• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Keeping a windows machine secure...

F

fleabag

Banned
Which would you rather have in a Windows XP or 2000 setup; An installation that has all the security patches and other associated stuff installed, using Admin Account only, but not firewall of any kind hooked up to a DSL modem or an installation that has none of the security patches and other associated stuff but with a good firewall and good user policy?

It just seems like to me when you have a Windows Install that is patched well but no firewall, they tend to get infected quite easily despite not browsing unsavory websites too often if at all while my systems that are behind a firewall don't have any such issues despite not being fully updated.
 
Perhaps a poll would be nice...

I know considering that when I load the original "devil's own xp" and put it online with no updates, it is filled with viruses/ other bad stuff within minutes. Me thinks that updates matter so I chose the first part.
 
I've been using an admin account, the latest patches, Spybot S&D (with TeaTimer), Windows firewall and AntiVir PE with good luck (on XP SP3).

That and I do my surfing of more questionable sites using a honeypot (similarly configured XP SP3 VM).
 
Originally posted by: fleabag
Which would you rather have in a Windows XP or 2000 setup; An installation that has all the security patches and other associated stuff installed, using Admin Account only, but not firewall of any kind hooked up to a DSL modem or an installation that has none of the security patches and other associated stuff but with a good firewall and good user policy?

It just seems like to me when you have a Windows Install that is patched well but no firewall, they tend to get infected quite easily despite not browsing unsavory websites too often if at all while my systems that are behind a firewall don't have any such issues despite not being fully updated.
Click to expand...

I've done a lot of firsthand testing of Win2000. Without patches, and loaded up with lots of exploitable stuff like out-of-date QuickTime Player, Java, WinZip, Adobe Reader, etc, it's still extremely difficult to get it infected as long as I use a non-Admin user account (a "Restricted User" account in Win2000's nomenclature). And of course my testing is done from behind a router, so the system is shielded from network worms.

So don't underestimate the low-rights account. However, there's no reason you can't have both: low-rights user account and firewall protection, plus good patching.

1) Check your systems with Secunia's Personal Software Inspector to identify patches your system needs for third-party stuff like Reader, Flash Player, QuickTime, RealPlayer, Java, etc. The bad guys attack this stuff, not just Windows itself, so you want it patched too.

2) In the case of WinXP and later, make sure your Data Execution Prevention is fully enabled for all software, not just the base setting.
 
First step in keeping any machine secure. Use a NAT router... they're cheap and will stop 99% of attacks from reaching your LAN.

Second step in keeping a Linux machine secure. Don't run as root, dummy. Oh, wait, I meant Windows... and Administrator.

Third step in keeping a Windows machine secure. Stop searching for Paris Hilton blow job torrents.
 
The thing most people don't understand is that for someone to connect to your pc without a firewall there has to be something there to connect to. If you have no applications/services waiting for a connection then their is nothing anyone can do to gain access, they can't just create a connection out of thin air. Firewall software companies don't mention that because it would hurt sales. The problem with this approach though is that you have to know what all the services are and what software you use that uses the network. So for most people a firewall makes sense, but it is in no way something that without it you will get hacked.

A method I really like to keep a machine secure is to use virtual machines. You can monitor everything a program is doing in the virtual OS before you allow it access to your main OS.
 
Which would you rather have in a Windows XP or 2000 setup; An installation that has all the security patches and other associated stuff installed, using Admin Account only, but not firewall of any kind hooked up to a DSL modem or an installation that has none of the security patches and other associated stuff but with a good firewall and good user policy?
Click to expand...

Both, you can't rely on any single thing to protect you. Security is a process, not a product.

The thing most people don't understand is that for someone to connect to your pc without a firewall there has to be something there to connect to
Click to expand...

And in the past, Windows always listened for SMB traffic on all interfaces so there was always something to connect to. If your ISP didn't filter ports 139 and 445 or you didn't have a firewall there was always at least one vector. Now, I believe that most ISPs do filter traffic on those ports and the Windows firewall is on by default so it's not much of an issue.
 
Originally posted by: Modelworks
The thing most people don't understand is that for someone to connect to your pc without a firewall there has to be something there to connect to. If you have no applications/services waiting for a connection then their is nothing anyone can do to gain access, they can't just create a connection out of thin air. Firewall software companies don't mention that because it would hurt sales. The problem with this approach though is that you have to know what all the services are and what software you use that uses the network. So for most people a firewall makes sense, but it is in no way something that without it you will get hacked.

A method I really like to keep a machine secure is to use virtual machines. You can monitor everything a program is doing in the virtual OS before you allow it access to your main OS.
Click to expand...

i agree strongly with this part. If I ever have to run any unscrupulous program, i run it from the virtual machine, get the information i need and just wipe it out afterwards.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top