Security help please
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Security help please

  1. #1
    Junior Member
    Join Date
    Apr 2005
    Posts
    3

    Question Security help please

    Hey, I've been reading a lot of the tutorals here, but I'm still having a little trouble figuing out how I can secure my computer easily, so if anyone sees this and has something useful to say it would be appreciated. Thanks!

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Wrong question................you are not searching properly...........

    You do not secure your computer, you secure your operating system, browser and applications.

    There are plenty of tutorials on that
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Junior Member
    Join Date
    Apr 2005
    Posts
    3

    Talking

    Yo dude,

    This should get u started :-)

    http://www.cert.org/homeusers/HomeComputerSecurity/

  4. #4
    Banned
    Join Date
    May 2003
    Posts
    1,004
    http://www.cert.org/homeusers/HomeComputerSecurity/

    Is a good site for grandma with her new dell, but terrible for pretty much anyone else.

    It uses incorrect terminology and suggests techniques that don't survive well as you gain more knowledge.

    Keep this in mind when using the site.

    cheers,

    catch

  5. #5
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003
    Greeting's

    You can start by the following :

    1. UPDATE, UPDATE and UPDATE you windows and all other software Esp. Anti-virus and Spyware remover.

    2. Install a firewall configure it properly, dont accept the default configuration and if you do accept go over it once and check it. Moniter the log's of your firewall and never ever turn of your firewall.

    3. Install an anti-virus and always update it. Run a full system scan every 2 days (If you are paranoid likfe me run it once everyday just before shutdown for the day)

    4. Install a spyware remover update it and run a scan. IF YOU FIND A SPYWARE AND AGAIN FIND IT AFTER A SCAN RUN YOUR ANTISPYWARE SOFTWARE IN SAFE MODE AND THEN YOUR ANTIVIRUS SOFTWARE.

    5. Download Hijackthis and then copy the log your self to www.hijackthis.de and analyse your log.

    6. Get Firefox or any other browser except IE. if you love IE and only want to use it then go to Tool>Internet Option>security and in internet click custom level and then scrol down to DOWNLOAD file's and enable it.
    6-B Go to privacy go to advanced click override automatic cookie handling block first and third party cookie just accept session cookie

    6-C Go to Autocomplete and disable all also clear any previously rememberd forms or password's

    8. weekly scan your computer online at site's like : http://housecall.trendmicro.com

    7. Disable NETBIOS OVER TCP/IP

    9. IN YOUR NETWORK CONNECTION uninstall EVERYTHING EXCEPT TCP/IP

    8. THIS IS ADVANCED SETTINGS RECOMMEND ONLY FOR WINDOWS xp PRO. backup your entire registry first <-------- imp

    (sorry for poor formatting )

    go to start then run then type : regedit.exe
    --> Go to (if key/value does not exist, create one by right clicking in the right window)
    ---> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole
    ----> EnableDCOM (REG_SZ)
    -----> Set to: N
    ---> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc
    ----> Value: DCOM Protocols
    -----> Remove ncacn_ip_tcp
    ---> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\
    ----> Value: MaxCachedSockets (REG_DWORD)
    -----> Set to: 0
    ---> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
    ----> SmbDeviceEnabled (REG_DWORD)
    -----> Set to: 0
    ---> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters\
    ----> REG_DWORD
    -----> AutoShareServer
    ------> Set to: 0
    -----> AutoShareWks
    ------> Set to: 0
    ---> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSession Pipes\
    ----> NullSessionPipes
    -----> (Delete all value data INSIDE this key)
    ----> NullSessionShares
    -----> (Delete all value data INSIDE this key)
    ---> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths\
    ----> Machine
    -----> (Delete all value data INSIDE this key)


    9. go to start > run > syskey then enable encrytion and store key locally

    10. In windows XP pro rename your administartor ac**** and give it a aplanumerical name.

    11. Creat a power user account for your day to day activity. DO NOT USE YOUR ADMINISTRATOR ACCOUNT FOR SURFING THE INTERNET.

    12. Disable WELCOM SCREEN FOR LOGGING ON. (go to user accounts in windows xp and uncheck use welcom screen)

    13. Disable index service to all your drive's

    14. enable password for your screen saver

    15. Backup your computer (have a nice strategy. one of the most followed is Normal-diffrential) meaning backup everythin on your computer weekly and for all the days in that week use a diffrential backup.

    16. Dont visit warez site and dont use a P2P software.

    Optionally

    17. Start > Run > telnet then type "unset ntlm"

    18. Subscribe to a news group like secunia.

    19. All of the following suggestion are advance settings and use at your own risk. what i mean to say is use them only if you know what you are doing.

    Go to My computer right click on your %systemroot% drive mostly C:

    now go to securiy tab click ADD

    - Type: Authenticated Users
    - Press enter
    - Select: Authenticated Users
    -- Allow: Read & Execute, List folder content, Read.
    - Advanced
    - Unselect: Inherent from parent permission entries...
    - COPY
    - Remove all other users except: Administrator, System and Authenticated Users
    - Select: Replace permissions entries...
    - THEN OKAY AND YES


    Go to C:\documents and settings\

    Right click on administrator folder

    Go to security and then advanced

    - Unselect: Inherent from parent permission entries...
    - Copy
    - Remove: Authenticated Users
    - Select: Replace permission entries...
    okay and yes

    NOw select all other folders in that directory (remaining users folders)

    go to properties > security > advanced
    - Unselect: Inherent parent permission entries
    -copy
    -Remove: Authenticated users
    - Add that users name (like "userX") who's folders these are. This will prevent all other users except admins from getting into their folders.
    - Allow : Full control
    - Select: Replace permission entries...-

    -okay and yes


    Go to %temp% folder (mostly C:\windows\temp

    go to properties > security
    select : > authenticated users
    then allow full controll


    this is all i can think right now, Its 5 in the morning here I havent slept all night. but anyway hope all this help's.





    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  6. #6
    In And Above Man Black Cluster's Avatar
    Join Date
    Feb 2005
    Posts
    912
    Use AO's search engine ... you will find a lot to learn .... don't be too lazy

    You may visit the following links ...

    http://www.google.com/search?hl=en&l...ls&btnG=Search

    http://www.google.com/search?hl=en&l...ms&btnG=Search

    http://www.google.com/search?hl=en&l...ls&btnG=Search

    Cheers
    \"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
    Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster

  7. #7
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003
    I am sorry i am posting again instead of updating the last one but I have a nice document if you want...

    Its from microsoft and it will help you a lot but only thing is its windows Xp with sp 2 specific. It will help other users if you mention your OS in your post.

    GO to microsoft.com and search for Microsoft Baseline Analyze download it and test your security setting's I am sorry i couldnt get the link for you my interntet connetion seems to like a snail right now, but ill update the post ASAP. Thanks

  8. #8
    Senior Member
    Join Date
    Oct 2003
    Posts
    707
    ByTeWrangler did a really good job is summaring things ... But here are a couple of other things that you could try ....

    [1] Check Your Security Score Today -- PreView

    Download the Beta version and give it a try ...

    PreView is the first security application that lets you see the relative security of your Windows computer against known threats in the wild. By looking at four critical elements in a layered security approach, we are able to generate a Security Score. This score is based on the core system security configurations, installed commercial security software, installed security patches, and how effective your firewall protection is configured.
    [2] If you still plan on using Internet Explorer ... then read this ....
    How to strengthen the security settings for the Local Machine zone in Internet Explorer

    [3] Give this a try ... Easy to use and does a good job at protecting windows ...
    Qwik-Fix Pro

    But dont rely just on software to do the job for you .... Remember if you want your OS to stay safe and sound a little reading will take you a long way ....
    Operation Cyberslam
    \"I\'ve noticed that everybody that is for abortion has already been born.\" Author Unknown
    Microsoft Shared Computer Toolkit
    Proyecto Ututo EarthCam

  9. #9
    Banned
    Join Date
    Apr 2004
    Posts
    843
    10. In windows XP pro rename your administartor ac**** and give it a aplanumerical name.
    Ummm.... no.

    Get rid of the guest account, setup a limited user account and name that one "Administrator", have the administrative account renamed to guest. Setup passwords for them both.

  10. #10
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Get rid of the guest account, setup a limited user account and name that one "Administrator", have the administrative account renamed to guest. Setup passwords for them both.
    This is really no better.
    The guest account comes disabled.
    Not much of a reason in the subject's environment to rename the "administrator" account, much less actually adding an account to call it that.

    Keep it simple, if you want to rename your admin account, that is fine... it really doesn't help the situation any, it most likely won't hurt anything, though it is just one more thing to remember.

    Most of the advice in this thread is just too much, leaving the user unlikely to do any of it (much less any of it correctly) on top of the fact that you don't even know what OS the user is running. All this advice will work great on say... Windows Me or OSX or Mandrake (remember Linux has been targeting the beginer crowd for a while now and more OEM systems ship with it.)

    cheers,

    catch

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •