Tweaking Optimizing Windows.pdf - GEGeek
Tweaking Optimizing Windows.pdf - GEGeek
Tweaking Optimizing Windows.pdf - GEGeek
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
www.symantec.com/avcenter/security/Content/2000_05_26_a_i_dES.html<br />
While you're at it, you should also familiarize yourself with Outlook E-mail Security Updates<br />
http://support.microsoft.com/support/kb/articles/q262/6/31.asp?LN=EN-US&SD=gn&FR=0><br />
Outlook 2002 XP attachments<br />
Microsoft Outlook 2002, included with Office XP, introduced new restrictions to stop possible unsafe e-mail attachments from being<br />
opened or saved. This tweak allows you to modify those restrictions.<br />
Any files with following extension are prohibited from being opened or saved when received as e-mail attachments:<br />
ade, adp, asx, bas, bat, chm, cmd, com, cpl, crt, exe, hlp, hta, inf, ins, isp, js, jse, lnk, mda, mdb, mde, mdz, msc, msi, msp, mst,<br />
pcd, pif, prf, reg, scf, scr, sct, shb, shs, url, vb, vbe, vbs, wsc, wsf, wsh<br />
To change this behaviour open your registry and find the key below.<br />
[HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security]<br />
Create a new String value, or modify the existing value, called "Level1Remove" and set it to equal a semi-colon seperated list of the<br />
extension you want to allow e.g. "bat;exe;hlp" (this would allow batch files, executables and help files through). Restart Outlook for<br />
the change to take effect.<br />
Turn off Outlook Preview<br />
Regarding Nimda and virus e-mails in general. Not sure if everyone can do this. OE defaults to three panes. Top-right is your list of<br />
messages and bottom-right is the message itself. The problem is that if you want to delete an e-mail, you have to select it. When<br />
you select it, the message opens automatically in the bottom-right panel.<br />
If you go to View | Layout, you can turn off the preview pane. Now, you don't have to open a message in order to delete it. The<br />
advantages are a reduced likelihood of mail-borne viruses; you can delete spam without opening it and potentially setting cookies<br />
from a spammer's site. The disadvantage is if you want to view a new message, you have to double-click to open it up in a new<br />
window.<br />
If there is something you see that you're not sure about, you can right-click the suspect e-mail, go to Properties, Details tab, and<br />
click the View Source button. Finally, you can forward spam to abuse at whatever.com without ever having to open the e-mail; you<br />
can read the headers from the detail tab of the properties window, etc. Anyway, it seems this logic protects me from yet another<br />
batch of e-mail viruses. Between the above tactic and my Hotmail email account which also lets me delete e-mails without having to<br />
open them. Everything so far is pretty good. As an aside, you can also turn off WAV file playing somewhere in IE's options. I think<br />
its Play Sounds under the Advanced section. Just a thought.<br />
Do not allow attachments to be saved<br />
In outlook options tick the box 'do not allow attachments to be saved or opened that could potentially be a virus'. When this option<br />
is ticked it will essentially disable the opening of email attachments. Untick it if you wish to save/run attachments from people<br />
whom you know<br />
Create invalid entry in address book<br />
Create ':' in address book and enter yourself as email address and if virus gets sent out it will email you also so you can then start<br />
investigating quickly.<br />
Outlook and Exchange Site<br />
Another useful site for Outlook and Exchange solutions is http://www.slipstick.com/<br />
Turn off Java and Javascript<br />
Turn off Java and JavaScript everywhere. If you run them in your email client you should have your head examined. It is childishly<br />
simple for a malicious website to write to your AUTOEXEC.BAT, force you to reboot by crashing your machine, and on reboot<br />
automatically wipe your entire hard drive clean. Turn if off in Internet Explorer by going to tools, internet options, security, custom<br />
and disabling java and scripts.<br />
Other Outlook Stuff<br />
Some email clients will automatically move to a new message when the one you're reading is moved or deleted. Make sure yours<br />
doesn't.<br />
3. Virus Checking<br />
Always have running an up to date virus checker and update the virus definitions on a weekly basis. Check everything that arrives<br />
on your computer. I personally use 3 virus checkers - I only have one loaded at any one time. Every file that comes into the<br />
computer, goes into an incoming folder. Everything in that incoming folder is left there for a period of 1 month before being<br />
executed. The reason for this is to allow another couple of updates to the virus definitions, just in case I have downloaded a very<br />
new virus that the virus checker cannot detect. Everything in that Incoming folder is then checked by 3 different virus checkers.<br />
Even then I have performed a relatively new system backup before anything is executed.<br />
Commercial software is pretty much assumed safe from malicious code, but with the number of programs the average person<br />
downloads from the Internet, Trojan horses are becoming a major threat. Basically, a Trojan Horse is when you run a program to do<br />
one thing, but in the background it is doing another. These are often referred to as viruses, and frequently commercial antivirus<br />
programs will catch the most common ones, but they are easy to make, and can access anything the person running them can. As a<br />
rule of thumb, don't download new software and install it, unless you are sure it comes from a reputable source. Or Microsoft.<br />
Sorry, couldn't help myself.<br />
Make it your business to be aware of what comes in in all forms: email, web pages you look at, diskettes and CDs, accesses from<br />
LAN or Internet when online, and junk pulled down by auto-updating-software. This is not as easy as it used to be as the old beliefs<br />
simply do not apply anymore.<br />
Don't run or open unsolicited executables, documents, spreadsheets, etc. Be paranoid, if you don't know something to be virus-free,<br />
you must assume it isn't. (Have a strict policy in your organization that downloading executables and documents from the Internet