[Hidden-tech] Windows security (sic)

[Will Loving]

Well Ben, you are either running on a Mac or Linux box or you have been
incredibly lucky. In my experience, any Windows machine that is connected to
the internet and which does not have the firewall turned on before the
connection is made, is infected within about 60 seconds by the Sasser worm
or other attacking software. Leave it on for a while without a firewall and
your PC will likely become a zombie attacking other machines.

I've not had a virus scanner on my main work machine in 10 years either, but
they've all been Macs. My Windows machine has been repeatedly attacked and
once seriously disabled, and I don't even use it for email or web browsing,
just application testing. I do keep it connected to the internet because I
need to test things in a network environment. Only since using XP Pro with
Service Pack 2 have I had general peace and quiet.

Will

Will Loving, President
Dedication Technologies, Inc.



on 5/26/05 11:56 AM, Ben Liyanage at ben at smartankgroup.com wrote:
> 
> I have not had a virus scanner on my computer for nearly 10 years, and I
> have not ever had a virus.
> 
> My secret is that I always click "No" when a website asks me if I want to
> run a script, or install a program that I was not specifically seeking out.
> I hope this little piece of advice helps some of you.
> 
> Ben Liyanage
> ben at smartankgroup.com
> 410.336.2464
> 
> -----Original Message-----
> From: hidden-discuss-bounces at lists.hidden-tech.net
> [mailto:hidden-discuss-bounces at lists.hidden-tech.net]On Behalf Of
> Jonathan Dill
> Sent: Wednesday, May 25, 2005 7:26 AM
> To: hidden-discuss at lists.hidden-tech.net
> Subject: [Hidden-tech] Windows security (sic)
> 
> 
> Hello folks,
> 
> I do "emergency calls" on computers and wanted to make a few comments
> and suggestions about how not to have your computer trashed if you have
> Windows.  The bottom line is it is probably a lot cheaper--though it
> does cost some money--to do a few things up front rather than try to
> clean up the mess if you have not made any preparation.
> 
> I have been doing a lot of these calls lately where people "had the
> anti-virus software that came with the computer..." which expired in
> 2001 or something like that.  And then his or her teenager stopped by
> the office and used the computer "to do homework" ahem, or some similar
> instigating incident.  And then the next time the computer restarted,
> this funny window came up, and someone clicked "OK" and then the system
> wouldn't come up after that.  OK so maybe a lot of IT people would say
> this is stupid / irresponsible / whatever, but in practice, I'm finding
> that it is extremely common.  My new joke is that I am changing my
> slogan to, "NO Windows for you! Linux, Linux, Linux!!!"
> 
> Often, all of the critical system files are deleted or at least trashed,
> and if there is no backup, all there is left to do is try to copy off as
> much data as I can, re-install Windows, and copy the data back to the
> computer.  By the time I have run Windows Update for the Nth time and
> rebooted for the Nth time, tried to make it reasonably secure, and
> copied all of the files back, it takes at least 4 hours.
> 
> If you don't have the original CDs that came with your computer, either
> you will be buying new Windows, or ordering the "System Restore" CDs
> from the manufacturer and waiting a few days for them to show up--I have
> found that some OEM licenses for Windows do not work with just a
> standard Windows CD, the Registration Key from the sticker on the side
> of the computer may not even be recognized as valid because it is not a
> "WPA" license.
> 
> If you have Windows, please check to make sure your antivirus software
> has a valid license and that the definitions are updating regularly,
> preferably automatically.  If you're not sure, get a geek to help you,
> or if it's been a year since you last bought antivirus software or an
> upgrade, go out and buy the latest Norton Antivirus for Windows.
> 
> If you have a Windows PC that is critical to your business, your friends
> and family should not be logging on to that computer to do anything, it
> should be just for business as much as possible.  Get a second cheap PC
> for example from Walmart and let the kids use that.  Hey, I know it's
> money, but it may cost less to just buy a cheap PC up front than what
> you will pay to try to recover your business files if your computer gets
> trashed.
> 
> Get an external USB2 disk drive for backups.  If your computer is more
> than a year or two old, you may also need to buy a USB2 card for your
> computer.  Maxtor and Seagate are a couple good brands for disk drives.
> The disk should be at least twice the size of the total space of the
> hard drive(s) inside your computer.  Ideally, you should have Windows XP
> Professional, and the backup tool that comes with that works fairly
> well.  Norton Ghost 9 is another good tool.  Some external hard drives
> may also come with backup software.
> 
> CDs and DVDs may sound like a good idea for backups, but in practice I
> find a lot of people just end up not bothering because it's "too
> inconvenient."  It's much easier to just set up the external backup
> drive, make it automatic, and just back up the whole entire thing
> instead of trying to pick and choose.  That way, you can also have a
> complete "disaster recovery" solution where you don't have to re-install
> Windows and all of your applications again which is a whole lot more
> time-consuming than you might think.
> 
> Lastly, if you have a broadband internet connection, it is essential
> that you have a *hardware* firewall / router and that it is configured
> correctly.  Software firewall might be OK as a 2nd line of defense, but
> I do not trust it 100%.  If you get one with wireless built-in, make
> sure to have an IT geek configure it for you and set up some type of
> encryption--I really don't think wireless is a bad idea if it's done
> right.  If you have a small business with several people and a little
> budget for a firewall, Sonicwall TZ170 may be a good choice--it has some
> excellent options that you can subscribe to block spyware and viruses
> and "intrusion prevention" and such as a second line of defense.  For a
> home office or a couple people, Linksys is a good brand.
> 
> Jonathan
> 
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
> 
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
> 
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
> 
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
> 


-- 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
DEDICATION TECHNOLOGIES, INC.
(formerly Human Data Design)

- Developers of StudioSchool Pro -

Professional FileMaker Pro Database Development
For Non-Profits, Business, and Education
-----------------------------------
7 Coach Lane  Amherst, MA 01002-3304   USA
Tel:1 413 253-7223   Fax:1 413 253-7078
will at humandatadesign.com   http://www.humandatadesign.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-