Minimum Security for those new to Securing a Windows OS
Results 1 to 6 of 6

Thread: Minimum Security for those new to Securing a Windows OS

  1. #1
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752

    Minimum Security for those new to Securing a Windows OS

    This has been done before, but I hope in not quite this fashion.

    Minimum security needed to safely access the INTERNET.

    The INTERNET has been and is becoming more so, a very dangerous place. You must take steps, now days, to protect yourself. By protecting your own equipment, you are also protecting everyone else on the web, especially anyone in your address book. Crackers and virus/worm/Trojan writers, once they gain control of your box, use it to infect or hack other users (going first for your contacts in your address books).

    This tutorial will inform you of the minimum security requirements to keep you safe. (In my opinion of course)

    Before you ever connect to the INTERNET, you should have:
    # A good anti virus
    # A good firewall
    # All the applicable patches that apply to your operating system
    # Good back ups of your data and needed programs
    # Spyware/Adware (malware removal and prevention tools)
    If your reading this and don't have the above, you are at risk and should download what you need to promote your own safety. All most all of the resources I am going to tell you about have a free version or at least a trial version. If you are paranoid, or believe you have malware, virus, or Trojans on your system, then download the tools mentioned, back up your data and do a reformat and reinstall. Of course you will then put the required tools on your system before you reconnect to the INTERNET.

    Virus Protection

    It is very easy to pick up a virus, worm, or Trojan today. It used to be that if you never opened an attachment, you could not be infected. That is a myth, and certainly doesn't apply in todays INTERNET. You can be infected just by surfing to the wrong website. Coding can be place in HTML that almost every web page uses that can, and will infect you. Virtual basic coding has been used to transmit Trojans and worms to unprotected computers.

    If you become infected, there is a good chance that everyone in your address book will be getting an infected E-mail from you. DDos attacks are now carried out by unsuspecting user who have a Trojan loaded into their systems.

    Following, will be a list of free and/or shareware anti virus programs that you can download from the INTERNET. A lot of them also have commercial versions that offer a bit more in the bells and whistle department.

    # AVG by Grisoft is probably the most well known free anti virus program. It is also very good. I ran it myself, until quite recently. It does have a Plus version that you have to pay for. <http://www.grisoft.com/us/us_index.php>
    # AntiVir Personal Edition, " The private and individual use of the AntiVir Personal Edition is completely free of charge! ". I don't know this one, so you are on your own. <http://www.free-av.com/>
    # Panda Platinum Internet Security, " Download the shareware version and take part in the prize draw. " This also applies to their Panda Titanium Antivirus 2004, and their Panda Antivirus Platinum 7.0 <http://www.pandasoftware.com/>
    # A guide to free antivirus products: Freebyte's Guide to free
    anti-virus software " On this page you will find truly free anti-virus software, free firewalls, free email protection software, free virus prevention software, tests of anti-virus programs, links to specialized anti-virus sites, information about virus prevention, useful evaluation versions of anti-virus software, etc.. " <http://www.freebyte.com/antivirus/>
    # BitDefender:<http://www.bitdefender.com/bd/site/d...php?menu_id=21>
    Product File
    BitDefender Free Edition v7
    BitDefender Antivirus - Free Edition for MSN Instant Messenger
    BitDefender Linux Edition
    BitDefender Free Edition for MS DOS
    BitDefender Antivirus - Free Edition for Yahoo! Messenger
    BitDefender Antivirus - Free Edition for Windows CE
    BitDefender Antivirus - Free Edition for mIRC
    BitDefender Antivirus - Free Edition for ICQ
    BitDefender Antivirus - Free Edition for PALM
    BitDefender Antivirus - Free Edition for NetMeeting

    # EzArmor by Computer Associates, a free for one(1) year antivirus and firewall package that is being sponsored by Micro Soft Corp.: <http://www.microsoft.com/security/protect/>
    # avast! 4 Home Edition "avast! 4 Home Edition is a full-featured antivirus package designed exclusively for home users. Our company offers Home Edition free of charge," This one was suggested by a visitor to this site.: <http://www.avast.com/i_kat_76.html>

    Firewalls

    A good firewall is second in importance only to a good antivirus program. One of the biggest myths going around at present is"I only have a dial up connection, so I don't need a firewall".

    Firewalls not only protect you from intrusion attempts, but also stop any malware you might have on your system from phoning home with your passwords and/or credit card information. They also stop a lot of virus's from propagating farther than your computer.

    Look over the ones I have selected to list here, and 'Please' download one and try it out. After you have tested one, or two, if you wish you can purchase a commercial copy of one of these -- or Norton and McAfee sell firewalls, along with their antivirus programs

    A very good article on firewalls, and how they work can be found at: <http://www.securityfocus.com/infocus/1750>

    1. Sygate Personal Firewall "The program includes many of the functions of its older sibling Personal Firewall Pro". A very good firewall: <http://www.techtv.com/callforhelp/fr...587736,00.html>
    2. ZoneAlarm (This the one I used until quite recently) "Millions of users have selected ZoneAlarm as their basic Internet security solution. The award-winning personal firewall blocks dangerous Internet threats, guarding your PC from many of the tactics used by hackers and data thieves." : <http://www.zonelabs.com/store/content/catalog/products/>
    3. Outpost Firewall Pro (I don't know much about this one, but I have heard that it is a good one.): <http://www.agnitum.com/products/outpost/>
    4. Kerio Personal Firewall™ represents smart, easy-to-use personal security technology that fully protects personal computers against hackers and internal misuse. : <http://www.kerio.com/us/kpf_home.html>
    5. From FirewallGuide.com: <http://www.firewallguide.com/freeware.htm>

    ZoneAlarm (one free and two payware) This one is better for beginners.

    Kerio Personal Firewall (personal use free, other users pay)

    Agnitum Outpost Personal Firewall (one free and one payware)

    Sygate Personal Firewall (one free and one payware)

    See our firewalls page for reviews and more choices.
    6. EzArmor by Computer Associates, a free for one(1) year antivirus and firewall package that is being sponsored by Micro Soft Corp.: <http://www.microsoft.com/security/protect/>

    Here is a comparison of a port scan of my box, with the firewall turned off on the first one and then turned on on the second one. Note: my system is a very secure system, even with the firewall off. I have disabled all netbios and turned off all un-necessary services.

    Firewall off:

    GRC Port Authority Report created on UTC: 2003-12-14 at 22:25:23

    Results from scan of ports: 0-1055

    1 Ports Open
    1048 Ports Closed
    7 Ports Stealth
    ---------------------
    1056 Ports Tested


    The port found to be OPEN was: 1025

    Ports found to be STEALTH were: 135, 136, 137, 138, 139, 445,
    593

    Other than what is listed above, all ports are CLOSED.

    TruStealth: FAILED - NOT all tested ports were STEALTH,
    - NO unsolicited packets were received,
    - NO Ping reply (ICMP Echo) was received.




    And this with the Firewall on:

    GRC Port Authority Report created on UTC: 2003-12-14 at 22:29:40

    Results from scan of ports: 0-1055

    0 Ports Open
    0 Ports Closed
    1056 Ports Stealth
    ---------------------
    1056 Ports Tested


    ALL PORTS tested were found to be: STEALTH.

    TruStealth: PASSED - ALL tested ports were STEALTH,
    - NO unsolicited packets were received,
    - NO Ping reply (ICMP Echo) was received
    .
    Maleware, Spyware, & Hijackers

    Spyware, malware, and programs that hijack your browser, are a growing threat on the internet today. Not only can they redirect your browser, but they are spying on you. They track and profile your browsing and target you for certain ads and popups that are annoying to say the least. They actually steal part of your bandwith and certainly slow your computer and browser down, considerably.

    There are certain applications that are bundled with programs that you might want, that redirect your browser through their sites, instead of taking you where you really wish to go. The "Weather Bug" and "My Search Bar" are infamous for this, and come bundled with a lot of other software( that you might want).

    The programs listed below will detect these and remove them for you.

    Word of caution: Removing some of these can cause some applications to no longer work, as they have been bundled with them, and the ELULA you agreed to (to load the application) demands they be present.

    The programs below are not ranked in any specific order, except the first two (2). I would highly suggest that you get and use at least one of the first two( I use both regularly). Spybot Search & Destroy and Ad-Aware are needed by everyone. in my opinion. They rank right up there with a good virus checker and firewall.

    # Spybot Search & Destroy: One of the finest free programs I know of. This program will find most (if not all) of the spyware and malware on your box and remove it. After you download it, be sure to update it before you run it. This will insure you have the lastest definitions available. You will be shocked at the number of entries you will have. <http://www.safer-networking.org/>

    # Ad-Aware: Ad-Aware has two (2) versions, a freeware (which I use), and a payware (with more bells and whistles). Like Spybot S&D it will find and remove any spyware or malware you might have on your computer. (Be sure to update it often) <http://www.lavasoftusa.com/software/adaware/>

    After running either Spybot S&D or Ad-Aware, you will find that you get less popups and popunders. Some of these are targeted by the spyware that was on your computer.

    # Spyware Blaster by JavaCool: This program (although good even as a stand a lone) is a complementary program for Spybot S&D. Actually you can get it from the Spybot S&D control panel also. <http://www.javacoolsoftware.com/spywareblaster.html>

    # SwatIt: Swat It Trojan & Bot Remover - Version 2.1, is a freeware program that is kind of slow, but it really digs deep through your files and registry. If you have something buried in your box, this program will find it. <http://www.swatit.org>

    You should also disable any services that you don't need to be running, like 'Messenger Service (not to be confused with Windows or MSN Messenger, the IM clients) A good place for a step by step tutorial for removal of these services is Black Viper's web site: <http://www.blackviper.com/>

    For more information on any topic please use the forum search as there is invaluable information on all of this made available by the members of this site in post and previous tutorials.
    Most of this information I have lifted off of the web site I maintain for truckers at <http://www.freewebs.com/moxnix/index.htmL>

    Any one please feel free to correct any parts I may have blown it on, and/or any programs that you feel others should know of.
    Moxnix
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  2. #2
    Good thinking, adding the firewall comparison. Maybe edit the results a little bit, if someone is this new to securing their box, they won't have a clue what some of that means. Maybe bold some of the important stuff.
    In the meantime, this is whats important in that comparison-
    No firewall
    1 Ports Open
    1048 Ports Closed
    7 Ports Stealth
    ---------------------
    Firewall
    0 Ports Open
    0 Ports Closed
    1056 Ports Stealth
    ---------------------
    1056 Ports Tested
    The second run is better (w. Firewall) because it looks like the computer doesn't even exist, therefore hiding it from worms or scans from hackers. The difference is that you go from carrying a target to not existing at all to scanners.

  3. #3
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    Thanks Soda_Popinsky, I followed your advise.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  4. #4
    Great tutorial, much needed for some I'm sure.

    Just curious though, you say you used ZoneAlarm up until recent. Why did you stop using it? What are using now?

  5. #5
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    Actually AngelicKnight, I have tried out several. Kerio is the one I have settled on for now, as it is quite feature packed and highly configurable. The comparison example I showed was made with C.A. EzAromor.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  6. #6
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    Moxnix, excellent tut. Just a few personal opinions of my own:

    As for firewalls, Agnitum Outpost Pro is well worth the money I paid for it. The free edition is decent, but I would highly recommend spending the money ot get Pro for the benefits. I also use the free version of Sygate's firewall (on a buddies computer) which is also very good.

    As for AV's, I no longer recommend free antivirus products based on my own personal experiences with AVG (free edition) and Avast! (free edition) (both consistently missed viruses in comparison to paid versions of professional AV's not to mention, poor reviews and/or inconsistent track records in just about any AV comparison magazine/website I checked out). While it's great that these guys are offering free AV's, they simply don't compare to spending the cash to get a good AV, like Bit Defender (which you mentioned), PC-Cillan, NOD32, NAV, etc. The only way I would recommend free AV's is if it's a last resort and you have no cash to buy anything better. Again, it should be a last resort, imo (a free AV is better than nothing at all).

    That's my input on the matter.
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides