security guide help

Discussion in 'other software & services' started by Bethrezen, Oct 22, 2004.

Thread Status:
Not open for further replies.
  1. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    i know iv asked this befor but i didnt really gat much of a responce so im goin to try again i been puting a help guide together to help people lock down there systems after thay have cleaned them after having been infected with some sort of malware (virus trojan spyware etc)

    so here is what i got so far now oviously you will note that im still missing detailed instructions for securing media player Internet Explorer and Outlook Express but other than that im wondering if there is anything eles i have missed mabe you know of a few good sights that give good detailed infomation on verious aspects of computer security or mabe i have missed some patches that should be added 2 that i can think of that im goin to add now are bug off from merijn.org the maker of hijack this and Qwik-Fix from pivx.com

    updates will be in blue

    Helping To Keep Your System Clean After Cleansing

    The first stage in this process is cleaning instructions on how to do this are given above. Once you have read through and carried out the instructions above and we've finally gotten your system clean you'll want to keep it that way right ?? of course you do !! however in order to achieve this we are going to have to lock down your system because when Microsoft ships there system they are trying to make it "easy" for you to surf the web, NOT SAFE !!!

    Now in order to maintain good system security there are several things you should do

    The First most important thing you should do is to make sure you have all the correct security software the minimum you should have to maintain a healthy system is a good Firewall, Anti-Virus, Anti-Trojan and Anti-Spyware here are a few recommended ones

    Firewall: Zone Alarm, Outpost, Sygate
    Anti-Virus: AVG, AntiVir, Avast
    Anti-Trojan: A² (Beta), Ewido Security Suite
    Anti-Spyware: Ad-Aware, Spybot-S&D

    In addition to the above you may also want to consider the following Spyware-Blaster, Spyware-Stopper (Shareware) and SpyBlocker (Shareware)

    Real-time protection against Malware
    Spyware-Guard, Prevx Home


    more to be added

    The Second most important thing you should do is to always keep as current as possible with all the latest bug/security fixes not only for Windows but for all your programs this is especially important when it come programs like your Anti-Virus, Anti-Trojan and Anti-Spyware

    The Third most important thing is to secure your system by locking down all of Windows BIGGEST security holes these includes Internet Explorer, Outlook Express, Windows Media Player and File And Printer Sharing among others

    A good way to eliminate a lot of these problems is to simply get rid of Microsoft’s inferior technology all together and use one of the many safer Freeware/Open source alternatives because by doing so you will be saving your self from all the current and future security vulnerabilities created by these programs a good place to find many Freeware/Open source programs is The Source Forge or Openwares

    The Forth most important thing you should do is to back up your data this way if your hard drive ever get corrupted you wont loose everything get an imaging program these are special programs that can make an exact duplicate of your hard drive and burn it to a CD or some other form of removable media so that way if the worst should happen all you need do is just restore your back up this avoids or at least reduces the often costly lost of data as long as you remember update your back up regularly

    One such imaging program is Acronis True Image weather you are a novice or an expert this program is for you its extremely user friendly and comes highly recommended I can vouch for it I've used it for years and I cant tell you how many time its saved me from having to do a lengthy system restore

    It is advised however that you wipe your system and do system restore then patch and update everything before you make your first back up this way you will know that you are making a clean back up

    It is also advised that before you update this back up that you first restore to it again this is so that you know that your updated back up is clean

    By doing this you will always know that no matter how badly your computer gets messed up either by Virus, Trojan, Hijacking or some other form of malware you always have a quick easy way to fix the problem

    Below is a few other recommended imaging programs

    more to be added

    The fifth most important thing you should do is watch what you download !! Many Freeware and P2P programs like Grokster, Imesh and Kazaa come with an enormous amounts of spyware that will eat resources, slow your system or clash with other software, possibly causing your Software, Browser or even Windows itself to crash below are a few pages that maintain a list of clean and infected clients

    Spyware-Free/Spyware-Infested P2P/Filesharing Apps
    Spyware-Free/Spyware-Infested P2P/Filesharing Apps
    Spyware-Free Download Managers/Assistants

    The sixth most important things you can do is to is to be informed subscribe to security news letters to keep up to date with all the latest threats read and learn as much as you can because knowledge is power the more knowledge you have the safer you will be below is a few links to resources that will help you do just that

    http://www.tom-cat.com/security.html
    http://www.dslreports.com/faq/security
    http://www.spywarewarrior.com/uiuc/main-nf.htm
    http://www.claymania.com/safe-hex.html

    Ok so recommendations over its time to get to work and start locking things down

    First its recommended that you Disable file and printer sharing if you don't need it as it will enhance security and give attackers 1 less way into your system Complete instructions for Windows 98 and Windows NT can be found Here Instructions for Windows XP and Windows 2000 can be found Here

    Next we need to lock down 3 of windows other big security holes Internet Explorer, Outlook Express & Windows Media Player in order to make these safe from attack by Viruses Trojans drive by install and other such vulnerabilities we are going to have to reconfigure there security settings Instructions for this can be found

    URL and/or Instructions

    You can also further secure Internet Explorer down by installing the following

    BugOff can be found Here

    another similar application is Qwik-Fix

    Qwik-Fix can be found Here



    IE-SPYAD: Restricted Sites List For Internet Explorer Found Here

    ActiveX Spyware Block List One Can Be Found Here

    After downloading and installing these Open Internet Options again either through control panel or by opening Internet Explorer and then clicking Tools\Internet Options

    Next click on the Security tab and select Restricted Zone then press the Custom Level button and re-configure the settings so that everything is set to Disable or Prompt (setting it to "High" is not enough) once done hit ok to close the window then click apply to save the changes

    Next we need to Enable active scripting for trusted sights like windows update because you may find that the above settings will brake sights like windows update that require active scripting this can be done as follows

    Open Internet Options either through control panel or by opening Internet Explorer and then clicking Tools\Internet Options

    Next click on the Security tab and select Trusted Zone then press the Sights button and either cut and paste or type the URL of the trusted sight and hit the add button then ok the change and exit internet options then just refresh the page when you are done

    Ok next we need to configure Internet Explorers Cookie settings

    Open Internet Options either through control panel or by opening Internet Explorer and then clicking Tools\Internet Options

    Next click on the Privacy Tab and select the Advanced Button

    Check the Override Automatic Cookie Handling box then Select Block under both First & Third-party Cookies and check the Always allow session cookies box

    Click Ok and exit Internet options

    If you find that there is a sight that requires the use of cookies such as logging in to your on line banking, email, forum boards Etc then all you need to do is go back in to your cookie settings press the edit button then type in the appropriate URL and press allow then ok the change clear your cashe reload the page and you should now be able to log in

    Next we need to lock down Outlook Express Instructions for this can be found

    URL and/or Instructions Here

    and finaly Windows Media Player

    URL and/or Instructions Here

    After following these instructions you my also want to apply this patch by Java Cool

    Windows Media Player Scripting Fix

    Ok now that we have locked down Internet Explorer, Outlook Express, Windows Media Player and File & Printer Sharing its time to cover a few OS Specific problems

    First you should apply these 2 patches from the creators of BOCLEAN

    HTA Stop 2003

    However Win 2000 And XP users should see this warning before applying this patch

    DSO Stop2

    For toughs of you that are still using Win95/98/ME you should apply these 2 excellent patches from DiamondCS

    Anti-Polymorphism Patch

    Saved Passwords Lock Patch

    Next if you are still running Win 98 Se you should also apply this excellent UNOFFICIAL Windows98 Second Edition Service Pack

    Toughs of you that are using WinXP should grab a copy of XP Antispy

    Note: However please be aware that if you are using Ewido Security Suite you do not need this as Ewido Security Suite already includes XP-Antispy

    XP Antispy

    Toughs of you that are running older systems like 98/ME/2000 should grab a copy of Safe XP insted this app is very similar to XP Antispy but unlike XP Antispy Safe XP is designed to also work on older systems like 98/ME/2000

    Safe XP

    Ok now you have secured your system you we need to test your defences effectiveness below are a few sights that provide security validation services to allow you to do just that

    http://cybercoyote.org/security/tests.htm

    If you have any questions comments suggestions maybe iv missed something important that you think should be included or maybe I’ve given instructions incorrectly or in a confusing manor and you cant follow it what ever the case if you have any problems feel free to contact me and ill see what I can do

    And finally I'd like to say a huge thank you to everyone who has helped me out writing this I cant remember specific people but you know who you are id also like to say a huge thanks to OPTIMIZER who has been of grate assistance to me during the writing of this guide

    Thank you all your help is greatly appreciated

     
    Last edited: Oct 22, 2004
  2. Sweetie(*)(*)

    Sweetie(*)(*) Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    419
    Location:
    Venus
    Great so far,execellent :D
     
  3. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    im not sure if its on your list, but i always install sun java. i have version 1.5 right now. it was beta, dont know if its been released or not o_O
     
  4. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    humm well this is disappointing especially since this is definitely a worth while project is there no one that's got any suggestions

    and preferably some easy to understand instructions for configuring IE OE & WMP for maximum security
     
  5. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,750
    Location:
    EU
  6. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    you are very welcome Bethrezen, in fact, this is a major pluspoint you know where...

    Optimizer/Infinity/Optimity

    lol - pelt
     
  7. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
  8. password protect each account. use a good password which isnt easy to hack, e.g. over 10 characters, with numbers and letters.

    before running a scanner, update it then restart it.

    keep OS up to date.e.g. windowsupdate

    check for IRCBots
    http://www.jasons-toolbox.com/programs.asp?Program=IRCBot Detector

    test your anti-virus with EICAR test virus

    if you are on a standalone computer turn off NetBIOS

    use msconfig, or a startup manager to make sure no malware is starting when you turn on computer

    file integrity checkers-
    http://www.capimonitor.nl/Atguard & NIS/_loadurl.php?filename=niscrc.php
    http://www.accuhash.com/

    jpeg scanner
    https://www.wilderssecurity.com/showthread.php?t=51945&highlight=jpeg scanner

    check for alternative data streams and remove them. second on page (ADS Spy)
    http://www.spywareinfoforum.com/~merijn/

    KazaaBegone 1.10
    http://www.majorgeeks.com/download3446.html

    view ports and programs using them
    http://www.diamondcs.com.au/portexplorer/
    http://www.snapfiles.com/get/cports.html
    http://www.snapfiles.com/get/nettrafficmeter.html

    File Encryption Software
    http://axcrypt.sourceforge.net/
     
  9. for ie settings i use the ones at the link below but with one difference- i have the first option (download signed ActiveX controls) set to prompt :)
    http://www.dslreports.com/forum/remark,1333507~root=security,1~mode=flat

    for more settings to help secure ie and xp, the link below is good
    http://www.markusjansson.net/exp.html

    this next one is for xp, but on the left hand side of the page, Home User Self-Defence, there are pages for other OSs.
    http://www.uksecurityonline.com/husdg/windowsxp/wxpp2.php

    install a second, perhaps free, anti-virus, making sure that it is only used for on-demand, so the real-time protection is off

    check your firewall at a site like shields up

    dont post your email address on the internet, because it could be havested by a bot. if you have to, use a throw away account like hotmail

    Bazooka Adware and Spyware Scanner
    http://www.kephyr.com/spywarescanner/index.html

    https://www.hushmail.com/

    http://spambayes.sourceforge.net/

    online scanners
    http://www.windowsecurity.com/trojanscan/
    http://housecall.trendmicro.com/

    Password Managers
    http://www.roboform.com/
    http://www.accountlogon.com/

    http://www.wilders.org/securing_your_pc.htm
    http://www.microsoft.com/athome/security/default.mspx
    http://www.antivirus.com/pc-cillin/vinfo/safe_computing/
    http://spywarewarrior.com/asw-test-guide.htm

    http://www.firewallleaktester.com/software.htm

    Windows Worms Doors Cleaner
    http://www.firewallleaktester.com/wwdc.htm
     
  10. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    thanks for ya relpys some good stuff ill repost with a few adations when iv had time to go through everything
     
  11. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Nice thread, lots of good info here. ;)
    Keep up the good work !
     
  12. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    as i cant edit my first post with the new addations ill jsyt have to repost the whole thing to make it easy to see what i have added ill highlight it in blue


    Helping To Keep Your System Clean After Cleansing

    The first stage in this process is cleaning instructions on how to do this are given above. Once you have read through and carried out the instructions above and we've finally gotten your system clean you'll want to keep it that way right ?? of course you do !! however in order to achieve this we are going to have to lock down your system because when Microsoft ships there system they are trying to make it "easy" for you to surf the web, NOT SAFE !!!

    Now in order to maintain good system security there are several things you should do

    The First most important thing you should do is to make sure you have all the correct security software the minimum you should have to maintain a healthy system is a good Firewall, Anti-Virus, Anti-Trojan and Anti-Spyware here are a few recommended ones

    Firewall: Zone Alarm, Outpost, Sygate
    Anti-Virus: AVG, AntiVir, Avast
    Anti-Trojan: A² (Beta), Ewido Security Suite
    Anti-Spyware: Ad-Aware, Spybot-S&D

    In addition to the above you may also want to consider the following , Spyware-Blaster, Spyware-Stopper (Shareware) and SpyBlocker (Shareware)

    Real-time protection against Malware
    Spyware-Guard, Prevx Home

    Encryption software

    Although encryption software isn't necessary for everyone it is recommended if you have any sensitive file that you want to keep away from prying eyes however be aware that encryption software is only as strong as the password you select below are a couple of trustworthy programs

    http://axcrypt.sourceforge.net/]Axcrypt
    [/COLOR]

    more to be added

    The Second most important thing you should do is to always keep as current as possible with all the latest bug/security fixes not only for Windows but for all your programs this is especially important when it come programs like your Anti-Virus, Anti-Trojan and Anti-Spyware

    The Third most important thing is to secure your system by locking down all of Windows BIGGEST security holes these includes Internet Explorer, Outlook Express, Windows Media Player and File And Printer Sharing among others

    A good way to eliminate a lot of these problems is to simply get rid of Microsoft’s inferior technology all together and use one of the many safer Freeware/Open source alternatives because by doing so you will be saving your self from all the current and future security vulnerabilities created by these programs a good place to find many Freeware/Open source programs is The Source Forge or Openwares

    The Forth most important thing you should do is to use password protect because this prevents unauthorized access to your system and stops people/malware tampering with your operating system and/or programs settings be aware however that password protection is only as strong as the password you select choose a good passwords which isn't easy to brake, it should be over 10 characters, with numbers, letters, Symbols, upper and lower case letters and it shouldn't be a word that appears in the dictionary

    The Fifth most important thing you should do is to back up your data this way if your hard drive ever get corrupted you wont loose everything get an imaging program these are special programs that can make an exact duplicate of your hard drive and burn it to a CD or some other form of removable media so that way if the worst should happen all you need do is just restore your back up this avoids or at least reduces the often costly lost of data as long as you remember update your back up regularly

    One such imaging program is Acronis True Image weather you are a novice or an expert this program is for you its extremely user friendly and comes highly recommended I can vouch for it I've used it for years and I cant tell you how many time its saved me from having to do a lengthy system restore

    It is advised however that you wipe your system and do system restore then patch and update everything before you make your first back up this way you will know that you are making a clean back up

    It is also advised that before you update this back up that you first restore to it again this is so that you know that your updated back up is clean

    By doing this you will always know that no matter how badly your computer gets messed up either by Virus, Trojan, Hijacking or some other form of malware you always have a quick easy way to fix the problem

    Below is a few other recommended imaging programs

    more to be added

    The Sixth most important thing you should do is watch what you download !! Many Freeware and P2P programs like Grokster, Imesh and Kazaa come with an enormous amounts of spyware that will eat resources, slow your system or clash with other software, possibly causing your Software, Browser or even Windows itself to crash below are a few pages that maintain a list of clean and infected clients

    Spyware-Free/Spyware-Infested P2P/Filesharing Apps
    Spyware-Free/Spyware-Infested P2P/Filesharing Apps
    Spyware-Free Download Managers/Assistants

    You may also want to check out the http://www.spywarewarrior.com/rogue_anti-spyware.htm]Rogue/Suspect Anti-Spyware Products & Web Sites list[/COLOR]

    The Seventh most important things you can do is to is to be informed subscribe to security news letters to keep up to date with all the latest threats read and learn as much as you can because knowledge is power the more knowledge you have the safer you will be below is a few links to resources that will help you do just that

    http://www.tom-cat.com/security.html
    http://www.dslreports.com/faq/security
    http://www.spywarewarrior.com/uiuc/main-nf.htm
    http://www.claymania.com/safe-hex.html
    http://www.uksecurityonline.com/husdg/

    Ok so recommendations over its time to get to work and start locking things down

    First its recommended that you Disable file and printer sharing if you don't need it as it will enhance security and give attackers 1 less way into your system Complete instructions for Windows 98 and Windows NT can be found Here Instructions for Windows XP and Windows 2000 can be found Here

    Next we need to lock down 3 of windows other big security holes Internet Explorer, Outlook Express & Windows Media Player in order to make these safe from attack by Viruses Trojans drive by install and other such vulnerabilities we are going to have to reconfigure there security settings Instructions for this can be found Below

    we will start with Internet Explorer first now there seems to be a lots of differing opinions about what the best set up for IE should be and I am in the process of writing up a set of instructions that will allow IE to remain functional while increasing its security in the mean time till I’m finished here are a few links to information on the subject

    http://www.lavasoftsupport.com/inde...showtopic=14537
    http://www.dslreports.com/forum/rem...ity,1~mode=flat
    http://www.spywarewarrior.com/uiuc/btw/ie/ie-opts.htm


    You can also further secure Internet Explorer down by installing the following

    BugOff can be found Here

    another similar application is Qwik-Fix

    Qwik-Fix can be found Here

    IE-SPYAD: Restricted Sites List For Internet Explorer Found Here

    ActiveX Spyware Block List One Can Be Found Here

    In addition to theses you may also want to consider the use of a host file

    What is a host file ? & What’s it do ?

    Read Here to find out more


    Next we need to lock down Outlook Express

    NOTE: Outlook Express it part of Internet Explorer so the settings for one can affect the other.

    Open Outlook Express Select Tools/Options

    Select The Read Tab

    Check Read all messages in plaintext

    Select the Security Tab

    Place a dot in Restricted Zone
    Check Warn Me When Other Applications Try To Send Mail As Me
    Check Do Not Allow Attachments To Be Saved Or Opened That Could Potentially Be A Virus

    Select The Maintenance Tab

    Check Purge deleted messages when leaving IMAP folders
    Check Empty Messages From The Deleted Items Folder On Exit


    and finaly Windows Media Player

    URL and/or Instructions Here

    After following these instructions you my also want to apply this patch by Java Cool

    Windows Media Player Scripting Fix

    Ok now that we have locked down Internet Explorer, Outlook Express, Windows Media Player and File & Printer Sharing its time to cover a few OS Specific problems

    First you should apply these 2 patches from the creators of BOCLEAN

    HTA Stop 2003

    However Win 2000 And XP users should see this warning before applying this patch

    DSO Stop2

    For toughs of you that are still using Win95/98/ME you should apply these 2 excellent patches from DiamondCS

    Anti-Polymorphism Patch

    Saved Passwords Lock Patch

    Next if you are still running Win 98 Se you should also apply this excellent UNOFFICIAL Windows98 Second Edition Service Pack

    Toughs of you that are using WinXP should grab a copy of XP Antispy

    Note: However please be aware that if you are using Ewido Security Suite you do not need this as Ewido Security Suite already includes XP-Antispy

    XP Antispy

    Toughs of you that are running older systems like 98/ME/2000 should grab a copy of Safe XP insted this app is very similar to XP Antispy but unlike XP Antispy Safe XP is designed to also work on older systems like 98/ME/2000

    Safe XP

    Ok now you have secured your system you we need to test your defences effectiveness below are a few sights that provide security validation services to allow you to do just that

    http://cybercoyote.org/security/tests.shtml
    http://www.firewallleaktester.com/
    http://www.spywarewarrior.com/uiuc/info17.htm

    If you have any questions comments suggestions maybe iv missed something important that you think should be included or maybe I’ve given instructions incorrectly or in a confusing manor and you cant follow it what ever the case if you have any problems feel free to contact me and ill see what I can do

    And finally I'd like to say a huge thank you to everyone who has helped me out writing this I cant remember specific people but you know who you are id also like to say a huge thanks to OPTIMIZER who has been of grate assistance to me during the writing of this guide

    Thank you all your help is greatly appreciated
     
    Last edited: Nov 8, 2004
  13. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    well as ya will see if ya look above iv added a few additions keep the suggestions coming

    although one request can you not suggest things like

    online scanners
    http://www.windowsecurity.com/trojanscan/
    http://housecall.trendmicro.com/

    because this part of the guide is only for securing your computer after cleaning if you want to find the first part of this guide that deals with cleaning it can be found Here

    if you have any suggestions for things that should be added to that part of the guide then please post your comments here Here

    i have also added this link to the top of the other sticky topics i have put up at the spyblocker forum incase you have any Questions, Comments or Suggestions reguarding thoughs threads
     
    Last edited: Nov 8, 2004
  14. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    no one have any more suggestions ??

    is my guide really so comprehensive ?? that no one can think of any other areas of importance that I haven't covered

    I can think of one a general set of guide lines to help with the correct configuration of firewalls

    I however wont be doing this as that just a lil beyond my capabilities but if someone wants to write up a general set of guidelines or point me in the direction of such infomation id be happy to add it to my guide

    neway that said if you cant think of any other areas of importance that I haven't covered what about additional programs preferably free and for older OSs like 98 as well

    Firewall:
    Anti-Virus:
    Anti-Trojan:
    Anti-Spyware:
    Encryption:
    Imaging:
    Real-time Malware protection:

    also are there any other type of apps that should be added to that list ??

    if so what ??

    also does anyone know of any other patches and fixes like HTA Stop DSO Stop that should be listed ? that arnt already ?

    in fact now that I think about it I should check grc.com id bet there are quite a few there that are worth a mention

    well anyway I hope this gives people a few ideas and gets them thinking

    Blessed Be
     
  15. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    This might be way to essoteric, i will post it separate to see if it gets any attention, but we all know that MS embeds metadata about (god knows what and) the customary (for them) unique user ID. that is asside from scripts and so on.

    I just wonder if there is a tool available to read and possibly erase or edit data that is embedded in Word.

    i doubt this is a concern of too many people, but i'd just like to know exactly what this data says.

    -HandsOff
     
  16. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi

    ok you have kind of lost me with this one ?? could you please explain what you mean ??

    are you talking about Alternate Data Stream in Windows 2000/XP and the tool made by Merijn to view such streams
     
    Last edited: Nov 18, 2004
  17. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    just a quick update for tonight all i have time at the moment for new bits are in blue

    Helping To Keep Your System Clean After Cleansing

    The first stage in this process is cleaning instructions on how to do this are given above. Once you have read through and carried out these instructions and we've finally gotten your system clean you'll want to keep it that way right ?? of course you do !! however in order to achieve this we are going to have to lock down your system because when Microsoft ships there system they are trying to make it "easy" for you to surf the web, NOT SAFE !!!

    Now in order to maintain good system security there are several things you should do

    The First most important thing you should do is to make sure you have all the correct security software the minimum you should have to maintain a healthy system is a good Firewall, Anti-Virus, Anti-Trojan and Anti-Spyware here are a few recommended ones

    Firewall: Zone Alarm, Outpost, Sygate
    Anti-Virus: AVG, AntiVir, Avast
    Anti-Trojan: A² (Beta), Ewido Security Suite
    Anti-Spyware: Ad-Aware, Spybot-S&D

    In addition to the above you may also want to consider the following , Spyware-Blaster, Spyware-Stopper (Shareware) and SpyBlocker (Shareware)

    Real-time protection against Malware
    Spyware-Guard, Prevx Home

    Encryption software

    Although encryption software isn't necessary for everyone it is recommended if you have any sensitive file that you want to keep away from prying eyes however be aware that encryption software is only as strong as the password you select below are a couple of trustworthy programs

    Axcrypt

    more to be added

    The Second most important thing you should do is to always keep as current as possible with all the latest bug/security fixes not only for Windows but for all your programs this is especially important when it come programs like your Anti-Virus, Anti-Trojan and Anti-Spyware

    The Third most important thing is to secure your system by locking down all of Windows BIGGEST security holes these includes Internet Explorer, Outlook Express, Windows Media Player and File And Printer Sharing among others

    A good way to eliminate a lot of these problems is to simply get rid of Microsoft’s inferior technology all together and use one of the many safer Freeware/Open source alternatives because by doing so you will be saving your self from all the current and future security vulnerabilities created by these programs a good place to find many Freeware/Open source programs is The Source Forge or Openwares

    The Forth most important thing you should do is to use password protect because this prevents unauthorized access to your system and stops people/malware tampering with your operating system and/or programs settings

    The problem here however is quite often if you have a lot of passwords you’ll often get them mixed up or forget them altogether and this puts people off using password protection however it doesn't have to be like this there are programs known as password vaults these are programs that will store all your passwords in a protected archive allowing you to safely log in to any of your password protected accounts with a single click of the mouse

    below are a couple of such programs

    Robo Form, Account Logon

    Be aware however that password protection is only as strong as the password you select choose a good passwords which isn't easy to brake, it should be over 10 characters, with numbers, letters, Symbols, upper and lower case letters and it shouldn't be a word that appears in the dictionary


    The Fifth most important thing you should do is to back up your data this way if your hard drive ever get corrupted you wont loose everything get an imaging program these are special programs that can make an exact duplicate of your hard drive and burn it to a CD or some other form of removable media so that way if the worst should happen all you need do is just restore your back up this avoids or at least reduces the often costly lost of data as long as you remember update your back up regularly

    One such imaging program is true image weather you are a novice or an expert this program is for you its extremely user friendly and comes highly recommended I can vouch for it I've used it for years and I cant tell you how many time its saved me from having to do a lengthy system restore

    It is advised however that you wipe your system and do system restore then patch and update everything before you make your first back up this way you will know that you are making a clean back up

    It is also advised that before you update this back up that you first restore to it again this is so that you know that your updated back up is clean

    By doing this you will always know that no matter how badly your computer gets messed up either by Virus, Trojan, Hijacking or some other form of malware you always have a quick easy way to fix the problem

    Below is a few other recommended imaging programs

    Acronis True Image (Payware)

    more to be added

    The Sixth most important thing you should do is watch what you download !! Many Freeware and P2P programs like Grokster, Imesh and Kazaa come with an enormous amounts of spyware that will eat resources, slow your system or clash with other software, possibly causing your Software, Browser or even Windows itself to crash below are a few pages that maintain a list of clean and infected clients

    Spyware-Free/Spyware-Infested P2P/Filesharing Apps
    Spyware-Free/Spyware-Infested P2P/Filesharing Apps
    Spyware-Free Download Managers/Assistants

    You may also want to check out the Rogue/Suspect Anti-Spyware Products & Web Sites list

    The Seventh most important things you can do is to is to be informed subscribe to security news letters to keep up to date with all the latest threats read and learn as much as you can because knowledge is power the more knowledge you have the safer you will be below is a few links to resources that will help you do just that

    http://www.tom-cat.com/security.html
    http://www.dslreports.com/faq/security
    http://www.spywarewarrior.com/uiuc/main-nf.htm
    http://www.claymania.com/safe-hex.html
    http://www.uksecurityonline.com/husdg/

    Ok so recommendations over its time to get to work and start locking things down

    First its recommended that you Disable file and printer sharing if you don't need it as it will enhance security and give attackers 1 less way into your system Complete instructions for Windows 98 and Windows NT can be found Here Instructions for Windows XP and Windows 2000 can be found Here

    Next we need to lock down 3 of windows other big security holes Internet Explorer, Outlook Express & Windows Media Player in order to make these safe from attack by Viruses Trojans drive by install and other such vulnerabilities we are going to have to reconfigure there security settings Instructions for this can be found Below

    we will start with Internet Explorer first now there seems to be a lots of differing opinions about what the best set up for IE should be and I am in the process of writing up a set of instructions that will allow IE to remain functional while increasing its security in the mean time till I’m finished here are a few links to information on the subject

    http://www.lavasoftsupport.com/index.php?showtopic=14537
    http://www.dslreports.com/forum/remark,133...ity,1~mode=flat
    http://www.spywarewarrior.com/uiuc/btw/ie/ie-opts.htm

    You can also further secure Internet Explorer down by installing the following

    BugOff can be found Here

    another similar application is Qwik-Fix

    Qwik-Fix can be found Here

    IE-SPYAD: Restricted Sites List For Internet Explorer Found Here

    ActiveX Spyware Block List One Can Be Found Here

    In addition to theses you may also want to consider the use of a host file

    What is a host file ? & What’s it do ?

    Read Here to find out more

    Next we need to lock down Outlook Express

    NOTE: Outlook Express it part of Internet Explorer so the settings for one can affect the other.

    Open Outlook Express Select Tools/Options

    Select The Read Tab

    Check Read all messages in plaintext

    Select the Security Tab

    Place a dot in Restricted Zone
    Check Warn Me When Other Applications Try To Send Mail As Me
    Check Do Not Allow Attachments To Be Saved Or Opened That Could Potentially Be A Virus

    Select The Maintenance Tab

    Check Purge deleted messages when leaving IMAP folders
    Check Empty Messages From The Deleted Items Folder On Exit

    Next close the options window and Select View/Layout

    Uncheck "Show preview pane"

    Note: This last one is a HUGE security issue and It's really important that it be disabled because viewing an email in the preview pane is effectively the same as opening it which mean if its infected with a virus viewing it in the preview pane will execute the virus it contains

    For further insight on securing Outlook Express see This

    Finaly Windows Media Player

    Open Media Player Click Tools/Options

    Select The Privacy Tab

    Uncheck Everything

    Select The Security Tab

    Uncheck Run Script Command When Present
    Check Do Not Run Script Commands And Rich Media Streams If Player Is Running Inside A Web Page

    Select The Player Tab

    Check Once A Month
    Uncheck Download Codecs Automatically


    After following these instructions you my also want to apply this patch by Java Cool

    Windows Media Player Scripting Fix

    Ok now that we have locked down Internet Explorer, Outlook Express, Windows Media Player and File & Printer Sharing its time to cover a few OS Specific problems

    First you should apply these 2 patches from the creators of BOCLEAN

    HTA Stop 2003

    However Win 2000 And XP users should see this warning before applying this patch

    DSO Stop2

    For toughs of you that are still using Win95/98/ME you should apply these 2 excellent patches from DiamondCS

    Anti-Polymorphism Patch

    Saved Passwords Lock Patch

    Next if you are still running Win 98 Se you should also apply this excellent UNOFFICIAL Windows98 Second Edition Service Pack

    Toughs of you that are using WinXP should grab a copy of XP Antispy

    Note: However please be aware that if you are using Ewido Security Suite you do not need this as Ewido Security Suite already includes XP-Antispy

    XP Antispy

    Toughs of you that are running older systems like 98/ME/2000 should grab a copy of Safe XP insted this app is very similar to XP Antispy but unlike XP Antispy Safe XP is designed to also work on older systems like 98/ME/2000

    Safe XP

    Ok now you have secured your system you we need to test your defences effectiveness below are a few sights that provide security validation services to allow you to do just that

    http://cybercoyote.org/security/tests.shtml
    http://www.firewallleaktester.com/
    http://www.spywarewarrior.com/uiuc/info17.htm

    If you have any Questions, Comments or Suggestions maybe iv missed something important that should be included, maybe I’ve given instructions incorrectly or in a confusing manor and you cant follow it what ever the case if you have any problems then please feel free to contact me Here and ill see what I can do

    And finally I'd like to say a huge thank you to everyone who has helped me write this I couldn't have done it with out you id also like to say a huge thanks OPTIMIZER who has been of grate assistance to me

    Thank you all your help is greatly appreciated
     
  18. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Brethrezen-

    Now I know it was too esoteric. It was simply on my one track mind at the time. However if you are curious I did get some very intresting info when I posted the question in (i think) the privacy issues forum. If you are interested, here is the link

    https://www.wilderssecurity.com/showthread.php?t=55405

    HandsOff

    - Okay, even if you don't, here's a clue. Javacool has a program that addresses this issue...and most likey a much better description of the problem. I am going to check it out. Later!
     
  19. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    ok im lookin to add a section detailing alternitives to Internet Explorer, Outlook Express, Windows Media Player but i need a few sergestions below is what i have so far but i need a few others

    Browser: Firefox, Opera

    Email Client: Thunderbird

    Media Players: Winamp
     
  20. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    Last edited: Nov 23, 2004
  21. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Personally, I dont like winamp very much. to me it just has the feel of a program that takes a simple concept and makes it unnecessarily difficult. They seem a little too interested in knowing what people's listening habits are as well.

    The probably obvious choice for the average user would be Windows Media Player Classic vers 6.4.x.x It has got to be the most straightforward and easiest of them all to use. It has several built in codecs (such as DVD) and very good codec packs for it abound. I happen to like the KLite Codec Packs which come in 3 versions Basic, Standard, and Full. The full includes Real Alt, and Quicktime Alt. and even several encoding versions for DivX/mpg4/mpg2...


    both the player and the codecs are free.

    Okay, here is another big thing for me. When I watch a dvd movie with really narrow screen dimensions 50%, 100%, 200%, and full screen just don't cut it!

    what is needed is screen size increases and decreases in very small increments. That way you decide how much of the black bars you want to live with. Well, MPC gives you that.

    thats my vote, Media Player Classic with KLite codec pack 2.34 Full version.

    - HandsOff
     
  22. Eldar

    Eldar Registered Member

    Joined:
    Jul 12, 2004
    Posts:
    2,126
    Location:
    Vilvoorde (Belgium)
    Not a security expert, but I've used/use the following:

    Browser: Slimbrowser, Avant Browser
    These browsers use the IE engine, but are more secure if you set them up right.

    Email Client: The Bat, Courier, Pocomail & Barca, Becky, Opera, Bloomba (although the last one has been taken over by Yahoo, so not sure if you can still download/purchase it) :doubt:

    Media Players: JetAudio, Quicktime alternative, Real alternative. (all free)
    You have my vote too.

    Looking forward to seeing the finished version of your security guide, although you'll have to update it constantly. :D
    Looks good already. ;)
     
  23. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    thanks for the suggestions haven't got any time to do any updates just yet coz it's like 12 midnght and i'm off to bed but will post a few revisions soon as I got a lil time on my hands night

    Blessed Be
     
  24. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    sorry for the delay in updating been busy anyway here is my latest additions as always updates are in blue

    Helping To Keep Your System Clean After Cleansing


    The first stage in this process is cleaning instructions on how to do this are given above. Once you have read through and carried out these instructions and we've finally gotten your system clean you'll want to keep it that way right ?? of course you do !! however in order to achieve this we are going to have to lock down your system because when Microsoft ships there system they are trying to make it "easy" for you to surf the web, NOT SAFE !!!

    Now in order to maintain good system security there are several things you should do

    The First most important thing you should do is to make sure you have all the correct security software the minimum you should have to maintain a healthy system is a good Firewall, Anti-Virus, Anti-Trojan and Anti-Spyware here are a few recommended ones

    Firewall: Zone Alarm, Outpost, Sygate
    Anti-Virus: AVG, AntiVir, Avast
    Anti-Trojan: A² (Beta), Ewido Security Suite
    Anti-Spyware: Ad-Aware, Spybot-S&D

    In addition to the above you may also want to consider the following , Spyware-Blaster, Spyware-Stopper (Shareware) and SpyBlocker (Shareware)

    Real-time protection against Malware
    Spyware-Guard, Prevx Home

    Encryption software: Axcrypt, PGP

    Although encryption software isn't necessary for everyone it is recommended if you have any sensitive file that you want to keep away from prying eyes however be aware that encryption software is only as strong as the password you select below are a couple of trustworthy programs

    The Second most important thing you should do is to always keep as current as possible with all the latest bug/security fixes not only for Windows but for all your programs this is especially important when it come programs like your Anti-Virus, Anti-Trojan and Anti-Spyware

    The Third most important thing is to secure your system by locking down all of Windows BIGGEST security holes these includes Internet Explorer, Outlook Express, Windows Media Player and File And Printer Sharing among others

    A good way to eliminate a lot of these problems is to simply get rid of Microsoft’s inferior technology all together and use one of the many safer Freeware/Open source alternatives, by doing so you will not only be saving your self from all the current security vulnerabilities created by these programs but all the future one as well

    However choose wisely get some advice from professional security experts at boards like this one because there are programs that are known to be a little on the questionable side

    One such group are shells programs that are based on the code/engine of another programs for instance Slimbrowser, Avant Browser, Maxthon or AOL Browser these are programs based on the Internet Explorer engine

    Now although shells them selves aren't inherently dangerous where the problems come in is when the shell program is based on the code/engine of another program that is known to be buggy and insecure such as Internet Explorer what this means is that in all likely hood your shell program will inherit all the same vulnerabilities and exploits as the program it was based off

    Which is why Id also strongly recommend against the use of such programs what I would stress here how ever is that no matter what you chose no program is perfect and its going to have bugs and vulnerabilities the best thing you can do is to seek expert help then make up your own mind based on your needs and the advice you are given then once you have made your choice again seek expert help on how best to configure it for maximum safety and security

    below are few recommended replacements

    Browser: Firefox, Opera

    Email Client: Thunderbird

    Media Players: Winamp, JetAudio, Quicktime alternative, Real alternative,

    If on the other hand you are just interested in looking at what Freeware/Open source alternatives are The Source Forge or Openwares

    One other method of cleansing your system of a lot of Windows superfluous code and features is

    XP/98lite (payware)

    I have personally used 98 Lite for a couple of years now and can definitely vouch for its effectiveness not only for securing, speeding up & stabilising my system but it also comes in handy when upgrades go wrong and Microsoft doesn't offer an uninstaller

    If you are looking for further proof of why you should rid your system of Microsoft’s inferior technology and why you the end user should remove these features and programs I would see this classic example of Microsoft’s incompetence



    The Forth most important thing you should do is to use password protect because this prevents unauthorized access to your system and stops people/malware tampering with your operating system and/or programs settings

    The problem here however is quite often if you have a lot of passwords you’ll often get them mixed up or forget them altogether and this puts people off using password protection however it doesn't have to be like this there are programs known as password vaults these are programs that will store all your passwords in a protected archive allowing you to safely log in to any of your password protected accounts with a single click of the mouse

    below are a couple of such programs

    Robo Form, Account Logon

    Be aware however that password protection is only as strong as the password you select choose a good passwords which isn't easy to brake, it should be over 10 characters, with numbers, letters, Symbols, upper and lower case letters and it shouldn't be a word that appears in the dictionary

    The Fifth most important thing you should do is to back up your data this way if your hard drive ever get corrupted you wont loose everything get an imaging program these are special programs that can make an exact duplicate of your hard drive and burn it to a CD or some other form of removable media so that way if the worst should happen all you need do is just restore your back up this avoids or at least reduces the often costly lost of data as long as you remember update your back up regularly

    One such imaging program is true image weather you are a novice or an expert this program is for you its extremely user friendly and comes highly recommended I can vouch for it I've used it for years and I cant tell you how many time its saved me from having to do a lengthy system restore

    It is advised however that you wipe your system and do system restore then patch and update everything before you make your first back up this way you will know that you are making a clean back up

    It is also advised that before you update this back up that you first restore to it again this is so that you know that your updated back up is clean

    By doing this you will always know that no matter how badly your computer gets messed up either by Virus, Trojan, Hijacking or some other form of malware you always have a quick easy way to fix the problem

    Below is a few other recommended imaging programs

    Acronis True Image (Payware)

    The Sixth most important thing you should do is watch what you download !! Many Freeware and P2P programs like Grokster, Imesh and Kazaa come with an enormous amounts of spyware that will eat resources, slow your system or clash with other software, possibly causing your Software, Browser or even Windows itself to crash below are a few pages that maintain a list of clean and infected clients

    Spyware-Free/Spyware-Infested P2P/Filesharing Apps
    Spyware-Free/Spyware-Infested P2P/Filesharing Apps
    Spyware-Free Download Managers/Assistants

    You may also want to check out the Rogue/Suspect Anti-Spyware Products & Web Sites list

    The Seventh most important things you can do is to is to be informed subscribe to security news letters to keep up to date with all the latest threats read and learn as much as you can because knowledge is power the more knowledge you have the safer you will be below is a few links to resources that will help you do just that

    http://www.tom-cat.com/security.html
    http://www.dslreports.com/faq/security
    http://www.spywarewarrior.com/uiuc/main-nf.htm
    http://www.claymania.com/safe-hex.html
    http://www.uksecurityonline.com/husdg/

    Ok so recommendations over its time to get to work and start locking things down

    First its recommended that you Disable file and printer sharing if you don't need it as it will enhance security and give attackers 1 less way into your system Complete instructions for Windows 98 and Windows NT can be found Here Instructions for Windows XP and Windows 2000 can be found Here

    Next we need to lock down 3 of windows other big security holes Internet Explorer, Outlook Express & Windows Media Player in order to make these safe from attack by Viruses Trojans drive by install and other such vulnerabilities we are going to have to reconfigure there security settings Instructions for this can be found Below

    we will start with Internet Explorer first now there seems to be a lots of differing opinions about what the best set up for IE should be and I am in the process of writing up a set of instructions that will allow IE to remain functional while increasing its security in the mean time till I’m finished here are a few links to information on the subject

    http://www.lavasoftsupport.com/index.php?showtopic=14537
    http://www.dslreports.com/forum/remark,133...ity,1~mode=flat
    http://www.spywarewarrior.com/uiuc/btw/ie/ie-opts.htm

    You can also further secure Internet Explorer down by installing the following

    BugOff can be found Here

    another similar application is Qwik-Fix

    Qwik-Fix can be found Here

    IE-SPYAD: Restricted Sites List For Internet Explorer Found Here

    ActiveX Spyware Block List One Can Be Found Here

    In addition to theses you may also want to consider the use of a host file

    What is a host file ? & What’s it do ?

    Read Here or Here to find out more to find out more

    Next we need to lock down Outlook Express

    NOTE: Outlook Express it part of Internet Explorer so the settings for one can affect the other.

    Open Outlook Express Select Tools/Options

    Select The Read Tab

    Check Read all messages in plaintext

    Select the Security Tab


    Place a dot in Restricted Zone
    Check Warn Me When Other Applications Try To Send Mail As Me
    Check Do Not Allow Attachments To Be Saved Or Opened That Could Potentially Be A Virus

    Select The Maintenance Tab

    Check Purge deleted messages when leaving IMAP folders
    Check Empty Messages From The Deleted Items Folder On Exit

    Next close the options window and Select View/Layout

    Uncheck "Show preview pane"

    Note: This last one is a HUGE security issue and It's really important that it be disabled because viewing an email in the preview pane is effectively the same as opening it which mean if its infected with a virus viewing it in the preview pane will execute the virus it contains

    For further insight on securing Outlook Express see This

    Finaly Windows Media Player

    Open Media Player Click Tools/Options

    Select The Privacy Tab

    Uncheck Everything

    Select The Security Tab

    Uncheck Run Script Command When Present
    Check Do Not Run Script Commands And Rich Media Streams If Player Is Running Inside A Web Page

    Select The Player Tab

    Check Once A Month
    Uncheck Download Codecs Automatically

    After following these instructions you my also want to apply this patch by Java Cool

    Windows Media Player Scripting Fix

    Ok now that we have locked down Internet Explorer, Outlook Express, Windows Media Player and File & Printer Sharing its time to cover a few OS Specific problems

    First you should apply these 2 patches from the creators of BOCLEAN

    HTA Stop 2003

    However Win 2000 And XP users should see this warning before applying this patch

    DSO Stop2

    For toughs of you that are still using Win95/98/ME you should apply these 2 excellent patches from DiamondCS

    Anti-Polymorphism Patch

    Saved Passwords Lock Patch

    Next if you are still running Win 98 Se you should also apply this excellent UNOFFICIAL Windows98 Second Edition Service Pack

    Toughs of you that are using WinXP should grab a copy of XP Antispy

    Note: However please be aware that if you are using Ewido Security Suite you do not need this as Ewido Security Suite already includes XP-Antispy

    XP Antispy

    Toughs of you that are running older systems like 98/ME/2000 should grab a copy of Safe XP insted this app is very similar to XP Antispy but unlike XP Antispy Safe XP is designed to also work on older systems like 98/ME/2000

    Safe XP

    Ok now you have secured your system you we need to test your defences effectiveness below are a few sights that provide security validation services to allow you to do just that

    http://cybercoyote.org/security/tests.shtml
    http://www.firewallleaktester.com/
    http://www.spywarewarrior.com/uiuc/info17.htm

    If you have any Questions, Comments or Suggestions maybe iv missed something important that should be included, maybe I’ve given instructions incorrectly or in a confusing manor and you cant follow it what ever the case if you have any problems then please feel free to contact me Here and ill see what I can do

    And finally I'd like to say a huge thank you to everyone who has helped me write this I couldn't have done it with out you id also like to say a huge thanks Andy Reynaerts who has been of grate assistance to me

    Thank you all your help is greatly appreciated
     
    Last edited: Dec 3, 2004
  25. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.