Home
Monday, November 20, 2017
6:25:05 PM
Users online: 0   You are here >> Home > Security

Forums | Security Forums search
Forum FAQ
   
  1  
Mornic parents. Idiot proofing XP as much as possible.
eckythump 
15/5/08 8:16:54 PM
Overlord

*mumbles something about people who shouldn' tbe allowed near computers*

So, my folks, mostly my step-dad have successfully fucked their PC again. It's an old machine, running win2k, so with this last venture into the land of viruses, spyware and trojans, it was decided that perhaps it is time for a new system.

So, I want to limit the number of fucking moronic hpone calls I get as much as possible.

The new PC will be running XP. Internet access will be via a ADSL router doing NAT, so that hsould provide some rudimentry protection from outside attacks.

Now what I'd like is advice as to the best, and preferrably free software for them to take care of:

Firewalling (is this really even necessary when behind NAT, at least, beyond the default Windows Firewall?)

Anti-Virus

Anti-Spyware

Anti-Spam

Now, when I say "the best" software, this needs to be taken with dickheads in mind. If option A is 100% effective, but requires user-intervention to update occasionally, and option B is 99% effective and auto-updates and just goes and goes and goes, then I'd favour option B.

Also, the main problem they've currently got is that the account they login as is an administrator account. I'm thinking that they should likely be kept away from any kind of admin privileges if it can be helped at all, but is this going to create other problems?

Any advice will be welcome. I'm thinking that next time I'm there (they live interstate) i will install a UNIX based desktop OS so my mum, who thankfully is appropriately paranoid about the stupid shit my step-dad does, can boot into an OS where she can be a lot more confident that some little russian kid isn't getting beamed her internet banking login details via the w32@stupidfather@MM virus.

Can you tell I regret them ever discovering the usefulness of computers?

-----
"Grandfather had an accident, he got burnt." "Oh no, how bad?" "Well, they don't fuck around at the crematorium."

Redhatter 
15/5/08 10:11:22 PM
Hero
Titan


Is it possible to idiot proof Windows XP? I would have suggested Knoppix ... via the LiveCD.

-----
Stuart Longland (aka. Redhatter, VK4FSJL)
I haven't lost my mind it's backed up on a tape somewhere...
http://atomicdoc.yi.org <-- AtomicDOC Wiki
Resident Coolie-hatted Gentoo geek. (Gentoo MIPS & Mozilla herd member)

eckythump 
16/5/08 12:21:38 AM
Overlord

Quote by Redhatter
Is it possible to idiot proof Windows XP? I would have suggested Knoppix ... via the LiveCD.


Hmm, knoppix is probably a good idea, as a standby and trustworthy OS for banking, until I can get down there and install something as a secondary OS.

I'd love for thm not to have Windows at all, but they're application bound, and while there may be open-source alternatives, my folks will not want to spend time finding and learning them and transferring old info into new systems.

I should've made the mbuy a Mac when they started. :)

-----
"Grandfather had an accident, he got burnt." "Oh no, how bad?" "Well, they don't fuck around at the crematorium."

bnew 
16/5/08 9:08:41 AM
Guru

If you are using XP Pro, you can edit the local group policy object to do a fiar bit of 'locking-down' such as preventing access to the control panel, not allowing certain settings to be changed etc. Alternatively you can achieve the same thing via registry settings (google 'xp lockdown registry settings' or something like that).

I've just setup an XP box for my Mum. She's not computer literate at all so I needed, like you do, some programs that just work and require no user intervention.

Ended up using AVG 8 Free for the AV and Comodo Firewall. Once setup, these will both just do their job.

-----
Hardware: the parts of a computer that can be kicked. ~Jeff Pesis

Cynic* 
17/5/08 3:40:40 PM
Banned

Install linux + wine ?

:P

-----
\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68
\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\

sponger 
17/5/08 11:42:19 PM
Immortal

AVG won't be enough, and that's definitely the most popular of the free AV software available, not to say it's the best...

I just rolled out ESET NOD32 at my workplace. I pretty much only chose it because (withstanding admin features as it doesn't apply to your situation) a) it's light compared to say Symantec, and b) it pwns all the other AV software in nearly every benchmark I've seen.

ESET provides two client versions now: NOD32 AV and Smart Security or something. SS is NOD32 but with firewall and spam. I don't think you need it. The NOD32 version has antispyware as well and like you say, Windows Firewall is enough if not useless behind a decent router.

Edit: For just general lock down, maybe look at First Security Agent. GPO might be enough though.


Edited by sponger: 17/5/2008 11:43:28 PM

-----

discoInferno 
18/5/08 5:28:08 PM
Apprentice

I'd go with AVG 8 Free because it'll take care of the AV and spyware in one hit, and something simple and effective for the firewall so it doesn't ask them too many questions. Something like Ashampoo.

-----

eckythump 
18/5/08 8:01:08 PM
Overlord

Thanks for the feedback.

Looks like I won't be doing too much other than making them install AVG, Firefox and Thunderbird.

Does Thunderbird have out-of-the-box spam filtering, and is it effective? If not, are there addons I would want to recommend for them?

And please, no more Linux recommendations. This is something i'm already well aware of and will look at when I can physically be there.

-----
"Grandfather had an accident, he got burnt." "Oh no, how bad?" "Well, they don't fuck around at the crematorium."

Redhatter 
19/5/08 11:26:56 AM
Hero
Titan


Quote by Cynic*
Install linux + wine ?



If only that was a silver bullet... but alas no.

eckythump: I've found Thunderbird to be pretty good with its filtering. Not perfect, but it's better than nothing, and isn't hard to figure out.

-----
Stuart Longland (aka. Redhatter, VK4FSJL)
I haven't lost my mind it's backed up on a tape somewhere...
http://atomicdoc.yi.org <-- AtomicDOC Wiki
Resident Coolie-hatted Gentoo geek. (Gentoo MIPS & Mozilla herd member)

aliali 
19/5/08 11:46:08 AM
SuperHero
Immortal


For Tbird
http://kb.mozillazine.org/Junk_Mail_Controls
Also note that Tbird can import settings, mail an address books from Eudora, Outlook and Outlook Express. Very handy for migrating from one client to another.

-----
buggerthat is sucker and mad.
And who replied his will be greatest sucker and the greatest mad.

mandalore 
11/7/08 5:37:34 PM
Banned
Comodo BOclean is good and free.

To protect from hackers, make sure the account named "administrator" (which may or may not show up on the welcome screen depending on whether or not it is used) has a password. By default it doesn't. If using the welcome screen you can hit ctrl alt del and type a username and password. So this is a pretty serious backdoor. Go into it and give it a password or go into another admin account and go start, run, control userpasswords2 and give it a password.

If your parents are likely to fuck something up, consider backing up regularly.

-----
Trust no one. Least of all yourself...

mandalore 
11/7/08 5:42:05 PM
Banned
Make sure they don't run any batches. Super Serial.
While they can do great good they can also seriously screw up your PC and anti virus software tends not to pick them up. If you are going to run one and don't know what it does open it in notepad and have a look at the code.

-----
Trust no one. Least of all yourself...

elvenwhore 
12/7/08 12:52:52 AM
SuperHero
Titan


What's with the spate of barely sub-two month bumps? *confused*

Also, mandalore, I'd recommend using the edit button, or you'll attract iamthemaxx. He has the most uncanny ability to sense when someone is double(+) posting.

-----
The morning glows cobalt through a gauze of steam and fog that carries Death & Ash from a thousand trees. Crows from miles around are lurking. This won’t hurt a bit. This is the martyrdom of the chaos whore virgin. This is her final dawn.

g0t.w00t? 
12/7/08 1:03:59 PM
Titan

Quote by mandalore
Comodo BOclean is good and free.



yes, but if the comodo firewall is anything to go by, their cleaner thing will throw up a bajillion popups and annoy the living shit out of people.

i just removed the set of comodo product i installed cause they were recommended. i don't appreciate having it throw me a popup asking whether to allow myself to breathe or piss

-----
Q6600 @ 3.20
2 gig g.skill ram (5-5-5-15)
Gigabyte GA-X38-DS5
MSI HD2600XT Heatpipe (garbage)
80GB WD
160GB WD
250GB WD


that white guy

Jeruselem 
13/7/08 9:36:32 AM
Champion

You could knock them down to Limited Account and not admin in XP. That stops some nasties getting installed via the running Admin account.

-----
PC 1: XP Home SP2, Opty 165@1.8Ghz, GEIL 1GB PC3200, 320GB SATA Cuda ES,XFX 9600GSO 580/700x2/1450, Seasonic S12+ 550W
PC 2: XP Home SP2, XP 3000+@2.24 Ghz, 1GB PC3200, 80GB IDE,ASUS nVidia 6800 512MB

mandalore 
18/7/08 4:54:34 PM
Banned
Quote by g0t.w00t?
Quote by mandalore
Comodo BOclean is good and free.



yes, but if the comodo firewall is anything to go by, their cleaner thing will throw up a bajillion popups and annoy the living shit out of people.

i just removed the set of comodo product i installed cause they were recommended. i don't appreciate having it throw me a popup asking whether to allow myself to breathe or piss



Comodo BOclean offers extremely good protection. I had several products installed (Spybot, McAffee, Comodo) and Comodo was the only one to detect a trojan hidden in some flash game. It basically sent in the SAS and obliterated it.

-----
I want to buy an angry scottsman. Imagine that:
*Angry scottish accent*
"What kind of bakery doesn't have sausage rolls??!!!!!"

That would be so awesome...

elmo198 
20/7/08 1:16:05 AM
Champion

net nanny!!!

-----
http://users.tpg.com.au/elmie/linux/
http://users.tpg.com.au/elmie/windows/

elmo198 
20/7/08 1:17:29 AM
Champion

gpedit.msc is your best friend mate!!!

-----
http://users.tpg.com.au/elmie/linux/
http://users.tpg.com.au/elmie/windows/

Chuck Norris(good actor 
11/8/08 6:37:07 AM
Hero
Immortal


Quote by g0t.w00t?
Quote by mandalore
Comodo BOclean is good and free.



yes, but if the comodo firewall is anything to go by, their cleaner thing will throw up a bajillion popups and annoy the living shit out of people.

i just removed the set of comodo product i installed cause they were recommended. i don't appreciate having it throw me a popup asking whether to allow myself to breathe or piss



+1...

If it annoys an experienced user, you can imagine what it'd do to a novice..

The best thing is to teach them caution. :P

instil the fear of teh interwebs in their minds.


-----
Carols by Roman Candlelight.


eckythump 
12/8/08 8:52:04 PM
Overlord

Was surprised to see this thread alive again.

Since I posted, my mother has gotten the new computer. She has AVG, Spybot S&D, thunderbird and Firefox.

It was decided that my step-father is strongly discouraged from using that machine. He has a non-admin account should he absolutely need to. He can destroy his laptop with his zero-caution approach to computer usage.

My mother isn't one to do anything more than what she needs to do o nthe computer and while she's frustratingly clueless, she does at least have enough sense to default to "no" when asked something she doesn't entirely trust.

Lettuce see if that computer is still nice and clean in 12 months time.

-----
"Grandfather had an accident, he got burnt." "Oh no, how bad?" "Well, they don't fuck around at the crematorium."

  1  
Forums | Security