Hello ts, >here's some more XP stuff: > >http://www.microsoft.com/windowsxp/using/setup/expert/northrup_restore >perf.mspx > >examine autostart programs using the Autoruns freeware tool from >Sysinternals. Autoruns lists every program that will automatically >start and allows you to quickly delete the link to the program. >http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml > >Many autostart entries are important parts of Windows XP, including >Userinit.exe and Explorer.exe. So you should not simply delete >everything that you don't recognize. Instead, you should look up each >entry at Paul Collins' Startup Applications List to determine whether >you want it to start automatically: >http://www.sysinfo.org/startuplist.php > >here is info on MSCONFIG and Registry ... >and a downloadable list of autostart progs that can be run offline: >http://www.pacs-portal.co.uk/startup_content.php#THE_PROGRAMS > >i finally was able to eliminate a few persistant autorun progs. > >-ts-
Thanks ts - some autorunners are from security programs and you have to decide whether they are worth it (if unsure the answer is yes) here is an on-line checker for processes running in memory http://www.processlibrary.com/ (you have to identify them with a program such as the ones you mention . . . There is a program available from MS (be careful) that allows you to install all the latest patches . . . ---------------------------------------- The Microsoft Baseline Security Analyzer ---------------------------------------- See below in the excellent tourbus which I include in full m m m . . . Just installed Knoppix Linux on a spare hard drive took me about half an hour I came across a neat command that updated all my programs "apt-get update" - could I install firefox? Nope. Finally remembered I might have to be Su (superuser) and then something went wrong and frankly I can not be asked . . .. (after all Mozilla is pretty good) Back in XP again. ReactOS is on its way (and looking good) :-) Yesterday was doing some more stuff in pure XML with Shadow (a sort of information exchange language that you can provide as a web page) We are having to do it all directly in notepad - just have not been able to find tools I like . . . We are working on a long term project called Tmxxine Solar - yes of course our time machine is gonna be solar powered :-) This is for a dual project we are working towards in Kenya to create solar power expertise to power small library projects One of the reasons I am so keen on wikibooks is because these are on line books - and do you remember the Simputer from India - well in Africa EVERYONE (nearly everyone) has a mobile phone and of course the mobile phone is becoming more like a PDA and one day mother will say "Go read your phone" - and education will be available wherever there is a person. Good. What are the basic human needs? Water Food Shelter and Internet Connection :-) Lobster ---------------------------------------------------------------------- TOURBUS Volume 10, Number 30 -- 14 Oct 2004 [ For best results view this with a monospace font like Courier. ] ---------------------------------------------------------------------- _________ ____________ ________ __________ _____________ ___ _ / | / | | / | \ | SIX YEAR ANNIVERSARY JAMBOREE SPECIAL: InkJetsRus / | \ |__________|__________/__________|__________|___________/_____| \ / |----\ | Just when you thought it couldn't get any better, hang on to |////| | your hat! We are NOW offering you "3 for the price of 1" on |////| | all NEW equivalent EPSON and CANON Inkjet Cartridges. Prices |////| | from $6.75 for 3 black and $10.50 for 3 color. |////| | |////| | ---> http://www.InkJetsRus.net/tourbus <--- |////| | NEW FREE CANON PRINTER. Three Models to Choose. Phone toll |////| | free for details 888-429-9373 (M-F 8:30 to 5:00) |////| \_______________________________________________________________|____| / \ / \ / \ \___/ \___/ T h e I n t e r n e t T o u r B u s \___/ Visit the Tourbus Home Page at http://www.TOURBUS.com ! TODAY'S TOURBUS TOPIC: Home Computer Security, Part Five Microsoft Baseline Security Analyzer Howdy, y'all, and greetings once again from deep behind the orange curtain in beautiful Irvine, California, the first national park in Norway. :P TOURBUS is made possible by the kind support of our sponsors. Please take a moment to visit today's sponsors and thank them for keeping our little bus of Internet happiness on the road week after week. +------ Special: Get 4 Computer Magazines For The Price of 1 -------+ Which computing publication is right for you? No matter what your skill level or digital lifestyle, we've got a magazine to suit your needs. Take advantage of this FREE TRIAL ISSUE offer and subscribe to any of the following publications and get online access to the other three magazines absolutely FREE. Choose from SMART COMPUTING, PC TODAY, COMPUTER POWER USER, or CONSUMER ELECTRONICS TIPS. To learn more about each of these magazines, or to get your FREE trial issue, click here now. http://tourbus.com/smart.htm +-------------------------------------------------------------------+ On with the show... Today's journey of our little bus of Internet happiness is the little- anticipated fifth part in my never-ending Home Computer Security series. Much like an 8:00 AM calculus class, this series keeps going and going and going. There is no end. You're stuck. Wait, it gets worse. Today's post focuses solely on a Windows security tool called the Microsoft Baseline Security Analyzer [MBSA]. There's no MBSA for the Mac because, well, the Mac doesn't really need one. Sorry about that, Mac-ies. If you have a PC [or a Mac] and missed any of my previous posts, be thankful. They stunk! Seriously, though, you can find all them all online in the Tourbus archives: Part One: Exploits and Patch Management http://tinyurl.com/4gdt6 Part Two: Firewalls http://tinyurl.com/66vfa Part Two and a half: Odds and Ends http://tinyurl.com/5ru8z Part Three: Testing your Firewall http://tinyurl.com/46zuz Part Four: Update your Antivirus http://tinyurl.com/4gzhb I've also combined all of those posts into two giant presentations you are free to download and burn in effigy. Just point your web browser to http://netsquirrel.com/classroom/ and look for Home Computer Security and Privacy parts one and two. Both presentations are available in Microsoft PowerPoint and Macromedia Flash formats. ---------------------------------------- The Microsoft Baseline Security Analyzer ---------------------------------------- You probably know by now that when Microsoft finds a security hole in Windows or Internet Explorer they [usually/eventually] release a patch called a "Critical Update." In fact, Microsoft released a new Critical Update just this past Tuesday that closes over 20 security holes. What you may not know is that Windows Update lies. [GASP!] No, really. Windows Update frequently thinks you've installed a Critical Update you haven't, leaving your computer vulnerable. Fortunately, Microsoft's Baseline Security Analyzer [MBSA] takes care of that little-known problem. MBSA is a free program from Microsoft that scans for over 60 common system misconfigurations and almost any Microsoft security update your computer may be missing. In particular, MBSA double-checks the security of - Windows (*) - Microsoft Office 2000 and later - Internet Explorer 5.01 and later - Windows Media Player 6.4 and later - A bunch of other Microsoft applications and services MBSA analyzes, you fix. In other words, MBSA tells you what's wrong and points you to the solution. But YOU have to manually download and apply the solution. That's important to remember. Wait. There's more. Did you notice that little asterisk next to "Windows?" Well, that's because MBSA only works on Windows XP, 2000, and Server 2003. :( That's all of the bad news. Now for the good news. While the MBSA was designed for corporate tech support, there is no reason why you can't use it at home. Oh, and it's free. Yes, you read that correctly. Microsoft is actually giving something away. To get the latest version of Microsoft's MBSA, just go to http://www.microsoft.com/technet/security/tools/mbsahome.mspx Download the MBSASetup-EN.msi file to your desktop and then double- click to install it. ------------ Running MBSA ------------ Once you've downloaded and installed MBSASetup-EN.msi, double-click on the MBSA "watering can" [padlock and checkmark] icon. This opens the MBSA welcome screen. Click "Scan a computer." On the next screen, don't change anything. Just make sure you are connected to the Internet and then click "Start scan." MBSA calls home to Microsoft and downloads something called "MSSecure.cab." This file contains information about practically every patch Microsoft has released. MBSA scans your computer's operating system, operating system components, and Microsoft applications. MBSA then compares the version numbers of the stuff on your computer with the latest version numbers in the MSSecure.cab file. Finally, MBSA shows you which updates your computer is missing. ------------------------------- Translating the security report ------------------------------- Critical failures [red Xs] require you to immediately install a patch or update to ensure the strongest security of your computer. Non- critical failures [yellow Xs] happen when there is a newer version of something available, but you don't really have to upgrade...yet. Best practices [blue asterisks] could signify a problem--MBSA can't confirm that those particular security updates have been installed. What's important and what isn't? Well, MBSA's security report has seven sections, and in my humble opinion you only have to worry about two: 1. Security Update Scan Results [at the top of the report] 2. Desktop Application Scan Results [at the very bottom] The five sections in the middle don't really apply to home users. Don't get me wrong: Problems here are important. They're just rarely critical. You can fix the problems in the middle five sections if you want, but you don't have to. ---------------------------- Fixing the critical failures ---------------------------- Remember, MBSA analyzes, you fix. To find a fix for a critical failure in Security Update Scan Results or Desktop Application Scan Results, click on the "Result Details" link next to that critical failure. This shows you exactly what's missing or is misconfigured. Click on each link and it opens a page in Internet Explorer telling you how to download the appropriate patch. REMEMBER TO INSTALL THE PATCHES AFTER YOU DOWNLOAD THEM! MBSA won't do it for you. -------------- Blue Asterisks -------------- Sometimes MBSA gets confused and can't confirm if your computer has a particular patch. That's what the blue asterisks signify. Fixing those blue asterisks is a little more complicated. 1. Click on Results Details. 2. In the description for each Security Update you'll see a six digit number in parentheses. Write down each six digit set of numbers you see. 3. Then go to Add/Remove Programs in your Control Panel. 4. Scroll down towards the bottom and look for the Windows Hotfixes. 5. Compare those six digits you wrote down in MBSA with the last six digits of the various hotfixes in Add/Remove Programs. If you find a match, you have the patch. MBSA just got confused. If you don't find a match, go back to the MBSA Results Details page and manually download and install the missing patches. --------- MBSA tips --------- Run MBSA from time to time just to double-check your computer's security. I usually run MBSA every three months or so. Don't be surprised if MBSA still gives you blue asterisks even after you've installed all the patches. Sometimes MBSA gets confused. And there's no real way to unconfuse it. Finally, there's no such thing as a "clean" MBSA scan, especially in the middle five sections. MBSA is always going to find something to complain about. ------- Summary ------- So, what did we learn today? Well, we learned that MBSA is a free program from Microsoft that scans for over 60 common system misconfigurations and almost any Microsoft security update your computer may be missing. You need to fix the critical failures [red Xs] and the best practices [blue asterisks] as soon as possible. Think about fixing the non-critical failures [yellow Xs] when you get the time. MBSA's security report has seven sections, and you only have to worry about two: - Security Update Scan Results [at the top of the report] - Desktop Application Scan Results [at the very bottom] +---------- Closing More Sales By Asking Better Questions ----------+ "BEST MATERIAL I've ever read on the subject of asking questions to find problems and close sales." - Heath Bedal, President, Pinnacle Sales, Inc. Learn how to ask great questions so you can quickly identify who IS and who ISN'T a prospect. Now you can spend more time with buyers and less time with those who aren't. Click here to order "Closing More Sales." FREE Sales Newsletter. http://SucceedingInBusiness.com/Tourbus-cms.htm +-------------------------------------------------------------------+ That's it! I hope this helps! Have a safe and happy weekend, and we'll talk again soon! =====================[ Tourbus Rider Information ]=================== The Internet Tourbus - U.S. Library of Congress ISSN #1094-2238 Copyright 1995-2004, Rankin & Crispen - All rights reserved Subscribe, Signoff, Archives, Free Stuff and More at the Tourbus Website - http://www.TOURBUS.com ==================================================================== .~~~. )) (\__/) .' ) )) Patrick Douglas Crispen /o o \/ .~ {o_, \ { [EMAIL PROTECTED] / , , ) \ http://www.netsquirrel.com/ `~ -' \ } )) AOL Instant Messenger: Squirrel2K _( ( )_.' ---..{____} Warning: squirrels. ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/J8folB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/HolyGeek/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
