Ivers Guide to keeping your system secure and safe.
- Thread starter Iver Athlon
- Start date
Isn't there an option in OE6 to "read all emails in text format" ? wouldn't that reduce the chances of being hit by an HTML triggered virus.
I'd also say i've always considered edonkey/emule a safer bet - the fact you are downloading the same file from a large number of sources so they would ALL have to have the same infected file for the hash to match seems safer than just getting one file from one source who may innocently have an infected file or may think it a joke to share knowingly infected files.
Mark
I'd also say i've always considered edonkey/emule a safer bet - the fact you are downloading the same file from a large number of sources so they would ALL have to have the same infected file for the hash to match seems safer than just getting one file from one source who may innocently have an infected file or may think it a joke to share knowingly infected files.
Mark
Wouldn't reduce it, it'd kill it.
I wasn't aware of that option, and I suggest people enable it if they are otherwise happy with Outlook.
Yep, Fasttrack(Kazaa) has no security on it, eDonkey has it. All the same, if you download something executable, update your virus definitions and scan it before you use it.
impressed with peerguardin exactly the same reasons as curiosityx 
if anyones looking for a free firewall find kerio. its dead easy to use and setup. owns ZA hands down imo. can set kerio to deny any connection unless it has a rule for it in 2 clicks. also can setup to only allow acess to a certain file so if port 21 is open its locked to only have access to that program, also has md5 checkin so if any program was to replace the original u will be notified that it has changed and have the option to allow it to take control of the rule previously setup for the program... i.e u upgrade dc++ to a newer version the firewall detects the program has changed and WONT allow it to be connect(ed) in/out unless u allow it to (via rule change or the popup ) used this firewall for bout 2 years. quality piece of software imo
the most comon security flaw in systems is humans! (social enginnering and alike) did anyone know how MS security got breached? some guy asked a woman in MS to run a prog he gave her on a floppy, dang MS down! lol.
getting infected by a trojan is also very easy to do and u wouldve belive how easily its done. Hey check out this new program.... could be a link on this forum, somewhere else, send thru msn etc, Dang! infected with a virus or trojan. (trojans can be hiddin in files that circulate within P2P networks. good idea to set that downloads folder to get virus/trojan scanned every few days!
Another thing is id defo recommened anyone to block ANY incoming icmp (pings) if u cant be pinged an lil script kiddie with there port scanner will think the connection is dead and go onto the next ip in there list (normally i whole IP range will get scanned via a portscanner so if they get a ping reply the scanner will go onto scanning to see if a certain port(s) is open) i use kerio to do this, i can allow outgoing pings but still remain *almost* invisisble online. little less to worry about i suppose.
lol, nice long post eh. anyways another thing i tend to do dunno if its really a must but i dont virus scan my puter often as i know what im downloading plus my firewall wont let any connection in/out unless told to or marked as a rule, is i lock my desktop when im away (win key + L) locks desktop so if yer infected with a trojan then a trojan hax0r kiddie aint gonna be doing very much apart from staring at a blank screen with a password box wondering what to do next
the chances of a trogan getting onto my sys is pretty low, add the fact that it needs permission to be connected to... hmmm pretty secure imo
could also so the above with screensaver set to turn on after say 15mins and ask for a password on returning to desktop.
omg admin plz ban the edit button!!!! must be the 7th edit now and prolly my longest ocuk rambling ever!
EDIT number #9 talkin of security ive just had a so called .net popup asking me to login into msnusers.uk full login and password box whilst just surfing on ocuk (no other pages loaded).. hmmmm ya ill just enter my login an password and hmmmmmm..... dodgy dodgy. anyone else get one? shouldve took a screenie =/
if anyones looking for a free firewall find kerio. its dead easy to use and setup. owns ZA hands down imo. can set kerio to deny any connection unless it has a rule for it in 2 clicks. also can setup to only allow acess to a certain file so if port 21 is open its locked to only have access to that program, also has md5 checkin so if any program was to replace the original u will be notified that it has changed and have the option to allow it to take control of the rule previously setup for the program... i.e u upgrade dc++ to a newer version the firewall detects the program has changed and WONT allow it to be connect(ed) in/out unless u allow it to (via rule change or the popup
) used this firewall for bout 2 years. quality piece of software imothe most comon security flaw in systems is humans! (social enginnering and alike) did anyone know how MS security got breached? some guy asked a woman in MS to run a prog he gave her on a floppy, dang MS down! lol.
getting infected by a trojan is also very easy to do and u wouldve belive how easily its done. Hey check out this new program.... could be a link on this forum, somewhere else, send thru msn etc, Dang! infected with a virus or trojan. (trojans can be hiddin in files that circulate within P2P networks. good idea to set that downloads folder to get virus/trojan scanned every few days!
Another thing is id defo recommened anyone to block ANY incoming icmp (pings) if u cant be pinged an lil script kiddie with there port scanner will think the connection is dead and go onto the next ip in there list (normally i whole IP range will get scanned via a portscanner so if they get a ping reply the scanner will go onto scanning to see if a certain port(s) is open) i use kerio to do this, i can allow outgoing pings but still remain *almost* invisisble online. little less to worry about i suppose.
lol, nice long post eh. anyways another thing i tend to do dunno if its really a must but i dont virus scan my puter often as i know what im downloading plus my firewall wont let any connection in/out unless told to or marked as a rule, is i lock my desktop when im away (win key + L) locks desktop so if yer infected with a trojan then a trojan hax0r kiddie aint gonna be doing very much apart from staring at a blank screen with a password box wondering what to do next
the chances of a trogan getting onto my sys is pretty low, add the fact that it needs permission to be connected to... hmmm pretty secure imo could also so the above with screensaver set to turn on after say 15mins and ask for a password on returning to desktop.
omg admin plz ban the edit button!!!! must be the 7th edit now and prolly my longest ocuk rambling ever!
EDIT number #9 talkin of security ive just had a so called .net popup asking me to login into msnusers.uk full login and password box whilst just surfing on ocuk (no other pages loaded).. hmmmm ya ill just enter my login an password and hmmmmmm..... dodgy dodgy. anyone else get one? shouldve took a screenie =/
Useful HTML newsletters aside lots of people like to use HTML email and by no means does that make them "morons." I often get HTML emails from various people who either don't know any 'better' or want to use HTML rather than text-only. And I also don't consider myself to be a moron when communicating with friends via HTML email due to the additional freedom and choice it provides. Keep your AV definitions current and there's no prolem at all with HTML, I know I've never had a single issue nor know anyone who has. No need to be so paranoid about it.
----------Back to the topic----------
I find Spybot to be buggy and clunky at times and it also shows up lots of things that you don't want to remove in the results. You could call it more comprehensive than ad-aware but with ad-aware I know I can let it remove whatever it finds without needing to check everything carefully. I was running both but I uninstalled Spybot recently as the last time I did an update it wouldn't work properly.
Virus Definitions
Norton Anti-Virus Definitions
McAfee Anti-Virus Updates
AVG Update Files
Sophos Virus Identity (IDE) Files
Kaspersky Anti-Virus Database Updates
Erm, no I wouldn't advise that
From Robin Walker's cable modem tips:
This hyper-paranoid approach to security causes some difficulties. For a start, Internet standard RFC 1122 states categorically about ICMP Echoes (ping):
3.2.2.6 Echo Request/Reply: RFC-792
Every host MUST implement an ICMP Echo server function that receives Echo Requests and sends corresponding Echo Replies.
Note the MUST rather than SHOULD. This means that any internet user, or ISP server, has a right to expect that all live PCs connected to the internet will respond to ICMP ping requests with an ICMP reply. If a firewall user chooses to stealth ICMP requests so that no response is sent, they have only themselves to blame if they start experiencing problems, because they are in breach of RFC 1122.
The problems that might arise if you kill ICMP responses with stealth are:
* Difficulties with DHCP lease acquisition or renewal in cases where the DHCP server checks on the availability of IP addresses, or your presence on the network, with ICMP ping requests [this doesn't actually happen on the original NTL network, but ICMP requests have been seen coming from the DHCP servers of digital TV set-top boxes. No problems seen with blueyonder];
* Slowness of web connection setup in cases where the remote web server uses ICMP to determine the MTU of the response path;
* Frustration at ISP help-desks (and with informal helpers) if your PC does not respond to pings and traceroutes, as it is difficult to distinguish this situation from a broken connection.
Also read the whole section http://homepage.ntlworld.com/robin.d.h.walker/cmtips/security.html which totally debunks the myths about firewalls and the traffic hitting your network port. The best advice is to turn off file and print sharing, but if you must have one on, there's great config advice in there.
Probably the word "moron" was too strong to use...
I do, however, reject all HTML mail unless the body explains what's in it. I find someone sending me HTML emails as rude.
Most of the time it's unneccessary, hogs bandwidth, and it does have security implications. Honest!
All the recent virus scares.... HTML enabled emails.
yeah maybe but i can turn this off in a matter of seconds.
if i want a ip to be able to ping me then id set a rule for it to allow it, otherwise its blocked. also i cant see how my internet is slowed down. cos my all my ftp proggies can ping in/out, my browsers can ping in/out, p2p proggies can do the same aswell. the ports are only open to certain proggies.
It is standard practice to deny ICMP echo requests from outside a firewall, irrespective of the RFC. This makes it not quite so trivial for an outside agent to map your network. ICMP is not only used for ping and traceroute. There are different message types for different uses. Not responding with a TCP RST packet for closed ports also violates strict RFC behaviour but 'stealth' firewalls are now the norm because of port scanning and OS fingerprinting using tools such as nmap.
DHCP uses UDP for communication, not ICMP. A DHCP server can only reclaim a leased IP when the client does not renew it and it expires. Otherwise it could lease the same IP to two machines - obvously bad. If the DHCP server uses ICMP to determine whether a host is on the network then it is broken. I have no problem with DHCP (both server and client) without responding to ICMP echo requests.
MTU discovery uses ICMP messages to inform the sender when the MTU for a hop is too small. Any firewall worth using will allow this message in because it will match an outgoing connection. The ICMP message is not an echo request to your machine it is the router informing you of an error.
Turn off ICMP blocking for this then
This link contains some good information and some which is wrong and/or misleading. Network newbies will have problems telling the difference. Nothing unsafe about file/printer sharing unless you allow it on your WAN connection.
Many stars to Iver for the original post. Good work mate.
DHCP uses UDP for communication, not ICMP. A DHCP server can only reclaim a leased IP when the client does not renew it and it expires. Otherwise it could lease the same IP to two machines - obvously bad. If the DHCP server uses ICMP to determine whether a host is on the network then it is broken. I have no problem with DHCP (both server and client) without responding to ICMP echo requests.
MTU discovery uses ICMP messages to inform the sender when the MTU for a hop is too small. Any firewall worth using will allow this message in because it will match an outgoing connection. The ICMP message is not an echo request to your machine it is the router informing you of an error.
Turn off ICMP blocking for this then
This link contains some good information and some which is wrong and/or misleading. Network newbies will have problems telling the difference. Nothing unsafe about file/printer sharing unless you allow it on your WAN connection.
Many stars to Iver for the original post
. Good work mate.Just found this thread, thanks Iver
I also use Peer Guardian and I wrote a small vbs script a while ago, to automatically update the IP block list. It uses the IP List page already linked to above. The best way to use it is to create a batch file to run the script then start PG, that way you're always using the latest list.
It's here if you need it.
I also use Peer Guardian and I wrote a small vbs script a while ago, to automatically update the IP block list. It uses the IP List page already linked to above. The best way to use it is to create a batch file to run the script then start PG, that way you're always using the latest list.
It's here if you need it.
Originally posted by comatose
Just found this thread, thanks Iver
I also use Peer Guardian and I wrote a small vbs script a while ago, to automatically update the IP block list. It uses the IP List page already linked to above. The best way to use it is to create a batch file to run the script then start PG, that way you're always using the latest list.
It's here if you need it.
can you give me a example of what to put into the batch file
Well this is what my batch file looks like:
Just replace paths\file names with your own.
Also, I forgot to mention, you need to edit the path in the script file as well. just open it in notepad and you'll see what I mean.
Code:
@echo off
cd "c:\Program Files\PeerGuardian_1.96b\"
"PG_Update.vbs"
start PeerGuardian_1.96b.exe
exitJust replace paths\file names with your own.
Also, I forgot to mention, you need to edit the path in the script file as well. just open it in notepad and you'll see what I mean.
Originally posted by Halk
Probably the word "moron" was too strong to use...
I do, however, reject all HTML mail unless the body explains what's in it. I find someone sending me HTML emails as rude.
Most of the time it's unneccessary, hogs bandwidth, and it does have security implications. Honest!
All the recent virus scares.... HTML enabled emails.
Mate, I can see your view, personally I also prefer plain text for a variety of reasons. But to recommend everyone disable it is ludicrous, I find it hard to believe you don't have friends that like all they pretty features of HTML!
- Joined
- 18 Oct 2002
- Posts
- 2,655
- Location
- Back in blighty babeh
comatose nice one on the batch file etc... chum
Soldato
- Joined
- 17 Oct 2002
- Posts
- 3,941
- Location
- West Midlands
Nice work on the vbs/bat file good sir, now i can be even lazier than before
Soldato
- Joined
- 17 Oct 2002
- Posts
- 3,941
- Location
- West Midlands
Just one more point before this falls off the end of the forum..
Anyone who would like to go that step further may be interested in Steganography (hiding files within files) for security purposes interesting artical listed below
http://www.securityfocus.com/infocus/1684
Anyone who would like to go that step further may be interested in Steganography (hiding files within files) for security purposes interesting artical listed below
http://www.securityfocus.com/infocus/1684