Re: Short List of Security Questions

From: "BC" <callmebc@xxxxxxxxx>
Date: 15 Jul 2006 06:13:08 -0700

Steve Dassin wrote:

Hello BC,

Do you have some mercy feelings for newbees trying to study
security? :( :)

Do you have a list of recommendations (practices, software) for windows?

Thank you,
steve

Well, I think there are three separate aspects to PC security:

1) Prevention -- blocking bugs and hacks

2) Early detection -- catching a bug or a hack before it
can do real harm

3) Recovery -- ok, so you got whacked; now what do you
do?

All these aspects are tricky -- the easy methods will take
you reasonably far in avoiding the majority of problems,
but if a determined hacker has it in for you particularly,
very eleborate and expensive methods and technology
are needed. Even then, as many a company and
agency painfully knows, one little slip up....

I don't have the time today for a lengthy post, but I do
have specific recommendations for a new WinXp PC

1) If you use dial-up, be aware that this gives you a
very exposed connection to the Internet as opposed
to using a router with DSL or cablemodem connection.
Be sure you have at least the Windows firewall on
and running before connecting with dial-up.

2) Uninstall every preloaded program that comes on your
new PC that you didn't specifically ask for, especially
demos and Norton/McAfee security suites.

3) Google for and download the latest version of
"ccleaner" -- "Crap Cleaner" -- and run that with its
defaults after uninstalling stuff.

4) Once you have your PC the way you want it, go
into Windows Update and get all the latest and
greatest patches

5) After getting patched up, go to Mozilla.com and
get and download the latest Firefox and Thunderbird.

6) If you want to use Outlook for contacts and
schedules, fine, but use Thunderbird for your email.

7) Go to Adobe.com and download and install the
latest Flashplayer. This will make your Firefox
pretty set for general Internet browsing. I also like
changing the cache from 50mb to 10 and customizing
the Toolbar to show the Printer and New Tab icons

8) Go to Microsoft and download and install the latest
IE 7 Beta and Windows Defender. IE 7 is a ripoff of
Firefox but that's a good thing. Still don't use it unless
a site doesn't support non-IE browsers

9) Pony up and get yourself a good European
anti-virus/antispyware package: F-Secure, Kaspersky,
etc. AVG is not bad and its 2 yr license is good for
people who tend to forget to renew such stuff -- a
big, BIG no-no nowadays.

10) Avoid multiple login accounts, especially for
"family " PC's -- that just ends up creating a bazillion
more files to scan and gives computer illitereate kids
a green liight to download junk and screw with the
PC settings.

11) Go Google for some How-to's about making
specific changes to Windows to make it more
secure, like this:
http://www.tweakhound.com/xp/security/page_1.htm

12) Go get a portable hard drive to use as a system
backup using something like Acronis True image
for disaster recovery.

13) Use a USB Flash card to back up important
docs. Go you 2brightsparks.com and get either
the free or cheap commercial version of
SyncBackSE for everyday backups of important
files and email.

In addition to the above, my own personal preference
is to immediatly wipe the hard drive of a new PC
prior to activation and recreate the partitions with
FAT32 system (20-30Gb) fior the boot partition and
the rest NTFS, and then install XP clean. If I want to
use XP -- for everyday use, I much prefer Win98, and
then Win2k for things like video editing where you
need something like NTFS for huge files.

FYI

Gotta run -- hope that was helpful.

-BC

.

Follow-Ups:
- Re: Short List of Security Questions
  - From: Steve Dassin

References:
- Short List of Security Questions
  - From: dw85745
- Re: Short List of Security Questions
  - From: BC
- Re: Short List of Security Questions
  - From: Karl Levinson, mvp
- Re: Short List of Security Questions
  - From: BC
- Re: Short List of Security Questions
  - From: Steve Dassin

Prev by Date: VPN Security, locking out non domain members
Next by Date: Re: Removal and forensics of advanced rootkit employing Shadow Walker technology - help needed!!!
Previous by thread: Re: Short List of Security Questions
Next by thread: Re: Short List of Security Questions
Index(es):
- Date
- Thread

Relevant Pages

How can I download these updates in French?
... Download size: 455 KB, 5 minutes ... Windows XP Professional. ... A security issue has been identified that could allow an attacker to ... You can help protect your computer by installing ...
(microsoft.public.windowsupdate)
Re: sassar
... authoritative in all matters concerning Microsoft Security Alerts! ... downloaded from the microsoft.com download center or Windows Update. ... Instructions for patching and cleaning vulnerable Windows 2000 and Windows ... installation of the patch as well as removal of the worm. ...
(microsoft.public.security.virus)
Sasser patching & removal instructions
... authoritative in all matters concerning Microsoft Security Alerts! ... downloaded from the microsoft.com download center or Windows Update. ... Instructions for patching and cleaning vulnerable Windows 2000 and Windows ... installation of the patch as well as removal of the worm. ...
(microsoft.public.windowsxp.general)
Re: How do I recover?
... >infected with the msblast virus, ... there is a Windows 2000 version ... >7) Download and install. ... >security patches and updates that Microsoft bugs you ...
(microsoft.public.security)
Re: Office 2000 Help Topics
... Here are some security recommendations:: ... Locking Down Windows Server 2003 Terminal Server Sessions ... This policy disables Help and Support Center service. ... > Do you know of any documentation saying it is a security risk. ...
(microsoft.public.win2000.termserv.clients)