Results 1 to 10 of 10

Thread: I'm not as dumb as I sound

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    127

    Lightbulb I'm not as dumb as I sound

    I was wondering the best way to secure a win98 box on the web. I have Norton Antivirus, Zone Alarm and am cautious with e-mail attachments. What else can I do? I also have heard of and experienced virii being attached to webpages. Is that a Java or Active X security weakness? I am trying to help my friend who knows very little about PC's secure his PC for his business. I suggested a removeable hard drive for backup storage, but I want to hem keep him online with little or no interruption. I appreciate the assistance.

    - I could use help as soon as possible since my friend is freakino out about the Hybris virus on his system I removed. Question, I know that Hybris is only a worm, but are there any other features that are contained within it? One friend of mine couldn't boot up because of it and this one lost important resume documents. Or is this just the host fooling around with the system?
    sandwich.

  2. #2
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542
    I see that you have taken good precautions to 'secure' your home windows box... i advice to make back-up's of all data, if you don't have space for that make back-up's of all important, critical data. It's always good to have important things on different media or even on different locations (make sure you put removable media away save).

  3. #3
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    I was wondering the best way to secure a win98 box on the web.
    AHAHAHAHAHAHA....sorry.

    I have Norton Antivirus, Zone Alarm and am cautious with e-mail attachments.
    Very good start. Be suspicious of everything/anything that gets sent to your machine. Paranoia is a key to security, although installing web cams everywhere is a bit off, hehe...

    Is that a Java or Active X security weakness?
    That would more than likely be an activex security weakness from what I've seen. ActiveX is MS' way of automating things and there's nothing that can't be done to your machine if you hit the 'Yes' button. Generally, only signed activex should be run, but even then...hell, I use Opera, fux0r IE! ActiveX is definitely not something that's W3C certified/compliant, but then again, when is MS compliant with anything? This is said because ActiveX (prime example: windowsupdate.microsoft.com) manipulates whatever it's told to do whatever it has to. You do the math on here. It's not something I'd stick on a page for regular users/etc.

    Java: it works or it doesn't. Since it's compiled object oriented code, if you're running a java applet or something, chances are, it's pretty safe. Especially considering it's server side and has much greater potential for lockdown (on their side) whereas Javascript is client-side driven and is easily broken.

    Steps to secure your PC and your friend's PCs:

    1: Install zonealarm on all machines, allowing very few programs and whatnot.

    2: Get a hardware firewall/router like the DLink DI 704 or the Linksys 4-port. This gives you a network (or a single end protection) and hides your PCs behind the connection. You NEVER want to have a PC directly connected to the net, period. Ever. Never ever. Ever ever ever...

    3: Install web cams everywhe...oh wait, cancel that.

    4: I'd use an alternative browser like Nutscrape or Opera or Mozilla instead of IE. It's proven to be too much of a crash-prone program and botchy bloated-code-gotta-integrate-it-with-explorer to be of any good to me.

    5: Also, go to www.download.com and get a registry cleaner. Some are free, some cost, but you want something to rid of trojans and other things that modify the registry.

    Hope this helps.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  4. #4
    Senior Member
    Join Date
    Sep 2001
    Posts
    429
    with the low price of CD burners these days, CD's are a very cost effective way of making backups.
    As for securing your friends 'connection';
    how does he connect?
    if by cable, then perhaps something like the linksys router (with inbuilt firewall)
    if he connects by modem then a similar set-up to yours should prove Ok.

  5. #5
    oblio
    Guest
    Java: it works or it doesn't. Since it's compiled object oriented code, if you're running a java applet or something, chances are, it's pretty safe. Especially considering it's server side and has much greater potential for lockdown (on their side) whereas Javascript is client-side driven and is easily broken.
    Java applets are downloaded to the clients machine and run locally by the jvm of the browser or an external jvm. The downloaded classes are not compiled files, they are byte code which is then compiled and run by the java virtual machine. Java applets by nature are not permitted by the jvm to perform i/o on the client machine (unless it is signed of course). It is java servlets that are run on the server's side.

    What is the problem with having a machine connected directly to the internet. Do you honestly think that your cheap made in korea linksys 'router' is anymore effective than IPchains?

  6. #6
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    Re: I'm not as dumb as I sound

    Originally posted by CyberB0b
    - I could use help as soon as possible since my friend is freakino out about the Hybris virus on his system I removed. Question, I know that Hybris is only a worm, but are there any other features that are contained within it? One friend of mine couldn't boot up because of it and this one lost important resume documents. Or is this just the host fooling around with the system?
    Well everybody else seems to be helping you with your security questions. As for your virus question, you should find some good help HERE

    Good Luck

  7. #7
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    What is the problem with having a machine connected directly to the internet. Do you honestly think that your cheap made in korea linksys 'router' is anymore effective than IPchains?
    No, I don't think they're more effective than IPchains but you just put your faith entirely in one product. Not a good idea. Any setup is only as secure as one wants/makes it and the more walls between you and them, the better off you are.

    As stated many many times before (already given credit):

    Security = 1 / Convenience

    As a unix administrator, I know full well the capabilities of said ipchains (which is turning into netfilter). I just don't see him getting his friend who knows nothing about pcs a linux box to run any kind of firewalling. Had you read that, you might've been aware of that fact.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  8. #8
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    To the person who posted (or attempted to post) a negative point for this thread:

    Your comments are flawed
    After reviewing all the things I wrote, the one thing I was "flawed" on was the java piece so the thread-starter can ignore those lines. Considering now, the negative antipoint came from someone who was "grey", I have a pretty good solid idea as to who that was.

    /me laughs at the feeble attempt of the person trying to hide.

    From what I see, there are those here who do nothing but post negatively on people. Sad lives, once again, sad lives...but that's ok because guess what, at least I'm trying, whereas your goal is to put people down. *smirk* Such a child-like thing to do. But that's ok, eventually, you'll have something good going for you.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  9. #9
    Junior Member
    Join Date
    Jan 2002
    Posts
    21
    TURN OFF .VBS THIS WILL PERVENT MELISSA TYPE VIRUSES./DOCUMENTS

  10. #10
    Senior Member
    Join Date
    Jan 2002
    Posts
    682
    I was wondering the best way to secure a win98 box on the web.
    well...as vorlin sort of put it...you can only do so much...

    looks like you've got a good start...but here's my list

    - make sure NAV defs are updated at least weekly...av software is less than useless if the defs are out of date a false sense of security is worse than no sense of security...

    - never everevereverever use outlook or outlook express for email. we use eudora here...it's free if you don't mind a 1 inch square of completely ignorable adverts...

    - make a visit to the windows update site a regular habit...(monthly..weekly..daily???...i'm thinkin m$ should have live streaming patches...heheh)

    - backup backup backup...many ways to do it...just do it...hd's are so cheap these days disk mirroring via ghost or someother software is a piece of cake...watch you don;t get "exotic" removable media...i'd stick to iomega..or some other well established co...(wanna buy my sysquest drives for which you can't get disks anymore???)...even tape backups are cheap enough that they aren't out of the question...

    - if possible turn off all file and printer sharing. i wouldn't recommend any kind of sharing on a 9x box...if you need that consider win2k...i'd stay away from xp for a while...and if you do go xp ...keep in mind that xp "home" can't join a domain (can you believe that...what an idiotic thing to do...)...might not mean something now...but later on it could...

    check this link out at for some good tips on this

    http://grc.com/su-bondage.htm

    - pay attention to everything that goes in or out of your system/network and who has access to it..remember that anyone can do pretty much anything they want to do on a win9x box...install delete mess about...win2k is better at defining who can do what...and have access to what...

    - pray a lot...hehe

    - learn unix
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •