Guest jim Posted August 5, 2008 Posted August 5, 2008 i have avg free, malwarebytes and adaware installed on my computer, should i have windows defender also? or would this be conflicting? i also have two tower's one with xp home and the other with pro, will the settings and transfer wizard install pro o/s over the top of the xp home one? thank you -- jim
Guest Kayman Posted August 5, 2008 Posted August 5, 2008 Re: security On Tue, 5 Aug 2008 02:18:01 -0700, jim wrote: > i have avg free, Okay but AntiVir is better. > malwarebytes and adaware installed on my computer, on-demand or real-time? > should i have windows defender also? can be beneficial > or would this be conflicting? No, there shouldn't be any conflict if malwarebytes and adaware are both on-demand applications. For Win XP the most dependable defenses are: 1. Do not work as Administrator; For day-to-day work routinely use a Limited User Account (LUA). 2. Secure (Harden) your operating system. 3. Don't expose services to public networks. 4. Keep your operating (OS) system (and all software on it)updated/patched. (Got SP3 yet?). 5. Reconsider the usage of IE and OE. 5a.Secure (Harden) Internet Explorer. 6. Review your installed 3rd party software applications/utilities; Remove clutter, *including* 3rd party software personal (so-called) firewall application (PFW) - the one which claims: "It can stop/control malicious outbound traffic". 7. If on dial-up Internet connection, activate the build-in firewall and configure Windows not to use TCP/IP as transport protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135,137-139 and 445 (the most exploited Windows networking weak point) closed. 7a.If on high-speed Internet connection use a router. For the average homeuser it is suggested blocking both TCP and UDP ports 135 ~ 139 and 445 on the router and implement countermeasures against DNSChanger. (Is the Firmware of your router up-todate?). And (just in case) Wired Equivalent Privacy (WEP) has been superseded by Wi-Fi Protected Access (WPA). 8. Routinely practice Safe-Hex. Also, ensure you do: a. Regularly back-up data/files. b. Familiarize yourself with crash recovery tools and re-installing your operating system (OS). c. Utilize a good-quality real-time anti-virus application and some vital system monitoring utilities/applications. d. Keep abreast of the latest developments. And finally: Most computer magazines and/or (computer) specialized websites are *biased* i.e. heavily weighted towards the (advertisement) dollar almighty! Therefore: a. Be cautious selecting software applications touted in publications relying on advertisement revenue. b. Do take their *test-results* of various software with a *considerable* amount of salt! c. Which also applies to their *investigative* in-depth test reports related to any software applications. d. Investigate claims made by software manufacturer *prior* downloading their software; Subscribing to noncommercial-type publications, specialized newsgroups and/or fora (to some extend) are a great way to find out the 'nitty-gritties' and to consider various options. > i also have two tower's one with xp home and the other with pro, > will the settings and transfer wizard install pro o/s over the top > of the xp home one? I'd reformat and wipe the HDD of XPHome first.
Guest Ken Blake, MVP Posted August 5, 2008 Posted August 5, 2008 Re: security On Tue, 5 Aug 2008 02:18:01 -0700, jim <jim@discussions.microsoft.com> wrote: > i have avg free, Irrelevant. That's an anti-virus program, and you are asking about Defender, which is an anti-spyware program. They do different things. > malwarebytes and adaware installed on my computer, should i > have windows defender also? I would. There's little downside to running multiple anti-spyware programs, and since no two of them catch the same set of threats, having two or three provides added protection. > or would this be conflicting? No. > i also have two > tower's one with xp home and the other with pro, will the settings and > transfer wizard install pro o/s over the top of the xp home one? thank you No. If you want to upgrade the XP Home computer to XP Professional, you need to buy a second copy of XP Professional (the Upgrade version will do) and install it as an upgrade. Are you sure you want to do this? XP Professional and XP Home are exactly the same in all respects, except that Professional has a few features (mostly related to networking and security) missing from Home. For most (but not all) home users, even those with a home network, these features aren't needed, would never be used, and buying Professional instead of Home is a waste of money. In general, unless you need to join a domain, you probably don't need Professional. For details go to http://www.winsupersite.com/showcase/windowsxp_home_pro.asp http://www.microsoft.com/windowsxp/whichxp.asp http://www.microsoft.com/windowsxp/home/howtobuy/choosing2.asp Also note one other point not mentioned on any of those sites: Professional allows ten concurrent network connections, and Home only five. -- Ken Blake, Microsoft MVP - Windows Desktop Experience Please Reply to the Newsgroup
Guest MowGreen [MVP] Posted August 5, 2008 Posted August 5, 2008 Re: security jim wrote: > i have avg free, malwarebytes and adaware installed on my computer, should i > have windows defender also? or would this be conflicting? i also have two > tower's one with xp home and the other with pro, will the settings and > transfer wizard install pro o/s over the top of the xp home one? thank you In addition to the other advice previously given, MBAM (malware bytes anti-malware) is continually being updated. Suggest *never* using an older version of it as it may not be capable of dealing with newer malwares. *Always* download the most recent version IF and WHEN a system becomes infected. MowGreen [MVP 2003-2008] =============== *-343-* FDNY Never Forgotten ===============
Guest jim Posted August 5, 2008 Posted August 5, 2008 Re: security Thank you kayman for your excellent support/advice. Just to clarify some of the points you mentioned : both ad and mal are on demand but avg has a realtime spyware scanner, not sure what you mean by (harden) secure o/s and i.e. I have sp3 installed and use windows firewall in the system, i have cable broadband with ethernet modem with Lan settings that are always on (auto detect no proxy) and if i format the home edition disc will the pro edition be installed using files and settings transfer wizard using a usb mass storage flash drive? the later is not important as i can buy a disc for set up mate. Thank you once again, -- jim "Kayman" wrote: > On Tue, 5 Aug 2008 02:18:01 -0700, jim wrote: > > > i have avg free, > > Okay but AntiVir is better. > > > malwarebytes and adaware installed on my computer, > > on-demand or real-time? > > > should i have windows defender also? > > can be beneficial > > > or would this be conflicting? > > No, there shouldn't be any conflict if malwarebytes and adaware are both > on-demand applications. > > For Win XP the most dependable defenses are: > 1. Do not work as Administrator; For day-to-day work routinely use a > Limited User Account (LUA). > 2. Secure (Harden) your operating system. > 3. Don't expose services to public networks. > 4. Keep your operating (OS) system (and all software on it)updated/patched. > (Got SP3 yet?). > 5. Reconsider the usage of IE and OE. > 5a.Secure (Harden) Internet Explorer. > 6. Review your installed 3rd party software applications/utilities; Remove > clutter, *including* 3rd party software personal (so-called) firewall > application (PFW) - the one which claims: "It can stop/control malicious > outbound traffic". > 7. If on dial-up Internet connection, activate the build-in firewall and > configure Windows not to use TCP/IP as transport protocol for NetBIOS, > SMB and RPC, thus leaving TCP/UDP ports 135,137-139 and 445 (the most > exploited Windows networking weak point) closed. > 7a.If on high-speed Internet connection use a router. > For the average homeuser it is suggested blocking both TCP and UDP ports > 135 ~ 139 and 445 on the router and implement countermeasures against > DNSChanger. (Is the Firmware of your router up-todate?). > And (just in case) Wired Equivalent Privacy (WEP) has been superseded by > Wi-Fi Protected Access (WPA). > 8. Routinely practice Safe-Hex. > > Also, ensure you do: > a. Regularly back-up data/files. > b. Familiarize yourself with crash recovery tools and re-installing your > operating system (OS). > c. Utilize a good-quality real-time anti-virus application and some vital > system monitoring utilities/applications. > d. Keep abreast of the latest developments. > > And finally: > Most computer magazines and/or (computer) specialized websites are *biased* > i.e. heavily weighted towards the (advertisement) dollar almighty! > Therefore: > a. Be cautious selecting software applications touted in publications > relying on advertisement revenue. > b. Do take their *test-results* of various software with a *considerable* > amount of salt! > c. Which also applies to their *investigative* in-depth test reports > related to any software applications. > d. Investigate claims made by software manufacturer *prior* downloading > their software; Subscribing to noncommercial-type publications, > specialized newsgroups and/or fora (to some extend) are a great way to > find out the 'nitty-gritties' and to consider various options. > > > i also have two tower's one with xp home and the other with pro, > > will the settings and transfer wizard install pro o/s over the top > > of the xp home one? > > I'd reformat and wipe the HDD of XPHome first. >
Guest Kayman Posted August 6, 2008 Posted August 6, 2008 Re: security On Tue, 5 Aug 2008 14:00:08 -0700, jim wrote: > Thank you kayman for your excellent support/advice. YW :) > Just to clarify some of the points you mentioned : both ad and mal > are on demand but avg has a realtime spyware scanner, Okay > not sure what you mean by (harden) secure o/s... Secure (Harden) your operating system (OS). Educational reading: 10 Immutable Laws of Security. http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx?mfr=true http://www.5starsupport.com/tutorial/hardening-windows.htm http://www.malwarehelp.org/Malware-Prevention-Hardening-Windows-Security1.html http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm Note: Both Plug & Play and DCOM can easily disabled manually in Services (Local) panel as mentioned in #3. And the Windows Messenger can be dealt with using either: Uninstall/disable Windows Messenger Windows Messenger in XP http://www.kellys-korner-xp.com/xp_messenger.htm --or-- Stop Windows Messenger from Auto-Starting. Simply delete the following Registry Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\MSMSGS Therefore there is *no* need to download the below mentioned tools from Steve Gibson, of Gibson Research Corporation as mentioned in '5starsupport': a) To disable Windows Plug and Play b) To disable Windows DCOM c) To disable Windows Messenger Create New Extension (add .Cab File to registered file types) Go to Control Panel, in Folder Options | File Types tab, click the New button, in File Extension type: .CAB File, click OK and you’re done. Data Execution Prevention is 'checked' Turn on DEP...except those I select. Right-click My Computer icon | Properties, in System Properties panel click the Advanced tab and under Performance click Settings then click the Data Execution Prevention tab. The radio button for ‘Turn on DEP for essential Windows programs and services only’ should be deactivated and the radio button for ‘Turn on DEP for all programs and services except those I select:’ should be activated. http://support.microsoft.com/kb/912923 Enable ‘Do not store LAN Manager hash value on next password exchange’. Click Start, go to Settings, Control Panel, Administrative Tools, and click Local Security Policy. Double-click Security Options Folder, scroll down to ‘Network security: Do not store LAN Manager hash value on next password exchange’, right-click this item and click Properties. Activate the radio button next to Enabled. Click Apply and OK to save your settings. Security Policy Recommendations. http://www.nsa.gov/snac/support/sixty_minutes.pdf Security Attribute (page 27/28). a) Network access: Do not allow anonymous enumeration of SAM accounts HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM = 1 Recommendet Setting: Enabled b) Network access: Do not allow anonymous enumeration of SAM accounts and shares HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous = 1 Recommended Setting: Enabled c) Network access: Let Everyone permissions apply to anonymous users HKLM\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous = 0 Recommended Setting: Disabled Turn - Off Autoplay. http://www.dougknox.com/xp/tips/cd_autoplay_pro.htm To Disable CD autoplay, completely, in Windows XP Pro a) Click Start, Run and enter GPEDIT.MSC b) Go to Computer Configuration, Administrative Templates, System. c) Locate the entry for Turn autoplay off and modify it as you desire. Alternative: http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx Scroll down to Tweak UI, download TweakUI.exe Once you've installed TweakUI you'll find a lot of options in it. To turn-off Autoplay, in TweakUI expand My Computer, and then AutoPlay. Click on Drives and uncheck the drive letter that you no longer want to AutoPlay. Click on Apply and that's it. No more "what would you like me to do" dialogs. Don't expose services to public networks. Disable any unnecessary and potentially dangerous Services. Configure and adjust Services to suit your computing needs. Windows XP Service Pack 3 Service Configurations. http://www.blackviper.com/WinXP/servicecfg.htm (This can be a tedious exercise but will bear fruits later on; Initiate a good record of your activities). > ...and i.e. Secure (Harden) Internet Explorer. IE7 safe/secure settings Internet Explorer7 Desktop Security Guide http://www.microsoft.com/downloads/details.aspx?FamilyId=6AA4C1DA-6021-468E-A8CF-AF4AFE4C84B2&displaylang=en The Internet Explorer 7 Security Status Bar http://www.microsoft.com/windows/products/winfamily/ie/ev/security.mspx Extended Validation SSL Certificates http://www.microsoft.com/windows/products/winfamily/ie/ev/default.mspx *Tight security settings will break down some websites. You need to add these websites into the Trusted Zone for smooth access.* You could consider disabling all Security Settings in IE and use IE only for the 'Patch Tuesday' updates; To do so you must add the following URL's to the Trusted sites: http://update.microsoft.com http://download.windowsupdate.com https://*.update.microsoft.com http://*.update.microsoft.com http://*.microsoft.com Alternative Browsers: Opera™ http://www.opera.com/download/ Firefox™ http://www.mozilla.com/en-US/ The SeaMonkey® Suite (Internet Browser) http://www.seamonkey-project.org/ --But-- Microsoft says Internet Explorer more secure than Firefox :-) :-) http://www.heise-security.co.uk/news/99955 > I have sp3 installed and use windows firewall in the system, Good. The only reasonable way to deal with malware is to prevent it from being run in the first place. That's what AV software or Windows' System Restriction Policies are doing; And what 3rd party Personal Firewalls fail to do. How to Configure Windows Firewall on a Single Computer http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx In conjunction with Windows Firewall use: Seconfig XP 1.0 http://seconfig.sytes.net/ > i have cable broadband with ethernet modem with Lan settings that are > always on (auto detect no proxy) and if i format the home edition disc > will the pro edition be installed using files and settings transfer > wizard using a usb mass storage flash drive? the later is not important > as i can buy a disc for set up mate. Thank you once again, If on high-speed Internet connection use a router as well. For the average homeuser it is suggested blocking both TCP and UDP ports 135 ~ 139 and 445 on the router and implement countermeasures against DNSChanger. Countermeasures against DNSChanger: http://extremesecurity.blogspot.com/2008/06/use-default-password-get-hijacked.html Also: Is the Firmware of your router up-to-date?. For your consideration: Do not work as Administrator; For day-to-day work routinely use a Limited User Account (LUA). Least privilege http://www.securityfocus.com/infocus/1848 It is important that administrators follow the rule of least privilege. This means that users should operate their computer with only the minimum set of privileges that they need to do their job. Typically this means operating as a normal user,and only when absolutely necessary use the Run As or MakeMeAdmin commands to elevate privileges. Applying the Principle of Least Privilege to User Accounts on WindowsXP http://technet.microsoft.com/en-us/library/bb456992.aspx The Importance of the Limited User Account (LUA). http://blog.washingtonpost.com/securityfix/2006/05/the_importance_of_the_limited.html How the right user account can help your computer security. http://www.microsoft.com/protect/computer/advanced/useraccount.mspx Aaron Margosis' "Non-Admin" WebLog http://blogs.msdn.com/aaron_margosis/pages/TOC.aspx The easiest way to run as non-admin. http://blogs.msdn.com/aaron_margosis/archive/2004/06/17/158806.aspx http://blogs.msdn.com/aaron_margosis/ Routinely practice Safe-Hex. http://www.claymania.com/safe-hex.html Hundreds Click on 'Click Here to Get Infected' Ad http://www.eweek.com/article2/0,1895,2132447,00.asp Topical issue: DNS Checker http://www.doxpara.com/ Web-based DNS Randomness Test "The test takes a few seconds to complete. When its done you'll see a page where the transaction ID and source port randomness will be rated either GREAT, GOOD, or POOR. If you see a POOR rating, we recommend that contact your ISP and ask if they have plans to upgrade their nameserver software before August 7th." https://www.dns-oarc.net/oarc/services/dnsentropy Good luck :)
Recommended Posts