Announcement

Collapse
No announcement yet.

Tips for securing personal computer

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    Tips for securing personal computer

    This is a list of things that I am sure that everyone probably already knows, but I thought that maybe some of the less experienced that join the forum might learn a thing or two from.

    I found this at www.gemini777.com

    It was originally posted by "Grove"
    -----------------------------------------------------------------------------

    Tutorial - Keeping Your Computer Clean and Secure

    Please follow these simple steps in order to keep your computer clean and secure:

    1. CLEAR & RESET SYSTEM RESTORE'S CACHE
    Go to Start >> Run - type control sysdm.cpl,,4 & press Enter
    * Tick on the checkbox - Turn off System Restore on all drives
    * Click Apply
    Turn it back 'On' by unticking the same checkbox & click OK


    2. DISABLE THE VIEWING OF SYSTEM FILES
    From Windows Explorer, go to Tools>Folder Options> View tab.
    * Untick - Show hidden files and folder
    * Tick - Hide file extensions for known types
    * Tick - Hide protected operating system files
    Click Yes to confirm & then click OK


    3. SECURING INTERNET EXPLORER
    From within Internet Explorer click on the Tools menu and then click on Internet Options.
    * Select the Security tab
    o Click once on the Internet icon so it becomes highlighted.
    o Select Custom Level .
    + Change 'Download signed ActiveX controls' to Prompt
    + Change 'Download unsigned ActiveX controls' to Disable
    + Change 'Initialize and script ActiveX controls not marked as safe' to Disable
    + Change 'Installation of desktop items' to Prompt
    + Change 'Launching programs and files in an IFRAME' to Prompt
    + Change 'Navigate sub-frames across different domains' to Prompt
    + When all these changes have been made, click on the OK button.
    o If it prompts you as to whether or not you want to save the settings, press the Yes button.
    * Select OK to exit the Internet Properties page.



    4. ANTIVIRUS SOFTWARE
    It is very important that you have anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    http://www.bleepingcomputer.com/forums/topict405.html

    It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.


    5. FIREWALL
    Without a firewall your computer is succeptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. A tutorial on Firewalls and a listing of some available ones can be found here: http://www.bleepingcomputer.com/forums/tutorial60.html


    6. Microsoft Windows Update
    Visit http://www.windowsupdate.com/ regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


    7. SPYBOT - SEARCH & DESTROY
    Download and install Spybot - Search & Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with the program on a regular basis just as you would an antivirus software. A tutorial on installing & using this product can be found here: http://www.bleepingcomputer.com/forums/tutorial43.html


    8. AD-AWARE
    Download and install Ad-Aware. You should use this program to scan your computer on a regular basis just as you would an antivirus software in conjunction with Spybot. A tutorial on installing & using this product can be found here: http://www.bleepingcomputer.com/forums/tutorial48.html


    9. SPYWAREBLASTER
    SpywareBlaster prevents the installation of malicious ActiveX, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies & restricts the actions of potentially unwanted sites.

    Unlike other programs, SpywareBlaster does not have to remain running in the background. A tutorial on installing & using this product can be found here: http://www.bleepingcomputer.com/forums/tutorial49.html


    10. IE-SPYAD
    IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. A tutorial on installing this product can be found here

    After doing all these, your system will be optimised against future threats.

    It's okay to delete the Hijack This folder in a couple weeks if everything is working okay.
    Have a safe & happy computing day.
    I enjoy talking to myself...it's usually the only intelligent conversations I get to have.
    Tags: None
  • #2
    Correct me if im wrong, But isnt it bad to hide file extensions?

    A virus with the name:

    Document42.doc.exe

    would apeer as:

    Document42.doc


    There was even a small part about that in The Art of Deception.

    Comment

    • #3
      I have a few bones to pick with the list and a fistful of items to add to it. Great start, I think it is a great idea to assemble baseline documents/links/resources like this in an organized fashion. If someone asks, we can easily point to a clean thread instead of just giving a standard 'googleitdammit'

      Will contribute to this thread as time permits, I encourage others to do the same, or start similar threads (be sure to quote your source, like above, if you pull a doc from someone else).
      if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

      Comment

      • #4
        Originally posted by CP99
        Correct me if im wrong, But isnt it bad to hide file extensions?

        A virus with the name:

        Document42.doc.exe

        would apeer as:

        Document42.doc


        There was even a small part about that in The Art of Deception.
        I agree. I show all extensions by default.
        "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

        Comment

        • #5
          Here's some of the things I do on my computer

          1. Browser Security

          Dont use IE if you dont have to. Firefox and Opera have a far better baseline for security, however nothing is perfect; make sure you stay up on your updates. If you have to use IE, I recommend the data protection template from the JAP folks.

          For browsing I recommend using JAP or TOR. Also, if you have the bandwidth, be a pal and become a TOR server.

          2. Host Security

          If you are using Windows XP, turn on the disk encryption. To to the file you want to encrypt, such as My Documents. Right click. Select Properties. Under the General Tab select Advanced. Select 'Encrypt contents to secure data'. You can use other programs like GnuPG or PGP Desktop if you want a solid crypto solution to encrypt files and email. I figure, the Windows stuff is in there, why not use it.

          The other things to do in regards to Windows host security. Set up fucking passwords on each account. Make the passwords strong. 8 characters minimum, mixture of UPPER and lower case letters, numbers, and special characters (!@$*%, etc). Make sure automatic updates is turned on, but still hit windows update from time to time to make sure you are current on your patches. Disable any accounts that you arent using as well. If you're using Windows 2000, password protect, rename, then disable the Administrator account. Just like you should never log in as 'root', same goes for the Administrator account in Windoze.

          3. Privacy protection

          Don't delete files, Erase them!. Also, if/when you go to decommision a drive, take advantage of Eraser's boot 'n nuke floppy option.

          Clean up after yourself by using something like Ilsystem wiper. You can have it wipe just about anything and it has the ability to add plugins to cover your custom apps.

          Run Anti Virus software. For God's sake, run it. On behalf of the rest of the Internet using population, let me say that 90% of our problems would be solved if everyone patched their systems and ran AV. Check out AVG Anti Virus. Its free, you have no excuse not to run it.

          Keep spyware off your system. I wont bother posting links, as its already been covered. Adaware by Lava Soft and SpyBot by Kola software both rock. Check out Microsoft's anti-spyware utility as well. Its not half bad.

          If you have a ton of passwords, dont keep them in a text file. Use something like Password Safe to store them. Also, dont forget to change your passwords from time to time. ALL of your passwords. Online banking, ATM PINs, Logons, Web Mail, FORUM passwords, etc.


          4. Physical protection

          Set a BIOS password. Keep your laptop under lock and key when you dont have it. If you transport it in a backpack, put a padlock on it. No, it wont stop someone from stealing your backpack, but it will prevent someone from casualy popping your back pack open while you arent paying attention and bolting off your laptop. If you are traveling, take advantage of the in-room safes most hotels have. If you want to be paranoid, get a removable biometric card (note, I said removable). Keep it with you so the laptop wont work without it. Built-in biometrics kinda defeat the purpose, as its fairly easy to bypass a thumbprint scanner if you have access to the scanner itself.

          5. Disaster Recovery

          The forgotten 'A' of the CIA triad. Back your freeking data up already. Just about everything has a burner in it. If not, get one. PC Club has a CD/DVD+-RW burner on sale right now for 45 bucks. Back your data up. Back it up regularly. Make a note on your calendar to remind yourself to back up your data. When you back up your data, also make a list of all the programs you have installed on your computer. Anyone who's ever had to reflash a hard drive will know theres nothing worse than sitting down at your freshly imaged system and saying 'now what did I have installed on here?'. Keep the list installed software and your backups some place safe. For the paranoid, get a safety deposit box at the local bank. For the more realistic, go get a Fire Safe. Keep everything in there. Not a bad idea to also keep your passport, unused credit cards, insurance information, etc in there too. That way you can grab it and go if the house is burning and not have to wonder if you have everything.

          I return whatever i wish . Its called FREEDOWM OF RANDOMNESS IN A HECK . CLUSTERED DEFEATED CORn FORUM . Welcome to me

          Comment

          • #6
            great list of tips, noid. to this thread i'll add a link to this post i made to this thread which was received pretty well.
            "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
            - Trent Reznor

            Comment

            • #7
              I definately agree with Noid on the don't use Internet explorer if you don't have to.
              "I wash my hands of those who imagine chattering to be knowledge, silence to be ignorance, and affection to be art." -Kahlil Gibran

              "Half the world is composed of idiots, the other half of people clever enough to take indecent advantage of them." -Walter Kerr

              Comment

              • #8
                Originally posted by CP99
                Correct me if im wrong, But isnt it bad to hide file extensions?

                A virus with the name:

                Document42.doc.exe

                would apeer as:

                Document42.doc


                There was even a small part about that in The Art of Deception.
                it will appear as Document42.doc, but will have the icon of the default application used to load an exe and not the application to load a doc....just be alert.


                Web Hosting --

                Comment

                • #9
                  Originally posted by enigma
                  it will appear as Document42.doc, but will have the icon of the default application used to load an exe and not the application to load a doc....just be alert.
                  You are ignoring the fact that applications have the ability to specify their own icon. Is there any manner of disabling that feature?

                  Comment

                  • #10
                    I am not ignoring the fact, I am simply assuming the attacker does not have access to change your default file associations.


                    Web Hosting --

                    Comment

                    • #11
                      Originally posted by enigma
                      I am not ignoring the fact, I am simply assuming the attacker does not have access to change your default file associations.
                      I get the distinct impression that you do not work with the world of Microsoft Windows. A .exe file is not a document loaded by an external program through the file associations as a .doc file is; a .exe file is an application. If I have Document42.doc and Document42.exe, and the latter specifies an icon that identically resembles that of Microsoft Word, then both files will appear identical (assuming file extensions are disabled and the user actually has Microsoft Word installed).

                      I apologize for the aside here, but I think it is important that users understand these concepts.

                      Comment

                      • #12
                        Originally posted by enigma
                        I am not ignoring the fact, I am simply assuming the attacker does not have access to change your default file associations.

                        Its not hard at all, some if not many public release trojens have an icon chooser in the compile server phase, One could use the icon of a .doc document, assuming that file extensions are disabled.

                        To the victim, the document would look like a word file, smell like a word file, but when clicked, wopuld display anything the attacker wants, ie "File is corrupt" Or something of that standard.

                        Comment

                        • #13
                          for PCs a good registry protection program is MJRegWatcher it covers just about every where. any change i make it popsup and asks if it's OK. it uses polling
                          http://www.jacobsm.com/mjsoft.htm#rgwtchr

                          another good registry protector which is both shareware and freeware is RegDefend, it works in the kernel
                          http://www.ghostsecurity.com/index.php?page=regdefend

                          some good Host Intrusion Protection System (HIPS) programs are...
                          free for home use AntiHook
                          http://www.infoprocess.com.au/

                          i haven't tried it but Online Armor is supposed to be good.
                          http://www.tallemu.com/index.php?area=home

                          and Prevx
                          http://www.prevx.com/

                          in the past i used System Safety Monitor, it's was very very good, giving you a great amount of control e.g. interceping driver, service, dll, hooks and memory access and letting you choose which application can do what and how it can interact with other applications on an individual bases. what made me stop using it was that it worked on a timed bases, so would stop working at a certain time, and you'd have to update to the new version which could be buggy. it will go sharware too at some point.
                          http://syssafety.com/product.html

                          SafeXP is nice for turning off some unneeded features in XP
                          www.theorica.net/safexp.htm

                          Secure-It is good for hardening your system, some people have had problems with it, but most haven't
                          http://www.sniff-em.com/secureit.shtml

                          Harden-It like Secure-It, but for networks. i'm fairly sure SafeXP, Secure-It and Harden-It all have features that let you revert back to before you ran them, but you'll have to check.
                          http://www.sniff-em.com/hardenit.shtml

                          Comment

                          • #14
                            Two things I'll add that haven't been mentioned yet:

                            - People are getting into the habit of updating the OS, antivirus, and anti-spyware, but not so much Office. Visiting Office Update should be as much a part of the routine as for anything else; vulnerabilities within its components do surface as much as with anything else.

                            - If you've moved over to another browser and are no longer using IE, you'll still need to keep it around to successfully run Windows Update (yes, I know there are extensions to enable ActiveX in Firefox / Mozilla, but let's not go there - it's just a bad idea). Recommendation: disallow all sites in IE's security settings that aren't *.office.microsoft.com, *.windowsupdate.microsoft.com, and *.windowsupdate.com. This will help to mitigate against malware that tries to pull up IE even if it's not the default browser, and can be marginally useful against hosts file poisoning.

                            Comment

                            • #15
                              Originally posted by skroo
                              Two things I'll add that haven't been mentioned yet:

                              - People are getting into the habit of updating the OS, antivirus, and anti-spyware, but not so much Office. Visiting Office Update should be as much a part of the routine as for anything else; vulnerabilities within its components do surface as much as with anything else.

                              - If you've moved over to another browser and are no longer using IE, you'll still need to keep it around to successfully run Windows Update (yes, I know there are extensions to enable ActiveX in Firefox / Mozilla, but let's not go there - it's just a bad idea). Recommendation: disallow all sites in IE's security settings that aren't *.office.microsoft.com, *.windowsupdate.microsoft.com, and *.windowsupdate.com. This will help to mitigate against malware that tries to pull up IE even if it's not the default browser, and can be marginally useful against hosts file poisoning.
                              The latter advice I had not thought about, it is most helpful. I had moved to firefox and most recently Opera from IE but had not thought to do what you had recommended.
                              Did Everquest teach you that?

                              Comment

                              Previous 1 2 template Next
                              Working...
                              X