Old Project Avalon Forum (ARCHIVE) - View Single Post

AndyH · 11-09-2008, 12:08 PM

There's nothing to worry about if you have a decent set-up.
Windows itself is half the problem, if you have to use it then;

a) Never ever ever ever use Internet Explorer, try Opera or Firefox.

b) Use a non-admin account for normal use.

c) Ensure you are up to date with windows patches- past SP3 now.

d) Use a hardware firewall and at the bare minimum have it set to allow all outgoing packets and disallow all incoming unsolicited packets. Most ADSL routers nowadays have excellent firewalls, just read the manual

Software firewalls will do nothing but give you grey hair and stress you out with irrelevant messages.

e) Use a decent antivirus solution in conjunction with spybot. My recommendation would be NOD32.
Norton,Antivir and AVG are imho completely useless.

f) Scan all files upon download before running, use common sense, look for dodgy file extensions. Turn on displaying file extensions in explorer options.

g) Disable windows rollback, this feature will only allow many virii to back themselves up in that location.

h) Backup on a regular basis using a USB drive and an imaging tool such as Clonezilla, this will take 20 minutes of your time and save you a lot of effort later.

i) Use different passwords with numbers as well as letters, best way to do this is to think of a word that you will always remember and "l337ify" it.
eg- Octopussy could become 0ct0pu55y, these passwords are a real pita to crack with brute force and difficult to guess. Variation is the key...I use a paragraph/sentence from a certain book which I will always remember, my passwords are a series. I apply the same method at work

j) Consider using alternatives to MS Office, if you can view a file in notepad then do that first. Disable macros and scripting within office tools as 99.9% of home users won't use them.

k) Use a webmail supplier with online scanning to keep messages from being received by you directly, gmail is great for the job imho so long as it is not used for important personal info as google have a terrible privacy policy. For private stuff use an open source email client such as thunderbird and never give this address out anywhere on the internet, only directly to trusted individuals.
NEVER EVER send out emails with a ton of people in the cc list....they won't thank you for it when one of the zombie infected individuals starts spamming the entire list!
Use BCC.

l) Never pick up a stray USB key and be tempted to use it, this is the oldest trick in the book. Disable autorun on cd's etc in explorer options.

m) Use your noggin

11-09-2008, 12:08 PM	#24
AndyH Avalon Senior Member Join Date: Sep 2008 Location: Ireland Posts: 289	Re: BEWARE!!!! hacker or virus via Avalon There's nothing to worry about if you have a decent set-up. Windows itself is half the problem, if you have to use it then; a) Never ever ever ever use Internet Explorer, try Opera or Firefox. b) Use a non-admin account for normal use. c) Ensure you are up to date with windows patches- past SP3 now. d) Use a hardware firewall and at the bare minimum have it set to allow all outgoing packets and disallow all incoming unsolicited packets. Most ADSL routers nowadays have excellent firewalls, just read the manual Software firewalls will do nothing but give you grey hair and stress you out with irrelevant messages. e) Use a decent antivirus solution in conjunction with spybot. My recommendation would be NOD32. Norton,Antivir and AVG are imho completely useless. f) Scan all files upon download before running, use common sense, look for dodgy file extensions. Turn on displaying file extensions in explorer options. g) Disable windows rollback, this feature will only allow many virii to back themselves up in that location. h) Backup on a regular basis using a USB drive and an imaging tool such as Clonezilla, this will take 20 minutes of your time and save you a lot of effort later. i) Use different passwords with numbers as well as letters, best way to do this is to think of a word that you will always remember and "l337ify" it. eg- Octopussy could become 0ct0pu55y, these passwords are a real pita to crack with brute force and difficult to guess. Variation is the key...I use a paragraph/sentence from a certain book which I will always remember, my passwords are a series. I apply the same method at work j) Consider using alternatives to MS Office, if you can view a file in notepad then do that first. Disable macros and scripting within office tools as 99.9% of home users won't use them. k) Use a webmail supplier with online scanning to keep messages from being received by you directly, gmail is great for the job imho so long as it is not used for important personal info as google have a terrible privacy policy. For private stuff use an open source email client such as thunderbird and never give this address out anywhere on the internet, only directly to trusted individuals. NEVER EVER send out emails with a ton of people in the cc list....they won't thank you for it when one of the zombie infected individuals starts spamming the entire list! Use BCC. l) Never pick up a stray USB key and be tempted to use it, this is the oldest trick in the book. Disable autorun on cd's etc in explorer options. m) Use your noggin