Re: Reply to Shenan Stanley on my original post
From: Janet (caveninit_at_nospamyahoo.com)
Date: 05/08/04
- Next message: Brian: "RE: access through xp firewall"
- Previous message: Brian: "RE: Windows XP Shutdown Command"
- In reply to: Shenan Stanley: "Re: Reply to Shenan Stanley on my original post"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 8 May 2004 09:39:12 -0400
This is all very helpful information and I am saving this post to refer back
on. Thanks for taking the time to post this.
Janet
"Shenan Stanley" <news_helper@hushmail.com> wrote in message
news:%239FKoyJNEHA.2532@TK2MSFTNGP10.phx.gbl...
> Patricia wrote:
> > Yes, Mr. Expert. I did read all the information and I still have the
> > same problem. I'm just an average senior and not an expert but I'm
> > not stupid either. I do read and quite well in fact. Can you really
> > offer help or just attitude? Feel free to e-mail some "simple"
> > instructions.
>
> Aha! You are the one who posted:
>
> "Everyone seems to be having the same problem that I have with the Sasser
> patch. How many times will it take for MS to see that their solution
isn't
> accepted by their own system? Bummer!!!!!!Do we have a patch for the
patch?
> Security update for XP KB835732"
>
> And you think I have an attitude?
>
> Was there even a question in what you posted? I see the question marks,
so
> let me answer what you asked in the manner with which it was asked:
>
> "How many times will it take for MS to see that their solution isn't
> accepted by their own system?"
>
> Since it has been accepted by hundreds of thousands of machines without
> problems, I'm guessing they are having trouble seeing your point of view -
> particularly when you specify no specific error at this point. Perhaps if
> you actually stated your problem instead of comparing to the dozens of
> different ones I have seen people have applying the patch, someone may be
> able to suggest something.
>
> Do we have a patch for the patch?
>
> Again - ambiguity. Before you implied that you couldn't install the patch
> or that something is wrong. You never considered that it would be your
> specific system, perhaps something you have installed, something you
haven't
> cleaned up, something you have turned off or removed to tweak the machine,
> etc. The link I originally gave you told you the specific known issues
with
> the patch, but you obviously don't have one of those - amazingly in two
> posts, I still have no idea what your problem actually is. You say you
can
> read, but can you actually present your problem in some fashion?
>
> As for the only other question I have seen you ask: "Can you really offer
> help or just attitude?"
>
> You want something that will clean up your system? Secure it? Keep you
> from getting problems like this in the future? Sure.. Here you go, I
offer
> you the advice that has cleaned up likely hundreds of systems straight
from
> these newsgroups. If none of these help in your situation, let us know
> (specifically) what you are seeing.
>
> If you have the SASSER worm, go to one of these places and read the
> instructions and get the tools to help you remove it:
>
> http://www.microsoft.com/security/incident/sasser.asp
> and/or
>
>
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html
> and/or
> http://vil.nai.com/vil/stinger/
>
> Expect more "spam" as you just posted the email address to millions
> of eyes and hundred (thousands?) of collection "bots" that will start
> sending
> you all sorts of interesting and possibly offensive material. Some will
> attempt to infect you with viruses, worms, trojans. Others will try to
sell
> you something. Some will try to convince you of some elaborate scheme.
> Know that Microsoft does not send you patches via email, they do not send
> you links via email normally. They don't know you, don't know your
computer
> and really, in this scenario, could care less. Sending emails to an
> individual is not Microsoft's style. Also, never open attachments in an
> email unless you not only know the person it was sent from, but knew in
> advance that they were sending it and you have also scanned it for viruses
> and your antivirus software is running happily in the background at the
time
> you open it (updated antivirus, no less.) Always munge your address in
the
> future.
>
> Suggestions on what you can do to secure/clean your PC. I'm going to try
> and be general, I will assume a "Windows" operating system is what is
> being secured here.
>
>
> UPDATES and PATCHES
> -------------------
>
> This one is the most obvious. There is no perfect product and any company
> worth their salt will try to meet/exceed the needs of their customers and
> fix any problems they find along the way. I am not going to say Microsoft
> is the best company in the world about this but they do have an option
> available for you to use to keep your machine updated and patched from
> the problems and vulnerabilities (as well as product improvements in some
> cases) - and it's free to you.
>
> Windows Update
> http://windowsupdate.microsoft.com/
>
> Go there and scan your machine for updates. Always get the critical ones
as
> you see them. Write down the KB###### or Q###### you see when selecting
the
> updates and if you have trouble over the next few days, go into your
control
> panel (Add/Remove Programs), match up the latest numbers you downloaded
> recently (since you started noticing an issue) and uninstall them. If
there
> was more than one (usually is), install them back one by one - with a few
> hours of use in between, to see if the problem returns. Yes - the process
> is not perfect (updating) and can cause trouble like I mentioned - but as
> you can see, the solution isn't that bad - and is MUCH better than the
> alternatives. (SASSER/BLASTER were SO preventable with just this step!)
>
> Windows is not the only product you likely have on your PC. The
> manufacturers of the other products usually have updates as well. New
> versions of almost everything come out all the time - some are free, some
> are pay - some you can only download if you are registered - but it is
best
> to check. Just go to their web pages and look under their support and
> download sections.
>
> You also have hardware on your machine that requires drivers to interface
> with the operating system. You have a video card that allows you to see
on
> your screen, a sound card that allows you to hear your PCs sound output
and
> so on. Visit those manufacturer web sites for the latest downloadable
> drivers fro your hardware/operating system. Always (IMO) get the
> manufacturers hardware driver over any Microsoft offers. On the Windows
> Update site I mentioned earlier, I suggest NOT getting their hardware
> drivers - no matter how tempting.
>
> Have I mentioned that Microsoft has some stuff to help secure your
computer
> available to the end user for free? This seems as good of a time as any.
> They have a CD you can order (it's free) that contain all of the Windows
> patches through October 2003 and some trial products as well that they
> released in February 2004. Yeah - it's a little behind now, but it's
better
> than nothing (and used in coordination with the information in this post,
> well worth the purchase price..)
>
> Order the Windows Security Update CD
> http://www.microsoft.com/security/protect/cd/order.asp
>
> They also have a bunch of suggestions, some similar to these, on how to
> better protect your Windows system:
>
> Protect your PC
> http://www.microsoft.com/security/protect/
>
>
> FIREWALL
> --------
>
> Let's say you are up-to-date on the OS (operating system) and you have
> Windows XP.. You should at least turn on the built in firewall. That
will
> do a lot to "hide" you from the random bad things flying around the
> Internet. Things like Sasser/Blaster enjoy just sitting out there in
> Cyberspace looking for an unprotected Windows Operating System and jumping
> on it, doing great damage in the process and then using that Unprotected
OS
> to continue its dirty work of infecting others. If you have the Windows
XP
> ICF turned on - default configuration - then they cannot see you! Think
of
> it as Internet Stealth Mode at this point. It has other advantages, like
> actually locking the doors you didn't even (likely) know you had. Doing
> this is simple, the instructions you need to use your built in Windows XP
> firewall can be found here:
>
> http://support.microsoft.com/?kbid=320855
>
> If you read through that and look through the pages that are linked from
it
> at the bottom - I think you should have a firm grasp on the basics of the
> Windows XP Firewall as it is today.
>
> But let's say you DON'T have Windows XP - you have some other OS like
> Windows 95, 98, 98SE, ME, NT, 2000. Well, you don't have the nifty built
in
> firewall. My suggestion - upgrade. Me next suggestion - look through
your
> options. There are lots of free and pay firewalls out there for home
users.
> Yes - you will have to decide on your own which to get. Yes, you will
have
> to learn (oh no!) to use these firewalls and configure them so they don't
> interfere with what you want to do while continuing to provide the
security
> you desire. It's just like anything else you want to protect - you have
to
> do something to protect it. Here are some suggested applications. A lot
of
> people tout "ZoneAlarm" as being the best alternative to just using the
> Windows XP ICF, but truthfully - any of these alternatives are much better
> than the Windows XP ICF at what they do - because that is ALL they do.
>
> ZoneAlarm (Free and up)
>
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
>
> Kerio Personal Firewall (KPF) (Free and up)
> http://www.kerio.com/kpf_download.html
>
> Outpost Firewall from Agnitum (Free and up)
> http://www.agnitum.com/download/
>
> Sygate Personal Firewall (Free and up)
> http://smb.sygate.com/buy/download_buy.htm
>
> Symantec's Norton Personal Firewall (~$25 and up)
> http://www.symantec.com/sabu/nis/npf/
>
> BlackICE PC Protection ($39.95 and up)
> http://blackice.iss.net/
>
> Tiny Personal Firewall (~$49.00 and up)
> http://www.tinysoftware.com/
>
> That list is not complete, but they are good firewall options, every one
of
> them. Visit the web pages, read up, ask around if you like - make a
> decision and go with some firewall, any firewall. Also, maintain it.
> Sometimes new holes are discovered in even the best of these products and
> patches are released from the company to remedy this problem. However, if
> you don't get the patches (check the manufacturer web page on occasion),
> then you may never know you have the problem and/or are being used through
> this weakness. Also, don't stack these things. Running more than one
> firewall will not make you safer - it would likely (in fact) negate some
> protection you gleamed from one or the other firewalls you ran together.
>
>
> ANTIVIRUS SOFTWARE
> ------------------
>
> That's not all. That's one facet of a secure PC, but firewalls don't do
> everything. I saw one idiot posting on a newsgroup that "they had
> never had a virus and they never run any anti-virus software. Yep - I
used
> to believe that way too - viruses were something everyone else seemed to
> get, were they just stupid? And for the average joe-user who is careful,
> uses their one-three family computers carefully, never opening unknown
> attachments, always visiting the same family safe web sites, never
> installing anything that did not come with their computer - maybe, just
> maybe they will never witness a virus. I, however, am a Network Systems
> Administrator. I see that AntiVirus software is an absolute necessity.
You
> can be as careful as you want - will the next person be as careful? Will
> someone send you unknowingly the email that erases all the pictures of
your
> child/childhood? Possibly - why take the chance? ALWAYS RUN ANTIVIRUS
> SOFTWARE and KEEP IT UP TO DATE! Antivirus software comes in so many
> flavors, it's like walking into a Jelly Belly store - which one tastes
like
> what?! Well, here are a few choices for you. Some of these are free
(isn't
> that nice?) and some are not. Is one better than the other - MAYBE. I
> personally love Symantec AV, but on some of my exchange servers, I have
> several different levels of protections/several different applications
doing
> the protections - not to mention the AntiVirus software I install on my
> client machines. Sound paranoid? Good. It should.
>
> Symantec (Norton) AntiVirus (~$11 and up)
> http://www.symantec.com/
>
> Kaspersky Anti-Virus (~$49.95 and up)
> http://www.kaspersky.com/products.html
>
> Panda Antivirus Titanium (~$39.95 and up)
> http://www.pandasoftware.com/
> (Free Online Scanner: http://www.pandasoftware.com/activescan/)
>
> AVG 6.0 Anti-Virus System (Free and up)
> http://www.grisoft.com/
>
> McAfee VirusScan (~$11 and up)
> http://www.mcafee.com/
>
> AntiVir (Free and up)
> http://www.free-av.com/
>
> avast! 4 (Free and up)
> http://www.avast.com/
>
> Trend Micro (~$49.95 and up)
> http://www.trendmicro.com/
> (Free Online Scanner:
> http://housecall.trendmicro.com/housecall/start_corp.asp)
>
> Did I mention you have to not only install this software, but also keep it
> updated? You do. Some of them (most) have automatic services to help you
> do this - I mean, it's not your job to keep up with the half-dozen or more
> new threats that come out daily, is it? Be sure to keep whichever one you
> choose up to date!
>
>
> SPYWARE/ADWARE/POPUPS
> ---------------------
>
> So you must be thinking that the above two things got your back now - you
> are covered, safe and secure in your little fox hole. Wrong! There are
> more bad guys out there. There are annoyances out there you can get
without
> trying. Your normal web surfing, maybe a wrong click on a web page, maybe
> just a momentary lack of judgment by installing some software packages
> without doing the research.. And all of a sudden your screen starts
filling
> up with advertisements or your Internet seems much slower or your home
page
> won't stay what you set it and goes someplace unfamiliar to you. This is
> spyware. There are a whole SLEW of software packages out there to get rid
> of this crud and help prevent reinfection. Some of the products already
> mentioned might even have branched out into this arena. However, there
are
> a few applications that seem to be the best at what they do, which is
> eradicating and immunizing your system from this crap. Strangely, the
best
> products I have found in this category ARE generally free. That is a
trend
> I like. I make donations to some of them, they deserve it!
>
> Spybot Search and Destroy (Free!)
> http://www.safer-networking.net/
>
> Lavasoft AdAware (Free and up)
> http://www.lavasoft.de
>
> CWSShredder (Free!)
> http://www.spywareinfo.com/~merijn/downloads.html
>
> Hijack This! (Free)
> http://mjc1.com/mirror/hjt/
>
> SpywareBlaster (Free!)
> http://www.javacoolsoftware.com/
>
> The Cleaner (49.95 and up)
> http://www.moosoft.com/
>
> Bazooka Adware and Spyware Scanner (Free!)
> http://kephyr.sureshot.xaviermedia.net/spywarescanner/
>
> That will clean up your machine of the spyware, given that you download
and
> install several of them, update them regularly and scan with them when you
> update. Some (like SpywareBlaster and SpyBot Search and Destroy) have
> immunization features that will help you prevent your PC from being
> infected. Use these features!
>
> Unfortunately, although that will lessen your popups on the Internet/while
> you are online, it won't eliminate them. I have looked at a lot of
options,
> seen a lot of them used in production with people who seem to attract
popups
> like a plague, and I only have one suggestion that end up serving double
> duty (search engine and popup stopper in one):
>
> The Google Toolbar (Free!)
> http://toolbar.google.com/
>
> Yeah - it adds a bar to your Internet Explorer - but its a useful one.
You
> can search from there anytime with one of the best search engines on the
> planet (IMO.) And the fact it stops most popups - wow - BONUS! If you
> don't like that suggestion, then I am just going to say you go to
> www.google.com and search for other options.
>
> One more suggestion, although I will suggest this in a way later, is to
> disable your Windows Messenger service. This service is not used
frequently
> (if at all) by the normal home user and in cooperation with a good
firewall,
> is generally unnecessary. Microsoft has instructions on how to do this
for
> Windows XP here:
>
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
>
>
> SPAM EMAIL/JUNK MAIL
> --------------------
>
> This one can get annoying, just like the rest. You get 50 emails in one
> sitting and 2 of them you wanted. NICE! (Not.) What can you do? Well,
> although there are services out there to help you, some email
> servers/services that actually do lower your spam with features built into
> their servers - I still like the methods that let you be the end-decision
> maker on what is spam and what isn't. If these things worked perfectly,
we
> wouldn't need people and then there would be no spam anyway - vicious
> circle, eh? Anyway - I have two products to suggest to you, look at them
> and see if either of them suite your needs. Again, if they don't, Google
is
> free and available for your perusal.
>
> SpamBayes (Free!)
> http://spambayes.sourceforge.net/
>
> Spamihilator (Free!)
> http://www.spamihilator.com/
>
> As I said, those are not your only options, but are reliable ones I have
> seen function for hundreds+ people.
>
>
> DISABLE UNUSED SERVICE/STARTUP APPS
> -----------------------------------
>
> I might get arguments on putting this one here, but it's my spill. There
are
> lots of services on your PC that are probably turned on by default you
don't
> use. Why have them on? Check out these web pages to see what all of the
> services you might find on your computer are and set them according to
your
> personal needs. Yeah - this is another one you have to work for, but your
> computer may speed up and/or be more secure because you took the time.
And
> if you document what you do as you do it, next time, it goes MUCH faster!
>
> Task List Programs
> http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
>
> Black Viper's Service List and Opinions (XP)
> http://www.blackviper.com/WinXP/servicecfg.htm
>
> Processes in Windows NT/2000/XP
> http://www.reger24.de/prozesse/
>
> There are also applications that AREN'T services that startup when you
start
> up the computer/logon. One of the better description on how to handle
these
> I have found here:
>
> Startups
> http://www.pacs-portal.co.uk/startup_content.php
>
>
> That's it. A small booklet on how to keep your computer secure, clean of
> scum and more user friendly. I am SURE I missed something, almost as I am
> sure you won't read all of it (anyone for that matter.) However, I also
> know that someone who followed all of the advice above would also have
less
> problems with their PC, less problems with viruses, less problems with
spam,
> less problems with spyware and better performance than someone who didn't.
>
> Hope it helps.
>
> --
> <- Shenan ->
> --
>
>
- Next message: Brian: "RE: access through xp firewall"
- Previous message: Brian: "RE: Windows XP Shutdown Command"
- In reply to: Shenan Stanley: "Re: Reply to Shenan Stanley on my original post"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
