Am I secure enough with the software I have????

Discussion in 'other security issues & news' started by ChrisP, Sep 11, 2004.

Thread Status:
Not open for further replies.
  1. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    I run XP Home - with all latest updates etc. My drives are all NTFS. I also have the following software installed:

    F-Secure 5.42
    SpyStopper 3
    SpyRemover 2.05
    BestCryypt 7 with the encrypted swapfile option
    Ewido - full version
    Spycop 6
    BlackIce 6.3cnq


    I did have Adaware Pro running but it sometimes prevented icons loading in the system tray and was a massive drag on performance.

    All I can see is that perhaps I need some sort of registry protector.

    All advice welcome
     
  2. SuperGeek

    SuperGeek Guest

    How about adding Spybot. It has a registry monitor called Tea Timer and it's free. SpywareBlaster is another nice freebie that doesn't use any system resources.
     
  3. Brent

    Brent Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    71
    I think that is all overkill to me.

    I use:

    F-Prot AntiVirus
    Windows Firewall
    Spbot Search & Destroy
    Ad-Aware SE Professional Edition

    I would recommend getting rid of everything but Ad-Aware and Spybot as its really useless to have your resources taken up by those programs when the two I listed will find and fix the same things.

    I would also recommend going into Internet Exploerer and under your Privacy Tab clicking Advance.

    Click Override and click Block firsty and third party cookies but accept Session Cookies.

    Whenever you go to a website such as this one that uses cookies to log you in you simply add it to the list of accepted sites. This keeps tracking cookies off your computer.

    I run Windows Xp Service Pack 2 fyi.

    If you have not updated your computer with windows update in awhile I highly recommend it.
     
    Last edited: Sep 11, 2004
  4. TheSnowGuy

    TheSnowGuy Guest

    CHRIS

    Secureo_O You are so UN-SECURE its alittle scary.....cause it shows that even honestly sincere people like yourself have little idea of computer security..instead, the attention is going to spyware.......whiile in fact spyware is the pettiest of all.....a person gets hijack by spyware through a lack of security and knowledge......secure your computer an most spyware is just a silly joke........an thats a fact!!!!
    F-Secure and Ewido are the only real security programs you have other than the build in XP firewall....which blocks incoming but does not even monitor outgoing..........for encryption see:

    https://www.wilderssecurity.com/showthread.php?t=3919&page=1

    An Chris.....truthfully, you need security programs....not spyware toys.
    For spyware...adaware...spybot...spywareblaster.....will surfice.......
    I have no intentions of advicing anyone one which security programs to use.....I've done that for many years...its time for others now.......
    now I am going to sit back an just see how others will advise you
     
  5. TheSnowGuy

    TheSnowGuy Guest

    BRENT

    BRAVO!!!!!!!!
     
  6. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Here is a similar thread.
     
  7. r00t

    r00t Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    33
    My system consists of..

    Just installed SP2
    Sygate PF
    My Router's firewall + 128bit WEP enabled
    Protowall
    Bestcrypt 7 with encrypted swap file on
    AVG free
    Filesharing off/ports blocked
    Firefox 0.9
    Unused services are disabled
    Spybot S&D + other anti-spyware apps.
    a2 Guard

    That's about it for me. The most important thing to remember is to patch your system with the latest security updates, update your firewall/anti-virus, etc, etc.
     
  8. TheSnowGuy

    TheSnowGuy Guest

    Devinco

    Very Nice link you provided.....Nice seeing some REAL SECURITY SHARING
     
  9. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Wow , for someone who has, Blackice, F-Secure, SpyCop and Ewido, did Chris really deserve this kind of response o_O Ok, he would probably be better of with adaware...spybot...spywareblaster, as you say (in terms of spyware), but still he has a Firewall, anti-virus, anti-keylogger and anti-trojan program, which is more than most people have. :)
     
    Last edited: Sep 11, 2004
  10. TheSnowGuy

    TheSnowGuy Guest

    DON

    My reply was to a question asked by Chris.....not to "most People...nor was the reply placed for your approval or dis-approval....both of which I could care less about..........this has been a very pleasent thread up to this point.....if you have some positive comments to make that may help Chris thats what this thread is about....its not about flaming or personal attack...........you do not see me commenting on any other posters suggestions other than in a pleasent encouraging manner........hopefully you can do likewise.
     
  11. TheSnowGuy

    TheSnowGuy Guest

    DON

    Let me go one even better.....its like this Don...over the years I have seen so many good people reach out for help only to have the thread disrupted by people like you...that now I have reached the point where I don't bother wasting my time......you want to play the expert by all means go for it....as for me I don't need instruction...have been doing really well for many years..........so I'll bow out and let you advise
     
  12. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Snow guy we try to keep this forum civil where everyone is able to post their opinion if it is within reason and on topic of the particular thread. And you are wrong you did not just reply to one person you replied to everyone that reads the thread. And it really wouldn't hurt to be a little more polite to the others that are trying to learn something here or that might have some helpful information to share. That is what this forum was created for.



    thanks bigc
     
  13. TheSnowGuy

    TheSnowGuy Guest

    BIGC

    When someone deliberately takes personal issue with me as you and Don has done....I reply as required........AN THAT INCLUDES TO YOU AS WELL!

    BigC at all times I have been polite and abide to the TOS....an long before you ever arrived here......only once in 14 years has there ever been an incident....it was long ago put in the past...so don't try playing God with me.......I will respect you only so long as you return the same respect....


    May I suggest this matter be dropped.......
     
  14. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    People like me o_O SnowGuy, i have obviosly offended you, and for that i apologize. I did not want to "play the expert ", i just thought you were a bit hard on Chris, who seems to be better of than most (a personal opinion ofcourse). :)
     
  15. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma

    I am definatly not playing god with you, what I was trying to do was moderate this thread because someone with obviously a bad temper replied to a member in a not very polite manner. And that was it.
     
  16. TheSnowGuy

    TheSnowGuy Guest

    Don


    Apology accepted.....an my apology to you as well.

    Unfortunately the thread has already gone haywire.....an very bad feeling made between me an BigC......this is what I was trying to avoid...having seen it happen so many times before........Don I don't dis-like you......so please continue......I won't make any comment....good wishes
     
  17. Brent

    Brent Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    71
    lol Internet Drama.

    Simply the best
     
  18. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Chris,

    You've got a lot of bases covered with the software you have. We can all argue about your choice of specific products forever, but specific products and whether you need more or less is really a matter of personal preference. By all means, though, keep shopping around for different products. New and better things are always on the horizon, and it's not going to hurt to run a little "overkill" until you settle on a suite of products that satisfy you. More layers will cover more bases for you and reduce risk of infection further, but if you are tired of trying things out then you can rest assured that you are already better protected than most people.

    The only thing I might suggest to add to your current list of security software is Spyware Blaster (http://www.javacoolsoftware.com/) It's free, very low maintenance, and does not run in memory, and SafeXP (http://www.theorica.net/safexp.htm) which is a free program that you only have to run once to plug a lot of the security holes in Windows.
     
  19. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    In my opinion the best software you can have on your system is a program for backing up and recovery. I let others chime in on their favorites, good luck. :)

    Acadia
     
  20. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I will agree Notok that spywareblaster and safe xp would probably help secure his machine even more. I would add spywareguard also, I have had this app flag baddies before.
     
  21. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  22. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Thanks for the advice.. Clearly there are many people here who know so little they should never give advice. The hardening of windows is a good idea - and I may start using a NAT router to go with blackice.

    Cheers
     
  23. TheSnowGuy

    TheSnowGuy Guest

    CHRIS P

    You posted a rather interesting comment......an I can't but agree



    The following will not be a complete information post because it would contain info best not displayed...nor will any link be provided to such info


    **BlackIce Server Protect Unprivileged User Attack
    "BlackICE teams a personal firewall with an advanced intrusion detection system to constantly watch your Internet connection for suspicious behavior. BlackICE responds immediately by alerting you to trouble and instantly blocking the threat."

    Due to insecure access control restrictions of the firewall initialization files an unprivileged user is able to either subvert the normal operation of the firewall or disable it completely.




    Vulnerable Systems:
    * BlackICE Server Protect version 3.6cno

    When BlackICE is installed there are certain important initialization files that are installed which control the behavior of the firewall. The files in question are:
    firewall.ini
    blackice.ini
    protect.ini
    sigs.ini

    When BlackICE is installed to :program FilesISSBlackIce all 4 .ini files are installed by default the ACL's of EVERYONEFULL CONTROL. This allows any trusted or local unprivileged user to remove or modify the BlackICE firewall rule set. Naturally, the ACL restrictions apply only for an NTFS file system. It is also possible to completely disable the firewall from running by simply inserting an overly long firewall rule. Example:
    (clip(

    (clip)

    This will cause BlackICE to crash when it is next restarted, but no message, popup or warning is displayed to the user, even the 'eye' in the taskbar will fail to load, giving the user no indication that the firewall is not running. The implication is rather straightforward - an unprivileged user is able to completely subvert the firewall without modification to any rules. This is extremely hard to find because even the logs do not contain any entry of the crash.

    Furthermore research has shown BlackICE was vulnerable from any IP address listed in blackice.ini, not just local attacks:
    Blackice.ini
    [Exclude Address]
    exclude.address=

    Other examples for modification of .ini files can be seen below:
    (clip)
    ************************************

    Chris P........yes there are many people who know very little about computer security .....in time they learn
     
  24. TheSnowGuy

    TheSnowGuy Guest

    CHRIS P

    In all fairness.....perhaps the above exploit has been patched....contact the vendor in that regard.


    Here is an older post....2002
    http://grc.com/lt/leaktest.htm


    NetworkICE's BlackICE Defender Update
    Apparently Designed to Mislead its Users

    Eleven Months after the release of our first, simple, but effective and popular (4,340,641 downloads) LeakTest firewall testing utility, BlackICE Defender (BID) continues to "leak" — as defined by LeakTest. But a recent update to BID (version 2.9cai) was hiding this fact from its users by effectively cheating the LeakTest.

    Rather than enhancing BlackICE Defender by adding the sort of application-level controls that are available even from many completely free personal firewalls, BID's publisher, NetworkICE, apparently chose to prevent LeakTest's intended operation by adding specific awareness to BID of LeakTest's remote testing IP.


    Chris...best regards...good wishes....
     
  25. TheSnowGuy

    TheSnowGuy Guest

    Chris P

    So as there is no mis-understanding...the info I posted may not be specific to your version.....so naturally you should take time to check one way or the other..........
     
Loading...
Thread Status:
Not open for further replies.