Jump to content

Security Products


Obliviator

What security products do you think are required for a secure Windows XP SP2?  

38 members have voted

  1. 1. What security products do you think are required for a secure Windows XP SP2?

    • 1. Firewall/IDS (not including Windows Firewall)
      4
    • 2. Antivirus
      6
    • 3. Antispam
      0
    • 4. Antispyware
      1
    • 5. Combination of Above
      20
    • 6. Other
      1
    • 7. None
      1


Recommended Posts

I choose none because with the tools included with SP2, I think its possible to not only secure Windows, but probably beyond the security offered by most applications. In the cracker community, the most common ways of breaking into a computer is through applications. Applications contains the holes, bugs, and of course, the exploit tools necessary for cracking.

By Automatic Update, one can update my Windows app and Windows itself. Abstinence from any other company's software that accesses the internet allows one to keep my software updated and protected against even 0-day viruses.

Windows Firewall provides a negligible amount of protection against worms and crackers. To further enhance internet traffic protection, you can enable TCP/IP filtering and the IPSEC firewall. Using a Microsoft tool i havnt tested yet, it is possible to create a firewall-like service. The app's ability to filter out certain packets can then be made into a service.

Also a MS tool exists that allows the logging of network traffic. Another MS tool contains the ability of filtering through logs. Combining these two programs and making them a service serves as an IDS.

Access control and using a restricted account can further protect against even a virus that did manage to penetrate against these defenses. Encryption of important files makes sure that if a cracker somehow bypasses these defenses, the files would be unreadable.

Shutting down nonessential services and running the remaining services in restricted accounts closes most opened ports.

Current antiviruses scan using signatures, which is both slow and inaccurate. Until heuristics are advanced, having an antivirus offers only a little better protection.

Firewalls are basically filters with cool options. Options like SPI are already in Windows Firewall. Filtering options are configured in the IPSEC firewall and TCP/IP filtering.

Antispam doesnt really help much. The reason why spam is considered even a security threat is because it can harbor worms and viruses. With adequate restrictions, even opening spam wont really affect you.

Antispyware, like antiviruses, depend on signatures also. Microsoft has recently acquired an antispam company in hopes of making their own antispyware, which probably will offer more protection than any current solutions based on their knowledge of the inner workings of the OS. And again, with adequate restrictions, one wouldnt even get spyware in the first place.

The secret to security is prevention. What im really trying to say is that a perfectly secure Windows could be based only on MS programs. I think that this is enough for now, but if anyone wants to argue my points, I would be happy to continue on. :)

Link to comment
Share on other sites


What you have said is right only if you :

1) you are the only one who use the pc at home & and with knowledge of security risks. As there are an increasing number of PC users with no basic knowledge of security risks we can expect an increasing number of infection & attacks.

2) If you'r working in a corporate with a central Server that filter & clean viruses.

However, as I said, it almost impossible to live with no additional security tools. But I agree with your idea which prevention is better than cure, but again it not always easy to prevent attacks. For example, today I was looking in Secunia's site for IE Flaws, after a complete day of analysis I found that what Microsoft suggest "Set IE Internet Security level to high would prevent most attacks" is not easy to do because when you set it to high most webpage won't load, they all need active scripting enabled.

Link to comment
Share on other sites

Popular misconception: SP2 firewall protects you.

Not true! SP2 firewall does not block any outbound packets, on any port, on any transport, to any address...

Zonealarm, outpost - or any hardware firewall does

make yer choice and live with it....

Cheers,

10forcash

Link to comment
Share on other sites

For most usres SP2 firewall and a good antivirus is all they need.

It works for me, but i don't even use do sp2 firewall but only NAV2005 and it's worm protection instead ;)

Whatever people say about norton produtcs I never had virus problems after instaling NAV...

Besides

USE COMMON SENSE

is always the best protection :thumbup

Link to comment
Share on other sites

10forcash  colud you explain what you mean?
He's referring to the fact that the "Enter" key (which will "click" default Yes or Install button in any spyware dialog box) does a lot of damage. ;)

USE COMMON SENSE is the best protection, has been heard a lot, but I'd say the minimum you should do is have an anti-virus with updated defs. That's pretty much all you need, to stay safe. If you're literate, you will recognize spam and spyware. If you have SP2, the firewall is pretty good. Only thing left out, is the Anti-Vir. So yeah, even an old one (so that your system doesn't get bogged down) is perfectly fine (like NAV2002).

Link to comment
Share on other sites

arh :yes: i thought it was along those lines.

i use anti virus (AVG) , router / firewall (hardware) , Kaspersky anti-hacker , thunderbird , firefox , adaware , spybot , giant anti-spyware , SpywareBlaster , HOST file , reg website blocking , no java installed :) , flash disabled (via spyware blaster i hate ads) common sense , proxy etc you know just the basics :rolleyes:

Regards

cyph

Link to comment
Share on other sites

SP2 (probably most important :))

I've gotta disagree with this. I've had more bad experiences with SP2 than good ones, especially for a mobile user.

All you should ever need is...

Windows XP SP1 with all updates (except SP2)

A good anti-virus (anyone that has a decent real-time scanning feature)

Software firewall (Sygate get's my vote)

Spyware Blockers (SpywareBlaster and Spybot S&D)

Anything but IE as your browser (Firefox, Maxthon, Avant Browser, Mozilla, etc)

Even then... it'd be pretty hard to get something onto your system...

The ultimate would be to have all these systems unaccessible to the user if you have a computer illiterate person who uses it, i.e. Have the AV and firewall running, but the user has no access to it. The software just blocks any intrusions and deletes any viruses silently. I'd probably prefer that as my interface actually... if I want to know if anything's been blocked or deleted, go into the admin account and check the logs.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...