The only thing MS "worked" at back then was controlling the industry and eliminating competition. Now you can add spying on and controlling their customers. The last thing that MS produced that simply worked without having a mass of bloat and undesirable behaviors was DOS. That they stole from someone else. I've got very mixed feelings regarding Scramdisk 4 Linux. On one hand it's confirmation that Scramdisk is a very good encryption program. On the other hand I have to wonder why someone in the linux community would be concerned with Scramdisk compatibility. Scramdisk is 15 years old and ran on 9X systems only. Who would care about opening Scramdisk containers? I'm not sure that I like the answer to that question. It wouldn't surprise me if this is intended to be a law enforcement application. This makes opening the containers with a linux CD or USB system a real possibility, especially if they can coerce the password out of you. This also makes me think that some high value targets are still using Scramdisk, and 9X systems.
Example of editing Windows inf file as mentioned in post # 588. NOTE: This may not work for all components. I was unable to uncheck Distributed Transaction Coordinator during a test run to try to remove it. Same for COM+ component. May be others to. Have to do further investigation.
That's the main reason that I prefer 3rd party tools for modifying the OS. I ran into a similar issue with the services on XP. Using the built in services interface, several services that could be disabled, stopped, or set to manual on SP2 could not be stopped or disabled after installing SP3. That was one of the reasons that I stayed with SP2 on the physical XP systems.
I will hopefully next be tackling Windows Services along with further removal of folder/file contents. Some folder/file removal has already been accomplished. I've only done some limited testing on removing some Services through command prompt successfully. Do have SP3 installed and currently most of the Services are either disabled or set to manual. Several articles I've read indicated DTC, COM+, WMP and OE being core components can't be removed through Add/Remove Windows Components.
For experimenting with disabling services, I'd recommend PSERV by P-NAND-Q. The current versions are part of G-Tools. An older, freestanding version, 2.7 is available at the bottom of this page. It works quite well on XP. Compared to the built in services interface, this utility can save and import configurations in XML format, making it easy to undo or redo any number of configurations. ERUNT will also serve a similar purpose as most of the services settings are stored in the registry. Amazing that OE and WMP can be considered core components, like an OS can't function without built in e-mail clients and media players. The COM+ service is only needed by applications that use the Component Object Model. Most don't. If in doubt, look in Program_files\ComPlus_applications. See if anything is there. If it's empty, you don't need it.
@noone_particular Still working on components. Thanks for tip on PSERV. Used ERUNT before and ComPlus folder is empty. XPLite app lists COM+, COM+ Event System and Distributed Transaction Coordinator in Add/Remove Components. MS idea of integrating any core component in the OS is IMHO a bad decision. Now user has to find alternative methods to remove components they may not want or need.
I've often wondered why there aren't tools like XPLite for Vista, 7, and 8. There's tools that can remove a few things but nothing with the scope of XPLite. The demand is there. The only reason that I can think of is that the newer OS are designed to make such tools impossible.
You would think developers would find a market out there since Windows 7 is popular and used by many. Could be MS is making it more difficult to remove stuff from newer OS. Recall seeing something for Vista. (VLite) Here is another app listed for newer Microsoft OS's. https://www.ntlite.com/features/
When a component is removed either by Add/Remove Windows Components or XPLite it is indicated in the following registry key. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Oc Manager\Subcomponents Value data: 0 = removed (indicated in XPLite by a unchecked box next to the component) Value data: 1 = not removed (indicated in XPLite by a checked box next to the component) How accurate that is with regard to XPLite I'm not sure. Windows notified me (popup) that NetMeeting has been removed and yet XPLite was showing it as checked. (not removed) When I changed the value data to (0) XPLite now indicates an unchecked box for NetMeeting. (removed) When I removed a Service using cmd prompt and deleted the exe and dll files associated with the service XPLite indicated a checkmark in box next to the service. When I changed the value data (was 1) to (0) then XPLite shows service as removed.(unchecked box) Are the components completely removed or is there still some leftover files still present? UPDATE: Also tried PSERV 2.7 app and it doesn't list the service I removed, yet XPLite trial does. Deleted a few more services with pserv and the services were removed from Windows Services list. Thinking it probably works similar to command prompt, and doesn't remove all files associated with the service.
A few days ago I ran wwdc on my current computer. It told me the first three entries needed disabling/closing which I did. Then yesterday I noticed I got this error when opening Word and it made no difference whether it was a new document or opening an existing one. I searched online and there's quite a few people solutions including from MS, but theirs pertains to early Windows Microsoft Word 97 Standard Edition. Some solutions worked for some while not for others, like shortening the file name which, if it includes a long path can reportedly fix it. It didn't fix mine. Did another search and found this answer. http://www.sodaware.net/blog/fixing-the-office-2007-error-document-could-not-be-registered/ So, I had to go and set that DCOM Server Process Launcher Service back to Automatic. Just as the person had said, manual start didn't work. Must be set to Automatic and reboot. Why on earth would Word need open ports. Ive disabled this service on my other computer and never got this message. The only thing I can think of was I was setting up links within the document. Could that have triggered this? Other than giving Word the flick is there a work-around?
I don't know much about MS Word. Never used it to any degree. Word itself probably doesn't require the open ports. The service itself does that. Think in terms of a business environment where different documents and the components, objects, etc in them are on multiple PCs. This service lets Word or Office change data or other objects on other machines in the network. This way, when you update a document, the update shows on other machines on the network. The service name explains the function, Distributed Component Object Model. Components can be inserted spreadsheets, billing records, etc. Very useful in an office network. For a home user, not so much. The warning you're seeing is just saying that Word won't be able to do this without that service running. When it says links, they're not referring to the shortcut links you see in forum posts. The documents are actually linked where changes made in one are made in the other. The big problem with this arrangement is what happens when a malicious document is encountered. DCOM provides an easy way to spread the infection. I do have a couple of questions. The title suggests that you're creating an index for this thread. Is there any particular reason that you're using Word for this? If this is a contents or index page for this thread, plain old text and BBCode would do the job. If this is to be a separate web page, the composer component of SeaMonkey could handle it.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Oc Manager\Subcomponents Name: IE // Internet Explorer Okay so now I'm confused. The above reg key I thought pertained to whether a component was removed or not removed depending on the value data. If I change the key name IE value (currently 1) to (0) then Internet Explorer in XPLite shows the box unchecked.(removed) I know IE is still installed and only the shortcut and start menu have been removed.
@noone_particular thanks for that explanation. My, you don't miss much noone! that name, "index...etc" is just for the interim. Yes I could use Wordpad, and indeed did to start with, but as I trawled through this thread, I found it increasingly needful in my efforts to organize things, to put links within my document to quickly move around it. All I will be doing is just pasting in from Word to post #1 what Ive done, (minus those temporary links) and then set up links to the relative post numbers in this thread. That part will take a little time, so the refs to the post numbers will be unlinked until I do them. I know absolutely nothing about setting up webpages. Edit: You were right noone about sorting an index of sorts, being a huge task. Nevertheless I've been working on it. I found, just a straight list in alphabetical order, was not going to cut it. I've come up with some main headings and sorted topics into those. If there's going to be overlaps, you can count on it that this thread will produce them.
I've only had a chance to glance through it. Looks good. Making that into links will be quite the chore. Hard to create categories for a thread like this. Would a separate "hardening" category be worthwhile? Sorry about the lack of input lately. I've got about another week of too much to do, then should have more time to help.
Thanks noone. It's a start. No apologies needed about the input. We all have lives to live and it's as we have time. Been working on that list though and if I knew that wasn't going to be easy time-wise I knew the links were going to be total shockers... umm, unless of course someone can enlighten me and tell me a quick way. (I suspect there is not, but I'd love someone to prove me wrong!) Anyway, I've just started on them. The best I could do was do this: go through the thread pages: Right Click on post# > copy > Paste inside URL code in Spreadsheet, title the link as its post # and have this line along side appropriate spreadsheet number for easy ref. 50 down about 600 to go . A separate Hardening Category sounds like a good idea. If you get time, let me know what you think would be appropriate for that category, from the list I've done, as well as anything I've missed out. I've also noticed, I have a few posts missing on my saved webpages from this thread. That would probably be because I saved it before Wilders had completed the page, and I forgot to update it.
I haven't tried editing posts in Word or by using spreadsheets. Most of the time I use plain old text. There's a couple of things I've found handy in forums. They work really well together. One is the BB-Code extension for FireFox, SeaMonkey, etc. In forums, it adds this context menu: The second is a multiple clipboard utility, like this one from Splinterware. It effectively gives you 9 clipboards. You can go on a page and copy 9 links, then go back to the post and make 9 hotlinks. It has all kinds of uses. Regarding a hardening category, items like DropMyRights would fit there as would some of the registry tweaks and settings. Software restriction policies are a form of hardening that needs detailed coverage. EMET (or NEMET) is another. While not as effective on XP, DEP settings are another. Another option that hasn't been covered yet is WehnTrust. If I understand it correctly, it adds a form of ASLR to XP. I haven't had the time to explore it in detail but did find some interactions between it, SSM, and using a Permanent DEP setting. When I get caught up on things here (if such a thing is possible), another I want to get to is a tutorial for using Proxomitron with the ProxBlox package with the Request Policy extension. I also want to assist Compu KTed with the OS attack surface stripping. We've got a long way to go.
Wasn't able to find WehnTrust to try it out. There is couple ways you could depending on the OS used to implement SRP. HMPA app also is possibility for ASLR for XP although I need more info on it. Still working on components, services and removing folder/file contents. Everything in XPLite trial is pretty much removed and looking to pro version list.
I found a copy of WehnTrust a while back. It's version 1.2. It's an .msi package, Windows Installer. I did have it on one of the test units, ran into conflicts with something in that package, either SSM or the DEP settings. Never had time to explore the problem. Another item I want to look into is an XP version of the registry backup/restore arrangement I have on my 98 system. The link in my signature describes it. I think this can be done on XP using a bootloader, a 2nd OS, and batch files. It should be possible to automate it. In addition to registry protection, it could make all of the activity records stored in the registry a non-issue.
Thanks for taking on this task and appreciate all the time and effort your putting into this project.
You're welcome KeyPer. You've brought many gems to the table. It will take a lot more to fine-tune the index and assemble everyones contributions for the best benefit. The biggest challenge is overlap, but sometime I have to go through the posts again, giving them more attention than I did on "round 1".
Just thought I let you know if you weren't aware. Getting a Wilders Security Forum error. The requested page could not be found. Link is (40) on your first page under OS. Other links are working, but didn't test them all.
DNSCrypt + Acrylic DNS Proxy. Privoxy and HandyCaching for caching task, reduce unavoidable CDN tracking method like googleapis, font.google.. I think this is enough.
@Compu KTed ...thanks. Mmm not sure what happened there. If there's a way I can inspect the code once it's entered, I couldn't find it. Anyway I've fixed it. Ive got the bbcodextra extension noone mentioned above, but I feel my own quirky way is going to be quicker than spending the time necessary to understand how the extension works to save me time. I am almost totally green where coding is concerned. One shortcut Ive found is I can just copy & paste a post number as many times as needed, rather than enter the link in the box each time. Theres going to be lots of little tidy ups along the way.
