Monday, December 20, 2010 10:44:19 AM
Most of people are unaware how unprotected their system is in reality. Why not tighten your local security? There are many ways to keep your personal computer secured. Many of which are not often spoken of frequently. I remember people constantly complaining on how Microsoft doesn't provide the security we all want... so here it is, some of things which every Windows user should know and follow, but most just omit.
Keep up to date with every single Microsoft application you have installed. Most of the updates are Security Updates, if you won't install something you might be left vulnerable to attack (old versions of software are often hacked long ago).
Turn off file sharing and discovery
Probably the easiest hack of all called NetBios Hack, usually takes less than 15 seconds to get access to your system. To turn off file sharing go to Start -> Control Panel -> Network and Sharing Center -> Advanced sharing settings (left hand sidebar) then turn OFF following on both 'Home or work' and 'Public': Network Discovery, File and printer sharing, Public folder sharing. Turn Password protected sharing ON.
Probably the most used by hackers vulnerabilities. Disable remote access to your computer going to Start -> Control Panel -> System -> Remote settings (top left sidebar) -> Remote -> Remote Assistance, and UNcheck 'Allow Remote Computer assistance Connections to this computer'. Then below this in 'Remote Desktop' select option 'Don't allow connections to this computer'.
Restrict Anonymous User Access
This venerability can be used to do IPC$ Share Remote Netbios Attack. By default anyone who anonymously connects to your computer can see some of the information such as user account names their account policies, their details as well as share names. To restrict anonymous access to your computer you need to change certain registry key value. Open RegEdit either open Command Line and type 'regedit' or go to Start in 'Search programs and files' type 'regedit' then press enter. Registry Editor should appear. Locate key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\RestrictAnonymous. Right click key and select 'Modify'. Change 'Value data' field to '2' (just two without quotation mark) Other field values are as follows: 0 (this is a default value, which relies on default permissions, allows anonymous to see your details), 1 (doesn't allow enumeration of user accounts and names), 2 (doesn't allow access without explicit anonymous permissions). Most popular malware that uses this system vulnerability is Conficker.
Don't ever use the same password for everything, especially for your PC and especially if you're using your laptop in Public places such as schools or work. Usually when you set up a password for your user account the password is set to 'Password never expires'. To fix this go to Start -> Control Panel -> Administrative Tools -> Computer Management. In the tree view on the left select Computer Management (local) -> Local Users and Groups -> Users. Then right click your account name and select Properties, tick OFF 'Password never expires' option. Remember to change your password regularly. (If you think someone might have seen your password then change it immediately.)
Anti-virus and Firewall
If you already have Microsoft Security Essential then do NOT forget to turn ON Windows Firewall and configure it to tighter security options. If you use other anti-virus and firewall software (I personally recommended Comodo Internet Security) do not forget to configure it.
Auditing is a way to log who and when logged or tried to log in onto your machine as well as list of active files directories. By default it is not turned on. To turn it on go to Start -> Control Panel -> Administrative Tools -> Local Security Policy. Then select Local Policies (see left sidebar) -> Audit Policy (double click). To log everything double click each policy then select 'Audit this attempts': 'Success' & -'Failure'. To access logs go to Start -> Control Panel -> Administrative Tools -> Event viewer -> Windows log.
No need for it? Turn it off. Go to Start -> Control Panel -> User Accounts -> Manage another account, then select Guest account and Turn off Guest account.
If your password is set then auto logon will automatically be turned off, to check it go to open Registry Editor (see how to do it above) and navigate to key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon if the Data (value) is '1' then right click select 'Modify' and change 'Value data' to 0 this will disable Auto Logon (1 is auto logon enabled).
Make sure that only one account on your PC does have administrator rights.
Turn system restore on, go to Computer -> System Properties -> System Protection -> Protection Settings, and select your system drive (most of the time (C:)), then click Configure and select option 'Restore system settings and previous versions of files'. I'd recommend setting 'Disk Space Usage' to 5% of disk capacity (3% is default if I remember correctly:).
If you've got all of these configured then you've got most of the basic system security tightened.
Sunday, November 21, 2010 6:01:03 PM
After a week of constant Ubutnu here and there and not even turning on Windows until today that is. And for god's sake please spare me telling me How-To with Windows ... I've been using it for 15 years now ... It's not perfect, but at least it's stable, and I haven't had that much problems with it. If you disagree give me VERY good example why. I hate to say it but I am a little bit annoyed by Windows anti-fans and such... everyone likes their own stuff and I like my OS stable and working how I tell it to. Unfortunately to say this, but with Ubuntu I was NOT in control of my own PC.
Here is how looked MY OWN experience with newest Ubuntu version 10.10 Desktop. Everything would be well if it wasn't so BUGgy. First of all... the problem I mentioned the last time with SATA and the solution turned out to be a nice temporary fix, the problem is still there happens from time to time as Ubuntu pleases. Ubuntu will be stuck on its logo until I press something to make it work, same goes with shutting down PC.
But that is NOT the worst there is. Many times after starting Ubuntu wouldn't load Windows Picker Applet etc. it was annoying... But still I could live with that, I could live with sitting an pressing keys on system load and shut down I could live even with applets not loading on startup sometimes and turn them own manually. But then today I plugged in my MicroSD card to copy some documents on it, more than 4GB of files, somewhere in the middle of copying Ubuntu magically changed folder permissions on the card stating the folder was a read-only file system, please someone tell me how this could EVEN happen??? Because I am running out of ideas here. It's either buggy file system (Ext3) or it's Ubuntu's fault. I switched today to Windows to copy my files and it didn't have any problems?
With Operating System you get what you pay for I guess... With other software well I have to admit I was rather impressed by OpenOffice.org, it had everything that is needed for everyday use. There was a lot of usefull and good software free for Ubuntu, but what is there after software if the system itself is too buggy?
I ask now all Linux enthusiasts, what do you think about these problem I described above? As far as I am concerned none of it should even happen? People were constantly nagging me to install Ubuntu again and code there, but with all these it too annoying... I never had any of these problems with Windows...