dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1584
pcnewbie9
join:2002-10-01
Miami, FL

pcnewbie9

Member

Sec. measures for trouble free PC (well,mostly)

Now that I have deleted those 2 files, how can I assure that it doesn't happen again?

I currently have
Norton Antivirus
Trojan Hunter
BlackIce

I just ran ad-aware and spybot. Any other suggestions?
[text was edited by author 2002-10-27 01:06:17]

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game

Premium Member

Re: Security Measures

FYI,

pcnewbie is talking about this thread. Does anyone have suggestions on security and products?

»HELP! 2 viruses found SYSTEM 32
pcnewbie9
join:2002-10-01
Miami, FL

pcnewbie9

Member

Sorry about that, didn't think of mentioning the thread.

Stonedonkey
Premium Member
join:2001-05-15
Corte Madera, CA

Stonedonkey to pcnewbie9

Premium Member

to pcnewbie9
I would personally recommend another firewall like Zonelarm or Outpost, but YMMV.

You may also want to consider a web filter like Proxo (although Outpost has some filtering capabilities built in).

Lastly, make sure you have the latest Windows Updates.

There are some services you may want to disable (www.blkviper.com), and some security settings worth looking at (»www.markusjansson.net/ei ··· bid.html). Markus' whole site is worth a gander, IMO.

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

jansson_mark

Premium Member

said by Stonedonkey:
There are some services you may want to disable (www.blkviper.com), and some security settings worth looking at »www.markusjansson.net/ei ··· bid.html).
Good, but the hyperlink is bad. You need to use ( »www.markusjansson.net/ei ··· bid.html ) or the )-mark stays with the hyperlink and you get a bad hyperlink. What OS was he using? If XP, then I strongly suggest going throught this »www.markusjansson.net/exp.html

But anyway THIS is the page you should be looking at...step by step guide on how to secure your computer »www.markusjansson.net/es ··· ing.html
pcnewbie9
join:2002-10-01
Miami, FL

pcnewbie9 to Stonedonkey

Member

to Stonedonkey
I was not able to get into markusjansson.net (access denied). I went to blkviper.com but I am not sure what I'm supposed to look for. The list I found there of services to disable was for XP, I have 2k Pro.

One last thing, isnt' Zonealarm same thing as BlackIce?

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

jansson_mark

Premium Member

said by pcnewbie9:
I was not able to get into markusjansson.net (access denied).
Please read my post above.
quote:
I went to blkviper.com but I am not sure what I'm supposed to look for. The list I found there of services to disable was for XP, I have 2k Pro.
There is an other list specially for 2k, but you can use the list meant for 2k too.
quote:
One last thing, isnt' Zonealarm same thing as BlackIce?
No. ZoneAlarm is a very good personal firewall, BlackIce is Intrusion Detection System, it offers NO outbound security.
pcnewbie9
join:2002-10-01
Miami, FL

pcnewbie9

Member

Thanks. I read your first post right after posting mine.
pcnewbie9

pcnewbie9 to jansson_mark

Member

to jansson_mark
I found the 2kPro at Blkviper.com. However, I have 2 questions? What is the benefits besides freeing up some space? And, how do I disable them?

I use my PC only for Internet surfing and that's it! I am not sure how this would help me. I keep DSL connected all day and night, which is why I guess I've been having problems.

Stonedonkey
Premium Member
join:2001-05-15
Corte Madera, CA

Stonedonkey to pcnewbie9

Premium Member

to pcnewbie9

Re: Sec. measures for trouble free PC (well,mostly

To disable services:
Start>Programs>Admin Tools>Services

Right-click on a service, select Properties. In Startup Type, select "Disable" from dropdown list. Click "stop," click "apply," and reboot.

Frees RAM and eliminates some relatively insecure elements.

Lurkers inc
Don't Call Me Doink
join:2001-10-13
Seattle, WA

Lurkers inc to pcnewbie9

Member

to pcnewbie9

Re: Sec. measures for trouble free PC (well,mostly)

I will toss in the obvious, only download files from known reputable and trusted sites. Be picky about what you allow on to your computer and allow a little time to think about, scan and/or ask if anyone has tried a product or has a recommendation for a particular program.

Most of the software here »lists.gpick.com/ is tested and recommended by many and grouped into list for particular uses.

That will take you along ways on having a clean and trouble free computer in my opinion.

Paul,
[text was edited by author 2002-10-27 01:36:03]

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

jansson_mark to pcnewbie9

Premium Member

to pcnewbie9
said by pcnewbie9:
I'm not sure yet about disabling services as I am not that confident when it comes to disabling/deleting things from the computer.
A handy tip: Write down or print your current services. This way you can restore them afterwards if needed.

You should disable completely ALL services that you dont need. There is no point of having services running in your computer that you dont absolutely need. They are ALL potential security holes in both terms of security vulnerabilities and terms of you accidently triggering them or any trojan using them as backdoor.
pcnewbie9
join:2002-10-01
Miami, FL

pcnewbie9 to Lurkers inc

Member

to Lurkers inc
Thank you everyone. Links are awesome. I have installed and currently running:

BLACKICE
ZONEALARM
NORTON ANTIVIRUS
TROJAN HUNTER
AD-AWARE
SPYBOT SEARCH AND DESTROY.

Am I being overly protective? I'm working right now on Markus Jannson amazing page, updating windows and Office.

I'm not sure yet about disabling services as I am not that confident when it comes to disabling/deleting things from the computer.

Thanks again to all. My poor hubby got tired of waiting for me to go to bed (2:00am ETD). I just couldnt' sleep, it was driving me insane.

Stonedonkey
Premium Member
join:2001-05-15
Corte Madera, CA

Stonedonkey

Premium Member

Re: Sec. measures for trouble free PC (well,mostly

Hey, no problem. Just take it a little at a time. Baby steps . Disabling services isn't essential, only recommended.
pcnewbie9
join:2002-10-01
Miami, FL

pcnewbie9

Member

Thanks, you guys are great!

dja
Happy to Help
Premium Member
join:2002-03-25
Niagara

dja to pcnewbie9

Premium Member

to pcnewbie9

Re: You're almost done.

If I may add one more...
ScriptSentry by our very own, Jason Levine.
----------------
Script Sentry allows safe scripts to run, while
alerting you if a script might harm your system.
In addition, Script Sentry prevents against malicious
scripts in ShellScrap (SHS and SHB extensions) files,
Word/Excel macro viruses, malicious HTA files, and
accidentally run REG files.
-----------------
A very nice, low resource, background app.
And BTW: Welcome to the DSL/BBR Security Forum.

BKayrac
Premium Member
join:2001-09-29

BKayrac

Premium Member

just from personal use, i wouldn't suggest running blackice and zonealarm....i did that for a while, if i remember zonealarm caught everything and blackice sat useless using up system resources, they can also cause some complications with 2 firewalls(/ids if your picky), i'd suggest zonealarm, but blackice was a good ids when i ran it.

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

jansson_mark

Premium Member

said by BKayrac:
i did that for a while, if i remember zonealarm caught everything and blackice sat useless using up system resources, they can also cause some complications with 2 firewalls(/ids if your picky), i'd suggest zonealarm, but blackice was a good ids when i ran it.
1) You can turn off alerts from ZA if it bothers you. You should anyway ALWAYS ignore "medium" rated alerts in ZA.

2) Why use two firewalls/IDS at the same time?!? ZoneAlarm is enought, maybe one hardware firewall to add if you really are paranoid.

BKayrac
Premium Member
join:2001-09-29

BKayrac

Premium Member

pcnewbie is currently using blackice and ZA, i was simply telling him that it can cause complications, and one doesn't even do anything....i actually use sygate right now :P

guycad$
In Search Of Free Speech
Premium Member
join:2002-05-02
Pompton Lakes, NJ

guycad$ to pcnewbie9

Premium Member

to pcnewbie9

Re: Sec. measures for trouble free PC (well,mostly)

said by pcnewbie9:

Am I being overly protective?
In a word NO.

The only good hex is safe hex. (inside geek joke on 'hexidecimal' number system used internally in computers.)

At the risk of being flamed, I also recommend that people switch to Opera 6.05 for most web browsing (get it here: »www.opera.com ) and either Pegasus ( »www.pmail.com/ ) or Agent ( »www.forteinc.com/main/ho ··· page.php ). Both are virutally impossible to infect with a virus or worm. I prefer Agent as it explicitly does not do any html display. This is an excellent method of privacy protection from 'spy bugs' in spam email. Neither requires constant security updates either.

Welcome to the list and have fun!


sig6
Premium Member
join:2001-05-05

sig6 to jansson_mark

Premium Member

to jansson_mark

Re: You're almost done.

quote:
No. ZoneAlarm is a very good personal firewall, BlackIce is Intrusion Detection System, it offers NO outbound security.
Markus: have you looked at Black Ice recently? The new version (which came out some time ago and was discussed here in some detail) does offer outbound protection, application and program component control and, according to users' reports, passes all the "leaky" tests.

ZAP with program component control only alerts and asks for permission when a new or modified program tries to connect to the internet. The new BI alerts and asks when the program first executes and again when and if it attempts to contact the internet.

So BI can function as an IDS and a firewall. If PC newbie has the latest BI, and only ZA free, then BI provides more protection if program component control is activated.

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

jansson_mark

Premium Member

said by sig6:
Markus: have you looked at Black Ice recently? The new version (which came out some time ago and was discussed here in some detail) does offer outbound protection, application and program component control and, according to users' reports, passes all the "leaky" tests.
I also look at the history of product X. When it comes to Black Ice, it doesnt look good. Even the fact that they manipulated BID so it blocked Leaktest was a lame thing to do (but Gibson made Leaktest 1.1 that passed it). Im sorry but I just dont like it at all. ZA is very easy to use and I dont see what would someone gain by using BID instead.
quote:
So BI can function as an IDS and a firewall. If PC newbie has the latest BI, and only ZA free, then BI provides more protection if program component control is activated.
Did I miss something? ZAP has component control.

sig6
Premium Member
join:2001-05-05

sig6

Premium Member

Markus, your opinion regarding the history of the product notwithstanding, your statement that BI still does not have outbound protection is incorrect. BI currently has outbound protection as has been confirmed by testers both here and at the GRC newsgroups.

Yes, you did miss something: my statement that "if PC newbie has the latest BI, and only ZA free, then BI provides more protection if program component control is activated." (Bold added.)

My statement above refers to ZA free which does not have program component control.

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

jansson_mark

Premium Member

said by sig6:
Markus, your opinion regarding the history of the product notwithstanding, your statement that BI still does not have outbound protection is incorrect. BI currently has outbound protection as has been confirmed by testers both here and at the GRC newsgroups.
I blame my bad english for my last post...
Yes, it has outbound protection now. But the whole product is something I dont trust when I concider what they have done in the past.
quote:
Yes, you did miss something: my statement that "if PC newbie has the latest BI, and only ZA free, then BI provides more protection if program component control is activated." (Bold added.)
Missed that. But in general, it is not a good idea to have two firewalls in one computer at the same time (this is what you are referring to arent you?). And to run only BID...I wouldnt do it because I cant trust that product.
quote:
My statement above refers to ZA free which does not have program component control.
Again correct, I missed that.

sig6
Premium Member
join:2001-05-05

1 recommendation

sig6

Premium Member

What I was referring to is that between the current BI and ZA free, BI provides more protection since it has program component control and ZA free does not. I also would not recommend running both at one time, since I know that ZA can be somewhat touchy and not always play well with others.

As for your mistrust of the current product based on previous tactics of the vendor, that's your choice. The vendor's previous tactics for BI were IMO less than honest and hurt the product's rep more than criticism of the product itself. Nevertheless, as distasteful as I found the vendor's previous tactics, I draw the line at providing misinformation regarding the capabilities of the current product.

Lurkers inc
Don't Call Me Doink
join:2001-10-13
Seattle, WA

Lurkers inc to sig6

Member

to sig6
Hate to jump so far off topic, must be a character flaw. I noticed that BIP component control asked me if I wanted to allow stuff out that I had no idea what it was and could only assume based on the program I was using at the time. I could have figured out what it was asking given time but I found that to be a problem in my opinion. It offers great protection if you can put up with figuring out how to set it up and only grant trusted things permission to run but that was more restrictive than I was willing to accept while still having an enjoyable net experience. I note that Zone Alarm will offer another layer of protection in the above setup and that is good as BIP and ZA do seem to function well together in my experience.

I feel that is probably what the original poster was after is what precautions to find the right balance between user friendliness and having a secure setup. One thing extra I have found useful is IE-SPYAD »www.staff.uiuc.edu/~ehow ··· #IESPYAD and even more so the buttons found in Enough is Enough! »www.staff.uiuc.edu/~ehow ··· rce6.htm that allow you to use the security zones built into. Internet Explorer to be cautious with web sites and when you get to know them change you zone settings to trusted at the push of an icon.

Enough typing practice and rambling though, so I am back to Lurk mode. Remember, baby steps...

Paul,
[text was edited by author 2002-10-28 02:52:35]

sig6
Premium Member
join:2001-05-05

sig6

Premium Member

Lurkers: Yes, of course, ease of use is another factor. I know some people have simply turned off program component control in BI because they found it a nuisance. ZA is probably easier for a newbie. I know that previous versions of BI and ZA used to work well together. If they still do, that's fine.
pcnewbie9
join:2002-10-01
Miami, FL

pcnewbie9 to Lurkers inc

Member

to Lurkers inc
Yes, you are correct on what i was looking for Lurkers! I uninstalled black ice because everytime i reboot it comes up disabled and it doesnt' let me enable unless I exit out and then open it up again. So right now running everything as mentioned before except for blackice. I did have a problem last night, see this post...
»PC Shutdown on its own, what's this message?