security

[jim]

i have avg free, malwarebytes and adaware installed on my computer, should i
have windows defender also? or would this be conflicting? i also have two
tower's one with xp home and the other with pro, will the settings and
transfer wizard install pro o/s over the top of the xp home one? thank you

 

[Kayman]

i have avg free,

Okay but AntiVir is better.

malwarebytes and adaware installed on my computer,

on-demand or real-time?

should i have windows defender also?

can be beneficial

or would this be conflicting?

No, there shouldn't be any conflict if malwarebytes and adaware are both
on-demand applications.

For Win XP the most dependable defenses are:
1. Do not work as Administrator; For day-to-day work routinely use a
Limited User Account (LUA).
2. Secure (Harden) your operating system.
3. Don't expose services to public networks.
4. Keep your operating (OS) system (and all software on it)updated/patched.
(Got SP3 yet?).
5. Reconsider the usage of IE and OE.
5a.Secure (Harden) Internet Explorer.
6. Review your installed 3rd party software applications/utilities; Remove
clutter, *including* 3rd party software personal (so-called) firewall
application (PFW) - the one which claims: "It can stop/control malicious
outbound traffic".
7. If on dial-up Internet connection, activate the build-in firewall and
configure Windows not to use TCP/IP as transport protocol for NetBIOS,
SMB and RPC, thus leaving TCP/UDP ports 135,137-139 and 445 (the most
exploited Windows networking weak point) closed.
7a.If on high-speed Internet connection use a router.
For the average homeuser it is suggested blocking both TCP and UDP ports
135 ~ 139 and 445 on the router and implement countermeasures against
DNSChanger. (Is the Firmware of your router up-todate?).
And (just in case) Wired Equivalent Privacy (WEP) has been superseded by
Wi-Fi Protected Access (WPA).
8. Routinely practice Safe-Hex.

Also, ensure you do:
a. Regularly back-up data/files.
b. Familiarize yourself with crash recovery tools and re-installing your
operating system (OS).
c. Utilize a good-quality real-time anti-virus application and some vital
system monitoring utilities/applications.
d. Keep abreast of the latest developments.

And finally:
Most computer magazines and/or (computer) specialized websites are *biased*
i.e. heavily weighted towards the (advertisement) dollar almighty!
Therefore:
a. Be cautious selecting software applications touted in publications
relying on advertisement revenue.
b. Do take their *test-results* of various software with a *considerable*
amount of salt!
c. Which also applies to their *investigative* in-depth test reports
related to any software applications.
d. Investigate claims made by software manufacturer *prior* downloading
their software; Subscribing to noncommercial-type publications,
specialized newsgroups and/or fora (to some extend) are a great way to
find out the 'nitty-gritties' and to consider various options.

i also have two tower's one with xp home and the other with pro,
will the settings and transfer wizard install pro o/s over the top
of the xp home one?

I'd reformat and wipe the HDD of XPHome first.

 

[Ken Blake, MVP]

i have avg free,

Irrelevant. That's an anti-virus program, and you are asking about
Defender, which is an anti-spyware program. They do different things.

malwarebytes and adaware installed on my computer, should i
have windows defender also?

I would. There's little downside to running multiple anti-spyware
programs, and since no two of them catch the same set of threats,
having two or three provides added protection.

or would this be conflicting?

No.


i also have two
tower's one with xp home and the other with pro, will the settings and
transfer wizard install pro o/s over the top of the xp home one? thank you

No. If you want to upgrade the XP Home computer to XP Professional,
you need to buy a second copy of XP Professional (the Upgrade version
will do) and install it as an upgrade.

Are you sure you want to do this? XP Professional and XP Home are
exactly the same in all respects, except that Professional has a few
features (mostly related to networking and security) missing from
Home. For most (but not all) home users, even those with a home
network, these features aren't needed, would never be used, and buying
Professional instead of Home is a waste of money. In general, unless
you need to join a domain, you probably don't need Professional.

For details go to
http://www.winsupersite.com/showcase/windowsxp_home_pro.asp

http://www.microsoft.com/windowsxp/whichxp.asp

http://www.microsoft.com/windowsxp/home/howtobuy/choosing2.asp

Also note one other point not mentioned on any of those sites:
Professional allows ten concurrent network connections, and Home only
five.

 

[MowGreen [MVP]]

i have avg free, malwarebytes and adaware installed on my computer, should i
have windows defender also? or would this be conflicting? i also have two
tower's one with xp home and the other with pro, will the settings and
transfer wizard install pro o/s over the top of the xp home one? thank you

In addition to the other advice previously given, MBAM (malware bytes
anti-malware) is continually being updated. Suggest *never* using an
older version of it as it may not be capable of dealing with newer malwares.
*Always* download the most recent version IF and WHEN a system becomes
infected.

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============

 

[jim]

Thank you kayman for your excellent support/advice. Just to clarify some of
the points you mentioned : both ad and mal are on demand but avg has a
realtime spyware scanner, not sure what you mean by (harden) secure o/s and
i.e. I have sp3 installed and use windows firewall in the system, i have
cable broadband with ethernet modem with Lan settings that are always on
(auto detect no proxy) and if i format the home edition disc will the pro
edition be installed using files and settings transfer wizard using a usb
mass storage flash drive? the later is not important as i can buy a disc for
set up mate. Thank you once again,

 

[Kayman]

Thank you kayman for your excellent support/advice.

YW

Just to clarify some of the points you mentioned : both ad and mal
are on demand but avg has a realtime spyware scanner,
Okay

not sure what you mean by (harden) secure o/s...

Secure (Harden) your operating system (OS).
Educational reading:
10 Immutable Laws of Security.
http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx?mfr=true

http://www.5starsupport.com/tutorial/hardening-windows.htm
http://www.malwarehelp.org/Malware-Prevention-Hardening-Windows-Security1.html
http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm
Note:
Both Plug & Play and DCOM can easily disabled manually in Services (Local)
panel as mentioned in #3.
And the Windows Messenger can be dealt with using either:

Uninstall/disable Windows Messenger Windows Messenger in XP
http://www.kellys-korner-xp.com/xp_messenger.htm
--or--
Stop Windows Messenger from Auto-Starting.
Simply delete the following Registry Key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\MSMSGS

Therefore there is *no* need to download the below mentioned tools from
Steve Gibson, of Gibson Research Corporation as mentioned in
'5starsupport':
a) To disable Windows Plug and Play
b) To disable Windows DCOM
c) To disable Windows Messenger

Create New Extension (add .Cab File to registered file types)
Go to Control Panel, in Folder Options | File Types tab, click the New
button, in File Extension type: .CAB File, click OK and you’re done.

Data Execution Prevention is 'checked' Turn on DEP...except those I select.
Right-click My Computer icon | Properties, in System Properties panel click
the Advanced tab and under Performance click Settings then click the Data
Execution Prevention tab. The radio button for ‘Turn on DEP for essential
Windows programs and services only’ should be deactivated and the radio
button for ‘Turn on DEP for all programs and services except those I
select:’ should be activated.
http://support.microsoft.com/kb/912923

Enable ‘Do not store LAN Manager hash value on next password exchange’.
Click Start, go to Settings, Control Panel, Administrative Tools, and click
Local Security Policy. Double-click Security Options Folder, scroll down to
‘Network security: Do not store LAN Manager hash value on next password
exchange’, right-click this item and click Properties. Activate the radio
button next to Enabled. Click Apply and OK to save your settings.

Security Policy Recommendations.
www.nsa.gov/snac/support/sixty_minutes.pdf
Security Attribute (page 27/28).

a) Network access: Do not allow anonymous enumeration of SAM accounts
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM = 1
Recommendet Setting: Enabled

b) Network access: Do not allow anonymous enumeration of SAM accounts and
shares
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous = 1
Recommended Setting: Enabled

c) Network access: Let Everyone permissions apply to anonymous users
HKLM\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous = 0
Recommended Setting: Disabled

Turn - Off Autoplay.
http://www.dougknox.com/xp/tips/cd_autoplay_pro.htm
To Disable CD autoplay, completely, in Windows XP Pro
a) Click Start, Run and enter GPEDIT.MSC
b) Go to Computer Configuration, Administrative Templates, System.
c) Locate the entry for Turn autoplay off and modify it as you desire.
Alternative:
http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx
Scroll down to Tweak UI, download TweakUI.exe
Once you've installed TweakUI you'll find a lot of options in it. To
turn-off Autoplay, in TweakUI expand My Computer, and then AutoPlay.

Click on Drives and uncheck the drive letter that you no longer want to
AutoPlay. Click on Apply and that's it. No more "what would you like me to
do" dialogs.

Don't expose services to public networks.
Disable any unnecessary and potentially dangerous Services. Configure and
adjust Services to suit your computing needs.
Windows XP Service Pack 3 Service Configurations.
http://www.blackviper.com/WinXP/servicecfg.htm
(This can be a tedious exercise but will bear fruits later on; Initiate a
good record of your activities).

...and i.e.

Secure (Harden) Internet Explorer.
IE7 safe/secure settings
Internet Explorer7 Desktop Security Guide
http://www.microsoft.com/downloads/...DA-6021-468E-A8CF-AF4AFE4C84B2&displaylang=en

The Internet Explorer 7 Security Status Bar
http://www.microsoft.com/windows/products/winfamily/ie/ev/security.mspx

Extended Validation SSL Certificates
http://www.microsoft.com/windows/products/winfamily/ie/ev/default.mspx

*Tight security settings will break down some websites. You need to add
these websites into the Trusted Zone for smooth access.*

You could consider disabling all Security Settings in IE and use IE only
for the 'Patch Tuesday' updates; To do so you must add the following URL's
to the Trusted sites:
http://update.microsoft.com
http://download.windowsupdate.com
https://*.update.microsoft.com
http://*.update.microsoft.com
http://*.microsoft.com

Alternative Browsers:
Operaâ„¢
http://www.opera.com/download/
Firefoxâ„¢
http://www.mozilla.com/en-US/
The SeaMonkey® Suite (Internet Browser)
http://www.seamonkey-project.org/
--But--
Microsoft says Internet Explorer more secure than Firefox
http://www.heise-security.co.uk/news/99955

I have sp3 installed and use windows firewall in the system,

Good. The only reasonable way to deal with malware is to prevent it from
being run in the first place. That's what AV software or Windows' System
Restriction Policies are doing; And what 3rd party Personal Firewalls fail
to do.
How to Configure Windows Firewall on a Single Computer
http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx

In conjunction with Windows Firewall use:
Seconfig XP 1.0
http://seconfig.sytes.net/

i have cable broadband with ethernet modem with Lan settings that are
always on (auto detect no proxy) and if i format the home edition disc
will the pro edition be installed using files and settings transfer
wizard using a usb mass storage flash drive? the later is not important
as i can buy a disc for set up mate. Thank you once again,

If on high-speed Internet connection use a router as well.
For the average homeuser it is suggested blocking both TCP and UDP ports
135 ~ 139 and 445 on the router and implement countermeasures against
DNSChanger.
Countermeasures against DNSChanger:
http://extremesecurity.blogspot.com/2008/06/use-default-password-get-hijacked.html
Also: Is the Firmware of your router up-to-date?.

For your consideration:
Do not work as Administrator; For day-to-day work routinely use a Limited
User Account (LUA).
Least privilege
http://www.securityfocus.com/infocus/1848
It is important that administrators follow the rule of least privilege.
This means that users should operate their computer with only the minimum
set of privileges that they need to do their job. Typically this means
operating as a normal user,and only when absolutely necessary use the Run
As or MakeMeAdmin commands to elevate privileges.

Applying the Principle of Least Privilege to User Accounts on WindowsXP
http://technet.microsoft.com/en-us/library/bb456992.aspx

The Importance of the Limited User Account (LUA).
http://blog.washingtonpost.com/securityfix/2006/05/the_importance_of_the_limited.html

How the right user account can help your computer security.
http://www.microsoft.com/protect/computer/advanced/useraccount.mspx
Aaron Margosis' "Non-Admin" WebLog
http://blogs.msdn.com/aaron_margosis/pages/TOC.aspx

The easiest way to run as non-admin.
http://blogs.msdn.com/aaron_margosis/archive/2004/06/17/158806.aspx
http://blogs.msdn.com/aaron_margosis/

Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp

Topical issue:
DNS Checker
http://www.doxpara.com/

Web-based DNS Randomness Test
"The test takes a few seconds to complete. When its done you'll see a page
where the transaction ID and source port randomness will be rated either
GREAT, GOOD, or POOR. If you see a POOR rating, we recommend that contact
your ISP and ask if they have plans to upgrade their nameserver software
before August 7th."
https://www.dns-oarc.net/oarc/services/dnsentropy

Good luck