October 12th, 2004, 06:52 AM
Average user security
I use my computer mainly for web, games, and the like. I have a firewall installed, Zone Alarm, and I was wondering if anything else is recommended. I do not run any servers, but I do use Instant messengers. I use mozilla for browsing, and have an virus scanner. is there anything else that is recommended.
October 12th, 2004, 07:27 AM
I would recommend have adaware on the computer and running it about once a week, just as a precausion. and if you want you could get a nice hardwarefirewall. aside from that you sound all set. just be sure to keep everything (i.e. os, anti virus, firewall) updated. and dont be stupid about what you do online (i.e. Connecting with random people in IM, clicking on popups and the like)
October 12th, 2004, 07:51 AM
keep in touch with housecall.trendmicro.com from time to time and use its free scan ...
Remembered that if you are intending that hurts, steals, hates other people it is natural that they will meet you by the proverb.......
October 12th, 2004, 08:07 AM
Before anyone else jumps in on this ( Opps, too late, XTC46 and wimmaster responded) I would like to welcome you to AO ( even though you registered over two months ago ) and advise you to browse the site, not just the current topics ( though a reminder, it MAY not be appropriate to post to an older thread ).
One thing you will notice is many, many times the answer someone will get for questions such as this is “please provide more info”. Although I’m beat and I probably will not get back until long after others have responded, answering the following would help others answer your question, if you do not find it reading through old threads. ( and let others know on the thread if you find your answers elsewhere )
What OS ( Operating System ) are you running, do your run anti-virus software, how often do you update ( BOTH: is your anti-virus software updated and is your system patched with all the latest updates? )
Have you disabled all unnecessary ports and programs running? How are you connected to the Internet? Dial-up, DSL, Cable ? Do you have a router, wireless network ? Are these up-to-date? Do you use encryption if you are on wireless?
To emphasize what XT46 said,
I know NUMEROUS people, that now matter how many times people tell them to stay off the porn sites, they insist on going back! They can do as they wish ( if they are over the legal age ) but I am tired of cleaning SH** ( sometimes in excess of 1000 instances ) of spyware adware, etc. every few weeks!!! In fact I stopped for several people. Just to give an example, one person, just 1 month after I cleaned their computer and told them it was the last time, ( and installed Ad-Aware and Spy-bot on the computer for them, and gave instructions on how to use them ) brought it to a well known computer store and it cost them $285 to have it cleaned. Luckily for them it came with a 30 day guarantee ( from the initial cleaning only ) because within two weeks it was loaded and jammed up again! KNOW WHAT YOU ARE CLICKING ON!!! And USE THE TOOLS YOU HAVE!!!!
don’t be stupid about what you do online ...
Again, welcome to AO. ...
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
October 12th, 2004, 04:13 PM
1. Update your OS. and all other software's esp. like Antivirus and Firewall (get one from above given address or even try (www.zonelabs.com) alternately red this thread nice firewall recomendation's http://www.antionline.com/showthread...hreadid=262916
2. Get an antivirus (which you already have, Just keep on updateing it and also scan your pc once every 3-4 days)
3. get a firewall ( Just be sure to "WHAT YOU SAY YES" WHEN YOUR FIREWALL ASKES YOU IF TO ALLOW ACCESS). also monitor your firewall rules that have been created and also try to monitor your log's.
4. Use a spyware sweeper like spybot (www.security.kolla.de)
5. use a less powerfull account to surf the internet. only use your "ADMINISTRATOR ACCOUNT" FOR installing software, etc.
6. get an alternet browser to IE. like firefox (www.mozilla.com) but remember even these alternet browsers are prone to bugs and security holes so just see that you upgrade to the latest release. (you already have this one)
7 If you really want to get too deep into security use programes like F.Port to determine open ports on your system you'll see any unusual activity here means your system is compromised. but if you use an antivirus and a trojan remover like swat it (http://swatit.org/) it should be fine.
8. This rule is not on what software you use but just remember that Use storng passwords (alphanumerical) with minimum length 8 letters. Dont open any unknown attachments ESp with extention .exe.
If you use a norton antivirus please dont disable it while you play games etc to save memory its better to add some memory or get an alternative anti-virus.
last but not the least get your self added to a mailing list like Bugtraq so that you are UPDATED.
"TAKE REGULAR BACKUPS" its the fastest way to get your self online after any trouble.
be paranoid about security, if you want and i do recomend it also you should also get your computer scanned online for virus a nice place would be www.housecall.antivirus.com.
and to be more sure of what you download get the MD5 sequence of the software to gurentee its authanticity.
also dont be under the idea that two antivirus software are better then one. becasue they aren't. they'll just cancel each other out or fight amongst each other.
also if you really want to get down and dirty on security get a hardware firewall like Linksys BEFSR41 Cable/DSL Router it will cost you somewhere like 60 $.
* DISABLE WINDOWS NETWORK PRINTER SERVICE *.
dont sufr warez site for any reasone, becasue it simply makes no sence to infect your system knowingly.
this is almost the same answere i posted in " http://www.antionline.com/showthread...hreadid=262916 ". you might want to read other recomendations in that thread.
I have attached2 files a document in RTF format which i downloaded from antionline i am really sorry i dont seem to remember the member who posted it.
Second a PDF file my Microsoft on how to secure Win XP Pro.
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
October 13th, 2004, 05:37 AM
I say it agian and agian and agian....
the best security measures you can take is
A: install, run, and keep up with a sniffer.
B: install and run file/sys auditing... maybe run something similiar to regprot, hijackthis!, something similiar to tripwire while your at it.
C: update and of course it would be stupid to check your mail and things with admin priveledges and have all the default settings turned on.
I don't even bother paying for antiviral or firewall software to take care of computers for me. People are blind & being are being robbed daily... look beyond the label and look at past events. People with AV and FW software get what? Attacked and/or infected by cyber-STDs. There is no such thing as "antiviral solutions"... ain't it cool how they are making profits off of stupidity? If companies like MS and AOL don't do the thinking for you then who will?
The problem with home users is they update and actually pay money for some automated tools to do everything for them. They think what is fairly "local" security will have little or no effect when up agianst the outside world... dude, if one wrong program is opened, boom, thats it, infected and owned. Or a stack overflow then bam... i've just ./auto-rooted 30 machines and I've gained what ever rights and privileges the program im exploiting just so happens to have. It's because of home users that most exploits and malware would never require any type of escalation to make the changes needed on computers. Why? Because some idiot didn't want to be bothered messing with stuff and having to press another button or two.
Well thats just the thing... I don't like to be bothered with file/sys preventive and auditing devices while doing whatever I feel like doing with these computers either. HAH!
I've mentioned this so many times that it should be in a stickie or tutorial or something. And thats sad . Whats worse is it is forgotten everytime someone brings up threads such as this.
October 13th, 2004, 08:34 AM
If You Feel That Strongly About It ...
why don't you give us all the benefit of your knowledge, when using a sniffer, file / system auditing, regprot / hijackthis / tripwire, running as a "Normal," user. Along with how to run without a firewall and anti-virus software!?!
I for one would be most interested in learning from you, and I'm sure others too would benefit.
I've mentioned this so many times that it should be in a stickie or tutorial or something.
So go on then, I dare you to write your first security tutorial! lol
May be there's a couple of tutorials in there?
Tomorrow is another day for yesterdays work!