On Sunday 14 December 2003 11:20 pm, Carren Stuart wrote: > Internet security is important to me, and I have my Windows system > locked down as tightly as possible. I have a dial up connection, which > is pretty much connected 24 hours a day. I use a respected AV and > Kerio with a very stringently customised set of rules, I do not use > any Microsoft software other than my operating system, plus I make use > of several third party bits and pieces to help me keep my system > locked down as tightly as possible.
Prior to about 2 or 3 years ago, I also ran MS as my primary OS with WinXP as the last MS OS on my primary box. I also ran personal firewall software, had scanned my system externally and had a router/firewall appliance at the same time. I did not use IE for a browser (ran opera instead) and tried to be very knowledgable about security in general. At the time, I thought my own system was fairly secure and it might well have been, with their being easier targets that were more likely to be hit than mine. However, with the work that I have done and continue to do testing software and security aspects of software in general, I am much more aware of the deficiencies of certain aspects of the MS OS. I would not disparate anyone for implementing available tools to harden their system, but I would not regard any MS OS as being secure in any fashion. > Having said that, I am not paranoid about this, and I do realise that > my system is not, and never will be 100% secure. That doesnt bother > me. I have taken all the precautions I can for my own particular > computing situation, and that is enough for me. I have reduced the > risk as much as I possibly can at this point. A standalone router/firewall, even on the modem connection would do so even more. > If I happen to get > caught out by some nasty at some time, it will be bad luck, but it > wont be due to something stupid I did. Could very well be something stupid that some MS developer did. Probably more likely that. > As you have already said Linux is an inherently more secure OS than > Windows, and the risks are less, although not absent. I want to be > able to feel secure using Linux but I don't the level of security > someone in business might need. At the moment I dont *feel* secure > because I dont understand how the firewall works, and I can't begin to > configure it the way I want it, until such time as I can understand > it! That's where I am at now. My previous posts about other firewalls > available, were really indicating that I was perhaps looking for > something I could *get* straight away, to use in the meantime, while I > am busy trying to get my head around the built in firewall. Which is why I recommended the standalone router/firewall appliance in the first place. It is fairly cheap (about the same as antivirus software), simple to setup and it offers a fair amount of protection directly out of the box. Granted, it is not as flexible as one might like, but it should certainly serve your purposes until you find a solution that is flexible enough and just as secure. > None of what I have posted here on the subject is intended in any way > to be critical of you or of the linux firewall. IIRC, you took offense to my statements, not the other way around. I was simply defending what I had said. Again, I did not ever mean to deprecate someone taking all available precautions, including using something like Kerio on Windows, I was simply suggesting that hardening Windows against exploits is an almost insurmountable task. > I'm sorry to say, you'll be seeing more of me here, at least until the > light bulb in my head switches on! :-) Not at all. I hope to see more of you and wish that more Windows users were interested enough in exploring the limits of their own systems that they would see the weaknesses of it. I have just gotten finished reading an interesting ebook about computer security that suggests that PC software developers in general have for years disregarded security in favor of usability, functionality and ease of use for new users. Linux, having been built by and for hackers did not care as much about UI and ease of use as security and arcane functional utility. Perhaps this is yet another example of that premise. -- Bryan Phinney Software Test Engineer
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
