December 29th, 2011 07:26 AM
General Security and Encryption Questions
Hello everyone, this is my first time on this forums and I have a list of some questions I would like to ask this community, because I cannot seem to find my answers online (Google).
** If possible... I would like most (if not all) of my questions below answered before the end of the 1st week of January 2012.
I'm trying to create a more secure environment for my PC and personal data to prevent any hackers from accessing my data.
Some things I am doing to better secure myself:
-- Desktop computer (not mobile... so no worries about Hard access)
-- Clean OS install
-- Using Norton Internet Security 2012 (w/ custom security settings)
-- Using Windows XP Pro (SP3)
-- Using a Limited User account at all times (prevent system access)
-- Disable (completely) Guest account through register/group permission tweaks
-- Disable all windows remote access services
-- Disable other windows services with known exploitations
-- Using TrueCrypt encryption to encrypt my entire OS partition so no temporary data written to HDD is left unencrypted.
-- Using TrueCrypt encryption (and Windows XP built-in encryption) to secure Swap/Page partition.
-- NO dual boot system (just how TrueCrypt prefers it for system encryption I guess...)
Now... here are the questions:
#1) I have also disabled the CMD (command-prompt) program from being accessed from my limited user account. Is it still possible for "remote" hackers to still load viruses onto my system (with SYSTEM level access) without access to the command line?
#2) I have also disabled the RUN command line (through admin group permissions) from the START menu for the limited user account... does this help prevent any "remote" hackers from gaining SYSTEM level access?
#3) I will be using a completely sandboxed browser (like Dell KACE Secure Browser) to better protect myself. Does anyone know if malicious programs/viruses can still get through this line of defense?
#4) Is a "remote" hacker still able to gain SYSTEM level access with all the precautions taken above?
#5) I know all data on raw RAM is left unencrypted (including the encryption key). If a hacker is able to gain SYSTEM level access and leave a Rootkit on my system... will he be able to read Memory Dump data WHILE the OS is still running?
#6) Are there any other precautions I should know about to better protect myself and PREVENT viruses from gaining access to my system in the first place?
Again, I would like most (if not all) of these questions answered before the end of the 1st week of January 2012.
Thanks in advance!
December 30th, 2011 12:22 AM
All three of your posts suggest you wish to learn "Computer Security" in one quick post.
Secure Browser (from Dell - Really?)
Raw RAM - I think you must have read something on COFFEE. /me thinks you should read up on DECAFE
You asked about router security settings and settings on a AT&T U-Verse Router.
Most of all you requested tutorials, answers by the 1st week of January.
You want it WHEN?
December 30th, 2011 01:10 AM
He wants it before his teacher says he needs to turn it in lol. Duh.
Seriously though; I saw this earlier, and I was contemplating replying to ask WTF he was on and where I could get it, but I decided not too considering how the thread I was talking about SGI in went. I didn't feel like defending one of those "Damn I'm tired and I can't sleep because my back hurts to much to lay down" days where you've been up for so long you're actually hallucinating and **** lol.
I don't quite get why anyone would make a huge post like this, and then start saying things like "Am I secure if I do this? How do I do this? And I need it by this time frame" it's like WTF are you kidding me??? If you want a Professor style answer, pay me tuition and I'll open gore's haxx0r school again. lol.
December 30th, 2011 07:48 AM
Damn! Since when is there an SLA on forum postings?
Originally Posted by dredogol
Experience is something you don't get until just after you need it.
December 30th, 2011 08:08 AM
yip, this post made me lulz.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
December 30th, 2011 08:39 AM
That's why I left it
December 30th, 2011 09:03 AM
While I respect the fact that you are willing to learn about these things....for the most part, none of them will help you.....you need a far greater understanding, and respect, of how attacks and exploits work from a....."Darker" perspective.....good luck on your quest young grasshoppa!
"It is a shame that stupidity is not painful" - Anton LaVey
December 30th, 2011 12:48 PM
December 30th, 2011 03:51 PM
The "correct" answer is: "Yeah, boot BSD or Linux"
Seriously though, "Windows XP SP3" ???????????? that is very outdated, so upgrading to Windows 7 would be a security improvement. Windows XP was released in 2001 and obviously its core development took place before then. The service packs are mostly comprised of security patches and bug fixes, although SP3 did make it more SATA aware.
Windows 7 is pretty good in that it doesn't actually let you run as administrator even though you log in to an admin group account. You have to do it proactively.
No mention of wired or wireless internet connection? wired is more secure IMO in that it eliminates one potential attack vector?
Run Secunia PSI and File Hippo update checker. These will tell you if there are security patches for your OS and applications (Secunia) and updates for other stuff such as security software.
CCleaner to eliminate data remnants and garbage heaps where cybercriminals like to hide their stuff.
Turn off your computer when not using it and/or disable internet connectivity when not needed. If you aren't there you cannot be seen or attacked, and, if your computer isn't always on, it presents less of a time window of opportunity.
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
December 31st, 2011 07:43 AM
Thanks for the "positive" reply nihil.
Originally Posted by nihil
I'm just using XP because it's "cheaper", and it's what I have ATM... I know I should upgrade to Win7.
I'm on a wired connection... I do use Secunia PSI... I do use CCleaner... I do keep my PC off when I don't use it.
I'm trying to see what are all the options out there to better protect my system without using a gateway computer (don't have a spare one to setup network).
One of my main concerns, is weather or not the CMD / Run does anything.
I've never written any programs which directly manipulates the kernel or cause escalated privileges without the CMD.
By cheyenne1212 in forum Miscellaneous Security Discussions
Last Post: February 1st, 2012, 01:51 PM
By 576869746568617 in forum Cryptography, Steganography, etc.
Last Post: July 10th, 2006, 10:38 PM
By XTC46 in forum Site Feedback/Questions/Suggestions
Last Post: August 24th, 2005, 07:52 PM
By gore in forum Newbie Security Questions
Last Post: December 29th, 2003, 07:01 AM
By xmaddness in forum Miscellaneous Security Discussions
Last Post: September 12th, 2002, 10:33 PM