windows 2k/xp questions

simple question: :confused: im setting up a gateway for my home internet connection.. and i have firewall software etc that dosnt start up untill AFTER a user logs in.. is there any way i can have the computer automaticly start up.. log on as a simple user suchas: webhost or something of the like.. and then logback out.. or set that users permissions.. so it basicly couldnt do anything also im looking into building a php site.. and have tons of experience with plaintext html and frontpage.. what else should i look into besides php? and whats the best editor for php.. id like something like frontpage.. a wysiwyg editor.. if you guys know of one.. thanx!

plz reply as soon as possible as this is a live project and i am workin on it right now

well swninja,

win2k/XP is lovely because it natively supports services that act like logged in users w/ access tokens. Most software firewalls that support win2k/XP start after the system boots, but before anyone logs in so it is protected regardless of the status of the interactive session. What brand of firewall are you using? The part of the firewall you might be seeing is probably only the GUI, not the actual service itself. As a gateway system, I recommend a combo of blackice Server protection http://www.iss.net and Zone Alarm Pro http://www.zonelabs.com

If your coding HTML, do me a favor, and don't use frontpage! ;) Please god, use Macromedia Dreamweaver or the like if you ever want to load the page within 4 hours ;). As far as a good editor/debugger for PHP, look into activestate's Komodo. http://www.activestate.com It is sweetx0r! PHP is really the best for small projects, but if you will be accessing SQL or ODBC databases or interacting with proprietary M$ technology, try ASP/ASP.NET http://www.asp.net you can d/l asp.net web matrix for free. But if you can, try to score yourself a version of Visual Studio.NET b/c it is prbly the best IDE ever created for anything and lets you create and robustly manage web projects in companionship with IIS 5 and 6.

Disclaimer: Remember, you are using Microsoft technology, so make sure you lockdown your system before you expose it to the internet! That means, apply the latest patches, disable unneccessary services, use strong passwords, apply a robust security policy, turn on auditing, and use a software firewall in combination with an IDS and Real-time anti-virus scanner.

--St0ner(infosecguru)

If you're looking for a fully-interactive PHP site, I recommend using PHPEdit for your IDE (if you want something that's fully integrated). It's not a WYSIWYG program, though. Most PHP development is done by hardcoding anyway. If you really need something that does WYSIWYG, go with Adobe GoLive or Macromedia Dreamweaver MX for your HTML development, and either do the PHP hard-coding in there, or get a separate program (like PHPEdit) to writ the code and insert it into your WYSIWYG program later. Also, I recommend running Apache for a web server (if you plan to host it yourself), with a mySQL back-end for any sort of authentication you plan to do. Plus, everything I just listed (except the WYSIWYG programs) is completely free. :-)

Regarding the logon of a server, is the computer you're talking about going to be hosting the web site? If so, why do you need to log on in the first place? If you're looking to have firewall protection on the web server without logging in, you're going to have to get a server running in the background (like MS ISA Server) or a hardware firewall outside the server.

Lastly, in response the following statement:

Quote:

---

But if you can, try to score yourself a version of Visual Studio.NET b/c it is prbly the best IDE ever created for anything

---

While I agree that VS.NET has its uses, I think it's a bloated program which is only useful when working in an entirely Microsoft-based environment. It blows when it comes to creating cross-platform programs or components. Furthermore, while it's nice to be able to integrate other programs (such as InstallShield Express/Developer and Intel's own C++ compiler), the more you add on, the slower it goes (and come on, even you have to admit that it runs awfully slow already).

AJ

Quote:

---

well swninja,

win2k/XP is lovely because it natively supports services that act like logged in users w/ access tokens. Most software firewalls that support win2k/XP start after the system boots, but before anyone logs in so it is protected regardless of the status of the interactive session. What brand of firewall are you using? The part of the firewall you might be seeing is probably only the GUI, not the actual service itself. As a gateway system, I recommend a combo of blackice Server protection http://www.iss.net and Zone Alarm Pro http://www.zonelabs.com

---

I forget whether ZoneAlarm starts up as a service (I would assume it does); however, Agnitum Outpost (http://www.agnitum.com) does start up as a service (Control Panel->Administrative Tools->Services, It is Outpost service). It does not require you to log on for it to be active. I would recommend Outpost (it is more complicated, but because it is, its rules can be much more granular) because you could set up specific filter rules and not have to solely rely on rules allowing applications access...

/nebulus

Quote:

---

I forget whether ZoneAlarm starts up as a service (I would assume it does)

---

As far as I know, the TrueVector Service starts at startup, which controls ingoing and outgoing traffic according to the rules you have configured through the GUI (which loads after log on). After you install ZoneAlarm, go through and configure all the programs you want to enable access to and access for. Then, log off and it will protect your computer using those rules. The problem, however, is that if you try to access the system through a program or port which has not been allowed, you will automatically be denied, even if you think it is valid traffic. It's better to have a server which you can access from a remote computer to dynamically add and remove rules to ensure that all required traffic can come and go.

AJ

Quote:

---

Originally Posted By: avdven
As far as I know, the TrueVector Service starts at startup, which controls ingoing and outgoing traffic according to the rules you have configured through the GUI (which loads after log on).

---

Wasn't there some exploit for the TrueVector Service a while ago? Was it ever patched up?

For my php development I use TextPad (http://www.textpad.com.

As far as automatically logging a computer on.
-- Start -- Run -- Control USERpasswords2 -- OK
-- At the top you'll see a check box that says Users must enter a username and password to use this computer. Make sure it's not checked. Hit OK and it'll ask you for the username and password of the user who is going to be automatically logged in.


To have it lock back out write yourself a lil script you can put in the Startup Folder and have it simpley log you back out, or go into switch user mode, so that your apps stay running... Windows key + L will enter switch user mode, if you can set-up a macro using some program, or shutdown -l will log you out. Or right your own little script to lock the computer out how you see fit.

I tried browsing this as an FAQ first, but I'm so new to all of this. I appreciate your patience.

Two things:

I reloaded my OS from dual boot 97/2k to just run 2k. I'm still trying to remove a spyware virus (shopnav). These commands are not recognizing the library when I tried to unregister the .dlls

cd\
Regsvr32 /u "\Program Files\Srng\SearchHook.dll
Regsvr32 /u "\Program Files\Srng\IEHelper.dll
Regsvr32 /u "\Program Files\Srng\SNHelper.dll
exit

1. Is there another way to access the registry keys to remove these files?

2. Conservative Firewalls - that will allow me to run a compiler on my system. I'm running Microsoft Visual C++ and SQL. I have to put a firewall on my system and am completely remissed on which firewall to use, that will allow me to run all of this on Win2000. Any suggestions???

Again apologies for my ignorance - I really appreciate any guidance on this.