Re: On security, in a nutshell..

On Mon, 06 Jul 2009 04:48:31 -0700, par7133 wrote:

> Here to recap about security (what I can’t do is to realize that you
> need it).
> Anyway, I recommend you to check your security measures one more time.
>
> 1. Run an hardware firewall, this is the best thing you can do.
> If you want a brand name, [Netgear: http://www.netgear.com].
>
> Do you own a HDSPA or 3G modem and you feel the waves you are
> subject to are enough to think to a wireless router?
>
> You do well! I thought something like that:
> [image:http://blog.daniele.bonini.name/public/2009/07/
> img-607823b.jpg]
>
> but it still doesn’t exist on the market.. so try to talk about
> it.
>
> 2. Run Windows Firewall and mainly if you have a HDSPA or 3G connection.
> Not so powerful but it defends you from port scans and ddos
> attacks.
>
> 3. Run a serious software firewall, [Outpost Firewall:http://
> www.agnitum.com] seems alike.
> Configures as better as possible the Application Rules for all
> your web
> applications giving attention to “window control�, “critical
> objects�
> and “key logging� as other too. Under Firewall, Network rules,
> ICMP,
> uncheck “echo request�. Under Attack Detection uncheck “Block
> intruder IP for�, if the intruder impersonificates your dns server
> is
> inconvenient to block it; than Customize, Attacks, select all.
>
> 4. Run every web application by a downgraded user. This means to create
> a web user with very few authorizations to run your web
> applications
> only. Doing so you forbid attackers to enter by Opera, IE, Firefox
> bugs
> with your live and, probably, administrators credentials.
>
> In Windows XP launch apps by holding SHIFT, right click on the
> app,
> “Run as..�
>
> In Vista download [ShellRunAS:
> http://technet.microsoft.com/en-us/s...cc300361.aspx].
> Ones installed, right click on the app
> “Run as different user..�
>
> 5. Rename Guest user, and deactivate it, and rename Administrator.
> Download [renuser:http://windowsitpro.com/article/articleid/15086/
> how-can-i-rename-a-user-from-the-command-prompt.html] if you need it.
>
> 6. Check out the the [NSA recommendations:http://g0.fi/iaV], and you
> laugh..
>
> 7. Check out your browser settings. I suggest you [Opera:http://
> www.opera.com], as code and plugins
> are locked.
>
> 8. Download and buy, there is no easy escape, [Fortres 101:http://
> www.fortresgrand.com/products/f101/f101.htm]. This software will
> definitively lock down the web user created above and all the non
> administrator users present in your system.
>
> 9. Configure cache and [proxy:http://www.youngzsoft.net/ccproxy/
> index.html] appropriately to limit connections (and
> map ports).
>
> 10 Eventually [change dns settings:http://www.dnsserverlist.org/]. Most
> of the attacks you receive
> are through your dns servers ip impersonifications, indeed don’t
> exclude
> any morbose friendship alive within your dns servers network.
> Eventually
> opt for a [script periodically changing your dns settings:http://
> tr.im/qV59].

Or simply install and run Linux and don't worry about it.

ray <> wrote in news::

> On Mon, 06 Jul 2009 04:48:31 -0700, par7133 wrote:
>
>> Here to recap about security (what I can’t do is to realize that you
>> need it).
>> Anyway, I recommend you to check your security measures one more time.
>>

[edited for brevity]

>
> Or simply install and run Linux and don't worry about it.
>

Good luck with that. You might want to check this out:

http://blogs.techrepublic.com.com/10things/?p=455

On Mon, 06 Jul 2009 12:27:51 -0700, Fuzzy Logic wrote:

> ray <> wrote in news::
>
>> On Mon, 06 Jul 2009 04:48:31 -0700, par7133 wrote:
>>
>>> Here to recap about security (what I can’t do is to realize that you
>>> need it).
>>> Anyway, I recommend you to check your security measures one more time.
>>>
>>>
> [edited for brevity]
>
>
>> Or simply install and run Linux and don't worry about it.
>>
>>
> Good luck with that. You might want to check this out:
>
> http://blogs.techrepublic.com.com/10things/?p=455

Actually, I've been running it on three home computers for over five
years and a dozen at the local library (internet access computers for
public use) for nearly four. All up 24/7/365 and no problems yet.