Subject: SECUR: Options Regarding Workable Windows
Installation/Configuration, Diagnostics, & Security
~ 4 Kb
WORKABLE I am wondering about workable options concerning installation,
configuration, diagnostics, and security in a Windows environment that are
practical for the typical home networking environment. An AS/400 or other
real hardware and software isn't an option, and then I wonder if there is a
Windows emulator that can handle the ActiveX controls (and how much would
even be gained securitywise if that can be done).
I am wondering if there is a program or combination of programs that works
in a way I have faith in at a reasonable cost.
BARELY WORKS It seems to me that Windows just barely works (if you are
lucky enough to get it up and running) before/even without worrying about
security.
PACKED EXES Let's see if I understand this: You are supposed to run
antivirus software to keep from getting a virus, yet you are supposed to
turn the antivirus software off when you need it most to prevent conflicts
with self-installing executables that (as far as I know) cannot be checked
for viruses *packed in the archive.*
ENOUGH TROUBLE WITHOUT As far as memory resident, real time installation
tracking and antivirus scanning goes, it seems to me that I am asking for
more trouble than I've already got. Sure, my system may become quite
secure, assuming for example that it gets so jacked up I cannot reach the
net (or anything other than a blue sceen, for example).
VIRUS ALREADY LOADED Furthermore, virus scanning (at least solely) from
Windows is especially an issue to me, since by the time the operating
system loads (let alone the anti-virus software) a competently written
virus would be in stealth mode anyway. I guess so far we've been lucky the
only people who would be both willing and able to write such viruses fall
into one or more of three extremes: 1) too busy doing real work, 2) can't
afford the time or money to pull it off for one reason or another, 3)
smoked or shot-up too much of something.
BORROWED TIME I think time is runninng out the way attacks are on the
rise. It is difficult to tell if all patches are installed &
working correctly, etc.
I no longer view the following as sufficient:
1) downloading from "trustworthy" sources and CDs
2) constantly patching Windows and Internet Explorer
3) running Outlook Express in Restricted Sites zone
4) avoiding dangerous extentions or using viewers (ex. Word Viewer)
5) Note: loading a *.jpg or *.txt into a program that cares
about format, not extention such as Word thinking it is safe is
a good way to get bit.
Besides to error is human.
INTEGRITY AND OVERLAP It seems to me that since integrity checking and
keeping track of changes are needed both from various points of views: anti-
virus/trojan security and installation/configuration diagnostics, the best
program would do both. In fact the program should create databases from
write-protected floppies (preferably using a real OS and bus mastering 32-
bit IDE, SCSI, or USB 2 access if possible for decent scanning speed) and
compare results with copies made by a companion Windows program. Of
course, the databases need to be stored on the hard drive(s).
DOES GOOD PICTURE TAKING EXIST? I have more faith at taking snapshots at
system startup (less likelihood of conflicts), yet the only three programs
I know of don't meet my needs. ZDNet's INCTRL5 and ArkoSoft's System
Snapshot are too simplistic, while Lanovation's PictureTaker is steaply
priced and probably doesn't have the relevant features I'm looking for.
I'd want to be able to get reports between any two of periodic snapshots,
get lists of frequently changed items to mark ignore or generally ignore,
etc.
What do you think? Comments appreciated. Thanks in advance.
Installation/Configuration, Diagnostics, & Security
~ 4 Kb
WORKABLE I am wondering about workable options concerning installation,
configuration, diagnostics, and security in a Windows environment that are
practical for the typical home networking environment. An AS/400 or other
real hardware and software isn't an option, and then I wonder if there is a
Windows emulator that can handle the ActiveX controls (and how much would
even be gained securitywise if that can be done).
I am wondering if there is a program or combination of programs that works
in a way I have faith in at a reasonable cost.
BARELY WORKS It seems to me that Windows just barely works (if you are
lucky enough to get it up and running) before/even without worrying about
security.
PACKED EXES Let's see if I understand this: You are supposed to run
antivirus software to keep from getting a virus, yet you are supposed to
turn the antivirus software off when you need it most to prevent conflicts
with self-installing executables that (as far as I know) cannot be checked
for viruses *packed in the archive.*
ENOUGH TROUBLE WITHOUT As far as memory resident, real time installation
tracking and antivirus scanning goes, it seems to me that I am asking for
more trouble than I've already got. Sure, my system may become quite
secure, assuming for example that it gets so jacked up I cannot reach the
net (or anything other than a blue sceen, for example).
VIRUS ALREADY LOADED Furthermore, virus scanning (at least solely) from
Windows is especially an issue to me, since by the time the operating
system loads (let alone the anti-virus software) a competently written
virus would be in stealth mode anyway. I guess so far we've been lucky the
only people who would be both willing and able to write such viruses fall
into one or more of three extremes: 1) too busy doing real work, 2) can't
afford the time or money to pull it off for one reason or another, 3)
smoked or shot-up too much of something.
BORROWED TIME I think time is runninng out the way attacks are on the
rise. It is difficult to tell if all patches are installed &
working correctly, etc.
I no longer view the following as sufficient:
1) downloading from "trustworthy" sources and CDs
2) constantly patching Windows and Internet Explorer
3) running Outlook Express in Restricted Sites zone
4) avoiding dangerous extentions or using viewers (ex. Word Viewer)
5) Note: loading a *.jpg or *.txt into a program that cares
about format, not extention such as Word thinking it is safe is
a good way to get bit.
Besides to error is human.
INTEGRITY AND OVERLAP It seems to me that since integrity checking and
keeping track of changes are needed both from various points of views: anti-
virus/trojan security and installation/configuration diagnostics, the best
program would do both. In fact the program should create databases from
write-protected floppies (preferably using a real OS and bus mastering 32-
bit IDE, SCSI, or USB 2 access if possible for decent scanning speed) and
compare results with copies made by a companion Windows program. Of
course, the databases need to be stored on the hard drive(s).
DOES GOOD PICTURE TAKING EXIST? I have more faith at taking snapshots at
system startup (less likelihood of conflicts), yet the only three programs
I know of don't meet my needs. ZDNet's INCTRL5 and ArkoSoft's System
Snapshot are too simplistic, while Lanovation's PictureTaker is steaply
priced and probably doesn't have the relevant features I'm looking for.
I'd want to be able to get reports between any two of periodic snapshots,
get lists of frequently changed items to mark ignore or generally ignore,
etc.
What do you think? Comments appreciated. Thanks in advance.
