Re: Online Arrmor

G <geoff915@xxxxxxxxx> wrote:
usenet-2009@xxxxxxxxxxxxxxxx says...
A good starting point would be:

- Think before acting.
- Never be root. Use an administrator account only for administrative
tasks. Use a normal user account for everything else.
- Configure software that requires admin privileges for non-admin tasks
to run with limited user privileges [1].
- Keep your operating sytem and all of your softwar up-to-date.
Automatic updates help.
- Don't provide services you don't want to provide [2,3]. Or use the
Windows Firewall to block inbound connections.
- Disable autostarts for removable media (via gpedit).
- Use AV software to prevent known malware from being executed by
mistake.
- Don't use IE, at least not without locking it down tightly. Better use
Firefox/SeaMonkey with NoScript or Opera, as they are easier to
secure.
- Before installing software think twice about whether you really need
it. Less is more.

Additional steps could be:

- Use sandboxed environments (preferrably virtual machines) for
evaluating software.
- Revoke "execute" permission from caches and temp directories.
- Use Software Restriction Policies to allow only whitelisted software

That all sounds great. But I said for the average Windows user. Do you
really expect aunt Esther to understand how lock things down through
the registry and group policy editor? Or figure out how to set up a
VPN?

The person who installs the personal firewall for aunt Esther could just
as well take the above mentioned steps.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.

Relevant Pages

  • Re: Run As Adminstrator - why hasnt it saved us?
    ... just make your normal user account an Administrator account, and re-enable UAC. ... You still run as a normal user, except that when elevation is required you just get a confirmation box, rather than the whole "Administrator's username and password" prompt. ...
    (microsoft.public.windows.vista.security)
  • Delete admin shorcut
    ... I'm on a Win Xp sp2 computer with two users, and administrator account ... and a normal user account. ... conection and I could use it on the user and the admin desktop withou ... Is there anyway to do it without loging out and loging in as admin. ...
    (microsoft.public.windowsxp.general)
  • Re: Start menu programs dont appear
    ... > All apps now installed under the administrator account, and the shortcuts ... > copied to the All Users profile, but under a normal user account half of ...
    (microsoft.public.win2000.general)
  • Locked out after changing Domain Security Policy
    ... specifying a normal user account that could "log in locally" I now cannot ... login to the AD controller as administrator account. ... I get the following error when trying to login as the administrator account:- ... "The local policy does not permit you to logon interactively" ...
    (microsoft.public.win2000.general)
  • Re: Administative versus normal accounts
    ... The only times the computer asks me for my password before proceeding fulfill my commands is before installing software. ... It means you have an administrator account with way too much access to change otherwise protected resources. ... Even with an administrator account, the system should also ask you for administrative credentials when you attempt to modify important system files like, for ... I don't know for sure, though, because I haven't attempted to modify those files. ...
    (comp.sys.mac.apps)