[geeks] any thoughts for hardening w7?
Phil Stracchino
alaric at metrocast.net
Sat Dec 22 15:28:33 CST 2012
On 12/22/12 12:15, Nicolai wrote:
> On Thu, Dec 20, 2012 at 10:30:38PM -0500, Lionel Peterson wrote:
>> The Microsoft Security Essentials product is free, and is actually worth every
>> penny! ;^)
>
> General:
> * Replace Adobe stuff with alternatives (e.g. Foxit Reader)
> * Uninstall Java
This isn't necessary, but you may want to disable your browser's Java
plugin. Oh, and speaking of browsers, it's a really, really, really
good idea to never use Internet Explorer for anything if you can
possibly avoid it. The entire Internet Explorer/ActiveX architecture is
fundamentally insecure.
> * Verify ALSR is enabled
A recently published exploit completely defeats ASLR. Don't rely on it.
> * Make sure she understands that most antivirus software is
> fake/malicious.
This is an extreme overstatement.
There *is* malware out there that pretends to be antivirus software.
Several of the major antivirus packages don't work all that well or are
massive CPU hogs (McAfee, Symantec among them). But there are plenty of
perfectly good antivirus solutions to choose from. None of the major
antivirus vendors' products are unsafe. The best are probably
Kaspersky, F-Secure, and Avast!.
--
Phil Stracchino, CDK#2 DoD#299792458 ICBM: 43.5607, -71.355
alaric at caerllewys.net alaric at metrocast.net phil at co.ordinate.org
Renaissance Man, Unix ronin, Perl hacker, SQL wrangler, Free Stater
It's not the years, it's the mileage.
More information about the geeks
mailing list