topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday March 29, 2024, 12:02 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: windows security - what's really necessary?  (Read 65527 times)

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,918
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #25 on: February 01, 2008, 10:31 AM »
f0dder - No, the very first link states that it is a Microsoft program.

Jim

PhilB66

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,522
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #26 on: February 01, 2008, 10:54 AM »
I followed the DropMyRights link, and ended up at Microsoft. I'm attaching one of the graphics files from there, to save you the external URL clicking. Anything odd striking you? Considering that this image comes from an article at MS? :-*
 (see attachment in previous post)

Ha ha ha  folder "warez"

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,918
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #27 on: February 01, 2008, 11:22 AM »
 :)  Saw that.  Actually it's an MSDN site, and some of those folks obviously have a sense of humor!

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #28 on: February 01, 2008, 12:58 PM »
Considering how quickly a computer running IE6 got infected, you can say that the browser was warez from the start :D

That said, I'm going to get IE7 serial key generator. I need to crack that b****, and M$ is not getting a single € from me, hah!

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,918
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #29 on: February 01, 2008, 01:19 PM »
They charge you for it??!?

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #30 on: February 01, 2008, 01:19 PM »
ROFL

Target

  • Honorary Member
  • Joined in 2006
  • **
  • Posts: 1,832
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #31 on: February 03, 2008, 06:18 PM »
another thought (insert collective groan here...)

what about proxies (ie Proxomitrom, proximodo, privoxy, etc)??

I haven't seen any reference to them anywhere here so far.  Are they a useful security app, or just a handy filtering tool??

Target

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #32 on: February 03, 2008, 06:25 PM »
Just as f0dder said regarding adblocking, proxies can make your computer a less likely target to drive-by banner exploits, and you can also define a blacklist of known malware-delivering sites. So, yes, it's a valuable method of passive protection.

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #33 on: February 04, 2008, 08:31 AM »
For half a year my XP has now been without any firewall at all. And no router (whatever such a thing may be!?). Only NOD32, and now also ThreatFire. Whenever I test a firewall I seem to end up thinking it is not worth the hazzle. But of course, today I don't download from dubious places like I used to... back then I really needed all the security I could get! So maybe the security problem is more about being cautious about where to go and what to download?

« Last Edit: February 04, 2008, 08:34 AM by Curt »

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #34 on: February 04, 2008, 08:37 AM »
But you used Windows XP's firewall, didn't you?

Lusher

  • Participant
  • Joined in 2007
  • *
  • default avatar
  • Posts: 46
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #35 on: February 04, 2008, 09:06 AM »
[This Just In...] The Storm Worm, latest of the great (overly hyped) interweb deamons...has a few interesting requirements to infect ones machine:
A. Somebody Must open & run (with scissors...) the Attachment!
B. That someone Must also be running with administrative credentials, so ... the bugg will have PeRmiSsiOn ... to install itself as a Windows System Service. (Ding! Ding! Ding! Ding! ...Hello!!!)
C. Be running a web server that is behind on security updates so it can inject itself  into a new distro point.

Q. Which security products would have protected the user from (themselves...) and prevented this little pandemic?
A. None of them.

While I agree in general that most infections are self-inflicted and/or totally avoidable, I disagree with your answer. If you are talking typical AV/AS product then yes. But if you are using more "advanced" security software like sandboxes, HIPS, "behaviorial anti-malware" etc, you have a far better chance of avoiding this.


The primary objective is to avoid getting infected in the first place. The outbound firewall game is a nothing more than a plan B attempt to save face after Plan A failed.
Common sense and a condom beats the hell out of a lengthy discussion about if we should keep "it".

Agreed. The problem here I think is people don't understand in general how they get infected.

I wrote this little piece a while back that might be helpful

However another way of seeing things might be to realize that in essence you get infected because either I) You chose to run the infected content (infecting yourself) , II) you mis-configured software settings so that they automatically run infected content without your consent or III) The infected content ran because of a security exploit in a program you were using.

It goes on in length to address each of the 3 scenarios and provides detailed (too detailed) ways to reduce the possibility of each scenario from happening...



Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #36 on: February 04, 2008, 05:07 PM »
But you used Windows XP's firewall, didn't you?

No, I have never tried to use XP's firewall - not even once.

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #37 on: February 04, 2008, 05:22 PM »
Just to clarify, though, Curt - you disabled the firewall in Windows XP Sp-2 immediately after installation?

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #38 on: February 04, 2008, 05:34 PM »
- yes, Darwin. I disabled XP's firewall right out of the box.

I had (and have) a Outpost Pro license, so I never gave XP's firewall any second thought. When I decided that I also should test firewalls as well as many other kind of programs, I soon came to the conclusion that it was too much trouble for almost nothing, so I stopped using any firewall at all.

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #39 on: February 04, 2008, 05:43 PM »
Ah... sorry, I just had to ask  :)

Target

  • Honorary Member
  • Joined in 2006
  • **
  • Posts: 1,832
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #40 on: February 04, 2008, 06:21 PM »

hmmm, so the upshot here is... nothing!!

it appears you can use what you like, or not, based pretty much on your comfort level personal (software) preferences...

Target

Armando

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,727
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #41 on: February 04, 2008, 07:10 PM »
IMO there are some slight "epistemological problems" with the discussion here... I don’t want to sound like this thread’s smartass — I know it’s just a relaxed forum discussion, ahem — I'm no security expert, but : there are no clearly defined (precise) parameters to make objective comparisons. And no real hard numbers or studies.
 
From what I've read, the "[what's really] necessary" parameter (the expression used in the thread's subject) is mostly used in subjective ways, as very personal evaluations of what's essential, without defining much the most important other singular-individual and plural-contextual factors (hardware, software, human environment, network, the computer literateness of the person using the computer, etc.). (and yes, I kind of understand that the question is about finding the right balance between usability, performance, and security).

Without any term definitions, what would an "essential, indispensable" security measure for Windows be? Only an up to date OS and a computer security literate and responsible user (now... define that!)?… Anyway. Then if I want to go beyond what's "necessary" I guess I'd probably add a router or a basic firewall, and a capable anti-virus? Then, what? I might add an HIPS, sandboxe, etc.?

PS : Apart from the usually pretty tangibles performance drawbacks linked to some security software, I wonder how does one know that her data isn't just flying through multiple wholes, open ports without her consent (it’s not like there will suddenly be files missing in a folder… like if these where books on a bookshelf!)... Is the "I ran my computer without a firewall without a firewall — or win XPs basic firewall — for 3 years without a single problem" convincing? How can one be that sure that the computer ran "without a problem" and that all data stayed quietly at home? Sounds like an homeopathic arguments to me...

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #42 on: February 04, 2008, 07:54 PM »
Curt: you really shouldn't disable XP's firewall if you aren't using any other firewall product.

Also, you say you're not behind a router / don't know what it is. Which kind of internet connection do you have? Analog modem, ADSL, cable, WiMaxx? Which provider (CyberCity, TDC?) - you're very likely behind a router even if you don't know it, at least if you're on ADSL :)
- carpe noctem

Armando

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,727
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #43 on: February 04, 2008, 08:10 PM »
BTW, something that I'll install soon: DropMyRights.

Some related "alternatives" have been talked about (albeit briefly) in other threads (like this one) :
- <a href="http://sudown.sourceforge.net/index.php">suDown</a>
- sudowin

And, btw, Online Armor free firewall offers the possibility of running any app with reduced privileges, on the fly (and of course, keep it like that for how long you wish). It's a bit more simple to use than dropmyrights, but... will consume more resources -- since it'S a software firewall.

Target

  • Honorary Member
  • Joined in 2006
  • **
  • Posts: 1,832
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #44 on: February 04, 2008, 09:01 PM »
Armando

you've clearly outlined the crux of my dilemma - clearly no 2 individuals have the same setups, expectations, knowledge, philosophies or fears regarding the potential for a 'security breach' (define that... :-\), or the ability to identify and/or deal with any such breach

it was never my intention to get a definitive solution (I pretty much think we've established that this is a myth), simply to try and establish what the consensus was for a baseline of what's really necessary, ie what is considered the minimum requirements for a reasonably secure internet connection.  Forget local networks, they're not really relevant for the sake of the discussion.  

Given this, precise definitions were unnecessary, and subjective opinions were (almost) as valuable as objective ones. It's up to the individual to make up their own mind about what fits their own (personal, specific) requirements.

you also raised the issue of system maintenance which hasn't really been discussed, however based on balance of this thread I am wondering how necessary this is as well, ie is (XP) SP2 sufficient, or do we <i>need</i> all the subsequent patches and fixes.

Given that there doesn't seem to be any real consensus regarding the actual threat, or the potential for a breach, it seems that we could lump that subject in with the whole 'minimum requirement' as well

thoughts??

Target  


  

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #45 on: February 05, 2008, 07:50 AM »
Which kind of internet connection do you have?

I am not sure how to translate this into English, so I ask for your help on this, f0dder: "Hybrid kabel tv (TDC's webspeed)", for both Internet and telephone. TDC's spamfilter is very fine, but I don't think they filter or protect anythjing else.

But thanks for the warning; I will probably re-install my firewall very soon.
« Last Edit: February 05, 2008, 10:01 AM by Curt »

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #46 on: February 05, 2008, 09:18 AM »
Okay, you're on cable, then. You have some TDC cable box somewhere, which is at least a cable modem, possibly with some routing as well. Check the IP address assigned to your network card; if it's 192.168.x.x or 10.x.x.x the cable modem does NATed routing. If ipconfig shows the same as www.showmyip.com , you definitely never ever should be running without a firewall (but XP's built-in should be fine).
- carpe noctem

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Re: windows security - what's really necessary?
« Reply #47 on: February 05, 2008, 06:19 PM »
Okay, , I have reinstalled Outpost Pro.