PDA

View Full Version : Security tips thread



Deimos
19-05-2006, 04:15 PM
I want to give everyone my security tips, and I thought, why just me? I'm sure heaps of people have something to contribute.

I'll start it off with some spyware tips:

By now I'm sure all of you have heard of how to remove spyware, but how do you prevent it?

The best way is to run as a non admin, set your self up with an account that is just a "user" and not an "Administrator" have a separate admin account for install apps etc.

If you MUST run as an admin (some games don't run if you are a normal user) you can use:
DropMyRights: http://nonadmin.editme.com/DropMyRights
This little app will drop the admin rights of any app you run, I set mine up for all programs that connect to the internet, including email, messenger etc,
That way, if a virus tries to infect your PC or spyware tries to install it self, it does not have sufficient rights to do anything, I have found that this method protects me from all spyware so far.

Have a browse of the website: http://nonadmin.editme.com/ for more info about running as a nonadmin on your XP computer.

My second tip is simple and you've probably heard it before, patch your PC, thats it, go to windows update, and update your PC, this is one of the most effective ways to prevent viruses from infecting your PC.

I will add many more and I invite others to post some as well

KiwiTT_NZ
19-05-2006, 04:29 PM
I have mentioned this advice as well. Well worth doing for the average user.

Some may also want use "processguard", as it will only allow authorised processes to run.

Deimos
19-05-2006, 05:59 PM
Here is a little story to get you all motivated about windows update.

About a year ago I was working for a multi national IT support company (I might get in trouble if I mention the name), during my first 2 weeks of working there, a virus was unleashed on to the internet, this virus swept through the company I was working for, and Telecom (I had a complete view of the events), this virus crippled the communications in the entire company.

I raced home to my own PC to make sure it was patched and get this, the patch that fixes the hole the virus was using was 3 months old! (and I had already installed it) thats 2 major companies that got hammered for not updating.

Myth
19-05-2006, 06:14 PM
IThe best way is to run as a non admin, set your self up with an account that is just a "user" and not an "Administrator" have a separate admin account for install apps etc.
.........
That way, if a virus tries to infect your PC or spyware tries to install it self, it does not have sufficient rights to do anything, I have found that this method protects me from all spyware so far.
This is how linux has run for ages, and a large reason why viruses will (I doubt) ever infect too many Linux machines.

Speedy Gonzales
19-05-2006, 06:24 PM
Or just don't use Windows. Easy. Use Linux or a Mac.

Like a guy asked in the latest netguide. He uses a Mac.

He wanted to know where to find an adware scanner.

The editor said he's never heard of anyone complaining about spyware in Macs.

Just dont.

1. Use P2P programs
2. Go to warez sites.
3. Go to porn sites.
4. Accept files from IRC, or IM programs. From people you don't know.

And

1. Update Windows, dont get slack on updating. Most people are too lazy to get updates.

Then wonder why they're riddled with malware / trojans / virues / worms.

2. Install a decent firewall. XP SP2's is OK. BUT wont block outgoing traffic.

Just dont get too carried away, with installing too many firewalls, they'll clash with each other, and most probably crash.

3. Install a few programs like S&D, Adaware, HJT to check for nasties.

stu161204
19-05-2006, 07:56 PM
Dont we have a FAQ on this???

Deimos
19-05-2006, 10:34 PM
Or just don't use Windows. Easy. Use Linux or a Mac.

Like a guy asked in the latest netguide. He uses a Mac.

He wanted to know where to find an adware scanner.

The editor said he's never heard of anyone complaining about spyware in Macs.


My step mother has a mac, I never hear her complaining about spyware or viruses, but I do hear her complaining about how slow it is. :badpc:

tweak'e
19-05-2006, 10:42 PM
actually their are a few MAC spyware progs out now....a few multi platform one to (mostly java ones).

macs will get their fair share of them soon no doubt and linux will follow suit. fortunatly they have a head start in preventing them. windows users are still playing catch up.

Deimos
19-05-2006, 11:00 PM
Password tip:

Create a secure password.

my method:

Close your eyes and mash the keyboard, now pick 9-10 characters from your mashed line of characters and use this as your most secure password, memorise it.

use this password when you need maximum security, because it is random, it can't be guessed, make sure you make one or two CAPS and numbers.

I use mine for banking, my PC's log in, my admin logins, etc, try not to write it down anywhere, just write it down until you can remember it.

create 2 more "easy" passwords, use these for things that don't matter, like forums, or anything else you need quick access to, and that doesn't really matter if someone guesses the PW.

make sure you keep the two separate, don't use your secure password to sign up for forums and such, you never know who is running the forums, they may use that password else where.

Deimos
19-05-2006, 11:05 PM
Some may also want use "processguard", as it will only allow authorised processes to run.

Spybot comes with tea timer, which is pretty good for blocking spyware, however it does not beat running drop my rights.

Also, if your processor is capable, you could turn on the DEP in SP2, this will prevent 90% of viruses infecting your system.

if you can't turn on DEP get drop my rights! seriously though, this is my best and number one tip, you can not secure your system better than running as a user instead of an admin.

KiwiTT_NZ
21-05-2006, 08:26 AM
As indicated in another thread, a trojan an elevate it security rights and then run as that new level. With ProcessGuard no matter what level you are at, no process/executable will run unless you specifically authorise it. This stops them dead.

However, I chose to have a multitude of programs working, while connected to the web. These include, spyware-detector, anti-virus, and firewall. However, as you will see in this forum never run two of them at the same time. With ProcessGuard running, if after something gets past all these layers (i.e. unknown vector) it will be stopped by me.