|
Post by Nicky Peter Hollyoake on May 18, 2008 11:17:15 GMT -5
What else would you say a person can do to protect his computer? The following list is what I do already.
- Firewall always on - anti-virus once per day at 1am - windows defender once per day at 12am - disk fragment once per day at 2am - I delete cookies, history, all that other shít once in a while - Use windows update - Spyware protection using spyware terminator - check for bad sectors (in the properties off the c drive)
.. Maybe more can't think what else.
What else would people suggest? I thought of a couple more, tell me if any of these are useful.
- Update cards (grahpic, sound) how do you do that? - Get a program to target trojans? Because I heard anti-virus don't find them all
Nicky
|
|
|
Post by Pizzasgood on May 18, 2008 12:23:32 GMT -5
Wow. I forgot how much crap it takes to maintain Windows.
Even so, I don't believe it's necessary to defrag daily anymore, even in Windows. From what I understand, NTFS doesn't have nearly the fragmentation problems that FAT had. Regardless, that has nothing to do with protection. Access speed and disk space, sure. Protection? No.
A big thing you can do is NEVER EVER EVER run IE, except for windows update (unless that doesn't require IE anymore). I don't care what you run, just not IE. Even if you don't believe it's as crappy of a browser as it is, using it still means that you're using the single most heavily targeted browser out there. Not an intelligent thing to do.
It also helps if, in whatever browser you're using, you disable as many fancy scripting things as possible. Especially ActiveX.
Personally, I recommend dumping Windows. Switch to Linux or BSD. You'll still have to set up a firewall, but in the *nix world a firewall isn't an actively running program that eats your resources. Also, you'll still want to be cautious with your internet browser. Java and JavaScript are both supported by many Linux browsers, so they can still be a weak point. You should also only download software from people you trust, though the risk of trojans and such is far lower. You may even want to run antivirus, though most normal users don't bother since there's so little risk (yes there is some risk, but there's also risk in cooking instant ramen or taking a shower). Now, if you run a webserver or own a bank or something, you definitely want to run antivirus...
The following things mostly apply regardless of which OS you use.
Disable all password saving features. Commit them to memory. And of course, use more than one password. Even if you can't remember a unique password for every single item, at least have around five different passwords that you use. That way if one is compromised the perp only gains control over a fifth of your "stuff". (And there are many ways to be compromised: keylogger, watching over the shoulder, surveillance cameras, bribes, seduction, drunken confessions, torture, talking in your sleep, lucky guess, brute-force, etc.)
Turn the computer completely off when not in use. Besides, it saves power and extends equipment life. If you must leave it on (maybe to run a scan overnight or some-such) then unplug from the network.
Here's an easy one: don't do online porn or download illegal things (regardless of whether you think it should be legal). If you must, set up a separate machine for that, and if you feel inclined to transfer data from there to the "good" machine be sure to scan it hard (like maybe with three different AV programs) and from both machines (since the AV on the dirty machine could be compromised).
Get a sturdy case that you can lock shut. Go into your BIOS and disable booting from anything but the internal harddrive, then set a BIOS password. Now lock the computer case. This way nobody can come along, boot from a CD, and do whatever they want. (No, it doesn't matter that they haven't broken your insanely hard-to-guess root password. That only matters if they boot the installed OS. All I need to do to get around it is boot with a Linux live-cd. Then I mount the drives and do whatever I want.)
Along with the above, encrypt your drives. That way, even if somebody busts open the case and pulls out the drives (or boots from CD because you ignored me earlier), they will still have a difficult time reading the data unless they can break the encryption. Unfortunately, this doesn't stop them from just deleting everything.
If you're very paranoid, write a deadman-switch program that requires you to commit some action every 10-20 minutes, such as entering a password or scanning a fingerprint. This way if somebody steals your computer while it's running they won't be able to do anything after a short while. Because it is entirely possible to steal a running desktop computer that was plugged into the wall without interrupting the power. It involves unplugging it halfway and hooking up a UPS to the exposed prongs before fully removing the plug from the wall. An no, your password screensaver isn't good enough. If "they" come in while you're using it, taser you, and then assign a person to keep the mouse moving, then you're out of luck. Unless you used a dead-man's switch.
As for what happens when the switch goes off, it depends on what you have on the drive. You might just want the machine to lock up. Or, you might want it to start deleting everything on the drive. Or you might want it to trigger the self-destruct sequence that will physically destroy the drives (and possibly take down one or two of the thieves?).
Also, if you have any data you absolutely cannot live without, back it up onto a DVD, put it in a small safe, and bury it deep. Repeat this five times in five states.
That's enough paranoia out of me for one day...
|
|
|
Post by Nicky Peter Hollyoake on May 18, 2008 12:40:29 GMT -5
As for what happens when the switch goes off, it depends on what you have on the drive. You might just want the machine to lock up. Or, you might want it to start deleting everything on the drive. Or you might want it to trigger the self-destruct sequence that will physically destroy the drives (and possibly take down one or two of the thieves?) ... Lol wow! I don't wanna take it that far. I just want protection from hackers/viruses. By the way I also should of mentioned I want things to keep the speed going (And so I should switch disk fragment once a week?). As for IE I don't use it I use Mozilla Firefox. How would you encrept your hard drive? Would it be best if I used .ZIP folders and password them all instead of normal folders? Nicky
|
|
|
Post by matthew on May 18, 2008 13:17:32 GMT -5
I think you might be getting a little paranoid about computer security. I've got the Windows Firewall, Spybot & Avira Antivir installed. I update Spybot once a Week & run it once a Month. Avira gets updated everyday but I don't bother scanning for viruses that often as it's got a real-time scanner. I also use Firefox, which is set to delete all my browsing activity when I close it & I've got CCleaner installed.
|
|
|
Post by Nicky Peter Hollyoake on May 18, 2008 15:01:23 GMT -5
I think you might be getting a little paranoid about computer security. I've got the Windows Firewall, Spybot & Avira Antivir installed. I update Spybot once a Week & run it once a Month. Avira gets updated everyday but I don't bother scanning for viruses that often as it's got a real-time scanner. I also use Firefox, which is set to delete all my browsing activity when I close it & I've got CCleaner installed. Yeah I know i'm abit obsessed with secuity, but I hate viruses and hackers. ;\ This maybe abit to mucch but are they anyway to put a file on your computer (Make it look like the file is great) and when a hacker opens it he catches a virus? That would be good. Nicky
|
|
|
Post by andrian on May 19, 2008 11:29:36 GMT -5
Defragging once a day is a waste and will shrten your HD's life. Once a month is sufficient for most users. If you are really paranoid about your stuff or if you perform tons of file operations, then once every two weeks at most. Here's a program that will help with security. It cleans out recent web pages and such, which may slow your computer down short-term, but will make your PC faster longterm. www.ccleaner.com/
|
|
|
Post by Pizzasgood on May 19, 2008 12:27:47 GMT -5
Not actually sure about how to encrypt a drive. I suspect that Windows has an option for it somewhere. In the Linux-world, I believe you can use dm-crypt. I know you can use either cryptoloop or dm-crypt to mount an encrypted filesystem image. Puppy Linux supports this out of the box using the cryptoloop method, and I've manually replaced that with the dm-crypt method before.
It probably isn't possible to encrypt the partition you boot from. In Linux, you could use a boot disk to bootstrap the system and keep the actual drives encrypted. Alternately, you could set up a small boot partition that would serve the same function. In fact, you could set up a very minimal partition with only the boot loader and the kernel, with an initramfs capible of mounting encrypted partitions built directly into the kernel.
One thing that's cool about Puppy Linux is that the original files are all stored in a read-only compressed filesystem image. When you add or change data, the new or changed data is stored in a separate filesystem image which is combined with the first so that the user just sees a single writable filesystem. That means that it's trivial to revert to a completely pristine install. This is handy, because if you need to do something that really needs a secure system (online banking for example) you can reboot into a pristine setup to do it, then when finished reboot and load up the normal saved data.
|
|
|
Post by andrian on May 19, 2008 14:03:00 GMT -5
In Windows XP, you can encrypt certain files, but I don't have time to explain it now. I'm sure there are tutorials all over the internet, though.
|
|
|
Post by Nicky Peter Hollyoake on May 21, 2008 20:38:08 GMT -5
In Windows XP, you can encrypt certain files, but I don't have time to explain it now. I'm sure there are tutorials all over the internet, though. Well I got Windows Vista, but i'll take a look around the internet and see what I can find, thanks, Nicky
|
|
|
Post by matthew on May 21, 2008 22:44:34 GMT -5
I use this program to encrypt information on my computer. It's really easy to setup because there's a tutorial here.
|
|