Securing computer is getting to be serious pain in the ass; my virus scanner now gets an updade every day. And since another thread was about cleaning up computers, I'd thought I start a thread on securing the computer. I had the recent misfortune of reinstalling Windows 2000 on my computer, so I did all of this recently. Basics: 1) Got all the Microsoft Windows Updates, for the operating system and for Internet Explorer. 2) Installed a virus scanner, got the newest updates. 3) Installed spyware programs: Ad-Aware and Spybot-Search and Destroy. Updated both theb used Spybot's immunization tool. Also configured one to run everytime on bootup. 4) Installed Google toolbar for Internet Explorer, or any other pop-up blocker. 5) Created a boot disk (not necessary if have bootable CD-ROM). 6) Your internet service provider may provide some tools, look into them. Regular Maintence: 1) Update the virus scanner, then scan. 2) Search and install Microsoft updates. 3) Update the spyware scanners, then scan. The above steps are what I considered essential. I also did some other things, which may be more advanced: 5) For more security, I installed another web browser (Mozilla, Firefox) and another e-mail program (Eudora, Thunderbird). Make it so that reading the e-mail doesn't automatically load images or such off another server. I then blew away Outlook. 6) Created user accounts for myself, and other users, with User or lower privledges. I rarely use the adminstrator account, and have no superusers. Really advanced stuff: 7) Shut down services I don't use. 8) To install software which requires admin privledges, I use 'runas' or create a shortcut to run as a different user. 9) Use Spybot's ability to manage startup programs to remove unnecessary ones 10) Ad-Aware Plus has a program called Ad-Watch. It's a monitoring program, and one of the settings is for it to lock the Windows registry, and log attempts to access it. 11) Install Linux Yes, I'll will answer questions on this thread, apparently my easiest way of getting reputation points
I do most of the above, but still find that my registry is peppered with unnecessary entries. I have installed RegVac and am also trialling the A1 Click Cleaner from the same company. SpyBot and AdAware are awesome, but even together cannot remove every single threat. There is another thread on "find4u" which is installed via a Trojan horse. Since the Trojan modifies the registry, I think a full arsenal of weaponry against internet threats should also include some kind of registry editor.
Which is virtually everything! Without doubt, shut down Windows File Sharing, or if you have a LAN and wish to use file sharing, make sure your router is locked up tighter than a drum. Additionally, you need to close the Messenger service. And close ports * 135 * 137 * 138 * 139 * 445 ... to prevent abuse.
Do those ports do anything? Ever? I assume they must since they're there - but.... Man...I really shouldn't read threads like this. I'm a bitch for pissing around with stuff that's way over my head. Then not being able to rectify things when I inevitably get it wrong. I was understanding Microbrew's post unil above half-way, then I was just looking at words on a screen.
the most important thing is to know that you are a windows user. truely hearted real human being who has life wherever you live wherever you go. forget about virus. forget about security. expose yourself to some ********. let them come to your place and beat them up with love. we have life and we have no time to deal with things in a 0-and-1 world. don't you dare go get linux. it won't worth it. it'll spoil your life. trust me. if you really really concern about security just do the thing said above and it may give you some sort of self satisfaction and also get some firewall too. outpost firewall is easy to use and free btw. study net+, security+, and mcp 70-210 (win2k) and 70-270 (win xp). it'll give you, not advanced actual skill, but a good sense of security and backup.
I use it. I like it. It's not a substitute for a "real" firewall (like a router), but it'll certainly help. Especially with preventing you from inadvertantly spreading a virus or trojan you've brought in from elsewhere.
Ok I'm wanting to give this stuff a go... But...well... Foos will testify to my PC illiteracy Can anyone spare the time to clarify from number 6 to the end? Forgetting Linux of course. 6) Essentially how to do it - or tell me to p!ss off if it's too easy. Superusers? Privileges? 7) Services? I don't use outlook - is there anything else? I regularly go through the add/remove programs list, but I assume that's not the same. 8) What? 9) Ditto 10) And again...
6) forget. unless you work for cia and have some really sensitive info on your pc. if you really really wanna know, go check microsoft website and search for ntfs permission. if your file system is fat or fat32. really really forget about this unless you wanna spare some time learning some stuff. not really difficult to learn but you could spend the same amount time chasing girls you love and be better off this way. 7) right click on my computer ->manage->services and applications->services don't touch anything that you are not sure or anything that you will forget later. 8) same as 6 9) run spybot ->tools -> system startup. don't touch anything you're not sure 10) forget the bottom line is.... forget about everything above and stop searching for porn sites. your machine should be ok the most of time as long as you do everything from 1-3 on basic (4-6 depends on your config or os) +activating internet connection firewall and 1-3 and 5 (where's 4?) on regular maintenance.
6) I normally work in a Unix enviroment anyway, so I'm always running 'su' and 'newgrp' anyway. Think of it as different user profiles on your computer. Everyone but the admin user profile has limitations on what they can or cannot install. 7) Services- took me about 30 minutes to turn off the stuff I don't use. 8) If you set up different users in Windows NT, you give them less privledges (say, don't let them install software). To install software, you can either logout/login as Admin or 'runas' (or 'su' or 'sudo' for Unix folks) 9) What Premium Hitachi said 10) Most virus, spyware, malware, etc. do their damage via the registry (a place where Windows itself and many programs keep their configuration settings). So, my thinking was to lock down the registry. Ad-Watch can do that. If someone has a better program, I'd like to hear about it. I picked up all this stuff from work experience, specifically there was a classified test system I was working with. The support people weren't allowed to touch those systems (besides to wipe them clean when we got them). So, being the new guy I got stuck with installing and administrating a mixed Windows NT and Solaris system, in addition to my normal responsibilities. A more recent experience was in a embedded systems/firmware development lab, and all the lab pcs got hit with various virus and worms (e-mail, open share drive exploits, etc.). The number of hours another engineer and I spent helping the lab manager clean or reinstalling computers sold me on locking up PCs. Just stick the basic steps, and do the regular maintence. That's what I tell my friends and relatives. Also, get that router, one of those Linksys or some other brand 'Internet router' even if you only have one computer. The NAT (Network Address Translation, IIRC) is great security features