Tweaking Optimizing Windows.pdf - GEGeek
Tweaking Optimizing Windows.pdf - GEGeek
Tweaking Optimizing Windows.pdf - GEGeek
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
• Security is not opening attachments you haven't requested from people you know or do not know, but downloading them<br />
to disk and having a text editor or AV tool look them over instead. And even if it's not readable as text, and even if your AV<br />
tool doesn't say it's malicious, don't run it. Ask whoever sent it what it is and why they sent it before clearing it with you<br />
first. And even if your friend assures you that the file is not malicious, check it out with Blobview, Peeper, and BinText, and<br />
use InCtrl5 to open it.<br />
• Security is disabling web scripting if you are running <strong>Windows</strong>.<br />
• Security is trying to find a more secure emailer (than Outlook) if you are a home user.<br />
• Security is making sure you are not broadcasting your presence on the Internet on a permanent IP. If you are running<br />
<strong>Windows</strong>, make sure ports 135 - 139 are closed. If you are running NT/2K/XP, make sure port 445 is closed and make<br />
doubly sure port 135 is closed.<br />
• Security is installing and properly configuring a firewall if you have a permanent IP.<br />
• Security is changing your IP regularly, even if you have a permanent connection.<br />
• Security is never connecting to the Internet without your firewall up and running.<br />
• Security is never using Java - anywhere. Disable it everywhere, especially in your email reader.<br />
• Security is using an ad killer such as Silencer to kill as many banners as you can.<br />
• Security is checking with sites such as Spychecker before even considering a download from the Internet.<br />
• Security is reading email as text only. If people can't send you text email, tell them to get out of your mailbox. The<br />
Internet is built on text, and don't forget it. No winmail.dat cards, no VCF attachments - just text.<br />
• Security is seriously considering disabling JavaScript when surfing and NEVER having it on while you are reading email.<br />
• Security is disabling VBScript everywhere - unconditionally.<br />
• Security is making sure ActiveX OCX's can't be downloaded and run on your box. Check your browser settings for this.<br />
• Security is checking your firewall logs all the time. If you can't understand what they say - learn.<br />
• Security is running AV often enough, even if you don't run AV all the time, and updating your lists as often as you can.<br />
• Security is always checking with an up-to-date AV before sending or receiving anything via email.<br />
• Security is visiting security sites where major advisories are posted. Keep up on "traffic hazards".<br />
• Security is finding someone who can help you if you don't know all the technical stuff, someone who can help you when<br />
you need it. If you need a quick answer in a tight situation, write to radsoft.net.<br />
• Security is checking your process list regularly so you know what should be there and so you immediately see when<br />
something that shouldn't be there is around.<br />
• Security is playing around with GD and the netstat (and nbtstat) commands and learning how they work so you can be sure<br />
you don't have open ports you shouldn't have.<br />
• Security is learning your own file system. When you see files there that look suspect - turn up their properties and see<br />
whose program it is. If it's from your operating system vendor (eg Microsoft) it may be ok, but if it has no version info or is<br />
from a company you never heard of, raise an eyebrow.<br />
• Security is running an up-to-date copy of Ad-aware regularly, especially if you download and test new software all the time,<br />
and being suspicious of anything you download. Use InCtrl5 from ZD Net to check the effects of any program you download<br />
and run, and take the time, yes take the time, to study the logs of InCtrl5 so you know exactly what happened when the<br />
new program ran.<br />
• Security is backing up your system regularly, and only when you are at least 100% positive it is not corrupted by virus,<br />
worm, trojan or other malicious software. Learn how to restore a system from a backup so you can do this and will do this<br />
immediately you recognise a need to.<br />
1. Email security and scripts<br />
Don't let windows run HTA, SHS and VBS Script automatically. Those file associations allow viruses to infect your system. Open<br />
<strong>Windows</strong> Explorer and click Tools / Folder Options / File Types and delete HTA, SHS and VBSscript. It is very unlikely a normal PC<br />
user would need those file associations turned on. If every person never had these filetypes recognised to the operating system<br />
than the effect of the 'LoveBug' virus would of been a lot less. Good program to stop various filetypes from launching is<br />
ScriptDefender - www.analogx.com/contents/news.htm<br />
Configure <strong>Windows</strong> so that is always shows file extensions. In Explorer, clock on View, Folder Options, View tab. In the advanced<br />
list, uncheck 'Hide file extensions for known file types'. Never open attachments to emails or follow links to web pages that are<br />
contained in unsolicited emails. Ignore attachments that have sexual filenames, such as porn.exe. This is a common trick to tempt<br />
people into opening the attachment. Don't assume that because an attachment has the icon of a harmless file type such as txt or<br />
jpg the file is harmless. Check the actual file extension. EXE (executable) files can have any icon. Never accept attachments from<br />
strangers in online chat systems, such as IRC, ICQ or AOL messenger. Be wary of files downloaded from internet newsgroups.<br />
These forums are often used by virus writers to distribute their new viruses.<br />
Check out<br />
www.symantec.com/avcenter/venc/data/win.script.hosting.html<br />
how to disable scripting. Scripting adds "functionality" that most people really don't need. In fact, that very functionality could be<br />
considerably dangerous with regard to VBS type malware infections that are spread primarily through email attachments.<br />
2. Control Outlook Security<br />
As Microsoft Outlook is a major victim and a major cause of trouble, consider using another email client, and make sure the client is<br />
not dependent on IE technology. Even webmail is better suited. Once you get rid of that Outlook address book a lot of worms will be<br />
lost. Other email clients are Eudora, Pegasus, Agent etc. If you must use Outlook then here are some tips for you.<br />
Introduced into Outlook service packs was a security feature that disabled the ability to directly open executable (EXE) file. This<br />
tweak allows you to disable that functionality. Open your registry and find the key below.<br />
HKEY_CURRENT_USER\Software\Policies\Microsoft\Security<br />
Create a new DWORD value, or modify the existing value, called 'CheckAdminSettings' and edit the value according to the settings<br />
below.<br />
CheckAdminSettings REG_DWORD 0x00000001 (1)<br />
To Disable embedded scripting from Outlook<br />
(or better dont use Outlook at all and use an alternative)<br />
Disable embedded scripting from Outlook (or even better dont use it at all and use an alternative email program)