Difference between revisions of "Windows Security Page"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
m (Reverted edits by Anzorik (Talk); changed back to last version by Admin)
Line 40: Line 40:
 
<nowiki>*</nowiki> The Ethereal project was forced to change names in May 2006 due to trademark issues.  It is now called [http://sourceforge.net/project/showfiles.php?group_id=255 Wireshark].
 
<nowiki>*</nowiki> The Ethereal project was forced to change names in May 2006 due to trademark issues.  It is now called [http://sourceforge.net/project/showfiles.php?group_id=255 Wireshark].
  
 +
== Securing Files ==
 +
You can add encryption to your most important or sensitive files on a file by file basis.  There are different software to allow for this. An Open Source file encryption software for Microsoft Windows that is gaining a lot of praise is AxCrypt by Axantum software.  It integrates with Windows to compress, encrypt, decrypt, and store files. You can password Protect any number of files using strong encryption. 
 +
 +
AxCrypt is free and Open Source, however, the primary download installer has OpenCandy, the developer offers several alternative download options that are OpenCandy free, and free of any other adware/spyware/malware (as of this writing).  To access the versions without OpenCandy you must register with an email address on the site.  The .msi installers do not have OpenCandy.
 +
 +
AxCrypt is password based and uses a 128-bit key.  Although the developer promises 256 bit encryption in the future, it is explained on the site why [https://www.axantum.com/AxCrypt/faq.html#why_128bit 128 bit is enough]. 
 +
 +
AxCrypt is superior to Windows Compressed Folder password protection in many ways.  Windows Compressed Folders in Windows XP uses a WinZip compatible extension of the Windows Shell with the same weak algorithm in WinZip.  WinZip encryption has been compromised and there are multiple documented examples. 
 +
 +
* [https://www.axantum.com/AxCrypt/faq.html#why_128bit AxCrypt FAQ - Frequently Asked Questions]
 +
* [https://www.axantum.com/Xecrets/LoggedOff/Register.aspx AxCrypt Registration] and [https://www.axantum.com/Xecrets/LogOn.aspx Login Page].
  
 
[[Category:Computer_Technology]]
 
[[Category:Computer_Technology]]

Revision as of 18:30, 21 July 2014

This is a harden-your-boxen guide for Microsoft Windows 2000/XP. Protection from spyware, worms, backdoors, viruses, and other exploits are discussed here.

  • ZoneAlarm is NOT the answer. You cannot firewall the same machine the firewall software is on.
  • Norton Internet Security is NOT the answer. If you want to be pestered by a bunch of false positives and have your standard Internet programs blocked, then go ahead and purchase a false sense of security.
  • Windows Updater and Windows Security Center (including Windows firewall) are not covered here. Windows Firewall is problematic. Use a hardware firewall wired between your PC and your Internet source.
  • Although it is important to keep your Windows installation up to date, Auto Update may install useless annoyances like WGA and Microsoft spyware such as that which is built into the new Windows Media Player. It is recommended that you review and install all updates manually.

Now for the REAL tips:

  • Know what is running in memory. Be familiar with Processes in the Windows Task Manager. You may find something that doesn't belong there. Task Manager provides information about programs and processes running on your computer. It also displays the most commonly used performance measures for processes.

AntiVirus Software

Any one of the following products is fine.
  • ClamAV for Windows - recommended because it is relatively current with virus definitions, as well as being completely free and open source.
http://w32.clamav.net/
  • F-Prot Antivirus - commercial. Works well and is well priced for individuals.
  • Symantec AntiVirus Enterprise Edition - Works very well but is very expensive. The Symantec AntiVirus is premium compared to their SOHO Norton AntiVirus.

Avoid: McAfee antivirus products, which detect false positives and block useful Internet applications. Also be sure to avoid Norton Internet Security. Both of these products are annoying, poorly designed, and give the naive user a false sense of security.

Anti Spyware and Spyware Removal

  • Spybot Search and Destory - free and despite a few dopey design issues, does an okay job. Don't get too excited about the "tracking cookies" it detects. Cookies are, for the most part, harmless. They just want you to feel like the program is catching stuff.
http://www.safer-networking.org/en/download/
  • Adaware

Windows Registry Backup and Change Tracking

Track file and registry changes made by software you are installing. Spybot Search and Destroy has registry monitoring capabilities. However, it is ideal to have an application watch and log every registry key modified in every hive by the software you are running or installing.

Spyware, and backdoors are programs that have to be loaded into memory to be a threat. They often hide in the registry, under misleading names, and link to files hidden within the Windows system folders. It may be next to impossible to tell what is legitimate and what is a backdoor Trojan when looking though the registry and system files without knowing what was touch by that latest program you installed.

You need the ability to revert to a registry state prior to a problem. This is useful in getting rid of spyware, as well as extending the free trial period on a lot of freeware software, which hides expiry data as disguised keys in the windows registry.

Traffic Monitoring

There's simply so much spyware and backdoor trojans, and so on out there that no tool is going to be able to detect them all. If you download and install software much then you need to be monitoring your computer traffic. Find out who your computer is talking to and what information it is sending by "sniffing the wire."

* The Ethereal project was forced to change names in May 2006 due to trademark issues. It is now called Wireshark.

Securing Files

You can add encryption to your most important or sensitive files on a file by file basis. There are different software to allow for this. An Open Source file encryption software for Microsoft Windows that is gaining a lot of praise is AxCrypt by Axantum software. It integrates with Windows to compress, encrypt, decrypt, and store files. You can password Protect any number of files using strong encryption.

AxCrypt is free and Open Source, however, the primary download installer has OpenCandy, the developer offers several alternative download options that are OpenCandy free, and free of any other adware/spyware/malware (as of this writing). To access the versions without OpenCandy you must register with an email address on the site. The .msi installers do not have OpenCandy.

AxCrypt is password based and uses a 128-bit key. Although the developer promises 256 bit encryption in the future, it is explained on the site why 128 bit is enough.

AxCrypt is superior to Windows Compressed Folder password protection in many ways. Windows Compressed Folders in Windows XP uses a WinZip compatible extension of the Windows Shell with the same weak algorithm in WinZip. WinZip encryption has been compromised and there are multiple documented examples.