August 30th, 2009, 11:08 PM
Join Date: Oct 2003
Re: Securing Your PC and Data
Let's try to pull much of what is presented above together....
Lists and Resources
- Backup, backup, backup... Millions of electrons have been spilled discussing malware and how to deal with it. Data retention in the home environment has been almost an afterthought for most users. It's time to push that afterthought to the front. Malware will certainly be an ongoing battle, but that's only half of the equation towards guaranteeing your digital assets.
- Don't react to noise... While it's prudent to adjust any strategy you've implemented to a changing situation, make sure that the situation is really changing before making adjustments.
- Understand how your system behaves...., and as a corollary, if it is changing all the time, you'll have a very hard time meeting this goal. This is to try to assist you in developing an appreciation for when something has really changed in the background.
- If you do make changes...., make the changes sequentially, one at a time, and observe behavior for at least a short period of time between changes. Multiple changes made in parallel create a situation that is much more difficult to debug.
- You system is unique.... It may be in the software you generally use, the selection of hardware, or simply the mode in which you use it. If you wish to really understand how an application or an approach will behave in your hands, you need to run the classical challenge-response experiment. You can develop a general appreciation via discussion with others but, ultimately, your computing ecosystem is unique.
- Embrace simplicity...., if only to help you down the road if you face a debugging situation. While the exotic multidimensional security configurations have the appeal of apparent comprehensiveness (and often they are...), one really needs to ask at what cost? This comment shouldn't be interpreted as a dismissal of specific any approach (say AV vs. HIPS, for example). Each has a role. I simply believe that this role does not need to be one in which every permutation is layered and guarding the potential weaknesses of all other components. Every hypothetical eventuality does not need to be addressed a priori by everyone. Take sensible precautions, pay attention, be aware, and you should be fine. Implement a few measures well rather than many measures in haphazard fashion.
- Always have Plan B at the ready.... Whenever you make changes, install software, try beta level software, and so on..., have a path to recovery available (yes, we've returned to backup, backup, backup...)...
- As with virtually anything you read on the Internet - perform your own due diligence and vetting of the information presented above. Pressure test the material against your own understanding of the situation. Some items may be badly presented, others may implicitly presume factors not applicable in your own situation, while others may genuinely benefit from further technical refinement by the user community.
- Finally, if members would like to further discuss some of the key areas mentioned above, by all means open a new thread in the appropriate forum for discussion.
- When in doubt, go to the List of Lists
- Probably the best free security list in the world by ako
- SANS Institute: Information and Computer Security Resources
- Computer Crime & Intellectual Property Section, United States Department of Justice
- NIST Computer Security Resource Center
- Cryptography page at Bruce Schneier's site
- For hardware reviews on routers/NAS/etc. - SmallNetBuilder.com
- Quick links to Recommended/Sticky Threads on Wilders Security Forums....
- Locations where you'll tend to find discussions on Wilders Security Forums....
- Antivirus/antimalware applications: Eset Support Forum for NOD32/ESS, Other Antivirus Software Forum, Other Antimalware Forum, JavacoolSoftware Forum, Prevx Support Forum, Malware Problems & News
- Firewalls: LooknStop Firewall Forum, Other Firewalls Forum
- Backup: Paragon Support Forum, link to Archived Acronis Support Forums
- Virtualization: Returnil Support Forum, Other Antimalware Forum, all things UNIX Forum, Software & Services
- HIPS/Execution control: Other Antimalware Forum
- OS Configuration/SRP/Limited User configuration: Other Antimalware Forum, Software & Services, all things UNIX Forum, Other Security Issues and News
- Privacy/Anonymity: Privacy Related Topics
- Network Analysis Tools: Colasoft Support Forum, Software & Services, Privacy Related Topics
- Hardware Issues: Hardware subforum