10-Step Security for your Computer

Deepak

B3D Yoddha
Veteran
http://www.pcworld.com/howto/article/0,aid,122500,00.asp

1. Patch automatically
2. Don't wait for Windows Auto Update
3. Use XP's security monitor
4. Make your file extensions visible
5. Keep Internet Explorer safe
6. Make Firefox more secure
7. Handle e-mail links with care
8. Scan attachments for viruses
9. Close the preview pane
10. Read your mail in plain text

****
Complete article in the link. Good read.
 
  1. Don't Use Internet Explorer
  2. Don't Use Internet Explorer
  3. Don't Use Internet Explorer
  4. Don't Use Internet Explorer
  5. Don't Use Internet Explorer
  6. Don't Use Internet Explorer
  7. Don't Use Internet Explorer
  8. Don't Use Internet Explorer
  9. Don't Use Internet Explorer
  10. Don't Use Internet Explorer
 
haha

Reminds me of the 10 Immutable Laws of Security

Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore

Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore

Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore

Law #4: If you allow a bad guy to upload programs to your website, it's not your website any more

Law #5: Weak passwords trump strong security

Law #6: A computer is only as secure as the administrator is trustworthy

Law #7: Encrypted data is only as secure as the decryption key

Law #8: An out of date virus scanner is only marginally better than no virus scanner at all

Law #9: Absolute anonymity isn't practical, in real life or on the Web

Law #10: Technology is not a panacea

Jack
 
Bobbler said:
1. Unplug it from the internet.

EXACTLY! im never connected to the web unless im using it.

i told my ISP that (they called me)...there was a long pause, AND a lot of furious typing as that info went into my 'permanent' record.
 
1. Destroy your computer and you should be safe from the evil Internet and those who would abuse your trust with your computer.
 
Read such threads, sit back and enjoy the show because you KNOW one shouldn't use IE or Outlook.
 
Interesting, how much time people are willing to spend constantly to keep their security barely acceptable, because they believe that Microsoft is the best / only game in town, isn't it?
 
DiGuru said:
Interesting, how much time people are willing to spend constantly to keep their security barely acceptable, because they believe that Microsoft is the best / only game in town, isn't it?
Maybe it isn't that they are deluded.
Maybe the software they need and want is only available for various MS OSes.

As far as "barely acceptable", I take it you've never actually run a real server, have you?
If you don't keep Solaris patched and firewalled, you will be rooted.
If you don't keep you favortie flavor of linux patched and firewalled, you will be rooted.
Etc.

99% of the problem on the MS home side (because 2003 Server has an EXCELLENT security record, if you actually care to do some research) is that your average user is, by default, an Administrator.
This has been set in stone by crappy software developers who don't have thier software set proper permissions on thier directories and use the correect directories for temp, etc, and just assume admin access.

Now, a change in default user permission level will have you with a large percentage of software not working, so developers must change first - and they are, just really, really slowly.

But whatever, I think you were more interesting in a quick one-liner than a serious discussion.
 
Hey, Althornin, I actually agree with you for the most part. Really!

Then again, that you need to be an administrator on Windows most of the time is encouraged by the OS plenty. For starters, install it using the default procedure, and you'll end up as one.

And installing, updating and patching software isn't that simple when you make all your users into people who have to call you all the time, even if they want to do something simple like printing a transparent presentation for their boss. Or using roaming profiles, or any amount of other problems.

There are even much better ways to do that, some of which have all users being local admins without the "known" problems to that.

I actually didn't only run many "real servers", but I even build a better system myself, in use by some very large companies. Which is totally differnt, but works really well.

And I call it being "on the verge" when you can have major problems when you let things run for a while, without actively patching the latest holes all the time.

I call it "working as intended", when you can forget about it for a while, come back and find everything in top notch working order.
 
Well, Mac OS X does support second mouse button, at least in Tiger :)
And yes, it brings up a popup menu in most cases.
Furthermore, if anyone believes that using or not using a single software makes them safer, they are misinformed. Human is still the most important factor.
 
DiGuru said:
Hey, Althornin, I actually agree with you for the most part. Really!

Then again, that you need to be an administrator on Windows most of the time is encouraged by the OS plenty. For starters, install it using the default procedure, and you'll end up as one.
I know.
I said that.
But it was a mistake that was made years ago, that cannot be fixed - because software developers were lazy, and to fix it now would mean that tons of software wouldn't work.
I said that also.
And installing, updating and patching software isn't that simple when you make all your users into people who have to call you all the time, even if they want to do something simple like printing a transparent presentation for their boss. Or using roaming profiles, or any amount of other problems.
Huh. WSUS takes care of patching. Roaming profiles work fine. So does printing transparencies. Almost all of our users run at "User" level privledges, which means that I get to spend hours of my time figuring out what directories and reg keys stupid software devs make thier products write to. (just FYI - I am a sysadmin at a college, I deal with more dumb compter people in a day than you can want to imagine, but keeping our boxes secure isn't something that eats tons of my time...).
Keeping thousands of machines patched and secure takes an amazingly small amount of my time.

And I call it being "on the verge" when you can have major problems when you let things run for a while, without actively patching the latest holes all the time.

I call it "working as intended", when you can forget about it for a while, come back and find everything in top notch working order.
If you "forget about it" for awhile (patching, that is) on Linux, Solaris, etc, and everything is working fine, then you are lucky. That's not working as intended, thats dumb luck that you didn't get exploited.
Every OS is "on the verge" by your definitions.

I have to deal with Windows updates at a single point in my domain (top level WSUS server), ONCE A MONTH. Patching a single Solaris or Linux box takes more time, AND happens more often. Yet Windows is "on the verge". You've got some strange definitions.
 
Last edited by a moderator:
Sage said:
1) get a half-decent NAT

2) buy a Mac and keep it behind #1
Or instead of buying slower more expensive hardware install a version of nix.. dual boot.
Use nix for everything except games or applications that only run on windows.
But I've never had a problem with XP behind a router and using firefox/opera.
 
radeonic2 said:
Or instead of buying slower more expensive hardware install a version of nix.. dual boot.
Use nix for everything except games or applications that only run on windows.

or make your life easier and just buy a mac.
 
Sage said:
or make your life easier and just buy a mac.
How does buying an overpriced slow piece of crap make your life easier? (compared to an A64)
For any competent person simply using FF/opera and having a router (regardless of os) is enough.
That all I will say about that... further replies will simply be me making fun your mac elitism, if necessary, and questioning your ability to operate a computer.
 
radeonic2 said:
How does buying an overpriced slow piece of crap make your life easier? (compared to an A64)
For any competent person simply using FF/opera and having a router (regardless of os) is enough.
That all I will say about that... further replies will simply be me making fun your mac elitism, if necessary,

ever since i got my mac i havent had to fix one computer problem, mess around with one annoying glitch, or anything else. everything that i want my computer to do it does, without any extra programs, and totally seamlessly. i love my mac, it has made life SO much easier never having to worry about any computer issues.


and questioning your ability to operate a computer.

I used to work for Perot Systems. I think that certainly shows I'm qualified.
 
Back
Top