First Security Set-up

View previous topic View next topic Go down

First Security Set-up

Post by Guest on 18/4/2010, 04:56

Every day someone sets up their first machine.
It may be a state of the art,blazing fast HAL 9000 Magnum,or a tired old veteran,bought at a swap meet.

In any event,it is the first,"at home" machine our hero or heroine,has ever owned.

Right now,their primary concerns are getting an internet connection,trying to figure out what a "browser" is/does,
and a myriad of other confusing things.

Let us make a huge assumption,that they start from a fresh install of Windows.

Lets further assume an operating system from 2000 to Vista.

Big leap of faith here,lets assume there are no expired,half uninstalled legacy security programs,or foist ware "bundled with the machine" third party security programs on-board.

I would ask all of my knowledgeable friends here on ssj100 Security Forums,to pitch in with their suggestions for a setup security for this fledgling user.

The question seems a meaningful one,I just cant put together an Answer that holds up to second thoughts.

noor

Guest
Guest


Back to top Go down

Re: First Security Set-up

Post by ssj100 on 18/4/2010, 05:01

Just to clarify, what OS would they be using, and what version of that OS?

I can see that you are referring to the "average" relatively "noob" user too - always a challenge to create a good solid security setup/approach for them...but I have some ideas...once you tell me which OS in particular...or is the board of suggestions open for Windows 2000, XP and Vista (and not 7)?

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: First Security Set-up

Post by Guest on 18/4/2010, 05:12

Oh no! Windows 7 is included!!
Lets say two systems,one for 2000-XP (all service packs,home,pro etc)

and a second for the Vista-Windows 7 users.

But I know the newer systems provide more inbuilt protection.

(I say "I know" but only from reading,I have never touched a Vista,let alone Windows 7,machine!!)

noor

Guest
Guest


Back to top Go down

Re: First Security Set-up

Post by ssj100 on 18/4/2010, 05:49

In general terms:

I would resort to installing a real-time Antivirus for them - I usually recommend either Avira AntiVir Personal or Microsoft Security Essentials (both are completely free). Regardless of the OS, I'd just leave the Windows Firewall enabled in default configuration.

Assuming that I (or some basic equivalent) am not there to "administrate" their computer, a limited account may be a problem. If they don't even know what a web browser does, they are unlikely to know why you need to switch to your admin account (or use "Run as administrator") to install/update programs etc. If there was someone there to "administrate" their computer, certainly the limited account would be ideal.

And to be honest...that's it. I wouldn't go much further than that, except for educating them about how to handle newly introduced files etc, and not to click on anything that pops up in their web browser willy nilly, and not to open e-mail attachments from unknown sources etc.

But then the question is what setup to use for someone who is high risk and keeps getting infected? Here are some programs to consider (as an addition to the above):

1. Sandboxie, even if it's just for sandboxing their web browser (this level of using Sandboxie is very simple).
2. Shadow Defender, although you'd need to remind them that nothing is retained once they reboot etc (unless they commit or set exclusions). I think this is a fairly simple program to use.
3. DefenseWall, although you'd need to educate them what "trusted" and "untrusted" means. The user will still need to have a level of understanding of what is a safe file and what is unsafe (nothing can stop the user from running a file as trusted...and believe me, they will, especially if the file they want to run doesn't install properly as untrusted) - arguably, this could all be done by educating them to have a good "security approach" (that is, DefenseWall isn't needed here). But DefenseWall can "freeze malware" that they might come across via their web browser(s) and other sources. Malware remnants will of course remain on their system, and may or may not be cleaned up by their Antivirus. But then the "noob" user couldn't care less about this, as long as their system is functioning to their needs.
4. SUA + UAC +/- SRP/AppLocker + DEP. Yes, I mentioned above that a limited account may be a problem, but if the user can understand and use programs like DefenseWall, they shouldn't have too much trouble using SUA + UAC +/- SRP/AppLocker + DEP (once it's setup for them). I mention SUA (not LUA, even though they are the same thing), because SUA is the term used in Windows 7, and Microsoft have made running as a limited user (SUA) much easier there. And that's pretty much all the user would need (just add an Antivirus) and it's completely free with no annual fees, bugs, conflicts, slow-downs (unlike DefenseWall).

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: First Security Set-up

Post by Guest on 18/4/2010, 06:27

Bravo!! that sounds basic and trouble free. I cant
thank of a GUI much more clear than Avira,and while I have not used it,MSE it looks "ShadowDefender" simple.


I used Sandboxie to good effect for years with no configuration other than "display boarder around window".

Shadow defender seems simple, also if you are able to impress your points on them.

In lieu of DefenceWall, for the high risk "chronically infected",
what are your thoughts on GesWall?

I ask because there is a "maintained" (maybe not that well,)
free version here,as opposed to a limited offer of free DefenceWall,256,with no support,and a paid only new DefenceWall3.

It seems that having someone set up SUA + UAC +/- SRP/AppLocker + DEP ,for new users may be even easier then for "old Hard heads" who are set in the ways of "wide open" administrator accounts.

Thanks ssj100 well thought out.

noor

Guest
Guest


Back to top Go down

Re: First Security Set-up

Post by ssj100 on 18/4/2010, 06:37

noorismail wrote:Bravo!! that sounds basic and trouble free. I cant
thank of a GUI much more clear than Avira,and while I have not used it,MSE it looks "ShadowDefender" simple.


I used Sandboxie to good effect for years with no configuration other than "display boarder around window".

Shadow defender seems simple, also if you are able to impress your points on them.

In lieu of DefenceWall, for the high risk "chronically infected",
what are your thoughts on GesWall?

I ask because there is a "maintained" (maybe not that well,)
free version here,as opposed to a limited offer of free DefenceWall,256,with no support,and a paid only new DefenceWall3.

It seems that having someone set up SUA + UAC +/- SRP/AppLocker + DEP ,for new users may be even easier then for "old Hard heads" who are set in the ways of "wide open" administrator accounts.

Thanks ssj100 well thought out.

noor

Thanks noor.

I haven't tested GesWall much at all to be honest, but I have read that it is very effective at keeping your system clean. However, it's not the easiest program to use and it's rarely updated. Also, the free version ( http://www.gentlesecurity.com/professional.html ) only protects your web browser by default (as far as I know). The support is very limited too - their forums are even quieter than the Shadow Defender one! This is the last thread on their forum:
http://www.gentlesecurity.com/board/viewtopic.php?t=408
Doesn't sound too promising!

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: First Security Set-up

Post by Guest on 18/4/2010, 06:49

The problem I had with DefenceWall/Geswall was initially with Returnil 2008,and latter with ShadowDefender.

Files I committed from with Protected/shadow Mode,as "untrusted" showed up as trusted when I booted out of Returnil/ShadowDefender "Protected/ShadowMode".

So the drill was TRY and remember everything you committed,that regardless of being scanned prior to committal, you chose to remain untrusted,and seek them out, and mark them so, in DefenceWall,while out of Returnil/ShadowDefender Protected/ShadowMode.

Nope,just too much for me,something had to go,and it was DefenceWall,(GeSWall also,same sort of problem,+random BSOD's)

noor

Guest
Guest


Back to top Go down

Re: First Security Set-up

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum