Tweaking Optimizing Windows.pdf - GEGeek

More documents

Recommendations

Info

www.symantec.com/avcenter/security/Content/2000_05_26_a_i_dES.html While you're at it, you should also familiarize yourself with Outlook E-mail Security Updates http://support.microsoft.com/support/kb/articles/q262/6/31.asp?LN=EN-US&SD=gn&FR=0> Outlook 2002 XP attachments Microsoft Outlook 2002, included with Office XP, introduced new restrictions to stop possible unsafe e-mail attachments from being opened or saved. This tweak allows you to modify those restrictions. Any files with following extension are prohibited from being opened or saved when received as e-mail attachments: ade, adp, asx, bas, bat, chm, cmd, com, cpl, crt, exe, hlp, hta, inf, ins, isp, js, jse, lnk, mda, mdb, mde, mdz, msc, msi, msp, mst, pcd, pif, prf, reg, scf, scr, sct, shb, shs, url, vb, vbe, vbs, wsc, wsf, wsh To change this behaviour open your registry and find the key below. [HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security] Create a new String value, or modify the existing value, called "Level1Remove" and set it to equal a semi-colon seperated list of the extension you want to allow e.g. "bat;exe;hlp" (this would allow batch files, executables and help files through). Restart Outlook for the change to take effect. Turn off Outlook Preview Regarding Nimda and virus e-mails in general. Not sure if everyone can do this. OE defaults to three panes. Top-right is your list of messages and bottom-right is the message itself. The problem is that if you want to delete an e-mail, you have to select it. When you select it, the message opens automatically in the bottom-right panel. If you go to View | Layout, you can turn off the preview pane. Now, you don't have to open a message in order to delete it. The advantages are a reduced likelihood of mail-borne viruses; you can delete spam without opening it and potentially setting cookies from a spammer's site. The disadvantage is if you want to view a new message, you have to double-click to open it up in a new window. If there is something you see that you're not sure about, you can right-click the suspect e-mail, go to Properties, Details tab, and click the View Source button. Finally, you can forward spam to abuse at whatever.com without ever having to open the e-mail; you can read the headers from the detail tab of the properties window, etc. Anyway, it seems this logic protects me from yet another batch of e-mail viruses. Between the above tactic and my Hotmail email account which also lets me delete e-mails without having to open them. Everything so far is pretty good. As an aside, you can also turn off WAV file playing somewhere in IE's options. I think its Play Sounds under the Advanced section. Just a thought. Do not allow attachments to be saved In outlook options tick the box 'do not allow attachments to be saved or opened that could potentially be a virus'. When this option is ticked it will essentially disable the opening of email attachments. Untick it if you wish to save/run attachments from people whom you know Create invalid entry in address book Create ':' in address book and enter yourself as email address and if virus gets sent out it will email you also so you can then start investigating quickly. Outlook and Exchange Site Another useful site for Outlook and Exchange solutions is http://www.slipstick.com/ Turn off Java and Javascript Turn off Java and JavaScript everywhere. If you run them in your email client you should have your head examined. It is childishly simple for a malicious website to write to your AUTOEXEC.BAT, force you to reboot by crashing your machine, and on reboot automatically wipe your entire hard drive clean. Turn if off in Internet Explorer by going to tools, internet options, security, custom and disabling java and scripts. Other Outlook Stuff Some email clients will automatically move to a new message when the one you're reading is moved or deleted. Make sure yours doesn't. 3. Virus Checking Always have running an up to date virus checker and update the virus definitions on a weekly basis. Check everything that arrives on your computer. I personally use 3 virus checkers - I only have one loaded at any one time. Every file that comes into the computer, goes into an incoming folder. Everything in that incoming folder is left there for a period of 1 month before being executed. The reason for this is to allow another couple of updates to the virus definitions, just in case I have downloaded a very new virus that the virus checker cannot detect. Everything in that Incoming folder is then checked by 3 different virus checkers. Even then I have performed a relatively new system backup before anything is executed. Commercial software is pretty much assumed safe from malicious code, but with the number of programs the average person downloads from the Internet, Trojan horses are becoming a major threat. Basically, a Trojan Horse is when you run a program to do one thing, but in the background it is doing another. These are often referred to as viruses, and frequently commercial antivirus programs will catch the most common ones, but they are easy to make, and can access anything the person running them can. As a rule of thumb, don't download new software and install it, unless you are sure it comes from a reputable source. Or Microsoft. Sorry, couldn't help myself. Make it your business to be aware of what comes in in all forms: email, web pages you look at, diskettes and CDs, accesses from LAN or Internet when online, and junk pulled down by auto-updating-software. This is not as easy as it used to be as the old beliefs simply do not apply anymore. Don't run or open unsolicited executables, documents, spreadsheets, etc. Be paranoid, if you don't know something to be virus-free, you must assume it isn't. (Have a strict policy in your organization that downloading executables and documents from the Internet
is not acceptable, and that anything that runs in your organization has to be virus-checked and approved first.) You may think I`m paranoid (well I am!) but having seen some of the damage and chaos that a virus can cause on peoples machines I am very careful indeed and you should be to! I have tested virtually every single virus detection program for the PC on the market and my favourites as I write this are: AVG and Norton. AVG is completely free for personal use and is very good. Never open email attachments that have the file extensions VBS, JS, SHS or PIF. These extensions are commonly used by worms and rarely contain valid attachments. Never open attachments that appear to have double file extensions, for example, somefile.txt.exe. Also in addition to a good virus checker, check your computer regularly with an up to date dedicated trojan scanning program e.g. Trojan Defence Suite or one available from www.agnitum.com Never, ever: • Open files or e-mail attachments from someone you don't know • Open files or e-mail attachments forwarded to you even if they are from someone you know • Never follow links to web pages from an unknown email • Open files that have extensions VBS, JS, SHS or PIF - these are commonly used by worms • Open unsolicited/unexpected e-mail attachments until confirmed the sender actually meant to send it • Open a document with macros enabled, period • Boot from a floppy unless you created it, write protected it and stored it in a locked safe since then • Accept attachments from strangers in online chat systems, such as IRC, ICQ or Aol etc. • Download files from internet newsgroups. These are often used by virus writers to distribute viruses Always: • Always scan file attachments or downloaded files before you run or open them • Always scan floppy disks (including ZIP drive media) • Always scan CDs • Always keep your antivirus definitions upto date • Always make backups and test your backups to ensure date integrity • Check with your friends or colleagues if a message seems slightly strange e.g. I love you that they sent the email before opening These issues are especially important if you are the administrator on a large network. While the average user has the rights to delete his or her files, most admins can delete everything on network drives, too. This is a bad thing. If your computer does become infected with a virus, the alt.comp.virus newsgroup is a good place to go for help and/or information. You can ask for, or find advice from a number of professionals and other experienced users. 4. Display Hidden File Extensions Even when you have configured Windows to display all file extensions, there are still some which remain hidden. This potentially allows dangerous files to be masked as safe files, fooling the user into executing them. This tweak helps expose those file extensions. It is possible for a malicious user to name a file so that it looks safe to open, when in fact it may be executable containing dangerous content. For example, a file could be displayed as "readme.txt" in explorer, when it fact it is really name "readme.txt.shs" but since the ".shs" portion of the filename is hidden it is impossible to tell it apart from a simple text file. Then once a user double-clicks to open this file, instead of seeing a text page as expected, the file will be executed by Windows as a scrap object and potentially harm the system. To remove the potential to hide files, search through the registry for any values named "NeverShowExt", a common one is located at [HKEY_CLASSES_ROOT\ShellScrap]. To force the file extension to be shown highlight the value "NeverShowExt" and press delete. Now the full file extension should be shown and not masked. You may need to restart Windows for the change to take effect. Registry Settings: Key: [HKEY_CLASSES_ROOT] Value Name: NeverShowExt You can also make sure that you turn off the option. Goto control panels, folder options, view, hide file extensions for known file types and uncheck the box. 5. Boot sequence Change your CMOS bootup sequence to C: / A: -- or just C: -- this is so you don't boot from drive A: if you leave a floppy in your machine. This should stop all pure boot sector viruses from infecting you. If you do need to boot from a floppy disk the CMOS can be quickly switched back. 6. Update and download service packs and fixes The next step is learning to be vigilant and wise about updating your system. There are several opinions concerning the best way to go about this. If you are a total security freak, and would rather be offline than unsecure, you can download hotfixes from Microsoft as soon as they are out. This can be a dangerous thing, since many of these "fixes" are not very well tested, or really are just registry changes that disable some of Window's features. Even if you are not going to install every fix as soon as it comes out, you should still keep up to date on what exploits have been found, and how (or even if) Microsoft is addressing them. To get the less biased but unofficial scoop on what exploits are out there, try NT Bug Traqs security mailing list. http://www.securityfocus.com/ I am not so worried about security on my home machine that I am willing to wade through the myriad of patches and reading the wordy Microsoft documents trying to figure out if they apply to me. The next best thing for security and best for stability is to make sure you are up to date on your service packs and critical updates. Do this by running the windows update wizard regularly. The fixes posted here are supposedly regression tested and should be quite stable. Apply any service packs to your computer, which will fix many security related problems. If you are still using NT than upgrade to Service Pack V6a which contains a lot of security fixes. Also apply service pack 2 for 2000. If you use Outlook especially install the latest security patches from Microsoft. I always recommend keeping Internet Explorer completely up to date e.g. latest at time of writing is IE6, which contains a lot of security fixes etc.
Page 1 and 2:
Mr.X.'s TWEAKING AND OPTIMIZING WIN
Page 3 and 4:
-Msdownld.tmp This one needs manual
Page 5 and 6:
If you have Windows 95/NT you can e
Page 7 and 8:
BootKeys=1 BootMenu=0 BootMenuDefau
Page 9 and 10:
Settings\Cache\History] "CachePath"
Page 11 and 12:
Similarly, open Internet Explorer,
Page 13 and 14: g - Restart your computer once step
Page 15 and 16: 38. Keep IE crash free Here's a tip
Page 17 and 18: 44. Switch off Dos memory manager D
Page 19 and 20: Data: D:\WIN95 58. Clear Recent Doc
Page 21 and 22: Click on the property tab for this
Page 23 and 24: Right-click in the right hand pane
Page 25 and 26: By the use of this client software,
Page 27 and 28: 8. Want Real mode DOS back in Windo
Page 29 and 30: Recommendation: This service will f
Page 31 and 32: detect and/or recognize your hardwa
Page 33 and 34: It should almost certainly benefit
Page 35 and 36: Click start. click settings. click
Page 37 and 38: Click Analyze, click ok, click Acti
Page 39 and 40: Nonbrowser. A nonbrowser is configu
Page 41 and 42: Private IP Addressing (APIPA) for p
Page 43 and 44: provides protected storage for sens
Page 45 and 46: If the service is turned off, RIS i
Page 47 and 48: enables NetBIOS name resolution. Pr
Page 49 and 50: 11. Adaptive Menus Microsoft Office
Page 51 and 52: 3. Speed up Internet Explorer 6 Fav
Page 53 and 54: Note that in doing this, you are co
Page 55 and 56: claimed for a ‘fixed’ page file
Page 57 and 58: When a NTFS drive is formatted it b
Page 59 and 60: Goto above key in registry and you
Page 61 and 62: To get Admin account on the "Welcom
Page 63: • Security is not opening attachm
Page 67 and 68: [-HKEY_LOCAL_MACHINE\System\Current
Page 69 and 70: exists on your NT machine (this key
Page 71 and 72: - Not found in a dictionary - Not d
Page 73 and 74: Alt - 119 = w Alt - 120 = x Alt - 1
Page 75 and 76: Alt - 0166 = ¦ Alt - 0167 = § Alt
Page 77 and 78: 11. Remove the default administrato
Page 79 and 80: These logs can contain sensitive da
Page 81 and 82: Right-click in the right hand pane,
Page 83 and 84: 57. Temporarily Assign Yourself Adm
Page 85 and 86: Install the appropriate post-Servic
Page 87 and 88: Windows XP Home Edition Configurati
Page 89 and 90: Caution If your computer is not in
Page 91 and 92: C:\inetpub\ftproot (FTP server) C:\
Page 93 and 94: MBR Work - www.terabyteunlimited.co
Page 95 and 96: Extreme Tech www.extremetech.com Fi
Page 97 and 98: IconFactory.com www.iconfactory.com
Page 99 and 100: Cable Modem Tips http://homepage.nt
Page 101 and 102: _Google _Google Image Search _Googl
Page 103 and 104: Boot other device This feature dete
Page 105 and 106: feature is a little different from
Page 107 and 108: ypass the compensation circuit and
Page 109 and 110: Therefore, using the latest video B
Page 111 and 112: So, for optimal performance, you sh
Page 113 and 114: second clock cycle before sending t
Page 115 and 116:
SDRam RAS precharge time This featu
Page 117 and 118:
The shorter the delay, the earlier
Page 119 and 120:
CPU level 1 cache The modern proces
Page 121 and 122:
MPS 1.1 was the original specificat
Page 123 and 124:
Please note that even if you don't
Page 125 and 126:
Advanced Settings tab of the associ
Page 127 and 128:
However, this is not a surefire way
Page 129 and 130:
This feature allows you to manually
Page 131 and 132:
doubling the bandwidth of the proce
Page 133 and 134:
When this feature is enabled, the s
Page 135 and 136:
VLink 8X support V-Link refers to V
Page 137 and 138:
You will notice that the interrupts
Page 139 and 140:
AMD OVERCLOCKING - changing the mul
Page 141 and 142:
Examples of terminology used You wi
Page 143 and 144:
are much easier to use. No matter w
Page 145 and 146:
Hard drive limitations Overclocking
Page 147 and 148:
5.0x 500Mhz 560Mhz 620Mhz 665Mhz 5.
Page 149 and 150:
If you see copper, you've gone too
Page 151 and 152:
"PC" specification that SDRAM uses
Page 153 and 154:
Benchmarks allow you to measure you
show all

Tweaking Optimizing Windows.pdf - GEGeek

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?