Re: [newbie] Windows Security
On Thursday 02 December 2004 21:30, Simon Roberts wrote: From: H.J.Bathoorn [EMAIL PROTECTED] ... On Thursday 02 December 2004 10:26, Kaj Haulrich wrote: Maybe I'm paranoid, but after that experience we don't allow her Windows box contact with anything outside her room. You are;) Confined to the LAN can't really hurt can it, especially with static IP and a dedicated router/firewall. I broadly agree that if you have a simple firewall (the typical NAT setup is probably enough) between your windows and the big bad world, you're not going to be too badly off. But, and it's a big but, the thing this doesn't address is the horrors of ordinary users using email and web-browsing. These horrors are compounded by the default configuration of many of the tools they use (notably IE and Outlook). These things will, by default, download and execute various things you probably didn't want. This is compounded by the average user's response to the typical security warning which they read as: Which is why one should confine them to the LAN-only. At least that way they can share files locally. With DHCP turned off and the configured gateway pointing to some other box that isn't really a gateway.you'll be safe enough;) snipped -- Good luck, HarM Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Windows Security
Hello H.J.Bathoorn, Thursday, December 2, 2004, 12:49:07 PM, H.J.Bathoorn wrote: HJB On Thursday 02 December 2004 21:30, Simon Roberts wrote: These things will, by default, download and execute various things you probably didn't want. This is compounded by the average user's response to the typical security warning which they read as: HJB Which is why one should confine them to the LAN-only. Another approach is to NOT use M$ software other than the OS. For example, programs such as TheBat (email) (1) do NOT use vulnerable M$ components in their code, (2) can be configured to NOT go to the web for anything [other than email, of course :-)], and (3) to NOT open anything. This allows even a relatively naive user to have email with MUCH improved safety. I have suggested this approach to many users who are stuck with M$, or still too afraid to switch, and it has reduced their problems enormously. You MUST be behind a router, though, preferably with at least an SPI firewall! -- rikonamailto:[EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Windows Security
On Thursday 02 December 2004 23:14, rikona wrote: Hello H.J.Bathoorn, Thursday, December 2, 2004, 12:49:07 PM, H.J.Bathoorn wrote: HJB On Thursday 02 December 2004 21:30, Simon Roberts wrote: These things will, by default, download and execute various things you probably didn't want. This is compounded by the average user's response to the typical security warning which they read as: HJB Which is why one should confine them to the LAN-only. Another approach is to NOT use M$ software other than the OS. For example, programs such as TheBat (email) (1) do NOT use vulnerable M$ components in their code, (2) can be configured to NOT go to the web for anything [other than email, of course :-)], and (3) to NOT open anything. This allows even a relatively naive user to have email with MUCH improved safety. Agreed.I usually offer calypso to those people.It's abandon ware/free and quite nice and/or (if the box is up to it) mozilla in all it's form. Downside is that calypso has a strange way of compressing it's backups..if it realy crashes there's hardly a way to salvage old mail archives. Downside of the Bat is this user_name_initials stuff in reply's. IMHO they're daft, at the least;) I have suggested this approach to many users who are stuck with M$, or still too afraid to switch, and it has reduced their problems enormously. Kick Outlook, VB and IE and you're more than halfway secure but that wasn't point of the original post, was it? Keeping Windows off the net is much better. I'm surprised how little uproar (actually total silence) there was here in the Netherlands when they rounded up a bunch of alleged Islamic terrorists who had threatened a right wing politician. They were caught thanks to their ISP's logs AND information from MicroSoft Americaunbelievable in all senses! You MUST be behind a router, though, preferably with at least an SPI firewall! Good advice that. -- Good luck, HarM Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Windows Security
On Thursday 02 December 2004 23:45, H.J.Bathoorn wrote: snip Keeping Windows off the net is much better. I'm surprised how little uproar (actually total silence) there was here in the Netherlands when they rounded up a bunch of alleged Islamic terrorists who had threatened a right wing politician. They were caught thanks to their ISP's logs AND information from MicroSoft Americaunbelievable in all senses! /snip Agreed. At last Microsoft did something good. Kaj Haulrich. -- *sent from a 100% Microsoft-free workstation* * http://haulrich.net * *Running Linux (Mandrake 10.1) - kernel 2.6.8* Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Windows Security
On Friday 03 December 2004 00:03, Kaj Haulrich wrote: /snip Agreed. At last Microsoft did something good. Kaj Haulrich. Actually I'm not all together thrilled at the idea. A large multinational enterprise (with a very stained legal and moral reputation) has more information than national security agencies and police forces. Who's in a position to check the validity of the assesions MicroSoft makes? Certainly not the local judges when it comes to court. Whatch your step, if you're out there on XP! -- Good luck, HarM Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Windows Security
Hello H.J.Bathoorn, Thursday, December 2, 2004, 2:45:12 PM, H.J.Bathoorn wrote: HJB Downside is that calypso has a strange way of compressing it's HJB backups..if it realy crashes there's hardly a way to salvage HJB old mail archives. Oooo - wouldn't touch that one, I'm afraid. Got burned quite badly with that kind of thing once. Never again. HJB Downside of the Bat is this user_name_initials stuff in HJB reply's. IMHO they're daft, at the least;) Actually, I kinda like it. Nice for VERY busy lists. It is configurable though. If it is driving people here crazy, I can change it. HJB They were caught thanks to their ISP's logs AND information from HJB MicroSoft Americaunbelievable in all senses! dons tinfoil hat Might have been part of the secret deal with the Justice Department in order to get off quickly, and with no real punishment. Seems to have worked well. My guess is both sides love the arrangement. -- rikonamailto:[EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Windows Security
Hello Kaj, Thursday, December 2, 2004, 3:03:04 PM, Kaj wrote: KH On Thursday 02 December 2004 23:45, H.J.Bathoorn wrote: KH snip Keeping Windows off the net is much better. I'm surprised how little uproar (actually total silence) there was here in the Netherlands when they rounded up a bunch of alleged Islamic terrorists who had threatened a right wing politician. They were caught thanks to their ISP's logs AND information from MicroSoft Americaunbelievable in all senses! KH /snip KH Agreed. At last Microsoft did something good. I'd have to disagree. It is a rather large invasion of privacy, which is a larger topic, but we should move this to the OT list and not add clutter here. See you there? -- rikonamailto:[EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Windows Security
On Friday 03 December 2004 00:27, rikona wrote: Hello Kaj, Thursday, December 2, 2004, 3:03:04 PM, Kaj wrote: KH On Thursday 02 December 2004 23:45, H.J.Bathoorn wrote: KH snip Keeping Windows off the net is much better. I'm surprised how little uproar (actually total silence) there was here in the Netherlands when they rounded up a bunch of alleged Islamic terrorists who had threatened a right wing politician. They were caught thanks to their ISP's logs AND information from MicroSoft Americaunbelievable in all senses! KH /snip KH Agreed. At last Microsoft did something good. I'd have to disagree. It is a rather large invasion of privacy, which is a larger topic, but we should move this to the OT list and not add clutter here. See you there? OK - where do I subscribe ? Kaj Haulrich. -- *sent from a 100% Microsoft-free workstation* * http://haulrich.net * *Running Linux (Mandrake 10.1) - kernel 2.6.8* Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Windows Security
Hello Kaj, Thursday, December 2, 2004, 3:42:07 PM, Kaj wrote: KH On Friday 03 December 2004 00:27, rikona wrote: KH Agreed. At last Microsoft did something good. I'd have to disagree. It is a rather large invasion of privacy, which is a larger topic, but we should move this to the OT list and not add clutter here. See you there? KH OK - where do I subscribe ? [EMAIL PROTECTED] -- rikonamailto:[EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com