Hardening Tools Please Help!!!!!!!

Mrkvonic mate,

I might of sounded abit out of line there mate, reading from some of your other posts, you sound like a sorted guy.

peace dude

 

I say that if you're comfortable with the setup you have, then it's fine.. it's your machine. After some time you may decide to pare down, or you may find something that will allow you to consolidate. There's a lot you can learn from these apps, and you seem like the kind to do that kind of learning (although personally I'd probably kill off Ad-Aware and Script Defender)

 

Hi,
Speedy:

What is a sorted guy?

I got not one pc but > 5.
Among others, I got a brad new machine with 2Gb ram.
Proxomitron is the BEST web filter there is.
Adblock filter for FF is very useful, when strengthened by custom filters, like Filterset.G, for which there is also an automatic updater extensions available at addons.
There are all extensions avaliable, just look under privacy and security at addons.mozilla.
Mrk

 

Sorted guy mean's ok over here in the UK. Like Notok's says its what ever your comfortable with. I have 4 PC's 2 of which are not online so theres only a need for a couple of security apps running. The third computer has a few more running as its not used all the time on the net, and the fourth one is the one that I like armed to to the teeth. As this is the one that is left on 24/7 thats on more or less continuous downloads/uploads 24/7, using either bittorrent/hosting file sharing server for my close friends/P2P/newsgroups/IRC/Instant Messaging/online chat,surfing, loads of various internet apps such as Google earth etc. And because I cant always be there to attend my PC if anything was to happen due to me being at work, having those security apps gives me some kind of reassurance. Things like wormguard,script defender,harding tools it really doesn't matter if they overlap or not, as there just set and forget apps that take no resources up. And even though like you mention in regards to ProcessGuard overlapping in certain areas which some other app might be covering. What if anything was to happen to that particular app malfuntioning, being disabled if god forbid if my computer ever got hacked, or I happen to disable some features in it because I was testing something out and I forgot to renable them, so having some overlap can have its advantages. I do agree that for the average computer use, maybe some of this is not necessary. But in this case I think it is. And like Notok's mentioned, I'am all up for consolidation of apps, that happen to perform/excel better than any of those standalone apps, but until that happens. I'am happy to have solid standalone performers working on my behalf now.

I read one of your threads that you started a while back "Are we not head over heels with security?". It clearly shows that you have to step outside the box and have a look around, and try and look at it from other peoples standing points to yours. Top Corporations have ££££ 's of hardware firewalls, with ££££'s of security software to help protect there infrastructure , does this mean that every consumer, corporation out there needs the same ?? No is answer. Its what ever's suited for that particular case. Take my little friend "Ad-Muncher" for example, you say I don't need it, how do you know I dont need it, if your'd really like to know it comes in very handy when I use Paltalk, gets rid of all those banner ads that are povided in the app as well as blocking anything else for that matter. I know its not advisable to install Ad supported apps. But I find Paltalk to be the best chat app in existance and have alot of friends on there, see what i mean ? everyone's stiuation is different. Theres millions and millions of users out there with thousands and thousands of apps that are being used for hundreds of different reasons.

If theres two apps though id like to somehow find intergrated into maybe some app I alrealdy have or some other it'd be these

EMAIL PRIVACY SMPT
PHISHGUARD

 

I just use "Toggle Host" util, so if i find a site that happeneds to be blocked, i just use Toggle host to toggle the host either off or on, with a click of the mouse.

 

Hi,

First, whatever suits you best - no problem - it's your money, your pc.
But I want to talk about concept and not x and y payloads.

I think many people miss the idea of security.
It is NOT about the number of applications.
It IS about your ability to counter threats if they ever happen.
OK, let's analyze it step by step.
What's the worst thing that can happen to your machine?
Total hacking, ok... everything is in other's hands.
How do you solve the problem?
Unplug the internet.
Reboot and load BartPE / UBCD4WIN live Windows CD.
Burn your personal data to disks (various burners included).
And then format and install everything fresh.
Total cost - 0 money except a few cds / dvds for burning.
Total time - at max. 12 hours.
You say you're afraid of apps going down and being hacked.
How can that happen exactly? People refer to hacking as if it's some horrible dark science. It is simple use of code to do things, based on possible vulnerabilities in software or even hardware, if you like.
Let's say you do p2p with eMule. It opens port 4662.
So, does this mean you're hackable through port 4662?
Only if there's an exploit in eMule that allows the hacker to send packets through this port and then somehow invoke system calls. And this is no magic. This is simple code. If there's a hole, it can be exploited. If there isn't, it can't.
You can reach high level of security with very few applications.
You can use what's already been given to you - Windows. Secure it. You don't need 20 softwares to prevent changes to your homepage. You can do that alone.
If you are a malware tester that deliberately infects his pc, then various apps are needed for monitoring, logging, testing compatibilities etc. But as a simple home user, you're going for a major overkill.
Give it a try.
Use only av, firewall, oa, firefox with all the extensions and give it a try for a month. Unless you do very stupid things, I promise you, nothing will happen.
Besides, all your security is useless if you try to install software you think you trust.
Let's say a new messenger. You double-click the installer, next, next. Various apps warn you about registry, startup entries etc... What do you do? You LET the application install. WHY? Because you THINK it's legal. And in one stroke, you kill all your security.
I'm not trying to undermine anyone's views. But I think too many people either have no sense of security or TOO much security. But fewer than both, there is a group of people who UNDERSTAND what happens really.
Code is not magic. It's not dark, arcane things. It's simple editors that combine strange words into something a thingy called compiler translates into what machine understands. Nothing more than that.
Nothing will happen, absoultely nothing if you show a bit of prudence and use just the basic - firewall and a good browser. You don't need anti-virus or anything else. Most of your internet traffic goes through browser, so make sure browser is secure and has layers to remove unwanted ads, exploits etc, in your case using extensions for firefox and / or adding Proxomitron, which, trust me, does a better job than anything else there.
You can use Restriction Policies to make your system extra hard.
You can use ICS / NAT, so you can even dispense with firewall.
And common sense.
You have a doubt - raise a question in forum before you double-click anything.
If you really wanna go head over heels, limit the privileges of applications that use internet, like chat, p2p etc. Put them in a sandbox, by using either Restriction Policies or DropMyRights, a simple thingy that strips tokens from applications. Make sure your apps are up to date, because most exploits are to be found in older versions of softwares.
Use apps for internet that are known for stability - like eMule, for instance, a p2p software that has the ability to run as a limited user (an internal feature). This means, that even if exploits are found and abused, they cannot propagate.
Do not click mail attachments or open them using web mail. Do not install things without consulting. Use Firefox Dr.Web extension to scan files before downloading. Upload suspicious files to jotti.
All this can be done very simply, quickly, without an armor of apps on your back.
To sum it up:
If you feel daring, try this:
Your firewall, your anti-virus, firefox with 4-5 nice extensions (adblock with filterset.g, filterset.g updater, noscript, block cookies, referrer).
Your Proxomitron with Kye-U or Grypen filters.
Disable flash cookies, if you want.
Use OA, but just to feel safe, not because you might need it.
DropMyRights for the chat, im, p2p.
With time, you will realize you don't need av or maybe dropmyrights.
Eventually, you could also drop OA and anti-virus.
Then the boldest step, configure your own private router and disable the firewall.
And then, try playing with Restriction Policies.
Most importantly, learn how to use BartPE builder and make your custom bootable Windows cds, which can include parititioning tools, av, anti-spyware scanners, burning software, imaging software.
Learn how to format and install Windows.
And if you want, get handy with HijackThis.
Master the knowledge, and the burden will be so much lighter for you.
Afraid of privacy, identity, personal data theft?
Store your data offline.
And then... if the cacky hits the fan, just format and start over. Nothing special.
Mrk

 

what ever mate, you win. You just dont seem to get it do you: -\

 

Sorry dude, just cound'nt leave like that, sorry.


"OK, let's analyze it step by step.
What's the worst thing that can happen to your machine?
Total hacking, ok... everything is in other's hands.
How do you solve the problem?
Unplug the Internet.
Reboot and load BartPE / UBCD4WIN live Windows CD.
Burn your personal data to disks (various burners included).
And then format and install everything fresh.
Total cost - 0 money except a few cds / dvds for burning.
Total time - at max. 12 hours."



Thats the whole point of trying to prevent it happening in the first place. And your technique you use for such as case, is way off the mark.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"You say you're afraid of apps going down and being hacked.
How can that happen exactly?"



This is windows were talking about here isn't it ?

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"You can use what's already been given to you - Windows. Secure it. You don't need 20 softwares to prevent changes to your homepage. You can do that alone."



Who ever said I needed 20 apps to prevent my homepage

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"But as a simple home user, you're going for a major overkill."


So someone who has his computer on for 24/7 ether using it for IRC/P2P/IM/SURFING/NEWSGROUPS/NET APPS/TWEAKING/TESTING amongst other things, is someone you class as a simple home user So what classes as a non simple user

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"Besides, all your security is useless if you try to install software you think you trust."



You ethier know, or i don't. In which case I look it up. Common sense tells you that.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"You don't need anti-virus or anything else."


Right, so let me get this right. So unless your perfect and never make a mistake, and are constantly on the ball for the lastest threats, theres no need for a antivirus.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"Proxomitron, which, trust me, does a better job than anything else there."


No trust me, it doe'snt.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

You can use Restriction Policies to make your system extra hard.


Emmm, which i do anyway

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"You can use ICS / NAT, so you can even dispense with firewall."



What!!! get rid of my beloved Outpost firewall!!! No friend telling me what app is trying to do what, being left in the dark!!!! sniff!! sniff!! sob!! sob!!

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"You have a doubt - raise a question in forum before you double-click anything."


Again stating the obvious

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"If you really wanna go head over heels, limit the privileges of applications that use Internet, like chat, p2p etc."



Yep, do that already. Although I would assume alot of people don't.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"Put them in a sandbox, by using either Restriction Policies or DropMyRights, a simple thingy that strips tokens from applications."




Life's complicated enough mate, without doing stuff like that, I thought about it once and chosed not to, as to be honest I couldnt hassled.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"Make sure your apps are up to date, because most exploits are to be found in older versions of softwares.
Use apps for Internet that are known for stability - like eMule, for instance, a p2p software that has the ability to run as a limited user (an internal feature). This means, that even if exploits are found and abused, they cannot propagate.
Do not click mail attachments or open them using web mail. Do not install things without consulting."



Yep do that. Next

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

"Master the knowledge, and the burden will be so much lighter for you."

In this case it should say "Master the knowledge of my apps, and the burden of life shall be that much lighter for you"

Are you for serious man ?

 

Hi,
I see no point trying to help any more.
You're being rude.
Cheers, enjoy whatever rocks your boat.
And just for reference, Windows is not a hack whore waiting to be violated. There are many bugs, exploits etc... but you will not get hacked as much as you will not be sold on the black market in south of Sudan.
Mrk

 

I'am the one being rude?? Your the one trying to undermine my intelligence by implying I dont know how to format a PC. Anyway I reckon the best way forward is to agree to disagree.

 

Erm, Mrkvonic, he's actually using less software than you are, and I have to agree that if anyone's being rude, it's you.

 

Hi,
Read the post - it's not a day-to-day use machine, it's test rig.
Mrk

 

And his is a system set up for P2P and general "abuse" as well, not just average day-to-day use.

Sorry Mrkvonic, but you're the one being rude here, and IMO the things you're suggesting are even more overkill as they require a lot more time and effort to implement and maintain. Would you like it if I bashed you for not doing things my way and knowing what I know?

 

Hi,
Go ahead please, bash.
I'm not the one asking for help - he is.
He asked - I tried to give it to him. Instead, he started arguing with me. Read more carefully for the little nuances (spelling?)...
His machine is not for abuse, that's the one he uses for communication with the world, chat, im, p2p, looks hardly like a test bench.
I was referring to a standalone pc that has nothing on it but security apps, not even one single document, just testing and testing and seeing where the things conflict, which ones slow down etc. But, it's his time, money, pc, worries, he can do whatever he likes.
Mrk

 

Emmm, I don't recall asking you for anything. I was talking to WSFuser about Blackice, and before that about his opinion on some harding tools I was thinking of installing. Then you butted in with you practically saying its pointless me having any of it. And then you start ranting on about what you think everyone else and me should have. Trying to force your views on me, not only do I find it insulting, but i would of thought alot of Wilders Forum members would as well. If you happen to look around you Mrkvonic, I think you'll find its not just me who likes to use security apps.

I know I have a idea for you. Why dont you take a step out you box, take a deeeeeeep breath, open those ears and eyes and pause for a moment..............

You hear that ?? Tweet!! tweet!! Yeahhhhhh thats right..... ITS A BIRD!!!

Thats correct, theres life beyond your own existant. Believe it or not we all don't do and live the same as you.

 

Who was that masked man

 

masked man ?? You mean that avatar, isnt that the lone star ranger ??

 

yup, ronjor that is. his avatar can be mysterious at times.

 

The lone star ranger . Too funny !!!

 

well i finally gave it a try but not on the computer i intended. this computer already has a router/firewall so blackice logs/alerts are blank and i set the firewall to "Nervous" tho im nervous about it working alongside my firewall looknstop. neways i will post again on monday when i can try it on my other computer sans router/firewall. also blackice runs fairly light so it seems pretty good.