July 15th, 2004, 08:21 AM
how much is really necessary for the home pc
For a home pc (xp) for an average user?
I know updated AV is a must have and some sort of fire wall is a good idea.
Is it pratical to have a 2056 cipher file encryption program.
What are some simple methods of usuing an encrypted tunnel through the average broadband ISP? What would be the comman uses for this?
Are the built in firewalls and encrypted files and folders for xp considered strong enough?
What are comman security risks on say an average home xp system that should be corrected no matter what? besides the remote sharing service.
What would be considered staying secure and what would be considered over the edge?
I know that this is a lot of questions for one thread and don't expect them all to be answered in a sigle post. Just looking for some thought back by solid info.
July 15th, 2004, 08:31 AM
Over the edge? There is no such thing as absolute security, however most 'hackers' would not bother over a home computer if it has numerous protection layers.
First off, before you connect to the Internet get a firewall and an AV. Then update XP to the max. Encryption is useful if you are going to use it . I personally wouldn't go with the default encryption and Win firewall, especially since there's so much free stuff out there which is really good and lets you handle things better [of course in the hands of an ignorant user all security fails].
I think 2056 should satisfy most needs but it does sound awfully large There is a certain point where key length doesn't get more effective, but it does get more demanding to process an encryption.
Anyway some quick thoughts...
July 15th, 2004, 08:33 AM
First part of the answer ...
Let me be the first to provide you with a small part of the information you are looking for.
- Yes, antivirus protection is necessary. If you can also get your ISP to provide AV on their mailserver, it's even better
- Yes, you need a firewall, especially if you have broadband access either through DSL or cable. I would not rely on the Windows stuff. Get another solution, for example ZoneAlarm or such.
- Pop-up blocker (for example, the Google toolbar) is nice to have
- Some software to block and clean-up adware, such as Spybot and Ad-aware. You would be surprise to see all the crap that websites try to place on your PC these days.
- Encryption tunnel: where would you want it to go? A tunnel needs two ends, so it is not possible to just get on the Internet. However, if you need to access remote systems, a VPN tunneling solution is better than having open gateways to the world on either side.
- Make sure that you regularly check for security patches from Microsoft, to ensure that you close as many holes as possible
- Stay away from Internet Explorer if you can.
That's a start, there's a lot more I'm sure.
"To estimate the time it takes to do a task, estimate the time you think it should take, multiply by two, and change the unit of measure to the next highest unit. Thus we allocate two days for a one-hour task." -- Westheimer's Rule
July 15th, 2004, 08:44 AM
Hmm. then Im not doing to bad.
XP SP2rc1 (need to update to rc2)
firefox for the browser
I'll have to look into a better firewall. Still useing the one with SP2.
and norton of course.
July 15th, 2004, 09:59 AM
Well if you want to really hit it better, an increased degree of stability [but only if properly understood] can be offered by any GNU/Linux or UNIX distribution. However when switching you must be aware of what you need your home computer for, as some sets of applications are not ported to said OSes.
July 15th, 2004, 01:22 PM
The AV, firewall and malware scanners have been dealt with. Yes, yes and yes again
The general use of a VPN is to permit secure connection to a secure environment through an insecure environment. Or to allow connection to a secure environment from within another secure environment.
I have worked on client sites where I need to access my HO systems without using the client's network other than as a carrier, we use VPN for that. As stated already, you need an identified target at the other end.
Remember these "tunnels" are a bit like Stargate SG1.............stuff might be safe whilst in the tunnel, but the machines at either end are usually connected to the general network at their end. The main idea is to protect confidential data IN TRANSIT.
For example, say I log in to the client's network (I have to to use the broadband link) I then activate the VPN link, type in my userID and password, the part of the password from my RSA keyfob (a random number that changes every 60 seconds, and is unique to me) hit enter and make the connection to head office.
I pick up a virus there which securely travels down the VPN and infects my local box, that is connected to the client's network...............infecting customers is generally regarded as "bad manners" to say the least
Please let me warn you that I am no great expert on these matters but I have always regarded strong encryption to be a somewhat different issue. That is what protects the data when it pops out the other end of the tunnel and onto the general network.
just a thought
July 16th, 2004, 12:38 AM
Great guidance by those that posted before me. To answer the question posed by your thread title:
The degree of security you establish on your home computer should be based on what you are attempting to reasonably protect. Keeping in mind, there is no absolute security, but your hopes are to make it as hard on the deviants as you possibly can so they will look elsewhere.
how much is really necessary for the home pc
Additionally you must be just as responsible for what leaves your computer as you are for what enters. Meaning you do not want your private, financial, etc., information to land in the hands of a criminal and you do not want to become a hop for illegal activities.
Employing the recommendations listed in the other posts above will provide you with a reasonable amount of security for the home pc.
Connection refused, try again later.