What do I need to do Netbanking?

Discussion in 'other security issues & news' started by truthseeker, Jun 19, 2008.

Thread Status:
Not open for further replies.
  1. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    But they ain't free :(
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,064
    the CONFIGSETROOT folder is used for unattended installations of vista and the contents shouldnt be needed afterwards.
    i dont have that folder so seems everything is fine.
     
  3. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    What do you mean "unattended installations"?

    So you don't even have that folder?

    By the way, how big is your winsxs folder? Mine is 6.5GB and I don't know if I can remove some of the stuff in there. Any ideas?
     
    Last edited: Jun 20, 2008
  4. MikeBCda

    MikeBCda Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    1,627
    Location:
    southern Ont. Canada
    Good point. Mine (one of the largest in Canada) uses a secure (encrypted) connection starting right on their front page, before you even log in to your account.
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,994
    Hello,
    The whole idea of https is to encrypt the session BEFORE any sensitive data is exchanged.
    Mrk
     
  6. Doodler

    Doodler Registered Member

    Joined:
    Dec 23, 2007
    Posts:
    224
    Sandboxie is is a program that allows you to run your applications, such as internet browsing, in a virtual enviornment. Sounds confusing? It's not. Take a few minutes and read information on Sandboxie's website per that attached link.
    http://www.sandboxie.com/

    On my system, I have a sandbox set up to use when I do online banking that also prevents any program other than Internet Explorer to access the internet. This will help prevent any malware (keylogger) that I may inadvertently pick up from calling home. And the great thing about being sandboxed is that once I'm done banking...or doing general surfing, I just close my browser and everything, including any malware, is removed.

    Sandboxie is very easy to learn, very light on your system, doesn't nag the heck out of you like some firewalls with HIPS, and is very effective. I'm a fan and use it along with my anti-virus, SAS anti-spyware, and hardware firewall.

    Edit: I forgot to mention there's a free version of Sandboxie and a pay version as well that has a few more features. The free version comes with a nag screen after 30 days.
     
    Last edited: Jun 20, 2008
  7. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,641
    Location:
    Sneffels volcano
    You can use a hardware router (which has firewall features) along with your vista firewall software and you'll be fine.

    Should you want to have more control over your internet traffic (outgoing data transfers from your computer), go for any two-way FW software.

    As for a 'good av', pick up any of these. Read reports of the tests :cautious:
     
  8. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Thanks everyone for all your help. But after long and pensive pondering and thinking I have decided that MS Windows can never be secure enough for me to give me peace of mind to use for important tasks such as Netbanking, accessing my CC account etc.

    So I will continue to dual boot into Linux whenever I need to do such tasks.

    Thanks anyway everyone for your time. I appreciate all your effort and feedback.

    I realise that many of you use MS Windows for such tasks and I realise that you all believe with a good FW, AV, router, Sandboxie etc that any MS Windows would be safe enough to use. But I rather not take the chance and rather not use such an OS such as MS Windows that needs to use so many precautions in the first place.

    With Linux I feel safer and Linux is a lot more secure and with Linux I have no worries at all about virus, trojans, time-bombs, keyloggers, rootkits etc.
     
  9. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    One remark: Linux isn't necessarily safe. Same goes for Firefox etc.

    Open source means that the 'bad guys' have it easy finding vulnerabilities. And some security software works closely with IE 7.

    Quote:'So in MS Vista, what do I need to install to make sure I can use my Bank Website safely and access my credit card account etc on Internet?'

    There is no 100% safety. There are different valid approaches. Depending on your bank, applicable laws and regulations, and the amount of money you have in your account, you might consider going back to banking by paper !

    My suggestion: router with hardware firewall (if wireless make your router and wireless connection are as secure as possible), good software firewall, good antivirus and antispyware (if you know how, it's possible to use more than one antispyware program with real-time protection), something that indicates whether websites are safe (for example, McAfee's SiteAdvisor, don't visit the red sites!), update your security software as often as possible, use Microsoft Update (and other software) to keep your system patched, use IE 7 above average security settings, be paranoid.

    Assuming you use IE 7, check the security certificates when logging in, boot your computer just for the purpose of banking, then close IE 7 and shut down your computer.

    And use proper security software. I don't think Spybot S&D is enough. Commercial software is usually better.

    Keep in mind any conditions imposed by your bank.

    And probably an excellent idea: use imaging software. I'm not going to explain that, I don't know much about it but there is plenly of information available.

    And don't fall for phishing.

    Btw: in spite of my security measures I became the victim of credit card fraud, but fortunately the bank/credit card company handled the loss.
     
    Last edited: Jun 21, 2008
  10. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,064
    Hello truthseeker,
    unattended installations means where you setup a windows install and dont have to type in information every so often such as lanuage settings etc.
    unattended installations are completely hands off. you start the install stick in a usb stick with the answer files and at the end you have your desktop waiting to be used. you have to install some microsoft software to create the answer files in the first place. unattended installations are normally used when lots of computers are setup the same like for a company network or selling laptops with the same setup at factory. saves alot of time rather than setting them up manually.

    my winsxs folder is 5.8GB
     
  11. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    Buddy you need is a good

    1. good router + security suite(kaspersky internet security suite 2009 for example).
    2. good router + good firewall like outpost + free avira antivirus or premuim antivirus + good anntispyware ( Ad-Aware 200:cool:


    i have these 2 combinations on my both system till date no virus i dont go on underground sites i use mcafee site adviser for going on only safesites.....
     
  12. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    I just wanted to mention this:

    I recall reading that in the UK you NEED an up to date antivirus (maybe also other stuff) if you want to be compensated if your bank account gets 'hacked'.

    I suppose it varies from country to country, and check the rules/conditions of your bank.
     
  13. kencat

    kencat Registered Member

    Joined:
    Jan 25, 2008
    Posts:
    47
    Location:
    Ontario, Canada
    I'ld like to run this scenario by you all.

    Boot your computer with a Linux LiveCD into Ram only. All hard drives and external media are unmounted. Open provided browser, log in, do banking, log out and shut down computer. Session never happened ;)

    Is this feasible with nothing being permanently saved on the computer like cookies or whatever? I don't online bank so not sure how the interaction works.

    To me, the banks should be doing something like this, providing customers with their own Boot CD for banking sessions. No need to worry about antimalware programs. Could be setup so that the only way you can log in is via this CD.

    I think this would be the only way I would consider online banking. Or are you still at risk this way?
     
  14. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    You can also use Ultimate Boot CD for Windows as your boot cd if you prefer Windows programs.
     
  15. kencat

    kencat Registered Member

    Joined:
    Jan 25, 2008
    Posts:
    47
    Location:
    Ontario, Canada
    Would this not "mount" the hard drives automatically like windows does? I like that Linux does not do this, so the hard drives are not accessible.
     
  16. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    It does mount.
     
  17. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,220
    Location:
    Mass., USA
    I tend to agree (and I'm reasonably paranoid).
    I would add:
    Do NOT have your browser remember logins / passwords.
    Close browser when done transactions, reopen and do your normal web business.
    Optional: clear clipboard of logins / passwords.
     
  18. thomas31107

    thomas31107 Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    2
    is your computer an ASUS computer by any chance? if you do an internet search you will see that you are not alone in having these files. They have some serious quality control issues, as they sell computers with pirated software contained in this directory on some of their machines, as well as some confidential documents from microsoft which explain all about oem activation (but they are totally above me). other asus users have found that this directory contains photographs. If i was you, i would contact microsoft and rarlabs and others about this.

    thomas
     
  19. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    I wish to add something:

    Plenty of banks have their end of the online banking business not properly secured.

    Now, I don't remember where I read this, and I don't remember the details.

    Https: connections: safe or not ? In a way yes, but from what I understand your bank or the other 'person' at the other end of the connection can have a lot more access to your computer than you'd expect ! For as far as I know, direct access to your computer. More about that somewhere in the privacy section in this forum.

    Also, some banks use combinations of http and https that are not safe !

    Certificates can give a false sense of security, you just love that green bar at the top of your screen ? Some certificates are easily obtained !

    And if you can do all your online banking with just a login name and a password, you're poorly protected.

    Don't forget phishing, pharming, DNS attacks etc.
     
  20. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
  21. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Thanks Fly. Btw, I use Acronis Trueimage for imaging.
     
  22. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Mine is 7.4GB and growing :p

    I wish there was a way for me to know what I can remove.
     
  23. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I think you made some fantastic and valid comments.
     
  24. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Why not have your browser remember logins / passwords?
     
  25. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Yes I already did. My brand new Asus Notebook contained illegal software and hacked cracks. Rarlabs etc have been informed. Rarlabs were so grateful for the information that they even offered me a lifetime license for Winrar. I am happy, because I have always wanted Winrar.

    Asus also handled this poorly and were even abusive. I no longer deal with them.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.