Security

On Thu, 17 Sep 2009 22:46:00 -0500, as; wrote:

>On Thu, 17 Sep 2009 23:21:22 GMT, "nemo_outis" <> wrote:
>
>>Albert <> wrote in news:33d368a5-5be1-4dc4-
>>8f49-:
>>
>>> I've just installed XP and need to surf the web. Do I need to install
>>> anything?
>>>

>
>7. Download the freebie WinPatrol. It'll keep you apprised when any
>program tries scrwing with your files or registry.
>
They kind of hide the freebie WinPatrol, trying to sell you the
pay-for one. Here's the page for the freebie.

http://www.winpatrol.com/download.html

It's the WinPatrol 2009 that you want.

as;dl@dasfkjl.com

Albert wrote:
> "nemo_outis" wrote:
>> <snip _top-post_>
>
>> For instance, it is quite uncommon to become infested with malware unless
>> one connects to the internet (at least browsing and emailing, but
>> possibly also torrent, irc, etc.) - but you don't even mention that you
>> do that, let alone how!
>
> I browse, email with gmail, use utorrent, don't use irc.

Get the full paid version of MBAM if you're going to use uTorrent.
Without it, undesirable peers will show up within mere seconds! Fact!
You'll want MBAM's IP Blocking turned on before you do anything.

<http://www.malwarebytes.org/>

>
>> With that said, the basic kit is as follows:
>>
>> 1) use a router

NAT router.

>> 2) use a decent software firewall
>> 3) use a decent antivirus

3a) use several overlapping antispyware applications. MBAM & SAS

>> 4) use programs with reduced susceptibility to security breaches (e.g.,
>> firefox), addons which increase security (e.g., noscript, flashblock,
>> betterprivacy) and - especially important! - configure all software (OS,
>> firewall, browsers, email, etc.) appropriately.
>
> I use a router. I don't have a firewall nor antivirus.

Are you going to turn off XP's firewall and use a personal fire wall?

> After I post this I'll go get firefox with the addons you've listed.
>
> But, could you please narrow down what you mean by 'configure all
> software appropriately'?

Means harden your OS and applications so they aren't likely to expose
you to intrusion. Turn off services you are never likely to use.

I hope you aren't using the very system you're trying to protect, to
send these posts!

--
1PW

1PW

Albert <> wrote in
news:cbac0dfa-e866-4e1b-8d8d-:

> "nemo_outis" wrote:
>> <snip _top-post_>
>
>> For instance, it is quite uncommon to become infested with malware
>> unless one connects to the internet (at least browsing and emailing,
>> but possibly also torrent, irc, etc.) - but you don't even mention
>> that you do that, let alone how!
>
> I browse, email with gmail, use utorrent, don't use irc.

HOW & WHERE you browse matters. (Are they low-risk BBC news type sites,
or high-risk porn & warez sites? Not to say I never go to high-risk
sites but I "suit up" before doing so.)

gmail, while convenient, is questionable from a security standpoint
(except for low-risk throwaway uses). For serious uses you should post
through mixmaster, and for serious newsgroup use mixmaster and a
mail2news gateway (none of which is necessary for light-duty stuff - but
it's surprising how what you thought was light-duty stuff can sometimes
bite you in the ass a few years later)

utorrent (which i use and love) can open you to significant risks (e.g.,
RIAA) depending on your jurisdiction, etc. Some downloads may carry
malware payloads (at minimum this requires anti-virus scanning; more
serious approach adds virtual machine).

In fact, ANY downloading from the net (as opposed to plain surfing) is at
least medium risk (some might say *high* risk *even* for 'respectable"
sites). This especially includes 'stealth downloads' such as when you
mindlessly click yes to a message like "This video requires a codec that
is not presently installed - Install it now?" or similar invitations to
self-infection.

>> With that said, the basic kit is as follows:
>>
>> 1) use a router
>> 2) use a decent software firewall
>> 3) use a decent antivirus
>> 4) use programs with reduced suceptibility to security breaches
>> (e.g., firefox), addons which increase security (e.g., noscript,
>> flashblock, betterprivacy) and - especially important! - configure
>> all software (OS, firewall, browsers, email, etc.) appropriately.
>
> I use a router. I don't have a firewall nor antivirus. After I post
> this I'll go get firefox with the addons you've listed.
>
> But, could you please narrow down what you mean by 'configure all
> software appropriately'?

Because it's once again a very broad topic I'll give you one example to
let you get the "flavour" of what I'm talking about: Your email program
default MUST be configured NOT to display html.

Or for a second example: Your browser should be configured with java and
javascript off as the default and only enabled on trusted sites
(Noscript, etc. can help manage aspects like this).

Lastly (well not really lastly - there's lots more - but lastly for this
post) you must "configure yourself" not to do stupid things thoughtlessly
or from laziness or carelessness. You may not go to the trouble of
developing formal protocols but you should have at least rough and ready
ones - and you must religiously follow them. YOU are the greatest risk
to your security.

Regards,

nemo_outis

1PW wrote:
> I hope you aren't using the very system you're trying to protect, to
> send these posts!

I am.

Albert

Albert wrote:
> 1PW wrote:
>> I hope you aren't using the very system you're trying to protect, to
>> send these posts!
>
> I am.

Pity

--
1PW

1PW

nemo_outis wrote:
> Your email program default MUST be
> configured NOT to display html.

How do you do that in Gmail?

Albert

Albert wrote:
> I've just installed XP and need to surf the web. Do I need to install
> anything?

To sum up, I need to _install_:

1. Erunt (use before installing anything)
2. NOD32 or Symantic Client Security or Avast (updating everyday)
3. NTREGOPT
4. Acronis True Image
5. SAS
6. MAM full for IP blocking
7. Sunbelt
8. WinPatrol 2009
9. InstallSpy
10. SyncBank Freeware
11. A HOST file
12. Fingerprint
13. Spybot - don't use TeaTimer
14. Mixmaster
15. Mail2news gateway

15 things!!!

[pause]

What if I wanted to allow malware to wreak havoc on my computer since
there's nothing important there but _make sure_ I don't send out
private, personal, important etc. information?

Albert

Albert <> wrote in news:29804f03-5a06-4cb2-
8231-:

> nemo_outis wrote:
>> Your email program default MUST be
>> configured NOT to display html.
>
> How do you do that in Gmail?


At last the light begins to dawn! You may recall that I was less than
enthusiastic about gmail.

You may also wish to consider critiques such as the one at the following
site (nothing special - I just picked it as one of many out there -
ironically, you can google to find zillions more). Such things as the 180
day lapse of protection, targetted ads based on profiling one's email, etc.
make my flesh crawl. YMMV After all, it *is* very convenient (and why let
privacy stand in the way of convenience?)

http://www.google-watch.org/gmail.html

Regards,

nemo_outis

Albert <> wrote in news:0f52881a-0081-4edf-
a453-:

> Albert wrote:
>> I've just installed XP and need to surf the web. Do I need to install
>> anything?
>
> To sum up, I need to _install_:
>
> 1. Erunt (use before installing anything)
> 2. NOD32 or Symantic Client Security or Avast (updating everyday)
> 3. NTREGOPT
> 4. Acronis True Image
> 5. SAS
> 6. MAM full for IP blocking
> 7. Sunbelt
> 8. WinPatrol 2009
> 9. InstallSpy
> 10. SyncBank Freeware
> 11. A HOST file
> 12. Fingerprint
> 13. Spybot - don't use TeaTimer
> 14. Mixmaster
> 15. Mail2news gateway
>
> 15 things!!!
>
> [pause]
>
> What if I wanted to allow malware to wreak havoc on my computer since
> there's nothing important there but _make sure_ I don't send out
> private, personal, important etc. information?
>

I gave you the basic kit - the others are part of a more complete
toolbox. But, useful as all the others are (I too use many of them or
something close) you must learn to walk before you run. Master the
basics, then add. Otherwise even the best tools are mostly useless.

However, with respect to your question about not sending out information,
the problem is if you let malware *in* you then have a traitor in your
own camp that can leak sensitive info *out.*

Regards,

PS There is more to this than just getting the kit - you must know how
to apply it. For instance, even an ordinary router can be configured to
prevent most things getting in that you do not voluntarily (where
"voluntarily" has a very broad meaning) bring in. A software firewall,
while it does add some incremental protection against inbound threats is
mainly useful for (at least partially) blocking outward channels. The
router and software firewall work synergistically.

The anti-virus program (and malwarebytes, superanti, etc.) are mostly an
admission that we will (at least sometimes and to varying degrees) FAIL
to keep **** out. They're there to minimize the damage by early
recognition, threat neutralization, and removal. (Backup - as with
Acronis, etc. is also part of a harm minimization approach, one not just
limited to malware threats)

None of the kit - in fact, not even ALL of the kit gives total
protection. We're in a race with clever, capable and motivated
adversaries (at the high end) concealed within mases upon masses of
lesser threats arranged in tiers of capability. (Some of) the opponents
are very good indeed, and they need only find ONE workable exploit to get
you while you must block ALL possible threats to be totally secure. The
odds are with them.

The full bore approach is threat and consequence assessment followed by
selection and use of tools and procedures (yes, procedures and not just
tools) that will reduce the threats. All within constraints imposed by
our resources (not just money, but time, trouble, skills, etc.). It's an
exercise in risk management. But sadly, risk management seldom achieves
the holy grail of risk elimination.

Ain't life a bitch?

nemo_outis

"Albert" <> wrote in message
news:0f52881a-0081-4edf-a453-...
<snip<
> What if I wanted to allow malware to wreak havoc on my computer since
> there's nothing important there but _make sure_ I don't send out
> private, personal, important etc. information?

Hello Albert

Maybe you have *already* allowed malware to wreak havoc on your computer!
Viz:-

"Albert" <> wrote in message
news:50b375c5-e573-48bb-99bd-...
> 1PW wrote:
>> I hope you aren't using the very system you're trying to protect, to
>> send these posts!
>
> I am.

Maybe you are simply unaware that malware is present!

Some here will advocate that you should now "flatten and rebuild" your
machine and make sure that you have installed basic protection *before* you
reconnect to the Internet. I support that approach! I also support the use
of Acronis True Image (to 'turn back the clock' in future).

However, have you considered that your BIOS may have been/could be infected?
A whole new ball-game!

Some may wish to review here:
http://www.phrack.org/issues.html?issue=66&id=7

An interesting subject - ask Google!

HTH

--
Dave

~BD~