General Security and Encryption Questions
Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: General Security and Encryption Questions

  1. #1
    Member
    Join Date
    Dec 2011
    Posts
    35

    Exclamation General Security and Encryption Questions

    Hello everyone, this is my first time on this forums and I have a list of some questions I would like to ask this community, because I cannot seem to find my answers online (Google).

    ** If possible... I would like most (if not all) of my questions below answered before the end of the 1st week of January 2012.

    I'm trying to create a more secure environment for my PC and personal data to prevent any hackers from accessing my data.
    Some things I am doing to better secure myself:
    -- Desktop computer (not mobile... so no worries about Hard access)
    -- Clean OS install
    -- Using Norton Internet Security 2012 (w/ custom security settings)
    -- Using Windows XP Pro (SP3)
    -- Using a Limited User account at all times (prevent system access)
    -- Disable (completely) Guest account through register/group permission tweaks
    -- Disable all windows remote access services
    -- Disable other windows services with known exploitations
    -- Using TrueCrypt encryption to encrypt my entire OS partition so no temporary data written to HDD is left unencrypted.
    -- Using TrueCrypt encryption (and Windows XP built-in encryption) to secure Swap/Page partition.
    -- NO dual boot system (just how TrueCrypt prefers it for system encryption I guess...)

    Now... here are the questions:
    #1) I have also disabled the CMD (command-prompt) program from being accessed from my limited user account. Is it still possible for "remote" hackers to still load viruses onto my system (with SYSTEM level access) without access to the command line?

    #2) I have also disabled the RUN command line (through admin group permissions) from the START menu for the limited user account... does this help prevent any "remote" hackers from gaining SYSTEM level access?

    #3) I will be using a completely sandboxed browser (like Dell KACE Secure Browser) to better protect myself. Does anyone know if malicious programs/viruses can still get through this line of defense?

    #4) Is a "remote" hacker still able to gain SYSTEM level access with all the precautions taken above?

    #5) I know all data on raw RAM is left unencrypted (including the encryption key). If a hacker is able to gain SYSTEM level access and leave a Rootkit on my system... will he be able to read Memory Dump data WHILE the OS is still running?

    #6) Are there any other precautions I should know about to better protect myself and PREVENT viruses from gaining access to my system in the first place?

    Again, I would like most (if not all) of these questions answered before the end of the 1st week of January 2012.

    Thanks in advance!

  2. #2
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250
    Arrrggggg!

    All three of your posts suggest you wish to learn "Computer Security" in one quick post.

    You mentioned:
    Norton Security
    tor
    TrueCrypt
    Secure Browser (from Dell - Really?)

    Raw RAM - I think you must have read something on COFFEE. /me thinks you should read up on DECAFE

    You asked about router security settings and settings on a AT&T U-Verse Router.

    Most of all you requested tutorials, answers by the 1st week of January.

    HAHAHAHAHAHAHHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHHHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHHAHAHAHAHA

    You want it WHEN?
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  3. #3
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    He wants it before his teacher says he needs to turn it in lol. Duh.

    Seriously though; I saw this earlier, and I was contemplating replying to ask WTF he was on and where I could get it, but I decided not too considering how the thread I was talking about SGI in went. I didn't feel like defending one of those "Damn I'm tired and I can't sleep because my back hurts to much to lay down" days where you've been up for so long you're actually hallucinating and **** lol.

    I don't quite get why anyone would make a huge post like this, and then start saying things like "Am I secure if I do this? How do I do this? And I need it by this time frame" it's like WTF are you kidding me??? If you want a Professor style answer, pay me tuition and I'll open gore's haxx0r school again. lol.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Quote Originally Posted by dredogol View Post
    Again, I would like most (if not all) of these questions answered before the end of the 1st week of January 2012.
    Damn! Since when is there an SLA on forum postings?
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    yip, this post made me lulz.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    That's why I left it
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  7. #7
    Senior Member Wazz's Avatar
    Join Date
    Apr 2003
    Posts
    288
    While I respect the fact that you are willing to learn about these things....for the most part, none of them will help you.....you need a far greater understanding, and respect, of how attacks and exploits work from a....."Darker" perspective.....good luck on your quest young grasshoppa!

    ;-)
    "It is a shame that stupidity is not painful" - Anton LaVey

  8. #8
    HYBR|D
    Guest
    Let's keep it on topic folks.


    Tis the season of giving, so let's give the poor kid all the "Correct" answers

    I mean we wouldn't want him to get in trouble would we....

  9. #9
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    The "correct" answer is: "Yeah, boot BSD or Linux"

    Seriously though, "Windows XP SP3" ???????????? that is very outdated, so upgrading to Windows 7 would be a security improvement. Windows XP was released in 2001 and obviously its core development took place before then. The service packs are mostly comprised of security patches and bug fixes, although SP3 did make it more SATA aware.

    Windows 7 is pretty good in that it doesn't actually let you run as administrator even though you log in to an admin group account. You have to do it proactively.

    No mention of wired or wireless internet connection? wired is more secure IMO in that it eliminates one potential attack vector?

    Run Secunia PSI and File Hippo update checker. These will tell you if there are security patches for your OS and applications (Secunia) and updates for other stuff such as security software.

    CCleaner to eliminate data remnants and garbage heaps where cybercriminals like to hide their stuff.

    Turn off your computer when not using it and/or disable internet connectivity when not needed. If you aren't there you cannot be seen or attacked, and, if your computer isn't always on, it presents less of a time window of opportunity.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  10. #10
    Member
    Join Date
    Dec 2011
    Posts
    35
    Quote Originally Posted by nihil View Post
    The "correct" answer is: "Yeah, boot BSD or Linux"

    Seriously though, "Windows XP SP3" ???????????? that is very outdated, so upgrading to Windows 7 would be a security improvement. Windows XP was released in 2001 and obviously its core development took place before then. The service packs are mostly comprised of security patches and bug fixes, although SP3 did make it more SATA aware.

    Windows 7 is pretty good in that it doesn't actually let you run as administrator even though you log in to an admin group account. You have to do it proactively.

    No mention of wired or wireless internet connection? wired is more secure IMO in that it eliminates one potential attack vector?

    Run Secunia PSI and File Hippo update checker. These will tell you if there are security patches for your OS and applications (Secunia) and updates for other stuff such as security software.

    CCleaner to eliminate data remnants and garbage heaps where cybercriminals like to hide their stuff.

    Turn off your computer when not using it and/or disable internet connectivity when not needed. If you aren't there you cannot be seen or attacked, and, if your computer isn't always on, it presents less of a time window of opportunity.
    Thanks for the "positive" reply nihil.
    I'm just using XP because it's "cheaper", and it's what I have ATM... I know I should upgrade to Win7.
    I'm on a wired connection... I do use Secunia PSI... I do use CCleaner... I do keep my PC off when I don't use it.
    I'm trying to see what are all the options out there to better protect my system without using a gateway computer (don't have a spare one to setup network).

    One of my main concerns, is weather or not the CMD / Run does anything.
    I've never written any programs which directly manipulates the kernel or cause escalated privileges without the CMD.

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 01:51 PM
  2. An Introduction to Cryptography, and Common Electronic Cryptosystems – Part I
    By 576869746568617 in forum Cryptography, Steganography, etc.
    Replies: 1
    Last Post: July 10th, 2006, 10:38 PM
  3. Tips
    By XTC46 in forum Site Feedback/Questions/Suggestions
    Replies: 15
    Last Post: August 24th, 2005, 07:52 PM
  4. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 07:01 AM
  5. NEWS: This weeks security news.
    By xmaddness in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: September 12th, 2002, 10:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides