Guest James Colbert Posted September 11, 2008 Posted September 11, 2008 I just picked up a laptop and am finishing the setup phase. I'll be installing Avast Anti-Virus, as I know it supports 64 bit and works reasonably well. Windows Defender is enabled, as is Windows firewall. Now I'd like to address strong security. This laptop will be used for business (and play as well, I suppose, especially during hurricane evacs). One concern I have are for those times when I must download banking transactions into Quicken and Quickbooks. I'd like to be sure that my passwords and the sensitive data I'll be downloading is not accessible to anyone else. These downloads might take place via a hotel network or via a Sprint (or similar) broadband device. Although my office is behind a hardware firewall, I really have no experience when it comes to 'on the road security'. Is it feasible to bring a router with a firewall to place between my laptop and the hotel network, or should it all be handled by software (as I assume the case will be for the Sprint broadband). I know that I am asking for more information than is probably practically posted here, but any information (including links) is greatly appreciated. Thanks in advance, James Quote
Guest SIW2 Posted September 11, 2008 Posted September 11, 2008 Hi, Browse through the articles here 'PC World - Security Topic Center' (http://www.pcworld.com/topics/security.html?tk=nl_spxctr) Hope that helps SIW2 -- SIW2 Quote
Guest Carey Frisch [MVP] Posted September 11, 2008 Posted September 11, 2008 Install Windows OneCare, and you'll not have to worry about those issues. You can try it FREE for ninety (90) days. This is a brand new version and is very robust! Uses very little system resources! http://onecare.live.com/standard/en-us/default.htm With the excellent Windows OneCare package, there is no need to install a multitude of different security software. OneCare includes: -- An excellent antivirus application -- An excellent firewall application -- An excellent antispyware application -- Automatic system tune-ups -- Automatic hard drive defrag -- Checks for updates to be sure they are installed -- Schedules automatic backups of important files -- New version 2.5 just released - designed to work exceptionally well with Windows Vista & XP. -- All-in-one convenient, easy to install application -- Carey Frisch Microsoft MVP Windows Desktop Experience - Windows Vista Enthusiast --------------------------------------------------------------- "James Colbert" <jc2567@bellsouth.net> wrote in message news:urEhbw6EJHA.1280@TK2MSFTNGP02.phx.gbl... I just picked up a laptop and am finishing the setup phase. I'll be installing Avast Anti-Virus, as I know it supports 64 bit and works reasonably well. Windows Defender is enabled, as is Windows firewall. Now I'd like to address strong security. This laptop will be used for business (and play as well, I suppose, especially during hurricane evacs). One concern I have are for those times when I must download banking transactions into Quicken and Quickbooks. I'd like to be sure that my passwords and the sensitive data I'll be downloading is not accessible to anyone else. These downloads might take place via a hotel network or via a Sprint (or similar) broadband device. Although my office is behind a hardware firewall, I really have no experience when it comes to 'on the road security'. Is it feasible to bring a router with a firewall to place between my laptop and the hotel network, or should it all be handled by software (as I assume the case will be for the Sprint broadband). I know that I am asking for more information than is probably practically posted here, but any information (including links) is greatly appreciated. Thanks in advance, James Quote
Guest Mick Murphy Posted September 11, 2008 Posted September 11, 2008 Totally ignore Frisch's advice about OneCare! He must be on a commission! -- Mick Murphy - Qld (Sunshine State) - Australia "James Colbert" wrote: <span style="color:blue"> > I just picked up a laptop and am finishing the setup phase. I'll be > installing Avast Anti-Virus, as I know it supports 64 bit and works > reasonably well. Windows Defender is enabled, as is Windows firewall. Now > I'd like to address strong security. > > This laptop will be used for business (and play as well, I suppose, > especially during hurricane evacs). One concern I have are for those times > when I must download banking transactions into Quicken and Quickbooks. I'd > like to be sure that my passwords and the sensitive data I'll be downloading > is not accessible to anyone else. These downloads might take place via a > hotel network or via a Sprint (or similar) broadband device. > > Although my office is behind a hardware firewall, I really have no > experience when it comes to 'on the road security'. Is it feasible to bring > a router with a firewall to place between my laptop and the hotel network, > or should it all be handled by software (as I assume the case will be for > the Sprint broadband). > > I know that I am asking for more information than is probably practically > posted here, but any information (including links) is greatly appreciated. > > Thanks in advance, > James > > </span> Quote
Guest Kayman Posted September 11, 2008 Posted September 11, 2008 On Wed, 10 Sep 2008 20:17:29 -0500, James Colbert wrote: <span style="color:blue"> > I just picked up a laptop and am finishing the setup phase. I'll be > installing Avast Anti-Virus, as I know it supports 64 bit and works > reasonably well. Windows Defender is enabled, as is Windows firewall. Now > I'd like to address strong security.</span> Good combo! If you ever look for a good (better IMO) AV alternative: Avira AntiVir® Personal - FREE Antivirus http://www.free-av.com/ (The free version won't scan your emails.) Unless you are using Microsoft Outlook or Lotus Notes (MAPI or VIM), scanning email is worthless. Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail http://thundercloud.net/infoave/tutorials/...nning/index.htm Ensure your e-mail program is configured to display e-mail messages in 'Plain Text' only. If you wish, you can remove the 'AntiVir Nagscreen' http://www.elitekiller.com/files/disable_antivir_nag.htm In addition to WinDef you consider: SuperAntispyware - Free http://www.superantispyware.com/superantis...efreevspro.html <span style="color:blue"> > This laptop will be used for business (and play as well, I suppose, > especially during hurricane evacs).</span> Bad combo! Be very careful combining business with play :-) <span style="color:blue"> > One concern I have are for those times > when I must download banking transactions into Quicken and Quickbooks. I'd > like to be sure that my passwords and the sensitive data I'll be downloading > is not accessible to anyone else. These downloads might take place via a > hotel network or via a Sprint (or similar) broadband device.</span> Ensure that passwords are never stored on your operating system. Use an external media such as cd dvd or thumb drive. <span style="color:blue"> > Although my office is behind a hardware firewall, I really have no > experience when it comes to 'on the road security'. Is it feasible to bring > a router with a firewall to place between my laptop and the hotel network, > or should it all be handled by software (as I assume the case will be for > the Sprint broadband).</span> There is nothing wrong taking your router and/or hardware firewall on the road as well. <span style="color:blue"> > I know that I am asking for more information than is probably practically > posted here, but any information (including links) is greatly appreciated.</span> For Vista the most dependable defenses are: 1. Do not work in elevated level; Day-to-day work should be performed while the User Account Control (UAC) is enabled. User Account Control Step-by-Step Guide. http://technet.microsoft.com/en-us/library/cc709691.aspx Understanding and Configuring User Account Control in Windows Vista. http://technet.microsoft.com/en-us/library/cc709628.aspx 2. Familiarize yourself with "Services Hardening in Windows Vista". Services Hardening in Windows Vista http://www.microsoft.com/technet/technetma.../SecurityWatch/ Educational reading: 10 Immutable Laws of Security http://technet.microsoft.com/en-us/library/cc722487.aspx 3. Don't expose services to public networks. Windows Vista Service Configurations Introduction http://www.blackviper.com/WinVista/servicecfg.htm 4. Keep your operating (OS) system (and all software on it) updated/patched. (Got SP1 yet?). Windows update. http://www.update.microsoft.com/windowsupd...t.aspx?ln=en-us Secunia Personal Software Inspector http://secunia.com/software_inspector https://psi.secunia.com/ --And-- M/S Security Baseline Analyzer 2.0 http://www.microsoft.com/downloads/details...&displaylang=en can assist also. Why Service Packs are Better Than Patches. http://www.microsoft.com/technet/archive/c...h.mspx?mfr=true 5. Secure (Harden) Internet Explorer. IE7 safe/secure settings Internet Explorer7 Desktop Security Guide http://www.microsoft.com/downloads/details...&displaylang=en Internet Explorer Enhanced Security Configuration changes the browsing experience http://support.microsoft.com/default.aspx?...kb;en-us;815141 The Internet Explorer 7 Security Status Bar http://www.microsoft.com/windows/products/...v/security.mspx Extended Validation SSL Certificates http://www.microsoft.com/windows/products/...ev/default.mspx Note: Tight security settings will break down some websites. You need to add these websites into the Trusted Zone for smooth access. You could consider disabling all Security Settings in IE and use IE only for the 'Patch Tuesday' updates; To do so you must add the following URL's to the Trusted sites: http://update.microsoft.com http://download.windowsupdate.com https:// .update.microsoft.com http:// .update.microsoft.com http:// .microsoft.com 6. Review your installed 3rd party software applications/utilities; Remove clutter, including 3rd party software personal firewall application (PFW) - the one which claims: "It can stop/control malicious outbound traffic". 7. Activate the build-in firewall and tack together its advanced configuration settings. Tap into the Vista firewall's advanced configuration features http://articles.techrepublic.com.com/5100-10877-6098592.html "...once you discover the secret of accessing its advanced configuration settings via the MMC snap-in, you'll find it to be far more configurable and functional. At last, Windows comes with a sophisticated personal firewall that can be used to set up outbound rules as well as inbound, with the ability to customize rules to fit your precise needs." --Or-- Configure Vista Firewall to support outbound packet filtering http://searchwindowssecurity.techtarget.co...1247138,00.html --Or-- Vista Firewall Control (Free versions available) http://sphinx-soft.com/Vista/ 7a.If on high-speed Internet connection use a router. 7b.Implement countermeasures against DNSChanger. http://extremesecurity.blogspot.com/2008/0...t-hijacked.html 7c.Just in case, Wired Equivalent Privacy (WEP) has been superseded by Wi-Fi Protected Access (WPA). 8. Utilize one (1) each 'real-time' anti-virus and anti-spy application. 9. Employ vital operating system monitoring utilities/applications. Consider: Process Explorer, AutoRuns, TCPView, WALLWATCHER, Wireshark, Port Reporter etc. 10.Routinely practice Safe-Hex. http://www.claymania.com/safe-hex.html Hundreds Click on 'Click Here to Get Infected' Ad http://www.eweek.com/article2/0,1895,2132447,00.asp The least preferred defenses are: Myriads of popular anti-whatever applications and staying ignorant. Don't forget cleaning and defragging HDD frequently. Good luck style_emoticons/ Quote
Guest Kerry Brown Posted September 11, 2008 Posted September 11, 2008 "James Colbert" <jc2567@bellsouth.net> wrote in message news:urEhbw6EJHA.1280@TK2MSFTNGP02.phx.gbl...<span style="color:blue"> >I just picked up a laptop and am finishing the setup phase. I'll be >installing Avast Anti-Virus, as I know it supports 64 bit and works >reasonably well. Windows Defender is enabled, as is Windows firewall. Now >I'd like to address strong security. > > This laptop will be used for business (and play as well, I suppose, > especially during hurricane evacs). One concern I have are for those times > when I must download banking transactions into Quicken and Quickbooks. I'd > like to be sure that my passwords and the sensitive data I'll be > downloading is not accessible to anyone else. These downloads might take > place via a hotel network or via a Sprint (or similar) broadband device. > > Although my office is behind a hardware firewall, I really have no > experience when it comes to 'on the road security'. Is it feasible to > bring a router with a firewall to place between my laptop and the hotel > network, or should it all be handled by software (as I assume the case > will be for the Sprint broadband). > > I know that I am asking for more information than is probably practically > posted here, but any information (including links) is greatly appreciated. > > Thanks in advance, > James</span> The number one most important thing is keep Windows and all your installed programs up to date. Use a version of Vista that supports bitlocker and encrypt your hard drive. Don't play with the default UAC settings. When surfing the Internet use a standard user account. When connecting to a public access point make sure that the network is identified as Public in the Network and Sharing Center. Using the same router you use at home means you will have to change this manually when using the router in a hotel. Make sure you are always at a SSL (encrypted) site when entering a user name and password. Before entering a user name and password click on the lock and view the certificate to ensure you are at the correct site. -- Kerry Brown MS-MVP - Windows Desktop Experience: Systems Administration http://www.vistahelp.ca/phpBB2/ http://vistahelpca.blogspot.com/ Quote
Guest James Colbert Posted September 11, 2008 Posted September 11, 2008 Hi Kayman, Thank you for a very comprehensive response! This is more than I could have asked for. I've copied your post to my desktop for easy access to the URLs you have provided. I'll be chewing on this for a while! As for your last suggestion of regular defragging, I've been using Diskeeper for years, but not sure I want to buy another license. Is Vista's defrag utility adequate? Thanks! James "Kayman" <kaymanDeleteThis@operamail.com> wrote in message news:e03g0d%23EJHA.6052@TK2MSFTNGP04.phx.gbl...<span style="color:blue"> > On Wed, 10 Sep 2008 20:17:29 -0500, James Colbert wrote: ><span style="color:green"> >> I just picked up a laptop and am finishing the setup phase. I'll be >> installing Avast Anti-Virus, as I know it supports 64 bit and works >> reasonably well. Windows Defender is enabled, as is Windows firewall. Now >> I'd like to address strong security.</span> > > Good combo! > If you ever look for a good (better IMO) AV alternative: > Avira AntiVir® Personal - FREE Antivirus > http://www.free-av.com/ > (The free version won't scan your emails.) > > Unless you are using Microsoft Outlook or Lotus Notes (MAPI or VIM), > scanning email is worthless. > > Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail > http://thundercloud.net/infoave/tutorials/...nning/index.htm > Ensure your e-mail program is configured to display e-mail messages in > 'Plain Text' only. > If you wish, you can remove the 'AntiVir Nagscreen' > http://www.elitekiller.com/files/disable_antivir_nag.htm > > In addition to WinDef you consider: > SuperAntispyware - Free > http://www.superantispyware.com/superantis...efreevspro.html ><span style="color:green"> >> This laptop will be used for business (and play as well, I suppose, >> especially during hurricane evacs).</span> > > Bad combo! Be very careful combining business with play :-) ><span style="color:green"> >> One concern I have are for those times >> when I must download banking transactions into Quicken and Quickbooks. >> I'd >> like to be sure that my passwords and the sensitive data I'll be >> downloading >> is not accessible to anyone else. These downloads might take place via a >> hotel network or via a Sprint (or similar) broadband device.</span> > > Ensure that passwords are never stored on your operating system. Use an > external media such as cd dvd or thumb drive. ><span style="color:green"> >> Although my office is behind a hardware firewall, I really have no >> experience when it comes to 'on the road security'. Is it feasible to >> bring >> a router with a firewall to place between my laptop and the hotel >> network, >> or should it all be handled by software (as I assume the case will be for >> the Sprint broadband).</span> > > There is nothing wrong taking your router and/or hardware firewall on the > road as well. ><span style="color:green"> >> I know that I am asking for more information than is probably practically >> posted here, but any information (including links) is greatly >> appreciated.</span> > > For Vista the most dependable defenses are: > 1. Do not work in elevated level; Day-to-day work should be performed > while the User Account Control (UAC) is enabled. > User Account Control Step-by-Step Guide. > http://technet.microsoft.com/en-us/library/cc709691.aspx > > Understanding and Configuring User Account Control in Windows Vista. > http://technet.microsoft.com/en-us/library/cc709628.aspx > > 2. Familiarize yourself with "Services Hardening in Windows Vista". > Services Hardening in Windows Vista > http://www.microsoft.com/technet/technetma.../SecurityWatch/ > Educational reading: > 10 Immutable Laws of Security > http://technet.microsoft.com/en-us/library/cc722487.aspx > > 3. Don't expose services to public networks. > Windows Vista Service Configurations Introduction > http://www.blackviper.com/WinVista/servicecfg.htm > > 4. Keep your operating (OS) system (and all software on it) > updated/patched. (Got SP1 yet?). > Windows update. > http://www.update.microsoft.com/windowsupd...t.aspx?ln=en-us > Secunia Personal Software Inspector > http://secunia.com/software_inspector > https://psi.secunia.com/ > --And-- > M/S Security Baseline Analyzer 2.0 > http://www.microsoft.com/downloads/details...&displaylang=en > can assist also. > > Why Service Packs are Better Than Patches. > http://www.microsoft.com/technet/archive/c...h.mspx?mfr=true > > 5. Secure (Harden) Internet Explorer. > IE7 safe/secure settings > Internet Explorer7 Desktop Security Guide > http://www.microsoft.com/downloads/details...&displaylang=en > > Internet Explorer Enhanced Security Configuration changes the browsing > experience > http://support.microsoft.com/default.aspx?...kb;en-us;815141 > > The Internet Explorer 7 Security Status Bar > http://www.microsoft.com/windows/products/...v/security.mspx > > Extended Validation SSL Certificates > http://www.microsoft.com/windows/products/...ev/default.mspx > > Note: Tight security settings will break down some websites. You need to > add these websites into the Trusted Zone for smooth access. > > You could consider disabling all Security Settings in IE and use IE only > for the 'Patch Tuesday' updates; To do so you must add the following URL's > to the Trusted sites: > http://update.microsoft.com > http://download.windowsupdate.com > https:// .update.microsoft.com > http:// .update.microsoft.com > http:// .microsoft.com > > 6. Review your installed 3rd party software applications/utilities; > Remove clutter, including 3rd party software personal firewall > application (PFW) - the one which claims: > "It can stop/control malicious outbound traffic". > > 7. Activate the build-in firewall and tack together its advanced > configuration settings. > Tap into the Vista firewall's advanced configuration features > http://articles.techrepublic.com.com/5100-10877-6098592.html > "...once you discover the secret of accessing its advanced configuration > settings via the MMC snap-in, you'll find it to be far more configurable > and functional. At last, Windows comes with a sophisticated personal > firewall that can be used to set up outbound rules as well as inbound, > with > the ability to customize rules to fit your precise needs." > --Or-- > Configure Vista Firewall to support outbound packet filtering > http://searchwindowssecurity.techtarget.co...1247138,00.html > --Or-- > Vista Firewall Control (Free versions available) > http://sphinx-soft.com/Vista/ > > 7a.If on high-speed Internet connection use a router. > > 7b.Implement countermeasures against DNSChanger. > http://extremesecurity.blogspot.com/2008/0...t-hijacked.html > > 7c.Just in case, Wired Equivalent Privacy (WEP) has been > superseded by Wi-Fi Protected Access (WPA). > > 8. Utilize one (1) each 'real-time' anti-virus and anti-spy > application. > > 9. Employ vital operating system monitoring utilities/applications. > Consider: Process Explorer, AutoRuns, TCPView, WALLWATCHER, > Wireshark, Port Reporter etc. > > 10.Routinely practice Safe-Hex. > http://www.claymania.com/safe-hex.html > Hundreds Click on 'Click Here to Get Infected' Ad > http://www.eweek.com/article2/0,1895,2132447,00.asp > > The least preferred defenses are: > Myriads of popular anti-whatever applications and staying ignorant. > > Don't forget cleaning and defragging HDD frequently. > > Good luck style_emoticons/ > </span> Quote
Guest James Colbert Posted September 11, 2008 Posted September 11, 2008 Hi Kayman, Thank you for a very comprehensive response! This is more than I could have asked for. I've copied your post to my desktop for easy access to the URLs you have provided. I'll be chewing on this for a while! As for your last suggestion of regular defragging, I've been using Diskeeper for years, but not sure I want to buy another license. Is Vista's defrag utility adequate? Thanks! James "Kayman" <kaymanDeleteThis@operamail.com> wrote in message news:e03g0d%23EJHA.6052@TK2MSFTNGP04.phx.gbl...<span style="color:blue"> > On Wed, 10 Sep 2008 20:17:29 -0500, James Colbert wrote: ><span style="color:green"> >> I just picked up a laptop and am finishing the setup phase. I'll be >> installing Avast Anti-Virus, as I know it supports 64 bit and works >> reasonably well. Windows Defender is enabled, as is Windows firewall. Now >> I'd like to address strong security.</span> > > Good combo! > If you ever look for a good (better IMO) AV alternative: > Avira AntiVir® Personal - FREE Antivirus > http://www.free-av.com/ > (The free version won't scan your emails.) > > Unless you are using Microsoft Outlook or Lotus Notes (MAPI or VIM), > scanning email is worthless. > > Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail > http://thundercloud.net/infoave/tutorials/...nning/index.htm > Ensure your e-mail program is configured to display e-mail messages in > 'Plain Text' only. > If you wish, you can remove the 'AntiVir Nagscreen' > http://www.elitekiller.com/files/disable_antivir_nag.htm > > In addition to WinDef you consider: > SuperAntispyware - Free > http://www.superantispyware.com/superantis...efreevspro.html ><span style="color:green"> >> This laptop will be used for business (and play as well, I suppose, >> especially during hurricane evacs).</span> > > Bad combo! Be very careful combining business with play :-) ><span style="color:green"> >> One concern I have are for those times >> when I must download banking transactions into Quicken and Quickbooks. >> I'd >> like to be sure that my passwords and the sensitive data I'll be >> downloading >> is not accessible to anyone else. These downloads might take place via a >> hotel network or via a Sprint (or similar) broadband device.</span> > > Ensure that passwords are never stored on your operating system. Use an > external media such as cd dvd or thumb drive. ><span style="color:green"> >> Although my office is behind a hardware firewall, I really have no >> experience when it comes to 'on the road security'. Is it feasible to >> bring >> a router with a firewall to place between my laptop and the hotel >> network, >> or should it all be handled by software (as I assume the case will be for >> the Sprint broadband).</span> > > There is nothing wrong taking your router and/or hardware firewall on the > road as well. ><span style="color:green"> >> I know that I am asking for more information than is probably practically >> posted here, but any information (including links) is greatly >> appreciated.</span> > > For Vista the most dependable defenses are: > 1. Do not work in elevated level; Day-to-day work should be performed > while the User Account Control (UAC) is enabled. > User Account Control Step-by-Step Guide. > http://technet.microsoft.com/en-us/library/cc709691.aspx > > Understanding and Configuring User Account Control in Windows Vista. > http://technet.microsoft.com/en-us/library/cc709628.aspx > > 2. Familiarize yourself with "Services Hardening in Windows Vista". > Services Hardening in Windows Vista > http://www.microsoft.com/technet/technetma.../SecurityWatch/ > Educational reading: > 10 Immutable Laws of Security > http://technet.microsoft.com/en-us/library/cc722487.aspx > > 3. Don't expose services to public networks. > Windows Vista Service Configurations Introduction > http://www.blackviper.com/WinVista/servicecfg.htm > > 4. Keep your operating (OS) system (and all software on it) > updated/patched. (Got SP1 yet?). > Windows update. > http://www.update.microsoft.com/windowsupd...t.aspx?ln=en-us > Secunia Personal Software Inspector > http://secunia.com/software_inspector > https://psi.secunia.com/ > --And-- > M/S Security Baseline Analyzer 2.0 > http://www.microsoft.com/downloads/details...&displaylang=en > can assist also. > > Why Service Packs are Better Than Patches. > http://www.microsoft.com/technet/archive/c...h.mspx?mfr=true > > 5. Secure (Harden) Internet Explorer. > IE7 safe/secure settings > Internet Explorer7 Desktop Security Guide > http://www.microsoft.com/downloads/details...&displaylang=en > > Internet Explorer Enhanced Security Configuration changes the browsing > experience > http://support.microsoft.com/default.aspx?...kb;en-us;815141 > > The Internet Explorer 7 Security Status Bar > http://www.microsoft.com/windows/products/...v/security.mspx > > Extended Validation SSL Certificates > http://www.microsoft.com/windows/products/...ev/default.mspx > > Note: Tight security settings will break down some websites. You need to > add these websites into the Trusted Zone for smooth access. > > You could consider disabling all Security Settings in IE and use IE only > for the 'Patch Tuesday' updates; To do so you must add the following URL's > to the Trusted sites: > http://update.microsoft.com > http://download.windowsupdate.com > https:// .update.microsoft.com > http:// .update.microsoft.com > http:// .microsoft.com > > 6. Review your installed 3rd party software applications/utilities; > Remove clutter, including 3rd party software personal firewall > application (PFW) - the one which claims: > "It can stop/control malicious outbound traffic". > > 7. Activate the build-in firewall and tack together its advanced > configuration settings. > Tap into the Vista firewall's advanced configuration features > http://articles.techrepublic.com.com/5100-10877-6098592.html > "...once you discover the secret of accessing its advanced configuration > settings via the MMC snap-in, you'll find it to be far more configurable > and functional. At last, Windows comes with a sophisticated personal > firewall that can be used to set up outbound rules as well as inbound, > with > the ability to customize rules to fit your precise needs." > --Or-- > Configure Vista Firewall to support outbound packet filtering > http://searchwindowssecurity.techtarget.co...1247138,00.html > --Or-- > Vista Firewall Control (Free versions available) > http://sphinx-soft.com/Vista/ > > 7a.If on high-speed Internet connection use a router. > > 7b.Implement countermeasures against DNSChanger. > http://extremesecurity.blogspot.com/2008/0...t-hijacked.html > > 7c.Just in case, Wired Equivalent Privacy (WEP) has been > superseded by Wi-Fi Protected Access (WPA). > > 8. Utilize one (1) each 'real-time' anti-virus and anti-spy > application. > > 9. Employ vital operating system monitoring utilities/applications. > Consider: Process Explorer, AutoRuns, TCPView, WALLWATCHER, > Wireshark, Port Reporter etc. > > 10.Routinely practice Safe-Hex. > http://www.claymania.com/safe-hex.html > Hundreds Click on 'Click Here to Get Infected' Ad > http://www.eweek.com/article2/0,1895,2132447,00.asp > > The least preferred defenses are: > Myriads of popular anti-whatever applications and staying ignorant. > > Don't forget cleaning and defragging HDD frequently. > > Good luck style_emoticons/ > </span> Quote
Guest Paul Montgomery Posted September 11, 2008 Posted September 11, 2008 On Thu, 11 Sep 2008 16:58:20 -0500, "James Colbert" <jc2567@bellsouth.net> wrote: <span style="color:blue"> >Hi Kayman, > >Thank you for a very comprehensive response! This is more than I could have >asked for. >I've copied your post to my desktop for easy access to the URLs you have >provided. I'll be chewing on this for a while! As for your last suggestion >of regular defragging, I've been using Diskeeper for years, but not sure I >want to buy another license. Is Vista's defrag utility adequate?</span> Definitely. Still, I use Diskeeper. It gives me something else to play with ;-) <span style="color:blue"> >Thanks! > >James > >"Kayman" <kaymanDeleteThis@operamail.com> wrote in message >news:e03g0d%23EJHA.6052@TK2MSFTNGP04.phx.gbl...<span style="color:green"> >> On Wed, 10 Sep 2008 20:17:29 -0500, James Colbert wrote: >><span style="color:darkred"> >>> I just picked up a laptop and am finishing the setup phase. I'll be >>> installing Avast Anti-Virus, as I know it supports 64 bit and works >>> reasonably well. Windows Defender is enabled, as is Windows firewall. Now >>> I'd like to address strong security.</span> >> >> Good combo! >> If you ever look for a good (better IMO) AV alternative: >> Avira AntiVir® Personal - FREE Antivirus >> http://www.free-av.com/ >> (The free version won't scan your emails.) >> >> Unless you are using Microsoft Outlook or Lotus Notes (MAPI or VIM), >> scanning email is worthless. >> >> Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail >> http://thundercloud.net/infoave/tutorials/...nning/index.htm >> Ensure your e-mail program is configured to display e-mail messages in >> 'Plain Text' only. >> If you wish, you can remove the 'AntiVir Nagscreen' >> http://www.elitekiller.com/files/disable_antivir_nag.htm >> >> In addition to WinDef you consider: >> SuperAntispyware - Free >> http://www.superantispyware.com/superantis...efreevspro.html >><span style="color:darkred"> >>> This laptop will be used for business (and play as well, I suppose, >>> especially during hurricane evacs).</span> >> >> Bad combo! Be very careful combining business with play :-) >><span style="color:darkred"> >>> One concern I have are for those times >>> when I must download banking transactions into Quicken and Quickbooks. >>> I'd >>> like to be sure that my passwords and the sensitive data I'll be >>> downloading >>> is not accessible to anyone else. These downloads might take place via a >>> hotel network or via a Sprint (or similar) broadband device.</span> >> >> Ensure that passwords are never stored on your operating system. Use an >> external media such as cd dvd or thumb drive. >><span style="color:darkred"> >>> Although my office is behind a hardware firewall, I really have no >>> experience when it comes to 'on the road security'. Is it feasible to >>> bring >>> a router with a firewall to place between my laptop and the hotel >>> network, >>> or should it all be handled by software (as I assume the case will be for >>> the Sprint broadband).</span> >> >> There is nothing wrong taking your router and/or hardware firewall on the >> road as well. >><span style="color:darkred"> >>> I know that I am asking for more information than is probably practically >>> posted here, but any information (including links) is greatly >>> appreciated.</span> >> >> For Vista the most dependable defenses are: >> 1. Do not work in elevated level; Day-to-day work should be performed >> while the User Account Control (UAC) is enabled. >> User Account Control Step-by-Step Guide. >> http://technet.microsoft.com/en-us/library/cc709691.aspx >> >> Understanding and Configuring User Account Control in Windows Vista. >> http://technet.microsoft.com/en-us/library/cc709628.aspx >> >> 2. Familiarize yourself with "Services Hardening in Windows Vista". >> Services Hardening in Windows Vista >> http://www.microsoft.com/technet/technetma.../SecurityWatch/ >> Educational reading: >> 10 Immutable Laws of Security >> http://technet.microsoft.com/en-us/library/cc722487.aspx >> >> 3. Don't expose services to public networks. >> Windows Vista Service Configurations Introduction >> http://www.blackviper.com/WinVista/servicecfg.htm >> >> 4. Keep your operating (OS) system (and all software on it) >> updated/patched. (Got SP1 yet?). >> Windows update. >> http://www.update.microsoft.com/windowsupd...t.aspx?ln=en-us >> Secunia Personal Software Inspector >> http://secunia.com/software_inspector >> https://psi.secunia.com/ >> --And-- >> M/S Security Baseline Analyzer 2.0 >> http://www.microsoft.com/downloads/details...&displaylang=en >> can assist also. >> >> Why Service Packs are Better Than Patches. >> http://www.microsoft.com/technet/archive/c...h.mspx?mfr=true >> >> 5. Secure (Harden) Internet Explorer. >> IE7 safe/secure settings >> Internet Explorer7 Desktop Security Guide >> http://www.microsoft.com/downloads/details...&displaylang=en >> >> Internet Explorer Enhanced Security Configuration changes the browsing >> experience >> http://support.microsoft.com/default.aspx?...kb;en-us;815141 >> >> The Internet Explorer 7 Security Status Bar >> http://www.microsoft.com/windows/products/...v/security.mspx >> >> Extended Validation SSL Certificates >> http://www.microsoft.com/windows/products/...ev/default.mspx >> >> Note: Tight security settings will break down some websites. You need to >> add these websites into the Trusted Zone for smooth access. >> >> You could consider disabling all Security Settings in IE and use IE only >> for the 'Patch Tuesday' updates; To do so you must add the following URL's >> to the Trusted sites: >> http://update.microsoft.com >> http://download.windowsupdate.com >> https:// .update.microsoft.com >> http:// .update.microsoft.com >> http:// .microsoft.com >> >> 6. Review your installed 3rd party software applications/utilities; >> Remove clutter, including 3rd party software personal firewall >> application (PFW) - the one which claims: >> "It can stop/control malicious outbound traffic". >> >> 7. Activate the build-in firewall and tack together its advanced >> configuration settings. >> Tap into the Vista firewall's advanced configuration features >> http://articles.techrepublic.com.com/5100-10877-6098592.html >> "...once you discover the secret of accessing its advanced configuration >> settings via the MMC snap-in, you'll find it to be far more configurable >> and functional. At last, Windows comes with a sophisticated personal >> firewall that can be used to set up outbound rules as well as inbound, >> with >> the ability to customize rules to fit your precise needs." >> --Or-- >> Configure Vista Firewall to support outbound packet filtering >> http://searchwindowssecurity.techtarget.co...1247138,00.html >> --Or-- >> Vista Firewall Control (Free versions available) >> http://sphinx-soft.com/Vista/ >> >> 7a.If on high-speed Internet connection use a router. >> >> 7b.Implement countermeasures against DNSChanger. >> http://extremesecurity.blogspot.com/2008/0...t-hijacked.html >> >> 7c.Just in case, Wired Equivalent Privacy (WEP) has been >> superseded by Wi-Fi Protected Access (WPA). >> >> 8. Utilize one (1) each 'real-time' anti-virus and anti-spy >> application. >> >> 9. Employ vital operating system monitoring utilities/applications. >> Consider: Process Explorer, AutoRuns, TCPView, WALLWATCHER, >> Wireshark, Port Reporter etc. >> >> 10.Routinely practice Safe-Hex. >> http://www.claymania.com/safe-hex.html >> Hundreds Click on 'Click Here to Get Infected' Ad >> http://www.eweek.com/article2/0,1895,2132447,00.asp >> >> The least preferred defenses are: >> Myriads of popular anti-whatever applications and staying ignorant. >> >> Don't forget cleaning and defragging HDD frequently. >> >> Good luck style_emoticons/ >> </span></span> Quote
Guest James Colbert Posted September 11, 2008 Posted September 11, 2008 "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c a m> wrote in message news:uA86coBFJHA.4936@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > "James Colbert" <jc2567@bellsouth.net> wrote in message > news:urEhbw6EJHA.1280@TK2MSFTNGP02.phx.gbl...<span style="color:green"> >>I just picked up a laptop and am finishing the setup phase. I'll be >>installing Avast Anti-Virus, as I know it supports 64 bit and works >>reasonably well. Windows Defender is enabled, as is Windows firewall. Now >>I'd like to address strong security.</span></span> Kerry Wrote:<span style="color:blue"> > The number one most important thing is keep Windows and all your installed > programs up to date. > > Use a version of Vista that supports bitlocker and encrypt your hard > drive.</span> I believe that Bitlocker is only included in Business or ultimate. I don't really have a problem with upgrading, but I'm not sure that the M305D-S4831 supports TPM. The manual doesn't mention it, and MS provides instructions on how to determine if TPM is present, but their instructions require a version of Vista that supports Bitlocker. I suppose I could use something like TrueCrypt, but would that really be necessary if I were to keep my sensitive data (QuickBooks, etc.) on a USB key, so that if the Laptop is stolen, there really won't be any Sensitive data on the HD? Another thought...would using Firefox provide better security than IE? At any rate, thanks for your input! James <span style="color:blue"> > Don't play with the default UAC settings. When surfing the Internet use a > standard user account. When connecting to a public access point make sure > that the network is identified as Public in the Network and Sharing > Center. Using the same router you use at home means you will have to > change this manually when using the router in a hotel. Make sure you are > always at a SSL (encrypted) site when entering a user name and password. > Before entering a user name and password click on the lock and view the > certificate to ensure you are at the correct site. > > -- > Kerry Brown > MS-MVP - Windows Desktop Experience: Systems Administration > http://www.vistahelp.ca/phpBB2/ > http://vistahelpca.blogspot.com/ > > > > </span> Quote
Guest James Colbert Posted September 11, 2008 Posted September 11, 2008 "Paul Montgomery" <i.m.nonnymous@NOSPAMgmail.com> wrote in message news:4l8jc45n0qkokgv4gqifr4tb1ttp7oab4u@4ax.com...<span style="color:blue"> > On Thu, 11 Sep 2008 16:58:20 -0500, "James Colbert" > <jc2567@bellsouth.net> wrote: ><span style="color:green"> >>Hi Kayman, >> >>Thank you for a very comprehensive response! This is more than I could >>have >>asked for. >>I've copied your post to my desktop for easy access to the URLs you have >>provided. I'll be chewing on this for a while! As for your last suggestion >>of regular defragging, I've been using Diskeeper for years, but not sure I >>want to buy another license. Is Vista's defrag utility adequate?</span> > > Definitely. > > Still, I use Diskeeper. It gives me something else to play with ;-)</span> Thanks, Paul! <span style="color:blue"><span style="color:green"> >>Thanks! >> >>James >> >>"Kayman" <kaymanDeleteThis@operamail.com> wrote in message >>news:e03g0d%23EJHA.6052@TK2MSFTNGP04.phx.gbl...<span style="color:darkred"> >>> On Wed, 10 Sep 2008 20:17:29 -0500, James Colbert wrote: >>> >>>> I just picked up a laptop and am finishing the setup phase. I'll be >>>> installing Avast Anti-Virus, as I know it supports 64 bit and works >>>> reasonably well. Windows Defender is enabled, as is Windows firewall. >>>> Now >>>> I'd like to address strong security. >>> >>> Good combo! >>> If you ever look for a good (better IMO) AV alternative: >>> Avira AntiVir® Personal - FREE Antivirus >>> http://www.free-av.com/ >>> (The free version won't scan your emails.) >>> >>> Unless you are using Microsoft Outlook or Lotus Notes (MAPI or VIM), >>> scanning email is worthless. >>> >>> Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail >>> http://thundercloud.net/infoave/tutorials/...nning/index.htm >>> Ensure your e-mail program is configured to display e-mail messages in >>> 'Plain Text' only. >>> If you wish, you can remove the 'AntiVir Nagscreen' >>> http://www.elitekiller.com/files/disable_antivir_nag.htm >>> >>> In addition to WinDef you consider: >>> SuperAntispyware - Free >>> http://www.superantispyware.com/superantis...efreevspro.html >>> >>>> This laptop will be used for business (and play as well, I suppose, >>>> especially during hurricane evacs). >>> >>> Bad combo! Be very careful combining business with play :-) >>> >>>> One concern I have are for those times >>>> when I must download banking transactions into Quicken and Quickbooks. >>>> I'd >>>> like to be sure that my passwords and the sensitive data I'll be >>>> downloading >>>> is not accessible to anyone else. These downloads might take place via >>>> a >>>> hotel network or via a Sprint (or similar) broadband device. >>> >>> Ensure that passwords are never stored on your operating system. Use an >>> external media such as cd dvd or thumb drive. >>> >>>> Although my office is behind a hardware firewall, I really have no >>>> experience when it comes to 'on the road security'. Is it feasible to >>>> bring >>>> a router with a firewall to place between my laptop and the hotel >>>> network, >>>> or should it all be handled by software (as I assume the case will be >>>> for >>>> the Sprint broadband). >>> >>> There is nothing wrong taking your router and/or hardware firewall on >>> the >>> road as well. >>> >>>> I know that I am asking for more information than is probably >>>> practically >>>> posted here, but any information (including links) is greatly >>>> appreciated. >>> >>> For Vista the most dependable defenses are: >>> 1. Do not work in elevated level; Day-to-day work should be performed >>> while the User Account Control (UAC) is enabled. >>> User Account Control Step-by-Step Guide. >>> http://technet.microsoft.com/en-us/library/cc709691.aspx >>> >>> Understanding and Configuring User Account Control in Windows Vista. >>> http://technet.microsoft.com/en-us/library/cc709628.aspx >>> >>> 2. Familiarize yourself with "Services Hardening in Windows Vista". >>> Services Hardening in Windows Vista >>> >>> http://www.microsoft.com/technet/technetma.../SecurityWatch/ >>> Educational reading: >>> 10 Immutable Laws of Security >>> http://technet.microsoft.com/en-us/library/cc722487.aspx >>> >>> 3. Don't expose services to public networks. >>> Windows Vista Service Configurations Introduction >>> http://www.blackviper.com/WinVista/servicecfg.htm >>> >>> 4. Keep your operating (OS) system (and all software on it) >>> updated/patched. (Got SP1 yet?). >>> Windows update. >>> http://www.update.microsoft.com/windowsupd...t.aspx?ln=en-us >>> Secunia Personal Software Inspector >>> http://secunia.com/software_inspector >>> https://psi.secunia.com/ >>> --And-- >>> M/S Security Baseline Analyzer 2.0 >>> http://www.microsoft.com/downloads/details...&displaylang=en >>> can assist also. >>> >>> Why Service Packs are Better Than Patches. >>> http://www.microsoft.com/technet/archive/c...h.mspx?mfr=true >>> >>> 5. Secure (Harden) Internet Explorer. >>> IE7 safe/secure settings >>> Internet Explorer7 Desktop Security Guide >>> http://www.microsoft.com/downloads/details...&displaylang=en >>> >>> Internet Explorer Enhanced Security Configuration changes the browsing >>> experience >>> http://support.microsoft.com/default.aspx?...kb;en-us;815141 >>> >>> The Internet Explorer 7 Security Status Bar >>> >>> http://www.microsoft.com/windows/products/...v/security.mspx >>> >>> Extended Validation SSL Certificates >>> http://www.microsoft.com/windows/products/...ev/default.mspx >>> >>> Note: Tight security settings will break down some websites. You need >>> to >>> add these websites into the Trusted Zone for smooth access. >>> >>> You could consider disabling all Security Settings in IE and use IE only >>> for the 'Patch Tuesday' updates; To do so you must add the following >>> URL's >>> to the Trusted sites: >>> http://update.microsoft.com >>> http://download.windowsupdate.com >>> https:// .update.microsoft.com >>> http:// .update.microsoft.com >>> http:// .microsoft.com >>> >>> 6. Review your installed 3rd party software applications/utilities; >>> Remove clutter, including 3rd party software personal firewall >>> application (PFW) - the one which claims: >>> "It can stop/control malicious outbound traffic". >>> >>> 7. Activate the build-in firewall and tack together its advanced >>> configuration settings. >>> Tap into the Vista firewall's advanced configuration features >>> http://articles.techrepublic.com.com/5100-10877-6098592.html >>> "...once you discover the secret of accessing its advanced configuration >>> settings via the MMC snap-in, you'll find it to be far more configurable >>> and functional. At last, Windows comes with a sophisticated personal >>> firewall that can be used to set up outbound rules as well as inbound, >>> with >>> the ability to customize rules to fit your precise needs." >>> --Or-- >>> Configure Vista Firewall to support outbound packet filtering >>> http://searchwindowssecurity.techtarget.co...1247138,00.html >>> --Or-- >>> Vista Firewall Control (Free versions available) >>> http://sphinx-soft.com/Vista/ >>> >>> 7a.If on high-speed Internet connection use a router. >>> >>> 7b.Implement countermeasures against DNSChanger. >>> http://extremesecurity.blogspot.com/2008/0...t-hijacked.html >>> >>> 7c.Just in case, Wired Equivalent Privacy (WEP) has been >>> superseded by Wi-Fi Protected Access (WPA). >>> >>> 8. Utilize one (1) each 'real-time' anti-virus and anti-spy >>> application. >>> >>> 9. Employ vital operating system monitoring utilities/applications. >>> Consider: Process Explorer, AutoRuns, TCPView, WALLWATCHER, >>> Wireshark, Port Reporter etc. >>> >>> 10.Routinely practice Safe-Hex. >>> http://www.claymania.com/safe-hex.html >>> Hundreds Click on 'Click Here to Get Infected' Ad >>> http://www.eweek.com/article2/0,1895,2132447,00.asp >>> >>> The least preferred defenses are: >>> Myriads of popular anti-whatever applications and staying ignorant. >>> >>> Don't forget cleaning and defragging HDD frequently. >>> >>> Good luck style_emoticons/ >>></span></span> > </span> Quote
Guest James Colbert Posted September 11, 2008 Posted September 11, 2008 Thanks, SIW2. "SIW2" <guest@unknown-email.com> wrote in message news:b0aa07fdf72900fd690b6f3756168609@nntp-gateway.com...<span style="color:blue"> > > Hi, > > Browse through the articles here > > 'PC World - Security Topic Center' > (http://www.pcworld.com/topics/security.html?tk=nl_spxctr) > > Hope that helps > > SIW2 > > > -- > SIW2 </span> Quote
Guest James Colbert Posted September 11, 2008 Posted September 11, 2008 "Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message news:e7JnrR7EJHA.4460@TK2MSFTNGP06.phx.gbl...<span style="color:blue"> > Install Windows OneCare, and you'll not have to > worry about those issues. You can try it FREE > for ninety (90) days. This is a brand new version > and is very robust! Uses very little system resources! > http://onecare.live.com/standard/en-us/default.htm > > With the excellent Windows OneCare package, there is > no need to install a multitude of different security software.</span> Thanks for your response, Carey. I'll check it out. Quote
Guest James Colbert Posted September 11, 2008 Posted September 11, 2008 "Mick Murphy" <MickMurphy@discussions.microsoft.com> wrote in message news:E3294442-25C7-40BD-A544-DC963CB0C86C@microsoft.com...<span style="color:blue"> > Totally ignore Frisch's advice about OneCare! > He must be on a commission! > -- </span> ;-) Quote
Guest Kayman Posted September 11, 2008 Posted September 11, 2008 On Thu, 11 Sep 2008 16:58:20 -0500, James Colbert wrote: <span style="color:blue"> > Hi Kayman, > > Thank you for a very comprehensive response! This is more than I could have > asked for. > I've copied your post to my desktop for easy access to the URLs you have > provided. I'll be chewing on this for a while! As for your last suggestion > of regular defragging, I've been using Diskeeper for years, but not sure I > want to buy another license. Is Vista's defrag utility adequate?</span> The in-build 'defragger' is working fine and is adequate. If you're in the spending mood go for a good back-up program like Acronis. Good luck style_emoticons/ Quote
Guest James Colbert Posted September 12, 2008 Posted September 12, 2008 "Kayman" <kaymanDeleteThis@operamail.com> wrote in message news:%23zGNfiGFJHA.768@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > On Thu, 11 Sep 2008 16:58:20 -0500, James Colbert wrote: ><span style="color:green"> >> Hi Kayman, >> >> Is Vista's defrag utility adequate?</span> > > The in-build 'defragger' is working fine and is adequate. If you're in the > spending mood go for a good back-up program like Acronis. ></span> Yes, I agree. I've used Acronis TI and DD for years. Thanks again for your information. James Quote
Guest Kayman Posted September 12, 2008 Posted September 12, 2008 On Thu, 11 Sep 2008 18:39:10 -0500, James Colbert wrote: <span style="color:blue"> > "Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message > news:e7JnrR7EJHA.4460@TK2MSFTNGP06.phx.gbl...<span style="color:green"> >> Install Windows OneCare, and you'll not have to >> worry about those issues. You can try it FREE >> for ninety (90) days. This is a brand new version >> and is very robust! Uses very little system resources! >> http://onecare.live.com/standard/en-us/default.htm >> >> With the excellent Windows OneCare package, there is >> no need to install a multitude of different security software.</span> > > Thanks for your response, Carey. I'll check it out.</span> James, It's been suggested using Windows Live OneCare which is trial/payware. The OneCare package includes various additional software and it is suggested that there is no need to install a multitude of different security software. At first glance this seems to be fair enough. Also, I read somewhere: What makes OneCare unique is that it essentially provides many of the centrally-managed IT administrative functionality one might expect in a corporate environment, but to home users. But instead of providing a human administrator, Microsoft provides an Internet-based service that works continually and automatically and is always up to date. You only deal with OneCare, per se, when something goes wrong. And if something really goes wrong, Microsoft is providing support via phone, email, or Web chat. [unquote] I am not sure if this represents is real value as assistance, troubleshoot advice can be obtained freely from various newsgroups and/or fora and good quality freeware can be configured to update automatically. So, let's examine this package more closely from a (non-expert) users point-of-view and if Windows Live OneCare represents real dollar value for the average homeuser. Windows Live OneCare includes: -- An excellent antivirus application --. Many experts used to suggest that Windows Live OneCare is on the bottom of the list as far as finding viruses\malware\trojans. However, I understand that the new version of this (OneCare) AV application has changed for the better and the virus catchrate has improved significantly. It is debatable however if OneCare AV is significantly better compared to good quality free-ware application such as Avira AntiVir® Personal or avast! 4 Home Edition. Even if OneCare is an equally good AV application, you'd still have to fork out dollars. So, as far as performance is concerned why would anybody considering purchasing OneCare? -- An excellent firewall application --. An excellent firewall application is already included in both WinXP and Vista operating systems. Managing the Windows Vista Firewall http://technet.microsoft.com/en-us/magazine/cc510323.aspx So, why would anybody want to pay for something which comes free in the first place? -- An excellent antispyware application --. An antispyware (A-S) application (WindowsDefender) is already included in Vista OS and can be freely downloaded for WinXP. Add SuperAntispyware Free Edition and you're as good as gold. So, why would anybody want to pay for something which comes free in the first place? -- Automatic system tune-ups --. Why I donÿt use registry cleaners! http://www.edbott.com/weblog/archives/000643.html IMO, a safer option is to use CCleaner ignoring the registry scanning/fixing option followed by using NTREGOPT (all freely available). So, why would anybody jeopardize proper functioning of their OS? -- Automatic hard drive defrag --. A HDD defragmentation utility is already included in both WinXP and Windows Vista which can be scheduled to scan at predetermined times. Schedule a weekly defragmentation http://www.microsoft.com/windowsxp/using/s...ips/defrag.mspx Features of the Windows Vista hard disk defragmentation utility Scheduled defragmentation http://support.microsoft.com/kb/942092 Also, there are a few freeware defrag tools available which, the best to my knowledge, outperform the in-build version. So, why would anybody want to pay for something which comes free in the first place? -- Checks for updates to be sure they are installed --. Aside from Using the free Windows Update function in both WinXP and Windows Vista, Secunia Personal Software Inspector, Belarc and M/S Security Baseline Analyzer can assist also. So, why would anybody want to pay for something which comes free in the first place? -- Schedules automatic backups of important files --. Backup and Restore Center is an in-build version and comes free with both WinXP and Vista operating system. Windows XP Backup Made Easy http://www.microsoft.com/windowsxp/using/s...t_03july14.mspx Windows Backup and Restore Center http://www.microsoft.com/windows/windows-v...res/backup.aspx So, why would one want to pay for something which comes free in the first place? BTW, some users are impressed with Cobian Backup-Free. -- New version 2.5 just released - designed to work exceptionally well with Windows Vista & XP --. One would hope that this is the case, after all, it's a MSFT product! Selective, good-quality freeware applications are working like a charm as well in both WinXP and Vista operating systems! -- All-in-one convenient, easy to install application --. So are selective, good-quality freeware applications/utilities. -- On sale at Newegg for only $19.99 -- If I were in the spending mood and were looking for a worthwhile addition to my Operating System I'd find another $30.- and purchase Acronis Back-Up package. Well, considering the above, I haven't got the foggiest idea what the hype about Windows Live OneCare package is all about! But, it is not unusual that in Multi National Organizations such as MSFT the Section Heads of the Commercial Department and the Program Engineers (Operating Department), are having conflicting opinions as they work for different goals. The Program Engineers are the pragmatic type, they develop things, they know things. They have to demonstrate high integrity in order to produce high quality software. The Advertising People know how to sell and push things. They mostly walk on a fine line but cross it frequently for the sake of the dollar almighty and in the name of the share holders. The nature of their job prevents them to be moral and ethical. The goals of the Commercial Dept. are not necessarily in the best interest for the end user. Would MSFT recommend the use of registry cleaners if Dr. Mark Russinovich and Ed Bott had a say? I don't think so! Would MSFT have included these lame additions to their Windows Live OneCare application if their program engineers had a say? I don't think so! As usual, Marketing trumps common sense. Let's hope that users pay more attention to the details instead to the sensational promotion. Please be guided accordingly! Quote
Guest Kerry Brown Posted September 12, 2008 Posted September 12, 2008 You can use bitlocker with a USB key instead of TPM but I wouldn't really recommend it unless the laptop has TPM. With Vista I consider IE more secure than Firefox as long as UAC is left on. With UAC on IE runs in protected mode. Some add-ons like Java and Flash can bypass protected mode to some extent but the same exploits would get by Firefox as well. -- Kerry Brown MS-MVP - Windows Desktop Experience: Systems Administration http://www.vistahelp.ca/phpBB2/ http://vistahelpca.blogspot.com/ "James Colbert" <jc2567@bellsouth.net> wrote in message news:uQzuAdGFJHA.5224@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > > I believe that Bitlocker is only included in Business or ultimate. I don't > really have a problem with upgrading, but I'm not sure that the > M305D-S4831 supports TPM. The manual doesn't mention it, and MS provides > instructions on how to determine if TPM is present, but their instructions > require a version of Vista that supports Bitlocker. I suppose I could use > something like TrueCrypt, but would that really be necessary if I were to > keep my sensitive data (QuickBooks, etc.) on a USB key, so that if the > Laptop is stolen, there really won't be any Sensitive data on the HD? > > > Another thought...would using Firefox provide better security than IE? At > any rate, thanks for your input! > > James ><span style="color:green"> >> Don't play with the default UAC settings. When surfing the Internet use a >> standard user account. When connecting to a public access point make sure >> that the network is identified as Public in the Network and Sharing >> Center. Using the same router you use at home means you will have to >> change this manually when using the router in a hotel. Make sure you are >> always at a SSL (encrypted) site when entering a user name and password. >> Before entering a user name and password click on the lock and view the >> certificate to ensure you are at the correct site. >> >> -- >> Kerry Brown >> MS-MVP - Windows Desktop Experience: Systems Administration >> http://www.vistahelp.ca/phpBB2/ >> http://vistahelpca.blogspot.com/ >> >> >> >></span> > </span> Quote
Guest SG Posted September 12, 2008 Posted September 12, 2008 "Kayman" <kaymanDeleteThis@operamail.com> wrote in message news:O1K$RxGFJHA.4304@TK2MSFTNGP02.phx.gbl...<span style="color:blue"> > On Thu, 11 Sep 2008 18:39:10 -0500, James Colbert wrote: ><span style="color:green"> >> "Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message >> news:e7JnrR7EJHA.4460@TK2MSFTNGP06.phx.gbl...<span style="color:darkred"> >>> Install Windows OneCare, and you'll not have to >>> worry about those issues. You can try it FREE >>> for ninety (90) days. This is a brand new version >>> and is very robust! Uses very little system resources! >>> http://onecare.live.com/standard/en-us/default.htm >>> >>> With the excellent Windows OneCare package, there is >>> no need to install a multitude of different security software.</span> >> >> Thanks for your response, Carey. I'll check it out.</span> > > James, > > It's been suggested using Windows Live OneCare which is trial/payware. > The OneCare package includes various additional software and it is > suggested that there is no need to install a multitude of different > security software. At first glance this seems to be fair enough. > > Also, I read somewhere: > > > What makes OneCare unique is that it essentially provides many of the > centrally-managed IT administrative functionality one might expect in a > corporate environment, but to home users. But instead of providing a human > administrator, Microsoft provides an Internet-based service that works > continually and automatically and is always up to date. You only deal with > OneCare, per se, when something goes wrong. And if something really goes > wrong, Microsoft is providing support via phone, email, or Web chat. > [unquote] > > I am not sure if this represents is real value as assistance, troubleshoot > advice can be obtained freely from various newsgroups and/or fora and good > quality freeware can be configured to update automatically. > > So, let's examine this package more closely from a (non-expert) users > point-of-view and if Windows Live OneCare represents real dollar value for > the average homeuser. > > Windows Live OneCare includes: > > -- An excellent antivirus application --. > > Many experts used to suggest that Windows Live OneCare is on the bottom of > the list as far as finding virusesmalwaretrojans. > However, I understand that the new version of this (OneCare) AV > application > has changed for the better and the virus catchrate has improved > significantly. > It is debatable however if OneCare AV is significantly better compared to > good quality free-ware application such as Avira AntiVir® Personal or > avast! 4 Home Edition. Even if OneCare is an equally good AV application, > you'd still have to fork out dollars. > So, as far as performance is concerned why would anybody considering > purchasing OneCare? > > -- An excellent firewall application --. > > An excellent firewall application is already included in both WinXP and > Vista operating systems. > > Managing the Windows Vista Firewall > http://technet.microsoft.com/en-us/magazine/cc510323.aspx > > So, why would anybody want to pay for something which comes free in the > first place? > > -- An excellent antispyware application --. > > An antispyware (A-S) application (WindowsDefender) is already included in > Vista OS and can be freely downloaded for WinXP. Add SuperAntispyware Free > Edition and you're as good as gold. > So, why would anybody want to pay for something which comes free in the > first place? > > -- Automatic system tune-ups --. > > Why I donÿt use registry cleaners! > http://www.edbott.com/weblog/archives/000643.html > > IMO, a safer option is to use CCleaner ignoring the registry > scanning/fixing option followed by using NTREGOPT (all freely available). > > So, why would anybody jeopardize proper functioning of their OS? > > -- Automatic hard drive defrag --. > > A HDD defragmentation utility is already included in both WinXP and > Windows > Vista which can be scheduled to scan at predetermined times. > > Schedule a weekly defragmentation > http://www.microsoft.com/windowsxp/using/s...ips/defrag.mspx > > Features of the Windows Vista hard disk defragmentation utility > Scheduled defragmentation > http://support.microsoft.com/kb/942092 > > Also, there are a few freeware defrag tools available which, the best to > my > knowledge, outperform the in-build version. > So, why would anybody want to pay for something which comes free in the > first place? > > -- Checks for updates to be sure they are installed --. > > Aside from Using the free Windows Update function in both WinXP and > Windows > Vista, Secunia Personal Software Inspector, Belarc and M/S Security > Baseline Analyzer can assist also. > So, why would anybody want to pay for something which comes free in the > first place? > > -- Schedules automatic backups of important files --. > > Backup and Restore Center is an in-build version and comes free with both > WinXP and Vista operating system. > > Windows XP Backup Made Easy > http://www.microsoft.com/windowsxp/using/s...t_03july14.mspx > Windows Backup and Restore Center > http://www.microsoft.com/windows/windows-v...res/backup.aspx > > So, why would one want to pay for something which comes free in the first > place? > > BTW, some users are impressed with Cobian Backup-Free. > > -- New version 2.5 just released - designed to work exceptionally well > with > Windows Vista & XP --. > > One would hope that this is the case, after all, it's a MSFT product! > Selective, good-quality freeware applications are working like a charm as > well in both WinXP and Vista operating systems! > > -- All-in-one convenient, easy to install application --. > > So are selective, good-quality freeware applications/utilities. > > -- On sale at Newegg for only $19.99 -- > > If I were in the spending mood and were looking for a worthwhile addition > to my Operating System I'd find another $30.- and purchase Acronis Back-Up > package. > > Well, considering the above, I haven't got the foggiest idea what the hype > about Windows Live OneCare package is all about! > > But, it is not unusual that in Multi National Organizations such as MSFT > the Section Heads of the Commercial Department and the Program Engineers > (Operating Department), are having conflicting opinions as they work for > different goals. > The Program Engineers are the pragmatic type, they develop things, they > know things. They have to demonstrate high integrity in order to produce > high quality software. > The Advertising People know how to sell and push things. They mostly walk > on a fine line but cross it frequently for the sake of the dollar almighty > and in the name of the share holders. The nature of their job prevents > them > to be moral and ethical. > The goals of the Commercial Dept. are not necessarily in the best interest > for the end user. > Would MSFT recommend the use of registry cleaners if Dr. Mark Russinovich > and Ed Bott had a say? I don't think so! > Would MSFT have included these lame additions to their Windows Live > OneCare > application if their program engineers had a say? I don't think so! > As usual, Marketing trumps common sense. Let's hope that users pay more > attention to the details instead to the sensational promotion. > > Please be guided accordingly!</span> Kayman, BRILLIANT response and a keeper for me. -- All the best, SG Is your computer system ready for Vista? https://winqual.microsoft.com/hcl/ Want to keep up with the latest news from MS? http://news.google.com/nwshp?tab=wn&ned=us&topic=t Just type in Microsoft Quote
Guest SIW2 Posted September 12, 2008 Posted September 12, 2008 Hi James , You may find this useful as well 'PC World - Business Center: 25 Best Business Software Tools and Web Services' (http://www.pcworld.com/businesscenter/arti...b_services.html) Hope it helps SIW2 -- SIW2 Quote
Guest Gerald309BCPCNet Posted September 14, 2008 Posted September 14, 2008 On Sep 10, 9:17 pm, "James Colbert" <jc2...@bellsouth.net> wrote:<span style="color:blue"> > I just picked up a laptop and am finishing the setup phase. I'll be > installing Avast Anti-Virus, as I know it supports 64 bit and works > reasonably well. Windows Defender is enabled, as is Windows firewall. Now > I'd like to address  strong security. > > This laptop will be used for business (and play as well, I suppose, > especially during hurricane evacs). One concern I have are for those times > when I must download banking transactions into Quicken and Quickbooks. I'd > like to be sure that my passwords and the sensitive data I'll be downloading > is not accessible to anyone else. These downloads might take place via a > hotel network or via a Sprint (or similar) broadband device. > > Although my office is behind a hardware firewall, I really have no > experience when it comes to 'on the road security'. Is it feasible to bring > a router with a firewall to place between my laptop and the hotel network, > or should it all be handled by software (as I assume the case will be for > the Sprint broadband). > > I know that I am asking for more information than is probably practically > posted here, but any information (including links) is greatly appreciated.. > > Thanks in advance, > James</span> Transaction Guard http://www.trendsecure.com/portal/en-US/to...ansaction_guard Note to Trend Micro Internet Security Users: Trend Micro Internet Security already includes all the functionality of Spyware Monitor, plus the ability to remove spyware. Use Spyware Monitor when you are using a computer that does not have Trend Micro Internet Security installed (for example: at a library or an Internet cafe). Version 2.0 Transaction Guard is FREE software that protects you against spyware while performing sensitive online tasks on a public computer, like Internet banking or other financial transactions. Transaction Guard has two components: Spyware Monitor – Monitors for spyware and notifies you of any intrusions. Password ClipBoard – An on-screen keyboard for securely entering user names and passwords. ALSO... Windows Malicious Software Removal Tool x64 (Vista x64, Windows XP x64, and Windows 2003 x64) The latest update of this tool checks your computer for infection by specific, prevalent malicious software and helps to remove it. This tool will only run on Vista x64, Windows XP x64, and Windows 2003 x64 computers. http://www.microsoft.com/downloads/details...&displaylang=en webmaster www.BlueCollarPC.Net (Computing Security) Quote
Guest Gerald309BCPCNet Posted September 14, 2008 Posted September 14, 2008 On Sep 10, 9:17 pm, "James Colbert" <jc2...@bellsouth.net> wrote:<span style="color:blue"> > I just picked up a laptop and am finishing the setup phase. I'll be > installing Avast Anti-Virus, as I know it supports 64 bit and works > reasonably well. Windows Defender is enabled, as is Windows firewall. Now > I'd like to address  strong security. > > This laptop will be used for business (and play as well, I suppose, > especially during hurricane evacs). One concern I have are for those times > when I must download banking transactions into Quicken and Quickbooks. I'd > like to be sure that my passwords and the sensitive data I'll be downloading > is not accessible to anyone else. These downloads might take place via a > hotel network or via a Sprint (or similar) broadband device. > > Although my office is behind a hardware firewall, I really have no > experience when it comes to 'on the road security'. Is it feasible to bring > a router with a firewall to place between my laptop and the hotel network, > or should it all be handled by software (as I assume the case will be for > the Sprint broadband). > > I know that I am asking for more information than is probably practically > posted here, but any information (including links) is greatly appreciated.. > > Thanks in advance, > James</span> Fir wireless - please view links posted here about setting up the newer WPA wireless encryption. You need a quality software firewall installed and try Comodo (continually rated among best in leak and penetration tests).... Wireless Security Help links: http://www.bluecollarpc.net/allwireless1.html http://bluecollarpc.net/smf/index.php?board=20.0 http://tech.groups.yahoo.com/group/Philly-WiFi/ BCPCGroup ~ The BlueCollarPC.Net Website Security Group ------------------------------------------------------------------------------------------ MEMBERS AREA: http://www.bluecollarpc.net/joingroup.html Mail domain bluecollarpc.net Live List Owner: bcpcgroup-listowners@bluecollarpc.net Service List Owner: bcpcgroup-owner@bluecollarpc.net Post to Group (Members Only): bcpcgroup@bluecollarpc.net Help address bcpcgroup-help@bluecollarpc.net Subscription address: bcpcgroup-subscribe@bluecollarpc.net Unsubscription address: bcpcgroup-unsubscribe@bluecollarpc.net #Sender Policy Framework (SPF, http://spf.pobox.com) Protected #ALL Posts Moderated and List Protected with Antivirus Service. Some List Features enabled: Guard archive (message digests). Archive access requests from unrecognized SENDERs will be rejected. Subscription requires confirmation by reply to a message sent to the subscription address. Unsubscribe requires confirmation by a reply to a message sent to the subscription address. Quote
Guest James Colbert Posted September 20, 2008 Posted September 20, 2008 Apologies to all...I thought this thread had ended. I actually came back to post regarding a different concern. At any rate, thanks for the input and links. Much of my energy lately has gone into adding wireless to my existing wired network and configuring it to its greatest security potential. However, public networks are still a concern, and I will be checking out the links posted to this thread. I am still sifting through this info and am grateful to all who have taken the time to contribute. Thanks again for the time and expertise, James "James Colbert" <jc2567@bellsouth.net> wrote in message news:urEhbw6EJHA.1280@TK2MSFTNGP02.phx.gbl...<span style="color:blue"> >I just picked up a laptop and am finishing the setup phase. I'll be >installing Avast Anti-Virus, as I know it supports 64 bit and works >reasonably well. Windows Defender is enabled, as is Windows firewall. Now >I'd like to address strong security. > > This laptop will be used for business (and play as well, I suppose, > especially during hurricane evacs). One concern I have are for those times > when I must download banking transactions into Quicken and Quickbooks. I'd > like to be sure that my passwords and the sensitive data I'll be > downloading is not accessible to anyone else. These downloads might take > place via a hotel network or via a Sprint (or similar) broadband device. > > Although my office is behind a hardware firewall, I really have no > experience when it comes to 'on the road security'. Is it feasible to > bring a router with a firewall to place between my laptop and the hotel > network, or should it all be handled by software (as I assume the case > will be for the Sprint broadband). > > I know that I am asking for more information than is probably practically > posted here, but any information (including links) is greatly appreciated. > > Thanks in advance, > James </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.