Infiltrator Posted September 16, 2010 Share Posted September 16, 2010 Information leakage is everywere, it's almost impossible to avoid it. The best I can do is to centralize all the confidential data in a very secure host (linux based of course) and use 2 other spare xp PCs for gaming, non-critical web browsing etc etc... (I don't mind if I get viruses on those 2 PCs) Keepassx database stores all the passwords and an encrypted truecrypt volume store the personal data. One single master password unlocks the keepassx db and in turn all the other stuff. Every now and then I print on paper the keepassx password db in base64. Bad luck for who tries to steal your database, sure it will take them a very long time to crack the security. So keeping you personal information locked down and centralized is not a bad idea. Quote Link to comment Share on other sites More sharing options...
3TeK Posted September 17, 2010 Share Posted September 17, 2010 Darren did a segment back then on Untangle and to be honest, I kinda liked it a lot, and seems to provide a lot more features than any other linux based firewalls. It's a resource hog /thread jack I just run Linux so I don't have to worry about anything, lol Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted September 17, 2010 Share Posted September 17, 2010 It's a resource hog /thread jack I just run Linux so I don't have to worry about anything, lol Well that's not true at all. Even though Linux is inheriently more secure then windows and even though 89% of exploits can only work on the same LAN and even though the ones that can be used over the internet are around 11% and most exploits not being critical (14%), there are allot of things to be worried about none the less. Chances are you wont be attacked but there is a chance. There is always a chance. As for Linux Use UFW or another firewall and you should be fine (Stealth all ports) or even deal with ip tables yourself and install ClamAV. Of course I am supposing you already did/do this, but none-the-less any OS without A/V and/or FireWall is vulnerable regardless of wheither its Linux/OSX/Windows/Unix/BSD/Etc. Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted September 21, 2010 Share Posted September 21, 2010 Windows 7 x64 Firefox and its web browsing deliciousness Symantec Corporate Edition Spybot Not much else needed. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted September 21, 2010 Share Posted September 21, 2010 I use this. Quote Link to comment Share on other sites More sharing options...
George Guzman Posted December 30, 2011 Share Posted December 30, 2011 I use net protector to secure my personal computer from viruses. Quote Link to comment Share on other sites More sharing options...
iisjman07 Posted December 30, 2011 Share Posted December 30, 2011 On my linux systems (these are just home machines): -disable ssh to prevent brute force attacks -disable remote desktop -enable ufw -use a strong root password and don't use the root account -enable automatic security updates On my windows systems which I manage for myself and family: -microsoft security essentials to proactively block malware -malwarebytes for on demand scanning -windows firewall -automatic windows updates & manual checks -prey in case of theft -every now and then run ninite to auto update flash/java/browser Router: -strong admin password -WPA or better encryption which a non dictionary key -hardware firewall enabled Quote Link to comment Share on other sites More sharing options...
barry99705 Posted December 30, 2011 Share Posted December 30, 2011 Holy Thread Zombies Batman! Quote Link to comment Share on other sites More sharing options...
int0x80 Posted January 1, 2012 Share Posted January 1, 2012 Do internet stuff from a VM snapshot and always revert. Quote Link to comment Share on other sites More sharing options...
PaulyD Posted January 6, 2012 Share Posted January 6, 2012 Windows: TrueCrypt with Hidden OS option, various containers for different stuff. DefenseWall, Sandboxie, KeePass, LastPass. Alternate on other boxes, Comodo in Proactive Security mode, or Online Armor with Avast! 6. Linux: Sacrificial Windows OS that logs on automatically. Behind that, Ubuntu 11.10 on encrypted LVM. /boot on a an SD Card (anti Evil Maid). SD Card in wallet when not in use. Hardened with some tutorials from essayboard.com (Installment 2) GUFW for the firewall. ClamAV, rkhunter, and chkroot. Thinking about trying out Avast! for Linux. I'm new to Linux. PD Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted January 7, 2012 Share Posted January 7, 2012 1) The best computer security approach would be, maintaining everything up to date. (software, OS, antivirus) 2) Don't surf unsafe websites, and don't open attachments coming from unknown/untrusted sources. 3) Let be honest, Windows 7 is by far one of the best OS Microsoft has ever designed to date. Windows 7 is NOT the perfect OS but it's much more secure than its predecessors and if you are still using XP, do yourself a favor ditch it, and install Windows 7. 4) DO NOT log in as administrator, log in using a non-privileged account or an account with limited access to system resources. 5) Install and maintain your antivirus up to date. 6) I would limit the installation of any third party software, to reduce the chances of exploits or virus infections. Instead use a VM and create a snapshot of it and always revert back when finished using it. 7) Maintain a good password policy, change it once a month if you can and use a password manager such as KeePass to keep it secure and locked away. 8) Use complex and log passwords and DO NOT disclose them to anyone, as well as DO NOT use the same password for every account or website you use. 9) When logging into Banking websites, use Avast SafeZone, to isolate your web browser from the system itself. Very handy, if your system is infected with a Keylogger or Trojan keylogger 10) Install a network IPS and IDS 11) Do not respond to emails, that asks for personal information updating. Get rid of it and block the sender. 12) Install Device lock, to prevent casual users from stealing your information, when away from your computer. 13) Encrypt your entire hard drive with TrueCrypt, and make use of Hidden containers. Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted January 7, 2012 Share Posted January 7, 2012 I recently did this tutorial to harden an Ubuntu machine. I found it to be impractical for everyday use, and like previous poster said mostly targeted towards protection from inside the LAN. http://ubuntuforums.org/showthread.php?t=1002167 It's hard to protect against human naiveness though, because even after hardening a machine to the max they're still vulnerable to things like java based attacks, .pdf, .doc type social engineering attacks. There are also several other factors out of control that are difficult if not impossible to protect against (like if the DNS server at your ISP is compromised, or ARP/MITM attacks on the WAN, or a million other things). Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted January 8, 2012 Share Posted January 8, 2012 I recently did this tutorial to harden an Ubuntu machine. I found it to be impractical for everyday use, and like previous poster said mostly targeted towards protection from inside the LAN. http://ubuntuforums.org/showthread.php?t=1002167 It's hard to protect against human naiveness though, because even after hardening a machine to the max they're still vulnerable to things like java based attacks, .pdf, .doc type social engineering attacks. There are also several other factors out of control that are difficult if not impossible to protect against (like if the DNS server at your ISP is compromised, or ARP/MITM attacks on the WAN, or a million other things). DNS servers have always been vulnerable and very difficult to protect against spoofing attacks, but now there is a solution for it, DNSSEC. On the other hand, DynDNS has released an utility that, protects its end users against MITM attacks performed on DNS, by encrypting all DNS queries. Also its not hard to protect against MITM attacks, with the proper hardware and software any network administrator can harden the security of the network. But lack of budget and training can sometimes impede these changes from happening. Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted January 18, 2012 Share Posted January 18, 2012 pfSense Firewall WAS Using Comodo, now its just windows defender. Nothing else to see here really... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.