'''Jan2005 ''Extremely critical'' patches are out.''' * checkout http://www.microsoft.com/security/bulletins/200501_windows.mspx When setting up a new windows PC on a budget (as I'm sure many other people here have been roped into time and time again), I've found the following pieces of free software invaluable in preventing the need for constant maintainence visits: Spybot Search And Destroy: http://spybot.eon.net.au/ (adaware is also useful, but I tend to just stick with spybot) : I used to recommend ad-aware, even after coming across spybot. However, given an IE centric environment and a literally less than completely adept user base, and a concerning incident involving pop-up ware which was only caught by spybot, I can't recommend ad-aware anymore. --WilliamUnderwood Sygate Personal Firewall: http://soho.sygate.com/products/spf_standard.htm * I use Zone''''''Alarm freeware version, due to its fame any significant problems will be widely publized. AntiVir: http://www.free-av.com/ I'd also recommend installing mozilla or another browser and making it the default browser. It'll prevent most of the problems that you need spybot to fix. Teach the user how to run the updates on these programs. Teach them to go to windows update. Leave an instruction sheet. If they call you with a problem, try making it your first suggestion to update and run these programs (even if it is completely unrelated, give them the impression that running these programs is the first step in any diagnostics, it will force them into the habit). ---- '''Most frequent exploited problems''' SansInstitute Oct2004 issued a Top''''''Ten threat for both Windows and Unix. See http://www.sans.org/top20/ for exposures and countermeasures * A commentary on the list can be viewed at http://techrepublic.com.com/5102-6264-5453170-2.html ---- '''WindowsXp SP2 security matters''' See http://netsecurity.about.com/od/securingwindowsxp/a/aa052304_p.htm ''Free courses from Microsoft (limited time) for WindowsXp '' See https://www.microsoftelearning.com/xpsp2/ ---- IMO, anyone running Windows with a broadband connection these days, that doesn't use a ''hardware firewall/NAT box'', is just begging for trouble. They may not be free, but they're cheap, and an essential component to protecting a home PC. * I understand a NAT hides the IP from probing sources. How much real advantage has it got over a ZoneAlarm freeware FireWall though? ''Lots. Scans just don't get to your machine, meaning you don't have to worry so much about flaws in Windows or Zonealarm. So it prevents some classes of attack completely - ZoneAlarm etc just try to prevent any adverse effect when the attack happens. I run a H/w nat device and no personal firewall.'' * A hardware NAT can still serve as a zoombiePC if you get Malware somehow stuck to your system, without the outbound traffic controls of a software FireWall like Zone''''''Alarm? BTW, I have not heard any compromises of ZoneAlarm yet, and I would think the software company would be very keen to defend their brandname against emergent threats. Howvever if you do get significant information on Zone''''''Alarm problems please post it here. ''' ''hardware'' and ''software'' based FireWall''''''s complements each other ''' A PC Advisor article (http://www.pcadvisor.co.uk/index.cfm?go=news.print&news=4182) says with only software based firewall, the software can be compromised and PC subjected to unsolicited scans. Whereas a hardware tool cannot tell which applications are trying to access the net, and does not work with dialup lines. ---- '''SecurityManagement aspects''' ''Windows built for single user with highest previledge - an entrenched culture'' SP2 (WindowsXp) breaks software who has not considered other types of user exist (those needing "restricted access" to defend against MalWare and SocialEngineering tactics). * "The State of WindowsSecurity" http://www.osnews.com/story.php?news_id=9435 ''Analysis of a Break in'' InternetRelayChat becomes a means to remote control enslaved PCs. See http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm ---- '''GAP in "Windows Genuine Advantage Program (WGA)"''' Next (Feb05) phase in WGA will see pirated OS denied security patches. If this scheme is successful, it probably will mean more Distributed DoS and spam attacks from the PCs denied from essential patches. ref: Gartner article at http://www4.gartner.com/DisplayDocument?doc_cd=125945 ---- '''SecuringWindows QuickQuestions''' Anyone used Geo''''''Trust's free Trust''''''Watch tool? What experiences do people have on this? See http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=109&STORY=/www/story/09-13-2004/0002249005&EDATE= and http://news.zdnet.com/2110-3513_22-5367650.html ---- See also InternetSecurityForMicrosoftUsers CategoryMicrosoft, CategorySecurity