abused to detect what you have on your maching.
Usually they're abused to implement bot nets, to attack more attractive
targets. And your PC may be such a zombie computer being part of a bot
net and you even don't know.

OK, I'll give up downloading MS Security fixes

Please don't do this.

dump
all antivirus

If you're using this kind of software in a sensible way, then it may be
useful. Please notice, that it is generally not possible to remove viruses
securely. That means, don't use the removal features, if you're finding
a virus, flatten and rebuild. If you're using a non administrative user
account (see above), then maybe it would be enough to totally delete
this user account. Maybe.

personal firewall and Spyware prevention software

Yes. Forget them.

until I understand ACLs.

Access Control Lists are a clever way to improve security on your
machine. They're the thing you're working with, if you have Windows XP
Professional and are right-clicking onto a file, chosing "security".

There is a trick to access this with Windows XP Home, too:

ftp://ftp.microsoft.com/bussys/winnt/winnt-public/tools/SCM/SCESP4I.EXE

This is the old security configuration manager designed for Windows NT.
It seems to be able to activate the security GUI also in Windows XP
Home.

Start it, it will create a folder with files. Right click onto the file
SETUP.INF and install this. If it wants to install files, say NO.
Afterwards you should see a register "security" if you're right clicking
on your own files. With this GUI you can manage ACLs.

Yours,
VB.
--
Ich würde schätzen, dass ca. 87% aller spontanen Schätzungen völlig für
den Arsch sind.

Ralph Angenendt in debate@xxxxxx
.

Relevant Pages