> -----Original Message----- > From: Bob Young [mailto:[EMAIL PROTECTED] > Sent: 08 March 2006 21:05 > To: gentoo-user@lists.gentoo.org > Subject: RE: [gentoo-user] antivirus > [snip] > As to <insert App Name here> not running without Admin > rights, most of those > cases can be taken care of with RunAs. It's better to run a > single App with > Admin privledges rather than have all apps including email > and browsers > running with Admin rights.
Actually, it would be better to troubleshoot the particular application and allow it write/execute or modify rights *only* to the files it needs to access for the particular plain user (typically some files or a folder under C:\Program Files). It may take some time to set up access rights for all such badly written apps, but it'll keep your M$Windoze box as safe as it will ever be. If in addition you shut down all the open by default Windoze ports (135-139, 445, 500, 1900, 4000 + remote admin) and disable unnecessary/dangerous services and also stop using OE and IE (or at least stop using them with their default settings) you should be safe enough going about your normal business. The above suggestions will ensure that viruses cannot be easily installed (thus protecting users from clicking idiotically on any rubbish they happen to receive as an email attachment) and will also stop most of the trojans scanning the internet for default open Windoze ports. I know it works - my wife has not had her NT4/WinXP OS infected since 1998, despite downloading all sort of garbage. Of course, running Nod32 also helps every now and then, mostly by providing early warnings about mail attachments. -- Regards, Mick -- gentoo-user@gentoo.org mailing list
