Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 46

Thread: Basic to Indepth Guide on Home Computer Security Guide Share/Save - My123World.Com!

  1. #11

    Thumbs up

    Installing Personal Firewalls

    A Personal firewall or desktop firewall is a software program that provides primary defense mechanism for the desktop computer connected to the internet.

    The firewall acts like a guard, who checks everybody entering or going out of the home and based on some prior knowledge allows or disallows the people.

    Once the personal firewall is being installed, it is continuously running in the background, watching out all the incoming and outgoing traffic. Simultaneously it reports to the user by giving a pop-up about the program which is trying to access the internet or conversely trying to access the user’s system. It is solely the discretion of the user that to whom or which program he wants to allow through the firewall.

    Users should be exceptionally careful when allowing a particular program or file through the firewall. And have to be very considerate about which file is used by which particular program.

    Why firewall is needed?

    If the computer is not protected when the user connects to the Internet, hackers can gain access to personal information from the computer. They can install code on the computer that destroys files or causes malfunctions. They can also use user’s computer to cause problems on other home and business computers connected to the Internet. A firewall helps to screen out many kinds of malicious Internet traffic before it reaches to the user’s system.

    Some firewalls can also help to prevent others from using user’s computer to attack other computers without user’s knowledge. Using a firewall is important no matter how the user connects to the Internet — dial-up modem, cable modem, or digital subscriber line (DSL or ADSL).

    Microsoft Corporation provides Internet Connection Firewall for Windows XP SP2 users only. For the users running old versions of Windows (9x, NT or 2000), they have to select a desktop firewall according to their needs from third party.While Windows 2000 does not having a purpose-built firewall, it does have IP Security filters that can be used to make a static packet filter.

    Figure-3: Protecting the Internet-connected Home PC

    Figure 3 shows where the personal firewall fits into the connection of a home PC to the Internet. Obviously the personal firewall is not a discrete component, rather it is software that runs on the home PC, but it’s shown separately for clarity. As illustrated, the goal of the personal firewall is to ensure that traffic from intruders cannot reach the home PC – understanding that the firewall will not block attachments bearing malicious code.

    Some of the freeware & shareware firewalls are listed below:
    Last edited by ajaysinghnegi; 01-01-2011 at 10:32 PM.

  2. #12

    Thumbs up

    Configuring Internet Connection Firewall

    Windows XP with SP2 includes a built-in firewall called the Internet Connection Firewall (ICF). By default it is disabled, ICF can provide an additional layer of protection against network based attacks such as worms and denial-of-service (DoS) attacks. To Enable ICF do the following steps:

    1. Go to Start menu\Control Panel\Network and Internet Connections\Network Connections\ Under the Dial-Up or LAN or High Speed Internet category, click the icon to select the connection that user wants to help protect Figure-4.

    2. In the task pane on the left, under Network Tasks, click Change settings of this Connection (or right-click the connection user wants to protect, and then click Properties Figure-5.


    3. On the Advanced tab, under Internet Connection Firewall, check the box next to Protect my computer and network by limiting or preventing access to this Computer from the Internet Figure-6.

    There are some limitations with ICF that must consider before enabling it. ICF does not have the rich feature set provided by many third party products. This is because ICF is intended only as a basic intrusion prevention feature. ICF prevents people from gathering data about the PC and blocks unsolicited connection attempts. The biggest limitation of ICF is that it protects the user only from inbound pests; it doesn’t alert the user to suspicious outbound traffic.

    Disconnect from the Internet when not using it

    The user relying on traditional dial-up access to the Internet will likely disconnect when they are not using the connection since usage limits apply and they may only have one phone line. On the other hand, home users with “alwayson” broadband access services such as cable modems or DSL/ADSL+ may be tempted to leave their computer permanently connected to the Internet. A permanent connection allows them to access their files over the Internet from a remote location. The problem is that the longer one remains connected, the longer an intruder gets time to attack the host.

    It is recommended for the broadband home users that they should turn-off their cable /DSL/ADSL modems when they are not using Internet at all.

    Or for those users who are directly connected to their ISP with their network cards, they should disable their network cards in the operating system when they are not using their systems to access internet

    To disable the network card in Windows 98, follow the following steps:

    • Right-click My computer\select properties\ click device manager

    • Expand Network Adapters

    • Select the Network adapter that is used for ISP connection

    • Click properties

    • Select Disable in this hardware profile

    To disable the network card in Windows 2000/XP, follow the following steps:

    • Right-click My network places\ select properties

    • Select the Local Area Connection used for connecting ISP.

    • Right-click and select Disable.
    Last edited by ajaysinghnegi; 01-01-2011 at 10:53 PM.

  3. #13

    Thumbs up

    Defensive Measures at Operating System Layer

    This is the second layer of the defense in depth model. The defensive measures that have to be taken at this layer are:

    • Keep up-to-date security patches and update releases for Operating System.

    • Make a boot/ERD disk and keep it current

    • Install and keep updated Antivirus software

    • Install and keep updated Antispyware software

    • Harden Operating System by turning off unnecessary services and features

    Keep up-to-date security patches and update releases for Operating System

    The most important program that runs on a computer is Operating System. Every general-purpose computer must have an Operating System to run other programs. Operating System perform basic tasks, such as recognizing input from the keyboard, sending output to the monitor, keeping track of files and folders on the disk and controlling peripheral devices such as disk drives and printers. Some of the common Desktop Operating Systems are Windows (9x, NT Workstation, 2000 Professional, XP Home Edition & Professional Edition) and Linux workstation etc.

    Application software sits on top of Operating system because it is unable to run without the Operating System. Application software (also called end-user programs) includes word processor like MS Word, databases like SQL or Oracle etc.

    It is the most essential task that every user has to do as it is repetitive ongoing activity. Every time vulnerability is explored the vendors releases the respective patch and that has to be installed immediately after release. If not, that might be an open door to exploit the system.

    The user should subscribe the security newsletter from the respective vendors, whose software he is using. Accordingly, whenever a security patch or a hotfix (A Patch or Hotfix is a small program released by the vendor which fixes up the software for known bugs and vulnerabilities.)is being released the user will be intimated and can act accordingly.

    Now days, the every application has the feature to update automatically through Internet. The user should cautiously configure the respective applications.

    Using Windows Update

    Windows Update is a Microsoft Web site that provides updates for Windows operating system software and Windows-based hardware. Updates address known issues and help protect against known security threats. The patches, hot fixes and service packs released by the Microsoft Corporation are free of cost.

    When any user visit the Windows Update Web site i.e. , Windows Update scans the user’s computer and tells which updates are missing and should be applied to his system. The user chooses the updates that he wants to install and how to install them.

    “Windows Update” uses the following categories:

    High priority: Critical updates, security updates, service packs, and update rollups that should be installed as soon as they become available and before user install any other updates.

    Software (optional): Non-critical fixes for Windows programs, such as Windows Media® Player and Windows Journal Viewer 5.

    Hardware (optional): Non-critical fixes for drivers and other hardware devices, such as video cards, sound cards, scanners, printers, and cameras.

    Optional updates address minor issues or add non-critical functionality to user’s computer. It is more important to install high priority updates so that the user’s computer gets the latest critical and security-related software.

    Last edited by ajaysinghnegi; 01-01-2011 at 11:00 PM.

  4. #14
    Difference between Express and Custom Windows Update?

    Express (recommended) displays all high priority updates for user’s computer so that he can install them with one click. This is the quickest and easiest way to keep user’s computer up to date.

    Custom displays high priority and optional updates for user’s computer. User must review and select the updates that he wants to install, one by one.

    Automatic Updates

    Automatic Update is a feature that works with Windows Update to deliver critical and security-related updates as they become available. When the user turns on Automatic Updates (recommended), Windows automatically looks for high priority updates for user’s computer. Windows recognizes when the user is online and uses the Internet connection to search for downloads from the Windows Update Web site. An icon appears in the system tray each time new updates are available.

    Users have to decide how and when the updates are installed. Sometimes, some updates require the user to accept an End User License Agreement (EULA), answer a question about the installation process, or restart the computer before the user can install them.

    Automatic Updates delivers only high priority updates. To get optional updates, the user still needs to visit the Windows Update Web site.

    Microsoft releases Windows patch on the second Tuesday of each month, so to be safe, checks for the updates manually every couple of weeks. As there may be a lag between when a patch is available and when Windows Update pushes it to the user’s system (as the system has been off for more than a few days).

    Using MBSA

    MBSA is Microsoft Baseline Security Analyzer version 2.1 gives the ability to assess the administrative vulnerabilities present on one or multiple systems. MBSA scans the specified computers and then generates a report that contains details for each computer about the security checks that MBSA performed, the results, and recommendations for fixing any problems. In addition to checking for misconfiguration that might cause security problems in the operating system, user can check for security problems in Microsoft SQL Server and Microsoft Internet Information Services (IIS). User can also determine whether a computer has the most current Microsoft Windows and Microsoft
    Office updates installed, and can check for security updates, update rollups, and service packs for other products hosted by the Windows Update site.

    Below steps are mentioned that how to scan your computer for vulnerabilities see figure 7, figure 8 & figure 9.

    1. Open MSBA Double-click on Scan a computer see figure-7.


    2. Choose the Computer name option as if you want to scan your computer by choosing your computers workgroup name (by default your computer workgroup name is automatically is in the list) see figure-8.


    3. In the last step a Report will generated that will show the list vulnerabilities of your computer & how the necessary steps fix those vulnerabilities.


  5. #15

    Thumbs up

    What is MBSA 2.1?

    MBSA 2.1 is an update to MBSA 2.0.1 to provide full Windows Vista and Windows Server 2008 support, general improvements and customer-requested enhancements.

    Will I notice a difference when I run MBSA 2.1?

    By customer request, the automatic distribution of the latest Windows Update Agent (WUA) client to client computers scanned by MBSA has been disabled in MBSA 2.1. This may prevent MBSA from successfully scanning computers that do not have the latest WUA client installed. Administrators and security auditors will want to select the option to "Configure computers for Microsoft Update and scanning prerequisites" in order to improve security scan success.

    Note: Unless specifically noted, all references to MBSA 2.0 in the MBSA TechNet pages also apply to MBSA 2.1.

    New Features found in MBSA 2.1:

    Support for Windows Vista and Windows Server 2008

    Updated graphical user interface

    Full support for 64-bit platforms and vulnerability assessment (VA) checks against 64-bit platforms and components

    Improved support for Windows XP Embedded platform

    Improved support for SQL Server 2005 vulnerability assessment (VA) checks Automatic Microsoft Update registration and agent update (if selected) using the graphical interface or from the command-line tool using the /ia feature New feature to output completed scan reports to a user-selected directory path or network share (command-line /rd feature) Windows Server Update Services 2.0 and 3.0 compatibility.

    MBSA comes in two flavors: GUI tool and command line tool. Users can get more details about MBSA from the following URL & Choose the appropriate download below for English (EN), German (DE), French (FR) and Japanese (JA) for x86 (32-bit) or x64 (64-bit) platforms :

    Direct Downloading Link :

    XP 32-bit Supported MBSASetup-x86-EN.msi :

    XP 64-bit Supported MBSASetup-x64-EN.msi:

    User should be connected to the Internet while running MBSA for the first time.

    Shavlik Technologies offers a free MBSA 2.1 companion tool called Shavlik NetChk Limited.

    Shavlik NetChkLimited

    NetChk Limited is a free security program from Shavlik Technologies that analyzes the patch status of those Microsoft products not supported by current Microsoft patch technologies. The scan output from NetChk Limited are MBSA-readable XML files that can be viewed via the MBSA GUI (MBSA version 2.0 and later).

    Users who have the following products in their environment can use Shavlik NetChk Limited to augment MBSA 2.0.1 results for comprehensive security update detection.

    NetChk_7.0.832.0.exe (45.9 MB)

    Direct Downloading Link :

  6. #16

    Thumbs up

    Use Least Privileges Policies

    Another area that should not be overlooked among your client defenses is the privileges
    assigned to users under normal operation. I would recommend adopting a policy that provides the fewest privileges possible to help minimize the impact of malware that relies on exploiting user privileges when it executes.

    Such a policy is especially important for users who typically have local administrative privileges. Consider removing such privileges for daily operations, and instead using the RunAs command to launch the required administration tools when necessary.

    For example, a user who needs to install an application that requires administrator
    Privileges could run the following setup command at a command prompt to launch the setup program with appropriate privileges:

    runas /user:mydomain\admin "setup.exe"

    You can also access this feature directly from Microsoft Windows Explorer by performing the following steps:

    To run a program with administrative privileges

    1. In Windows Explorer, select the program or tool you want to open (such as a Microsoft Management Console (MMC) snap-in or Control Panel).

    2. Right-click the program or tool and select Run As.

    Note: If Run As does not appear as an option, press and hold the SHIFT key while you right-click the tool.

    3. In the Run As dialog box, select The following user: option.

    4. In the User name and Password boxes, type the user name and password for the administrator account you want to use.

    Operating System Security

    • Operating System is the important program that runs on the computer. It performs basic tasks like recognizing the input from the key board, controlling various files and directories in the hard disk and also various peripheral devices like printers, scanners etc.

    • It will control the programs in such a way that they do not interfere with each other.

    • It is responsible for securing the system by not allowing the unauthorized users to access the system.

    Need for Securing the Operating System

    The security of the operating system running on various PCs and servers plays an important role in the security of the network as a whole. Not updating one system in the network may effect the security of the other systems in the network. Today we have a highly sophisticated operating system with lots of features, but it may be vulnerable if they are not administered, configured and monitored properly. Sometimes updating the operating system with latest patches may lead to interoperability issues with other operating system. Hence proper care should be taken while updating the operating system.
    Last edited by ajaysinghnegi; 01-01-2011 at 11:43 PM.

  7. #17
    Countermeasures for Securing the Operating System

    • Activate a password for the screen saver so that when ever the operations are not active it will lock the computer automatically after particular period of time.

      • In Windows, to activate a password for a screen saver, go to Settings-->Control Panel-->Display--> click Screensaver Tab. Under screen saver section, check the box on resume password protect click apply and click ok to close the window.

    • Always use a strong password for your operating system to protect the system from unauthorized users.
      • A strong password should be at least eight characters in length and the password should be a combination uppercase, lowercase, numerical and special characters. The password should not contain the words that are in dictionary:

    An example of a good password is Th!5iS@g0odP4s5wD

    • Turn off file sharing in the computer when there is no need to access files in that system.

    § In windows, to turn off file sharing right click on the directory which we no longer want to share and click sharing and security. Under Network sharing and security section uncheck the option “Share this folder” on network.

    • Make sure that the firewall is ON so that it prevents unauthorized users access to your system.

    § In Windows to turn on the firewall, go to start-->settings-->control panel-->Windows firewall-->select the option on (recommended) and click ok to close the window.

    • Delete the softwares and features of operating system which are not in use.

    § To add or remove software in Windows, go to start-->settings-->control panel-->select add or remove programs. In that particular window, under change or remove programs section, select the software which is to be removed and click remove.

    • Disable the default guest account so that it makes the unauthorized users harder to gain access to the system.

    § In Windows to disable the guest account, go to Start-->Run-->Type nusrmgr.msc and click ok. Now a window opens showing the users and groups directory. Double click user directory and in the right pane. Right click guest account and click on properties. Under general tab, check the box “Account is disabled”.

    • Use an updated Antivirus software to protect operating system from virus. Check for latest virus updates daily to keep the software up-to-date. This helps in detecting viruses that may try to affect your system.

    • Update the operating system with the latest patches mainly with critical security updates for the operating system.

    • To update windows operating system, open the Internet Explorer browser window and go to “tools” and click “windows update”.

    • Backup critical data which will be helpful in case of operating system failure.

    § To take entire information of the system backup, in Windows go to Start-->Programs-->Accessories-->System tools-->Backup. A wizard opens to assist you in backing up the system. Click on next --> select option backup files and settings and click Next-->select the appropriate option depending on the requirement and click Next-->Specify the name and place where to store backup and click next-->click finish to start taking backup of the desired data.

    • In an organization, before planning to install a service pack in all the systems first install it in a test system. Since installing a service pack may cover a large range of functionality. Once the service pack is tested and everything is working normally it should be deployed in to the other systems.

    • A normal user should be provided with least privileges which do not disturb his normal working.

      • To create a user account with limited privileges in windows, go to Start-- >Settings-->Control panel-->User accounts. In the users accounts window, click the option create a new account. In the next window, type the user name and click Next-->Choose the option Limited as account type and click “Create account”. Then a user account with limited user privileges is created.

    · User accounts should set their passwords according to the defined security policies.

    § In windows to check predefined password policy settings, click Start-->run and type ¡§secpol.msc¡¨. In the right pane of the window, double click account policies and in the expanded list double click on the password policies. Then, in the right pane we find a list of settings regarding password policy.

    · Administrators should be careful while configuring the privileges for an employee of the organization.

    · Services and security polices should be reviewed daily.

    · While using windows operating system, make sure that the file system used is NTFS, which is more secure. Also set the PC to not display the previously logged in user in log on dialog box which can be seen by pressing “Ctrl + Alt +Del” at start up to login.

  8. #18

    Thumbs up

    Restrict Unauthorized Applications

    If an application is providing a service to the network, such as Microsoft Instant Messenger or a Web service, it could, in theory, become a target for a malware attack. As part of your antivirus solution, you may wish to consider producing a list of authorized applications for the organization. Attempts to install an unauthorized application on any of your client computers could expose all of them and the data they contain to a greater risk of malware attacks.

    If you wish to restrict unauthorized applications, you can use Windows Group Policy to restrict users' ability to run unauthorized software. How to use Group Policy has already been extensively documented, you will find detailed information about it at the Windows Server 2003 Group Policy Technology Center on at:

    The specific area of Group Policy that handles this feature is called the Software Restriction Policy, which you can access through the standard Group Policy MMC snapin. The following figure displays a Group Policy MMC screen showing the path to where you can set Software Restriction Policies for both your computers and users:

    Figure:10 The path to the Software Restriction Policies folders in the Group Policy MMC snap-in

    To access this snap-in directly from a Windows XP client, complete the following steps:

    1. Click Start and then Run.

    2. Type secpol.msc, then click OK.

    A detailed explanation of all the setting possibilities is beyond the scope of this guide. However, the article "Using Software Restriction Policies to Protect Against Unauthorized Software" on TechNet at:

    will provide you with step-by-step guidance on using this powerful feature of the Windows XP Professional operating system.

    Warning: Group Policy is an extremely powerful technology that requires careful configuration and a detailed understanding to implement successfully. Do not attempt to change these settings directly until you are confident you are familiar with the policy settings and have tested the results on a non-production system.

    Prevent Malicious Batch Programs From Infecting Your System

    Windows XP Professional comes with a useful tool called Group Policy Editor (GPEDIT.msc) which permits to set some restrictions and one of this is exactly the one that concerns us.

    Hence, go to Start > Run and type gpedit.msc. Then go to: User Configuration > Administrative Templates > System > Find Prevent Access To The Command Prompt. Right click on it, select Properties and click Enable. Then OK after that there will be an option disable command prompt script option also? Scroll and select yes, then ok and restart your computer or refresh your computer by pressing F5 key.

    With this option, you disable the access to the command prompt for all the users including the administrator and also it will prevent any malicious scripts that use bat program means .bat extension.

    It also Prevents users from running the interactive command prompt, Cmd.exe. This setting also determines whether batch files (.cmd and .bat) can run on the computer.

    If you enable this setting and the user tries to open a command window, the system displays a message explaining that a setting prevents the action.

    Note: Do not prevent the computer from running batch files if the computer uses logon, logoff, startup, or shutdown batch file scripts, or for users that use Remote Desktop Services or if any software installation nned to run .bat programs.

    For Windows XP Home Edition

    Because Windows XP Home Edition does not provide the Group Policy Editor, we need to edit the registry.

    Browse the following registry path:

    HKEY_CURRENT_USER > Software > Policies > Microsoft > Windows > System

    There, in the right panel you have the DWORD value DisableCMD. Giving it the value 0x00000001 you will disable the command prompt. To enable it back, just change the

    value to

    All these being said, some more cautious users may see in disabling the command prompt one of the mandatory steps to protect a personal computer. Of course this is true unless you are not a frequent user of the command prompt facilities. If you run batch scripts or use the Terminal Services, disabling this Windows feature is not recommended.
    Last edited by ajaysinghnegi; 01-02-2011 at 12:10 AM.

  9. #19

    Thumbs up

    Make a boot/ERD disk and keep it current

    A boot disk allows the user to boot from a diskette instead of the hard drive. This can prove useful in accessing the system in the event of either a security incident or hard disk failure. It must be done before an incident requiring its use arises. In Windows 9x :

    Go to Start\Settings\Control Panel\Add or Remove programs.

    In Add or Remove Programs window, click on the tab Startup Disk, click on tab create now.

    Some versions of Windows, e.g. Windows NT, Windows 2000 and Windows XP can use the emergency repair procedure to fix problems that may be preventing the computer from starting. However, using the emergency repair procedure to fix the system generally requires an existing Emergency Repair Disk (ERD). This disk should be regularly updated and stored in a safe place.

    An ERD is created differently depending on the version of Windows. The Backup utility in both Windows 2000 and Windows XP is used to create an ERD; while in Windows NT the “rdisk /s” command is used.

    As a general practice, the ERD should be made immediately after the installation of operating system. And should be updated whenever any security update is applied or any configuration of operating system is being changed.

    Install and keep up-to-date Antivirus Software

    Anti Virus software look at the contents of each file, search for specific patterns that match a profile – called a virus signature – of something known to be harmful. For each file that matches a signature, the anti-virus program typically provides several options on how to respond, such as removing the offending patterns or destroying the file.

    Viruses can reach the computer in many different ways, through floppy disks, CD-ROMS, email, web sites, and downloaded files. It needs to be checked for viruses each time before using any of them. Anti-virus program do these automatically, if configured properly. Anti-virus vendors provides regular update for these virus signatures, because everyday many new viruses are discovered and released, making the system prone to virus attacks and without an antivirus update, antivirus is ineffective against such attacks.

    The anti-virus software should include features such as the automatic updating of its virus definition files, scanning and cleaning of both incoming and outgoing email messages, script blocking and real-time anti-virus protection.

    Installing an anti-virus program and keeping it up-to-date is among the best defenses for home computer and offers the effective protection against computer viruses.

    These programs can detect, remove, and block viruses from infecting your computer here is the list of Antivirus tools download and install them and always be secure below mentioned:

    These are some of the freeware & shareware antivirus software available on internet :

    Windows Platform Antivirus:

    Macintosh Platform Antivirus:
    Last edited by ajaysinghnegi; 01-03-2011 at 12:32 AM.

  10. #20

    Thumbs up

    Always Disable Auto-Run

    It is Recommended that we should always Disable Auto-Run because most of the viruses and trojans infects the system through running itself in background by running hidden autorun.inf file whenever you insert a removable device like cd, pendrive etc. Disabling Auto-Run is something we think everyone should do, not only for security from viruses and spyware, but so you'll never need to deal being unable able to listen to your music on your devices. Here's how to do it in Windows XP.

    In Windows Click Start, then Click Run

    Type regedit

    Click OK

    Click >


    Double click "Autorun" the value is set to 1 by default, change it to zero.

    Click OK

    Now restart, that's it

    Manually Clean & Remover Folder.exe & Brontok Virus

    1. Manually remove it (new folder.exe Fix)

    Delete File named svichossst.exe

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre nt Version\Policies\ System]“@”=[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]“Yahoo Messenger”= [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion \Winlogon]“Shell”=”Explorer.exe “
    Last edited by ajaysinghnegi; 01-03-2011 at 12:25 AM.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts