Re: xp security vulnerabilities?
From: John (John_at_somewhere.com)
Date: 02/21/04
- Next message: Enkidu: "Re: Free Windows Security Update CD is now available from MS"
- Previous message: Rick: "Re: Problems with Toolbars"
- In reply to: joe: "xp security vulnerabilities?"
- Next in thread: joe: "Re: xp security vulnerabilities?"
- Reply: joe: "Re: xp security vulnerabilities?"
- Reply: Bruce Chambers: "Re: xp security vulnerabilities?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 21 Feb 2004 05:33:09 GMT
In article <c16m36$svj$0@pita.alt.net>, joe@hotmail.com says...
> OK - please don't flame me for a newbie dumbass question but I have been
> searching the net for a while now without finding a clear answer to the
> following, and I am hoping you can help.
> I have recently changed from Win98SE to WinXP corp pro, running Norton
> Internet Security 2003. Under Win98 I had Atguard and BlackIce running in
> addition to NIS and I came up undetected at every security test site I could
> find. I understand that WinXP has some (many?) holes and was wondering:
> 1. How important is it to install the SP's from MS, and what "surprises"
> should I expect from them?
> 2. What additional software should I have and/or what settings should I
> change in WinXP to be invisible on the net?
> 3. Does Steve Gibson know what he's talking about or not?
>
> I have also recently changed from dial-up to DSL, hence my increased
> concern.
>
> TIA
>
>
>
The short answers are:
1. Pretty important, they fix the holes in the operating system. Dunno
what surprises you can expect, neither does anyone else.
2. Why not just go to grc.com or sygate.com and test your defences
there. Either will tell you if you're invisible.
3. I think Steve Gibson knows what he's talking about. Microsoft hasn't
been able to make a laughing stock of him have they?
The longer version:
I'll offer my opinions even though I'm an just an educated layman,
rather than a professional, in this area.
You should start by assessing your security worries.
-what happens if somebody breaks into your house and steals the entire
computer? Will this just be a minor setback, insurance recovery, off to
the store to get a new machine? Or will it be the end of your
accounting records for your contracting business?
By answering this kind of question you can decide on backup issues like
offsite copies and so on.
-are your security worries related to stuff that can happen to you from
the internet, or are you also trying to secure your computer from other
people who have physical access to the machine?
if you want to secure your machine from damage from the internet all you
need to do is to:
-buy and configure a firewall, either a hardware router or a software
one. Most will keep you "stealthed" while on the net. There are online
test sites available.
-buy and keep uptodate a good antivirus package, run regularly, *all*
files checked.
-visit microsoft.com to get the necessary updates to keep the operating
system at the latest and greatest state.
-be *real* careful about what email you open. Ideally you winnow
through it while it is still on the server and reject the spam/uninvited
mail, stuff with attachments *on the mail server*. You only download
the legitimate messages. This whole area is difficult because you can't
know for sure if the message you're getting from your daughter is one
she sent you - or one some virus sent you after hijacking her system.
-consider using another web browser, one without all the ActiveX stuff
that can do significant damage to you just by you opening a web page.
You need Internet Explorer to get the updates though.
I think this gives you the best available defence.
Yes, I think Steve Gibson knows a lot about the internet and how to
avoid avoidable risks. I think it's smart to follow his advice.
If you do all that you're pretty safe, except for the buffer overflow
weaknesses that are probably fairly pervasive in all Windows operating
systems - there's a list of them on the Symantec site. I view this
buffer overflow assault as a variation of the "flying wedge" football
offense. I don't think it's possible to ever be completely safe from
getting "burned to the ground", so better keep your valuable files off
the machine, safe and sound. I use a CD/RW setup and copy important
files to it. You can keep the resulting CD at the bank if you want. If
the computer is just for recreation, surf away, all you're risking is
another days work to set it all up again - you can fix all the screwups
you made setting it up the first time.
if you are also worried about keeping your computer/files safe from
people who have physical access to the machine then you get into another
whole area about password access to the machine, file permissions and
all that. That's a big subject. I'm not the guy to ask but there are
good books. Try "Windows 2000 - The Complete Reference" by Kathy Ivens
and Kenton Gardiner, for starters. It has quite a bit about the NT file
system, security, networking, system configuration. Difficult reading
but do-able. You can have all the passwords in the world though and if
the "perp" can just steal the whole machine you're screwed. If he can't
because it's bolted down, maybe he can just steal all the disk drives
out of it.
It's important to assess your risk factors and make sure you're never
going to be screwed, no matter *what* happens next. Because none of us
really have a clue, what's going to happen next.
Just my 2 cents.
John
- Next message: Enkidu: "Re: Free Windows Security Update CD is now available from MS"
- Previous message: Rick: "Re: Problems with Toolbars"
- In reply to: joe: "xp security vulnerabilities?"
- Next in thread: joe: "Re: xp security vulnerabilities?"
- Reply: joe: "Re: xp security vulnerabilities?"
- Reply: Bruce Chambers: "Re: xp security vulnerabilities?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
