APK

USE YOUR "ADD-REMOVE" CONTROL PANEL APPLET!

This is important - as MANY 'malware/trojans' actually DO use since they realize folks do NOT regularly check this area.

IF you don't recognize a ware?

Look it up on GOOGLE (or altavista/yahoo, etc.) to find out if it is MALWARE or not, &/or IF you need it @ all (if you don't? It's "dead weight" & taking up space on your disks & slowing you down only).

APK

APK

SECURING THE TELNET SERVICE & USER GROUPS:

And, a Mr. Markuss Jansson on his point on TELNET service (tlntsrv.exe iirc).

http://www.markusjansson.net/exp.html

Turn Telnet NTLM logings off

-> Run: telnet.exe
--> Type (and press enter): unset ntlm

He also has more on things like "EFS" (encrypting filesystem) which I omitted, & both Mr. J.'s site & the GOVERNMENT ones I note, also cover it too (or, supplement points I made with more alternatives etc.).

APK

P.S.=> I list MORE security techniques for securing telnet, here (did this years ago circa 1997-2002, & it's cited in 2001 here @ Neowin, by searching TELNET on that page) to supplement this technique:

=================================
APK "A to Z" Internet Speedup & Security Text!
=================================

http://www.neowin.net/news/main/01/1...-security-text

=================================

Which goes into that point on TELNET & many others (including more speed tuneups, services cutoffs for speed + security in DETAIL & far more also to supplement this post here)... apk

APK

I also "took the liberty" of contacting a well-known "security-pro" (in Don Parker of "SecurityFocus.com" fame, whom I post with @ Security Forums online with whose URL is below & I referred he to it, as it is the same content as the one here)!

This is in regards to my outline/article/guide here, & here were HIS thoughts/opinions on its content @ this point:

**********

Hello apk,

I don't see any real downsides to what you posted. The only thing is that
you need to remember the audience that it is you are trying to reach. If
your goal was to hit the newbies as it were then you may have missed the
mark a bit. Beyond that, it looks fine to me.

--Don

-----Original Message-----
From: APK [mailto:apk4776239@hotmail.com]
Sent: Wednesday, March 19, 2008 5:34 PM
To: dparker@bridonsecurity.com
Subject: REVIEW THIS IF YOU HAVE TIME (I see you posting @ Windows Security
Forums is why I ask, & it is where the post is)... apk

See subject-line, & this URL:

http://www.security-forums.com/viewt...e45b 636f9f1c

Thanks!

APK

P.S.=> Loved your articles @ SecurityFocus, entitled Catch them IF you can" & "Don't blame the IDS", by the way...

Good stuff, & thus, I respect your views on my posting above & would like to see/hear any "downsides" from your point-of-view regarding the points I made in said posting... again, thanks! apk


**********

That's so you guys all reading here have SOME idea this stuff is SOLID, & works, & 'passes muster' with the "top geeks" (lol, no offense intended, but lacking a better expression here is all) in the arena of computer security, & DO CATCH DON'S ARTICLES I NOTED ABOVE (especially "Catch them IF you can", as it makes points many DO overlook (especially logs!))... apk

--------------

Also - Do please check this page out, for even more security points:

http://csrc.nist.gov/itsec/download_WinXP_Home.html

Especially the downloadable guide for security there to supplement this one's points, it is named -> SP800-69.pdf

----

The PDF file guide above from NIST (in association w/ the U.S. Gov't. on securing PC's no less), like my guide here also?

That also lists a "6.32 Removing Malware" section as well!

So, that is in response to 'my naysayers' from various forums that cricized me for listing such a guide here!

(In fact, many of them were MS-MVP mods too no less, but many on many forums would NOT cite "why" or yield specifics I asked for as to WHY I SHOULD NOT LIST SUCH A GUIDE in this article's content... well, experts in this area appear to agree with myself, as it IS part of "securing a computer" in knowing HOW TO REMOVE INFESTATIONS, as I do, like THEY do as well!)

Anyhow/anyways - The .pdf guide from NIST either tend to reinforce my own, OR, go beyond in some cases!

E.G.->

• Securing wireless networks

• Securing MS-Office apps better

• Script file extensions associations with notepad.exe for instance (for safety vs. scripted attacks)

• More on email & webbrowser security

• The SIGVERIFY utility (file signature checker)

• Disabling unneeded accounts

That's for some things I did not cover well imo, here (OR RATHER, well enough earlier), & to supplement my guide (both have good ideas & they both work).

APK

APK

http://img297.imageshack.us/img297/2240/52041100vo6.png



That's an example of where your score (for users on Windows XP SP #2 no less fully hotfix patched as of this date) can be @ scoring-wise, on the CIS Tool benchmark test gauge of Windows Security, after following its suggestions for security-hardening your systems.

A 90.112 score... & that was AlexStarFire's score from the 3dguru.com forums, once he applied it to his home system ("stand-alone", non-HOME or WORK-LAN system, online on the public internet), which is way, Way, WAY up from its initial default score of 46.xxx/100...



* Here is an example of a user named Thronka, who employed it to security-harden the endpoints on his LAN/WAN setup @ work, who is also enjoying it successfully as well, albeit this time, in a BUSINESS environs (as I have it as well, for both HOME standalone machine online today, & also on the job):

http://www.xtremepccentral.com/forum...ad.php?t=28430

APK

P.S.=> I hope you guys also employ it thus as well - it starts with reaching just 1 person, & then, by example? Others start to apply it also, & then things start to change "for the better", because by securing yourself, & maybe even setting up your pals & families machines' this way? You lessen the possibility of "spreading the diseases" out there online today... apk

APK

More security tools/info. (04/28/2008), for APPLICATION LEVEL SECURITY:

(I.E.-> For checking for apps you have that may be security vulnerable OR have been patched vs. said vulnerabilities, etc.):

----

SECUNIA PSI (checks for outdated OR apps that are known to be insecure):



https://psi.secunia.com/

NEW VERSION (released very recently too).

A good program, by a trusted & WELL-KNOWN security-oriented website online (I tried version 1 earlier on last year, it needed work. This one is solid though, so far @ least, imo!)

(It works, & sometimes catches things FILEHIPPO UPDATE CHECKER below, won't - good "2nd Doctor's opinion" etc.)

----

FileHippo's Update Checker (checks for outdated OR apps that are known to be insecure, supplement's PSI above):



http://filehippo.com/updatechecker/

Decent program as well, & good to use as a supplement to the SECUNIA PSI Tool as well (from a well-known file downloads site also in filehippo).

(It works, & sometimes catches things SECUNIA PSI above, won't - good "2nd Doctor's opinion" etc.)

----

APK Registry Cleaning Engine 2002++ SR-7:



http://www1.techpowerup.com//downloa...oglehappy.html



* Yes, "shameless plug" on MY part on the last one, but, it does have "security benefits"...

(& more than potentially useful forensics ones, because it shows you what files a user calls upon via its lists (it does check recently used filelists, but, will also list those files the user attempted to delete (this assumes he may have been attempting to hide them)))... it is 100% proven SAFE on all 32-bit versions of Windows (see its description & feedback by users on the download page) 9x-VISTA as well)).

APK

APK

To all interested/reading:

I think this is it guys, I know of NO MORE to secure a Windows System... & again - IF any of you have ponits to add, please do so, but, I only ask that you keep it @ a technical computer security level (per my 1st initial post here's "P.S." section @ its termination).



* ENJOY A FASTER & SAFER Windows based system of modern variety (2000/XP/Server 2003 & even VISTA) online today (especially TODAY!)...

APK

P.S.=> In other words, please - no "grammar & spelling" English "writing style" critiques, as they do NOT help to secure a system further... I did try to keep it as SHORT as possible, & to have folks use the CIS Tool to help make it easier + more fun. HOWEVER, @ times, the material is complex & I could not "shorten/condense it" anymore w/ out losing critical details & such! Please bear with that much, & gain by this thread by getting those 90++ scores on CIS Tool, surfing safely & F A S T E R online as a bonus once you apply the points I layered ontop of CIS Tool's guidance points (based on "industry best practices" & such)... thanks! apk

APK

Moderators/Administrators:

For SOME ungodly reason, everytime I posted here?

Well, there was a TREMENDOUS LAG in my posts either appearing here, or updating!

( & they either ended up ALL out of order, or missing many points )...

NOW - I would like to update THIS (your site) site with the CORRECTLY done model, as is shown, here:

---------------------------------------

HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA, plus, make it "fun to do", via CIS Tool Guidance:

http://www.tcmagazine.com/forums/ind...showtopic=2662

---------------------------------------

* However, I am don't have FULL "edit rights" to all/each of my posts in this thread... can you assist, please?



Thank-you, & sorry for the inconvenience, but occasionally I see forums like this (yours made me "hold off" until someone allowed this thread to take here, & that may be the issue, or not, but the point here is this thread in YOUR FORUMS? Could be rendered & done MUCH better/nicer is all).

APK

P.S.=> If you would (mods/admins)? Please, email me here ->

apk4776239@hotmail.com

& I will correct each post's points, not missing any & done in the CORRECT ORDER, vs. how it is done now here (all messed up for SOME reason)... again, thanks! apk