Loading Search...

Saturday, January 27, 2007

firewall alternatives

i'd try a few firewalls product, especially free personal firewall.

from what i've tried, most free personal firewalls are application firewall. that mean, each application you run can have different rules on what ports it can or cannot connect to the internet.

so far, i only found one free personal firewall (it's softperfect personal firewall) that do port based only and do not care about what applications are using what ports.

what is the different?
i wont tell you network engineer or security expert terms what make these firewall different from each others.

from end-user point of view:

with application based rule, you will be asked each and every time a new apps is trying to connect to a port that's not yet in rulesets. thats mean annoying popups each time a new application try to connect.

with port based rule (like softperfect personal firewall), you only asked onces after the program is installed. and after you setup all the rules at once and only once, your firewall sits there without asking you another question.

so what...

with too many 'annoying' popups by application based firewall, end-users tend to ignore whatever the firewall is warning about and they tend to 'automatically' press the 'Yes' or OK button without understanding the risk, or without even read the warning at all.

so, the application based firewall tends to become useless in the long term and also an administration headache for people like me, managing dozens of friends, families and clients' personal computer / laptop.

with port based firewall, i only need to setup the rules once and never mind about what application using what ports.

off course, the downside is, virus/worms/badware/malware can still go wild and using the internet on those allowed ports without the user know about it.

it's security vs usability.

Wednesday, January 10, 2007

securing windows

in last 3 months, i have been fixing clients', friends', and families' computers totaling over a dozen times. all of them have similar (same?) problem. too much virus and/or other malware load as soon as windows start up and eats up so much resources that your cpu is always > 30% even that you just start up windows and have not start any other apps yet. so, even with pentium4 dual core or core2 duo, the computer still very very slow running any other apps.

many of them wont let you start taskman, command prompt and regedit. when you try to start one of those, it get closed instantly, or maybe your computer just reboot or just give you dummy command prompt that nothing can be done or displaying regedit in notepad, etc... some even reboot your computer when i open free.grisoft.com or other antivirus sites.

so, here i am trying to prevent thing repeats so maybe i can get less call for all the same problems again...

here's some steps you need to take to secure your windows:

  1. as soon as windows installed, create some users:
    • Administrator: default administrator users. give a good password so that no one else can use this without your approval. better yet, never use this account unless very needed to.
    • admin: give it 'Power Users' group and remove 'Administrators' group. give it good password. use it only to install apps.
    • yournamehere: give it 'Users' group and remove 'Administrators' group. you use this login on daily basis
    • guest: default guests account to let your guests use your pc
  2. install sudowin, or runasadmin or other similar tools. so that even you login as administrator, your previledges still limited.
  3. install winpatrol, softperfect personal firewall (or your favorite firewall), free AVG antivirus (or, your favorite antivirus), spybotsd and adaware. always keep them all updated.
  4. DONOT! NEVER! access internet (browsing, chat, email, downloads) as Administrator! you might want to use 1-defender
  5. NEVER download / install any software from untrusted sources. even that they claim to have most advanced antispyware or great games or free porns. search apps from trusted sources like download.com or softpedia.com
  6. if your computers used by many people (like in library or public kiosk) use shared computer toolkit
  7. use ghost or dixml to create a backup image of your installed system so you can recover fast and easy
  8. once again, always avoid login as Administrator whenever possible.
Phishing protection:
  1. use mcafee's free siteadvisor or the plus version
  2. if you use MS Outlook / Outlook Express, protect yourself from phishing emails.
that's it for now. i'll keep this instructions updated whenever possible.

Monday, January 08, 2007

blogspot with your own domain name

maybe blogspot teams read my blog about no free blog host can use our own domain (yet). maybe not...

now, blogger offering to have your blogspot with your own domain. for free.
afaik, this is the first and only free blog host with our own domain name.

because of problem with my internet connection, i cant access to my domain control panel to point cname to google so that i can have http://tips.dennyhalim.com instead of http://komputips.blogspot.com

but, it will soon changed to my domain. just come back and see.

update: at last i can log into my domain control panel and now my blogspot is using my own domain name!