I think it's a good idea.
The way it is now a child could hack into my computer. A security subsection would be useful.
Poster
I think it's a good idea.
The way it is now a child could hack into my computer. A security subsection would be useful.
effendi
I think it's superfluous.
As has already been said, software world is the place for this. Everything you need to know has already been posted in there and is available via the search function.
I plan on beating him to death with his kids. I'll use them as a bludgeon on his face. -
--Good for them if they survive.
The problem is that I don't know all the possibilities out there. How do I search for a better way to secure myself if I don't know what is there?
Hell, a pinned topic with a how to for the most universal setup or something. This could be updated like the other pinned how-to's as time goes by.
Any other ideas about this? How could we make it easier or at least more obvious to people? I know next to nothing on this stuff or I could make a guide.
TD
°¤°¤°¤°¤°¤°¤°
I'm all for a Secuity section.
All threads would, of course, be locked.
this post is guaranteed 100% parrot-free
Computer Abuser
BT Rep: +3
Sparsely Posted on 26 July 2004 - 18:24
I'm all for a Secuity section.
All threads would, of course, be locked.
mostly harmless
There's plenty of specialist security-related websites out there TD, here's a couple to start you off:
http://www.neworder.box.sk
http://www.grc.com/default.htm
Ð3ƒμ|\|(7
Personally, I don't think it would be a good idea. Why? Because I've yet to see anyone on this board besides a few people that would take the time to help you secure your pc. From my presence on this board I think there are people here that would rather attempt to compromise your box rather then help you secure it.
There are a few basic things you can do.
* Do Not use ie. Here is why in a general sense. There are many worms that affect webservers and if a particular webserver is affected then the admin may never know. An example of what is going on now is a webserver is infected, you go to the site and it attempts to compromise your system with either an iframe exploit or some other type of flaw in not only ie but other browsers as well.
* Turn javascript off. Javascript is very insecure and you can post your rediculous smileys by just typing it instead of using the bb code that the board has...... like this "" see how easy that is? Java 1.4.xx has a flaw, your browser can be crashed by loading a malicious java applet. No fix for that yet so I guess we have to wait for java 1.5
*Turn off animation in images. The admins of sites have no control of what is posted if it looks like regular link or content. Malicious javascript can be loaded into a web link, image or page using an XSS hole in the application for instance forum software etc. To you it may look like a regular link, image, or page but more than likely the link or image has been disguised by encoding it in hex or some other form to make it look legit.
*Use a proxy, unless you know your box is firewalled. If you have confidence in your box or whatever firewall, router, device etc you have then I would say it really does not matter who has your ip. What you do not want is to keep the same ip for an extended period of time if you do not have a static ip or your not running any core services then release that ip and grab a new one. For cable users this may be hard because you may have to unplug your router to do that. For me, I have forund a way to release and renew on demand. I could post this right now and my next post could have a different ip without affecting any downloads or anything. Be it all on the same subnet and isp but hey it's better than getting owned and that person having access to your box at all times unless it's unplugged all because you can't change you public ip address
*Take matters in your own hands, If you find an ip that is generating malicious traffic and you have the common sense to what that traffic is either through logs or something else then you may have to take action and DoS that ip to prevent it from doing the same to you. Nevertheless block it if at all be possible. Never jump to conclusions though. There is a lot of white noise that flows throughout the net and just because you are port scanned or DoSed does not mean anything. It could be automated and may have no affect on you or your network unless you are vulnerable.
*Update your system -- We will never be able to defeat zero-day exploits but by updating as much as possible we can at least say we did our part. This even moreso applies to Windows Users. Windows update is a very good feature to thoose that want to be patched but don't want to download updates and apply them manually.
* Just be Careful. For the most part the internet is a place with a no holds barred philosphy and you must not just get on it trusting everyone or go about your surfing with blatant disregard of security is or wether or not it exist. Most crackers are skilled and more than likely your box is just a small stepping stone to attempt an attack on a larger scale network.
diregard in speeling mistakes and/errors...............I'm sure you get the idea.
effendi
^^ Great post, very useful.
Hopefully prompted a lot of you into getting a firewall/AV.
Thanks shn.
I plan on beating him to death with his kids. I'll use them as a bludgeon on his face. -
--Good for them if they survive.
Posting Permissions
Reply With Quote
I had just thought there would be more interest in this here, that's all.
" see how easy that is? Java 1.4.xx has a flaw, your browser can be crashed by loading a malicious java applet. No fix for that yet so I guess we have to wait for java 1.5 
Bookmarks