Posts Tagged ‘technology’

Windows XP Security Guide

Posted by ePlus on 20 October, 2005 at 21:38 pm

Overview

The Windows XP Security Guide has been updated to provide specific recommendations about how to harden computers that run Windows XP with Service Pack 2 (SP2) in three distinct environments:

  • Enterprise Client (EC). Client computers in this environment are located in an Active Directory directory service domain.
  • Stand-Alone (SA). Client computers in this environment are not members of an Active Directory domain.
  • Specialized Security - Limited Functionality (SSLF). Client computers in this environment are subject to extraordinary security concerns. These concerns are so great that a significant loss of functionality and manageability is acceptable.

    • Information about the security features in SP2 was included as an appendix to the previous version of this guide. This information has now been integrated throughout the guide, and thoroughly tested templates for Windows Firewall security settings (Windows Firewall replaced the Internet Connection Firewall in SP2) are provided. Information is also provided about closing ports, Remote Procedure Call (RPC) communications, memory protection, e-mail handling, Web download controls, spyware controls, and much more.
    This guide is primarily intended for consultants, security specialists, systems architects, and IT planners who plan application or infrastructure development and the deployment of Windows XP workstations in an enterprise environment. It is not intended for home users, but for individuals whose job roles include the following:

  • Systems architects and planners who are responsible for driving the architecture efforts for the workstations in their organizations.
  • IT security specialists who are focused purely on providing security across platforms within an organization.
  • Business analysts and business decision makers (BDMs) who have critical business objectives and requirements that need IT desktop or laptop support.
  • Consultants from both Microsoft Services and partners who need knowledge-transfer tools for enterprise customers and partners.

    • Download Windows XP Security Guide v2.1 (.zip)

    Tags: , , , , , , ,
    Posted in Tech | Comments Off

    Fix IE for Good in 3 Easy Steps

    Posted by ePlus on 12 October, 2005 at 12:00 pm

    Summary: This allows you to be administrator but run any program (ex: IE) in non Admin mode, protecting you from spyware & viruses properly. Keep in mind we’re using ONLY tools created by Microsoft, no 3rd party here.

    Step 1. Install the MS Util “Drop My Rights” from here.
    If you want to read (too much) about the utility here.

    Step 2. Choose to install it to your WinDir folder (often C:\Windows\ ), do not create a special folder for it!

    Step 3. When you want to run a program (or website) you can’t trust (IE) simply set your icon’s Target (found in the icon properties) to something like this

    %windir%\DropMyRights.exe “c:\some\app.exe” n

    The “n” is the privilege mode, you can choose from:
    * “n” is normal non-admin user mode (best choice)
    You still are yourself minus the admin privileges. Keep in mind that “n” mode still gives IE (spyware, virus) power over your personal files (read, delete), but prevents the spyware/virus from installing or infecting anything. You should always surf this way 24/7.

    * “c” is for paranoid mode
    Most things work, there is no read/write access to your files (this includes favorites) so you are protected from most anything.

    * “u” is for super paranoid mode but most things won’t work correctly.
    if you want to access a truly dangerous site then you want this setting

    Step 4. (Optional) If you want to add a (MS created) toolbar to IE that shows your current privileges check here.

    Side Notes:
    - If you want to install an app you get from the web, save it to your PC first, you won’t be able to install it from within IE in protected mode (this is a good thing)

    - Any application that the 1st application launches will use the same restrictive rights (ex: while in IE you click a PDF or Media Player, they will run in the same restricted mode).

    - Windows Vista 2006 will have official support for this natively and will run IE in reduced mode by default

    :idea: If you don’t want to change to a new browser I think that the above guide will help you secure IE so that spyware, adaware and all of that shit won’t infect your computer. The article was found on theSpoke.net. Maybe some people might find it useful…

    Tags: , , , , , ,
    Posted in Tech | Comments Off

    Fuck up

    Posted by ePlus on 21 September, 2005 at 20:15 pm

    If things couldn’t fuck up any more, my motherboard went a couple of days ago. More like last week. So at the moment playing with a SuSe Linux version 9.2 (were 9.3 is out and even 10.0!) is a bit annoying. I am not saying that it sucks, just it takes some time to install it (4 or so CDs if you want a GUI) and is a bit slow on the P3 500mhz 128mb ram computer. And if that isn’t bad enough, apparently there is a “DMA Timeout” error that I get when booting. So that takes a little longer until things settle down.
    (more…)

    Tags: , , , ,
    Posted in Rant, Tech | Comments Off

    Week of hell

    Posted by ePlus on 11 June, 2005 at 19:11 pm

    Is not bad enough that I have exams. Mind you I’ve taken a few exams before so I am not actually “nervous” or all that crap. So I just go in do my thing and leave. And then getting a pass or a failure is another thing. I’m hoping of course that I will pass, but looking at the amount of revision I have been doing I somehow doubt that.

    (more…)

    Tags: , , , , ,
    Posted in General, Rant, Tech | Comments Off