What about including a section on security. It would include securing your computer from hacking/trojans/viruses etc. And go as far as how to protect your identity as best as possible.

This seems like a good addition to a site dedicated to filesharing. Especially considering what we do and the risks we take.

We have several members here who know quite a bit about this stuff, and a section devoted to it could really help people out.

TD

Originally posted by tracydani@26 July 2004 - 12:29
What about including a section on security. It would include securing your computer from hacking/trojans/viruses etc. And go as far as how to protect your identity as best as possible.

This seems like a good addition to a site dedicated to filesharing. Especially considering what we do and the risks we take.

We have several members here who know quite a bit about this stuff, and a section devoted to it could really help people out.

TD
Softwareworld.

Maybe a pinned topic or subsection.

A whole new section is unwarranted. Just ask the question in Softwareworld.

or internet world.

That would be great. I just think we should take it more seriously then random questions and answers within software. A subsection would be nice.

TD

thats why internet and software worlds r there.

Didn&#39;t we have a pinned topic on security? Or did it leave with a banned member? In ban almost everyone summer of 2004. <_<

Originally posted by zapjb@26 July 2004 - 11:57
Didn&#39;t we have a pinned topic on security? Or did it leave with a banned member? In ban almost everyone summer of 2004. <_<
mine&#33;? :D

still there. not really about security though just a few firewalls and av&#39;s and spyware apps.

So there&#39;s no interest in having a catagory(or subcatagory) set aside specificaly for security?

It seams to be pretty relevent to what we do and would be beneficial to have it set aside making it easier on people who need to know but don&#39;t really know what to look for.

TD

Originally posted by bawa@Klite_user@26 July 2004 - 10:54
thats why internet and software worlds r there.
Invariably, people who post security-related issues in Internet World are told to post in software world






...where they&#39;re told that it&#39;s an internet-related topic and should try posting in Internet World.

:lol:




Maybe less forums is the answer. ;)

I&#39;ll take that as support for a security section :lol: (puts blinders on)

TD

I think it&#39;s a good idea.

The way it is now a child could hack into my computer. A security subsection would be useful.

I think it&#39;s superfluous.

As has already been said, software world is the place for this. Everything you need to know has already been posted in there and is available via the search function.

The problem is that I don&#39;t know all the possibilities out there. How do I search for a better way to secure myself if I don&#39;t know what is there?

Hell, a pinned topic with a how to for the most universal setup or something. This could be updated like the other pinned how-to&#39;s as time goes by.

Any other ideas about this? How could we make it easier or at least more obvious to people? I know next to nothing on this stuff or I could make a guide.

TD

I&#39;m all for a Secuity section.
All threads would, of course, be locked. ;)

Sparsely Posted on 26 July 2004 - 18:24
I&#39;m all for a Secuity section.
All threads would, of course, be locked. ;)

:lol:

Originally posted by zapjb@27 July 2004 - 04:14

Sparsely Posted on 26 July 2004 - 18:24
I&#39;m all for a Secuity section.
All threads would, of course, be locked. ;)

:lol:
I second that :lol: :lol:

But any other opinions/ideas?

TD

There&#39;s plenty of specialist security-related websites out there TD, here&#39;s a couple to start you off:

http://www.neworder.box.sk

http://www.grc.com/default.htm

Thanks barbarossa :D I had just thought there would be more interest in this here, that's all.

I have been all over grc, good site. I'll look at the other too.

Thanks.

TD

Personally, I don&#39;t think it would be a good idea. Why? Because I&#39;ve yet to see anyone on this board besides a few people that would take the time to help you secure your pc. From my presence on this board I think there are people here that would rather attempt to compromise your box rather then help you secure it.

There are a few basic things you can do.

* Do Not use ie. Here is why in a general sense. There are many worms that affect webservers and if a particular webserver is affected then the admin may never know. An example of what is going on now is a webserver is infected, you go to the site and it attempts to compromise your system with either an iframe exploit or some other type of flaw in not only ie but other browsers as well.

* Turn javascript off. Javascript is very insecure and you can post your rediculous smileys by just typing it instead of using the bb code that the board has...... like this ":)" see how easy that is? Java 1.4.xx has a flaw, your browser can be crashed by loading a malicious java applet. No fix for that yet so I guess we have to wait for java 1.5 :lol: so screw java unless you really want to load thoose java applets. Half of them are unecessary anyway.

*Turn off animation in images. The admins of sites have no control of what is posted if it looks like regular link or content. Malicious javascript can be loaded into a web link, image or page using an XSS hole in the application for instance forum software etc. To you it may look like a regular link, image, or page but more than likely the link or image has been disguised by encoding it in hex or some other form to make it look legit.

*Use a proxy, unless you know your box is firewalled. If you have confidence in your box or whatever firewall, router, device etc you have then I would say it really does not matter who has your ip. What you do not want is to keep the same ip for an extended period of time if you do not have a static ip or your not running any core services then release that ip and grab a new one. For cable users this may be hard because you may have to unplug your router to do that. For me, I have forund a way to release and renew on demand. I could post this right now and my next post could have a different ip without affecting any downloads or anything. Be it all on the same subnet and isp but hey it&#39;s better than getting owned and that person having access to your box at all times unless it&#39;s unplugged all because you can&#39;t change you public ip address

*Take matters in your own hands, If you find an ip that is generating malicious traffic and you have the common sense to what that traffic is either through logs or something else then you may have to take action and DoS that ip to prevent it from doing the same to you. Nevertheless block it if at all be possible. Never jump to conclusions though. There is a lot of white noise that flows throughout the net and just because you are port scanned or DoSed does not mean anything. It could be automated and may have no affect on you or your network unless you are vulnerable.

*Update your system -- We will never be able to defeat zero-day exploits but by updating as much as possible we can at least say we did our part. This even moreso applies to Windows Users. Windows update is a very good feature to thoose that want to be patched but don&#39;t want to download updates and apply them manually.

* Just be Careful. For the most part the internet is a place with a no holds barred philosphy and you must not just get on it trusting everyone or go about your surfing with blatant disregard of security is or wether or not it exist. Most crackers are skilled and more than likely your box is just a small stepping stone to attempt an attack on a larger scale network.

diregard in speeling mistakes and/errors...............I&#39;m sure you get the idea.

^^ Great post, very useful.

Hopefully prompted a lot of you into getting a firewall/AV.

Thanks shn.

I think a pinned topic in softwareworld would more than suffice., however you can always do what i&#39;m doing for newsgroups and post a topic related to security and update it regularly in the main softwareworld section.

just pin shn&#39;s post :P