Re: WinXP Pro and security against viruses

From: Mark Gordon (spamtrap@flash-gordon.me.uk)
Date: 12/10/02 

Date: Tue, 10 Dec 2002 13:34:42 +0000
From: Mark Gordon <spamtrap@flash-gordon.me.uk>

On Fri, 06 Dec 2002 15:21:23 GMT
"RS" <gateway_consultingX@Xhotmail.com> wrote:

> Thanks for the advice so far !
>
> BTW, what is "OP"? Did you mean "OS" ?

OP==Original Poster, i.e. you.

> The case I have been describing is actually one that belongs to a
> friend/client. I have converted the system to NTFS since I first
> posted here. He has 2 kids, each with their own account, and
> password. So far everybody is "Administrator" class. The kids have
> their accounts password protected. The dad, who wants to have his
> business stuff on there too, is not using a password to even logon
> yet. I have not forced him to have one YET, as I know that is how he
> likes it. If the kids are changed to"Restricted" class, will he still
> be somewhat protected even though his logon is "password free" ? ;-)
> That would be "ideal' if true....

If his account does not have a password then his kids could just log in
as him. So it all depends on whether his kids would do that. However, if
his accound is set to a restricted account and the administrator account
is password protected this would minimise the problems.

> Can Restricted users still download MP3's and so on?

A restricted account can still download MP£s etc. I think, although this
would need to be checked, it can even run downloaded software. However,
any downloaded software is limitted in the effects it can have unless it
exploits an unpatched security hole in the OS.

> ********************************
> As an aside:
> I have another friend (WinXP Home user) who does not use anti-virus
> programs, excetp the one that Hotmail's servers run his mail through.
> He avoids Outlook Express like the plague. All his email is through
> Hotmal. I think he had trouble with an antivirus program back when he
> had Win98, and since then says "what's between his 2 ears is my best
> virus protection" .... in other words he's cautions, doesn't open
> unexpected attachements ...well except ones that come via Hotmail
> ("and Hotmail is scanned before I get it"), he is a bachelor and
> lives without children around and also does not download MP3's or
> other files from unknown souces. So he has definitely limited his
> exposure !

You should always work on the basis that the virus filters are out of
date whether they are on your machine, on a corporate firewall or some
other third party.

Using web based email puts him at risk from javascript exploits etc
which may get passed filtering at hotmail et al since he is using a web
browser to view his mail. I've never looked at how much of a security
risk this is since I never use web based email.

If you friend wants to avoide OE (a good thing) but still use an email
client (which has several advantages) then there are free ones available
that do not have the risks associated with OE. However, as I don't make
much use of Windows these days, I don't know which ones are good.

When I did use Windows as my main OS I did not use a virus checker and
never caught a virus. I used Agent for email & usenet (agent will not
execute anything under any circumstances without you explicitly telling
it to open the attachment) and I assumed that all attachments were
dangerous until I had spoken to the originator and verified that they
really did meen to send me the attachment.

> Anyway, he told me yesterday, that XP (Home), would not let him even
> open suspect files .... i.e. files that "XP suspected might be
> dangerous". Does XP have some kind of built-in smarts that can tell
> if a file might contain a virus ? I am skeptical about that claim he
> made....

I would guess that it has some simple filter such as reporting anything
with cirtain extensions, or possibly mime times, that is linked to from
a web site as being dangerous. Personally I would not rely on it since
in the past there have been exploits that made IE execute javascript
code when the user thought it would just download a text file.

Re-enabling the displaying of all file extensions also helps, since it
allows the user to see when double extensions are being used to try to
trick the user. However, the user still has to actually look at the file
name and understand it! 

--
Mark Gordon

Relevant Pages

  • Re: WinXP Pro and security against viruses
    ... I have converted the system to NTFS since I first posted ... He has 2 kids, each with their own account, and password. ... since then says "what's between his 2 ears is my best virus protection" ...
    (comp.security.misc)
  • Re: WinXP Pro and security against viruses
    ... >> The kids have their own user accounts on this XP Pro machine. ... > yes (depending on the virus). ... If the OP uses a restricted account for his work as well ... so any software (including viruses and trojans) run by those ...
    (comp.security.misc)
  • RE: Keeping track of my kids
    ... Then, as a workaround, you may use a third-party download software to ... Thanks for using Microsoft Newsgroup ... Keeping track of my kids ... wife & I have one account and each kid has their own ...
    (microsoft.public.windowsxp.general)
  • xp file sharing
    ... is there any way i can allow my kids to download some ... kazaa music on their account, ... use admin to do it? ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Spyware possible being on one account and not the other
    ... > the browser in the guest account is jacked to some site. ... using Windows XP "prettifications". ... If you want to know when one of your applications is trying to obtain ... are pay - some you can only download if you are registered - but it is best ...
    (microsoft.public.windowsxp.security_admin)