How do I build security?

Discussion in 'other anti-malware software' started by php111, Oct 26, 2008.

Thread Status:
Not open for further replies.
  1. php111

    php111 Registered Member

    Joined:
    Sep 16, 2007
    Posts:
    124
    Hello everyone,

    Please move my thread to the proper location if needed.


    How do I build my security from scratch? I am using Windows XP Pro SP3. Can I build my security using XP, or does it have to be on a *nix system? I have no clue when it comes to *nix, or Linux. If I can build it on XP, what is required? How do I do it? Thank you for any replies.
     
  2. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,363
    Location:
    Europe, UE citizen
    You can begin reading some threads in this forum ;) , like here: https://www.wilderssecurity.com/forumdisplay.php?f=30 . Anyway the main things imho are:

    - hardware firewall
    - update the OS and all the applications
    - restricted policies in the system
    - antivirus and software firewall
    - HIPS
    ....
     
  3. php111

    php111 Registered Member

    Joined:
    Sep 16, 2007
    Posts:
    124

    I still don't understand on how to build security. Pointing links at me, and tell me to read, will NOT help me any. It's only making things more difficult. If you don't want to help then fine. Just say you don't want to help.
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    most of all or first step advisible is to install a firewall(software or hardware)then ativirus/antispyware,then you could harden your operating system by getting and configurating a well feature hips program(harden at your own choice) and or you could get a extra layer of security by using a sandbox or a policy base sandbox(DefenseWall hips,GesWall and sandboxie)and ofcourse your common sense(you are in charge):thumb:
     
  5. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Agree with jmonge in that order also if you do not have any serious needs to run your OS as a admin user account, I would suggest a standard user account or refered to as limited user account. This will help with malware and always make sure you update your OS and apps java,Adobe and so forth.Also I suggest you do read some links by posters it can help what poster may point out the strong points or weak points of a specific AV/AS,Firewall etc,purley as a guide.Start with the basics first one at a time and What ever third party security apps you install take your time do not rush it,another words install one security app at a time of your choice and see how it runs,learn everthing about it or as much as you can to configure it properly for maxium security.Hope this helps cheers.
     
  6. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    404
    Location:
    France
    In terms of security:
    1- activate if not already done, windows firewall.

    2-set up a limited user account
    http://www.microsoft.com/protect/computer/advanced/useraccount.mspx
    www.microsoft.com/windowsxp/using/setup/winxp/accounts.mspx
    remember to first customize your current account as you wish. When it's done, create an administrator account with password.Then only, make you current customized account a limited user account.

    Now you have a limited user account for every day use, more secure than administrator account.

    Note that you can not install or change anything in the limited user account (LUA).

    3- restart and go to you newly created administrator account. This is the place where you can modify you system, install new programs...
    Install free antivirus like Avast, Antivir, AVG, or a paid one if you wish. Install an antispyware (windows defender is free and real time, but you can use one free on demand only like MBAM...)

    That's it! With this you have a secure computer that many even in this forum don't have...

    To go further (to be done in administrator account):
    - keep up to date your computer using secunia PSI, filehippo update checker or anything like this
    - deactivate unnecessary windows services. search through the net and in this forum.
    - After a while, and if you have any interest in security, maybe you will feel the need you install a hips.

    And please, don't come here like a baby bird expecting food for free. If you want security, you won't be able to afford not to make an effort of understanding.
     
  7. Murderlove

    Murderlove Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    99
    Being fairly new to “security” and to Wilderssecurity (but am really enjoying my time here) I can fully understand how difficult it can be for you.

    I will try to explain the steps I took:

    I first started with a router, a NAT/SPI router. Most new routers have on of these or both incorporated (please correct me if I am wrong).

    I already had an anti-virus and firewall installed, but then I came to Wilders where I was bombarded with information about security. By reading the links (the link blackknight provided and the posts in those category) and the posts I slowly began to understand more about what to look for in a firewall and anti-virus. I chose a firewall that fitted my need and that I understood. In my case I chose a firewall that had HIPS (Host Intrusion Protect System) incorporated. I then began to look for a “good” anti-virus. There are many anti-virus programs mentioned here. In the end it is up to you to make a selection and research the ones you have chosen.

    Now that I had a router, firewall and anti-virus I began to look for ways to harden my OS. Closing down services I did not need. Making sure my OS was up to date. DEP on all programs. Using ‘alternative’ web browser; FireFox, Opera, etc.

    After this I looked into the security of Sandboxes. Again Wilders provided plenty of programs and information about these. It is up to you to make a selection based on what you want and if you understand them.

    After this I started to look for imaging programs. I settled with a few that I understand how to use.

    At this point I felt that I was well protected. Of course common sense does play a big role as well. Nevertheless Wilders is like a paradise for learning about security. I then started to look into other programs. I became interested in HIPS (Host Intrusion Protect System). I found out that there are different types of HIPS. I already had HIPS with my firewall but I wanted to know more about “classical” HIPS. But classical HIPS’ are not something you can learn overnight. Time is a factor here. But from what I understood, well configured HIPS can make your system ‘more’ secure. I currently do not have the time to learn how to use classical HIPS, but hopefully I will be able to learn it soon.

    As of late I am looking into LUA (Limited User Account). This is very interesting.

    So as you can see a lot of information and types of security. Some say a security suite is the best, some say layers of security are the best. I personally tend to lean to the latter. But be aware that too much can really slow down your system and keep in mind that the different layers of security programs should not be in conflict with each other.

    It is up to you where you draw the line of security programs and paranoia.
     
  8. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    404
    Location:
    France
    Obviously, when it comes to security, the first steps should be to avoid any big mistake... And the first is to put as much as programs as possible and having the feeling that you are safe, when actually you have only put your comp to a crawl and added as many potential vulnerabilities as you ave applications.

    So I strongly recommend to first use windows-based capabilities first, and let's be fair, the number of vulnerabilities in windows is high, but they are pretty good in fixing it when discovered.

    The second thing is to keep it simple:
    simple because complex means increased probability of user mistake.
    simple because complex means increased probability of unwanted interactions between the differents security programs (compatibility isues).

    I forgot previously (thank you Murderlove for reminding it): The most important thing is back up solution, either imaging, or more simply external data storage,...
     
  9. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    One of the first importances is that whatever changes you make or applications you install and run should be matched by at least a basic understanding of what they do, or should do.
    To that end it is fairly impossible to make recommendations for security from scratch without including some links to a bit of light reading. There are many guides all over the net.Here is the home page for quite a reasonable guide. "Secure XP" is about halfway down the page. I would caution against doing everything stated there. For example, if you were to get serious with one of the sub-guides linked to, you will end up disabling something you might later find you actually need. If you haven't kept a diary of the changes/tweaks made, or have a thorough understanding of what you do, you'll find yourself in a bit of a maze.
    Computers are complex.

    A very general guideline, just some helpful tips.
    Install XP SP3 without being connected to the net.
    Make the changes to it you want, for example, if you don't need messenger, Disable it. Set up the account/s to use. If you want to remove unwanted stuff that comes pre-loaded with a lot of brand-name machines, now is a good time to do that, have the program you might want to use, plus other programs you want to install for security on a USB stick or other external media. (Make sure the media is clean, of course.) For example, you might want to install Comodo, or OA firewall, and Avast antivirus. Install the firewall first. Configure it. Reboot as commanded. Install the AV. Configure it. (This means letting the installation/first run program complete its steps.)
    Only then connect to the web. Get updates for the AV. And for the firewall if applicable.
    At that point, you have basic but generally quite adequate security.
    Keep all apps updated. Secunia PSI is a good helper for that.
    Learn what not to click on.
    Disable scripting in the browser. Mozilla makes this easy with a no-script add-on.
    Read EULA's. Privacy is an aspect of security.
    Avoid social networking sites.
    Don't drink and click,if/when you're old enough. Well, not so much that you're trolleyed, anyway. Same with drugs. Even if you don't bork the computer, the history page the next day will elicit a big moan. :D
     
  10. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,065
    hello php111, im a bit confused. what do you mean by "How do I build my security from scratch?"
    explain in more detail and i might be able to help.
    do you mean create your own secuirty application? or install software already on the market?
     
  11. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    Perhaps a good imaging program so that if need be you can eliminate all traces of any problems caused by some of the stuff you'll be installing.

    Also, I get the feeling that what was really asked by the op was not about installing software but about making security software. Just a guess.
    Hugger
     
  12. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,405
    If I'm understanding you right, an example for you:

    Free anti-virus (Avira - free)
    www.free-av.com

    Free program to monitor suspicious behaviour (ThreatFire)
    www.threatfire.com

    Free firewall (Online Armor free)
    www.tallemu.com/free-firewall-protection-software.html

    Free safer browser
    www.opera.com
    www.firefox.com

    Free spyware scanner (These run on-demand. Paid edition are real-time)
    www.superantispyware.com
    www.malwarebytes.com

    And if you want extra rock-solid protection:

    Sandbox your browser (Sandboxie - free)
    www.sandboxie.com

    Free backup software (Paragon Drive Backup Express)
    www.paragon-software.com/home/db-express/

    And Bob's your uncle! :D
     
  13. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    My own home-brewed recipe for computer security:

    1.- Understand malware. Know the different threats, and how they can affect you.
    2.- Be aware of your own computer habits.
    3.- with 1+2, you can then see to what risks you are exposed, WHAT ARE THE INFECTION VECTORS, what is the probability of getting infected and how would this scenario hurt you.
    4.- Choose antimalware programs which will let you cover all infection vectors, and still will let you do your work with no problems.
    5.- Add a few on demand scanners, just to reasure your ease of mind every now and then.
    6.- IMAGE YOUR SYSTEM, or at least backup your data.
     
  14. wat0114

    wat0114 Guest

    There's lots of good advice given already. You should also check out this thread. Some of it I feel is overkill, but that's just me. It is otherwise chock full of excellent advice on "hardening" your O/S against possible malware attacks. I'm also a huge fan of backup imaging software such as Acronis TI or ShadowProtect. It's a sound investment.

    Learn as much as you can about your O/S and how it typically behaves, especially with regards to how the different common processes interact with one-another. It can help you recognize and possibly ward off possible attacks when things don't look or seem right.
     
    Last edited by a moderator: Oct 27, 2008
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.