-=PCTechTalk=- Clean computer on a budget
- From: "Wyatt M. Portendt" <nunyabidness6@xxxxxxxxx>
- To: pctechtalk@xxxxxxxxxxxxx
- Date: Thu, 28 Aug 2003 21:59:21 -0500
I've plugged them shamelessly here many times. Hardware router by SMC,
which is not free. It's a Barricade 4 port router/switch. Outpost Pro
handles the software firewall end with excellent content blocking (scripts,
cookies, Active X, such) and is the most complete and reliable firewall
I've ever used - and I believe I've tested most of the major ones. It is
rules AND application based and has the capability to "block most." This
means that if it's not specifically allowed and there is no rule for it, it
is silently dropped. It also allows me to set my mail and news ports to
block all active content (scripting and such) for those applications.
My firewall is paid for, but I still use its free version for the rest of
the computers on my LAN and it has everything you need. The only reason I
bought the Pro version is because it allows me to have multiple
configurations so that I can change to a totally different set of rules "on
the fly." I have a Games and Office setting that blocks all internet
traffic for all programs. I have a LAN setting that allows me all my file
sharing and LAN gaming and blocks the internet. I have a browsing
configuration that blocks all LAN activity and only allows internet
applications with rules for each.
Free SlimBrowser browser extension for IE adds backup content blocking and
makes it easier to delete the cache without deleting the cookies I really
want. MailWasher cleans, thoroughly, all mail before it ever hits my
computer. If it isn't addressed *specifically* and literally -character
for character - to me, it is flagged for deletion and bounce. Much easier
to look at the (by now) few suspect messages than to dig through the whole
list lumped together. After deleting suspect mail at the server end, it
hands it nicely to Calypso email. Calypso strips the HTML and crap, uses
an encrypted addressbook, and, with the same, very powerful, regular
expressions filters that MailWasher uses. This places all messages where
they belong - sorted any way I wish - while deleting anything annoying that
MailWasher *might* miss, and that isn't much. It deletes them instantly
(not globally, but with REAL filters that you can set up on a case by case
basis - no "all or nothing") without sorting through a "trash bin."
Underlying all this is some good old fashion system maintenance and some
more *policy*, because it's not ONLY a software solution!! I do the
updates - Windows, AV (I use AVG, another good free one), Adaware, Spybot,
and others - FREQUENTLY and do the required scans REGULARLY. I set IE
privacy options for cookies to high, which eliminates a lot of the bad
cookies, set my restricted sites zone to maximum security (disable
EVERYTHING) and add sites to it whenever I see something pop up in the
firewall logs that I don't like. I disallow all Active X, Javascript,
referrers, and popups by default. I prompt for cookies (whatever's left
from IE settings) and Java.
I block first, then ask questions. If something doesn't work right, I
evaluate how much I need or want to see it. If I can't live without it,
all my programs can be set to override the settings *site by site* if I
choose. All email attachments are renamed automatically by Outpost and
Calypso (I believe in redundancy to avoid errors) and, to be honest, if an
attachment comes from someone into my mail and I don't expect it, it's
history - BEFORE it gets to my inbox. Calypso looks in the attachment
field and if it sees *.* (which is any file as the DOS people know), it
deletes from the server and discards it, doesn't throw it into the recycle
bin, just dumps it.
I have found that a majority of sites will work without all the garbage.
I've learned that email doesn't need an extra three Kilobytes or more and
annoying flashing things and pretties. I've learned that javascript is
*primarily* used for popups, ads, address farming, trojan passing, spy
tracking, and unnecessary garbage on web sites. I've also learned that no
software is going to help you if you don't have it set up right. I had to
do a lot of research to find out why my filters were not catching
everything at first. I had to find out how internet protocols work in
order to set up good firewall rules. I had to figure out what was an
acceptable risk versus the perceived value of the software and internet
sites I use. Everything I even think about downloading gets a good hard
Google search first for spyware and adware.
It's a multi layered approach. It takes effort and time to set it up, but
it saves time and effort once you get it right. There is no effective "set
it and forget it" wonder software that will keep you clean and safe.
Anyone who claims there is doesn't know as much as they think they do. In
all the haste to write my novella here, I forgot to mention the support of
JV Tools' excellent registy cleaner (free) to clean up those strange
registry items and those persistent softwares that never want to leave your
system completely. I forgot, as well, to plug Microsoft Windows' own
System Restore which makes it possible to totally test software and rid the
computer of it completely if it doesn't work out.
Using this approach I have run several machines with nary a reinstall, nary
a virus, and very darned few malwares. The couple spyware/adware programs
that managed to get in couldn't do much and didn't last long until they
were hunted down and eradicated cleanly. I am nearly certain that no
address in my addressbook has ever successfully been harvested for
*whatever* reason. No system slowdowns, no mysterious files, none of those
things.
There are tradeoffs. You won't be able to successfully view porn sites.
They won't work as a rule without allowing security vulnerabilities.
Launchcast and some Yahoo stuff (not all) won't run because I won't stop
blocking their adservers and "partners" referrers. If you want to send me
a file, I need an email first to tell me it's coming. I can't message in
color. I can't put little trucks and cowboys around my messages - as if
I'd want to anyway. I can't send you Yahoo Groups' advertisements in full
living color - just a blurb of uninteresting text. Sometimes to get a site
that I want to work to do so, I'll have to dig around a little to find out
why it's being blocked. I can't forward your email address to any website
that wants it or advertise it to every trojan that's making the rounds.
Sorry. All I can do is use my computer reliably, with good speed and
clarity and reasonable peace of mind pretty much every day. I like things
simple even if it's a little hard to do at first.
On 8/27/2003 at 8:52 AM a whisper was heard, and the one known as James
LaBorde was rumoured to have uttered....
| Wyatt,
|
| I don't know about others but I would be interested in what
| software/hardware you have setup to feel this secure. Free
| software that is
| reliable is a goldmine! If you would be willing to do so,
| would you share
| what you have set up so that others can benefit from your
| efforts as well.
|
| James
|
| -----Original Message-----
| From: Wyatt M. Portendt [mailto:nunyabidness6@xxxxxxxxx]
| Sent: Tuesday, August 19, 2003 2:55 PM
| To: pctechtalk@xxxxxxxxxxxxx
| Subject: -=PCTechTalk=- Re: what's this? :VSMail mx3
|
|
| I personally wouldn't feel bad about taking a reasonable
| precaution. The
| firewall and mail security here has caused me to miss the last
| ten major
| virus attacks even though I was exposed to them through
| mailing lists and
| casual surfing. I don't argue with people who say they don't
| need them. I
| know that soon enough they will be silent for a time and a
| little more
| open-minded shortly after (the virus hits them).
|
| I have a layered approach to security. The router is the
| outer shield, a
| properly configured (and configurable) firewall is the next
| layer. A text
| only email with an encrpted address book (and *real* filters
| built in)
| filtered with a regular expressions mail handler protects the
| email.
| Content blocking and script control keep IE from getting
| naughty. It
| sounds cumbersome, and it wasn't a peach to set up in the
| beginning, but it
| works flawlessly now. Good stuff gets in, bad stuff doesn't,
| and
| questionable things can be forensically traced to find out
| exactly what
| they *are* doing behind my back.
|
| Foolproof, no. Damned difficult to casually breach, without a
| doubt. All
| of it was free and it's working exceptionally well. I just
| listen politely
| to the people who say it's unnecessary and doesn't work and
| smile while I'm
| surfing and mailing with no problems for about three years
| running now. No
| crashes, no reinstalls, no cleaning, no worries.
|
| On 8/18/2003 at 12:47 PM a whisper was heard, and the one
| known as Michael
| Scott was rumoured to have uttered....
|
| | Hello All,
| | With the panic re the blaster worm I checked up
| on my
| | Microsoft Updates again and there was "Security
| Update
| | Microsoft Virtual Machine". What doodad is this
| for and is it
| | necessary or will my world end if I don't do it.
| It is over 5
| | megs and I must have the worst server in the
| world because I
| | keep dropping out and this could take forever.
| |
| | I did however go to CNET and downloaded the
| w32.blaster
| | removal Tool and was tickled to find I'm clean.
| |
| | It seems that if you have a firewall, you are
| much safer. I
| | know so many people who think I'm a twit because
| I have one on
| | my PC............ they wouldn't!! Hope I run
| into some of
| | them and they tell me they have the worm. OK, I
| know I'm
| | being nasty....... but ........ Lyn
| |
| | To unsub or change your email settings:
| | //www.freelists.org/webpage/pctechtalk
| |
| | To access our Archives:
| |
http://groups.yahoo.com/group/PCTechTalk/messages/
| | //www.freelists.org/archives/pctechtalk/
| |
| | For more info:
| |
| //www.freelists.org/cgi-bin/list?list_id=pctechtalk
|
|
| ********* And So It Was ***********
|
| To unsub or change your email settings:
| //www.freelists.org/webpage/pctechtalk
|
| To access our Archives:
| http://groups.yahoo.com/group/PCTechTalk/messages/
| //www.freelists.org/archives/pctechtalk/
|
| For more info:
| //www.freelists.org/cgi-bin/list?list_id=pctechtalk
| To unsub or change your email settings:
| //www.freelists.org/webpage/pctechtalk
|
| To access our Archives:
| http://groups.yahoo.com/group/PCTechTalk/messages/
| //www.freelists.org/archives/pctechtalk/
|
| For more info:
| //www.freelists.org/cgi-bin/list?list_id=pctechtalk
Powered by Calypso Email - Control by Outpost Pro and MailWasher
Email should not be stressful!
To unsub or change your email settings:
//www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/
For more info:
//www.freelists.org/cgi-bin/list?list_id=pctechtalk
Other related posts:
- » -=PCTechTalk=- Clean computer on a budget
