Hi
After a fresh Win 8 installation, what are people's first steps to secure Win 8 before going online?
Would turning on the bulit-in firewall be sufficient, or are there other considerations?
Thanks.
Hi
After a fresh Win 8 installation, what are people's first steps to secure Win 8 before going online?
Would turning on the bulit-in firewall be sufficient, or are there other considerations?
Thanks.
Turn on the firewall, make sure that Defender is active, and if your first stop online breaches both of those, you need to reconsider what you're doing on the net.
Shaolin_K (01-09-2015)
Thanks for your sensible answer.
I'm just used to Zonealarm before first connection, but now you have to download an installer as they don't have a standalone offline installer.
I was just curious what measures others went through to ensure they're safe - is this a bad thing or am I just too cautious?
Last edited by Shaolin_K; 01-09-2015 at 12:52 PM.
Everybody has their own comfort zone. I use (on Windows 7) MSE and Malwarebytes. On 10, I use Defender and Malwarebytes. I'm behind a hardware firewall, but I've not had anything resembling an intruder issue on my PCs in years. I get the occasional person trying to hack my modem via wireless, but short of a good password, there's not much you can do about it, as I think the local authorities would frown on shooting them. About the only thing I go out of my way on with a fresh install or any update is to make sure that flash isn't enabled anywhere that it's built in, that it isn't installed anywhere as a plug-in or activex control, and that Adobe Reader isn't anywhere to be found. That, to me, is the enemy within, and the easiest to do something about.
Shaolin_K (03-09-2015)
I presume you are behind a firewalling router of some sort? That gets you a lot of protection. I usually download a copy of Avast on another machine, and copy it over to the new machine via USB stick and install before going online.
It used to be that if you plugged a freshly installed Windows machine directly onto the Internet (not via a router) then it would be hacked within about half an hour, and it takes longer than that to download the latest service packs etc to make the machine reasonably secure. I think the take home message from that is to have something between you and the Internet, but I think stuff like the old Frog USB to ADSL direct connection adapters are rare now so you should be safe. I suppose a 4G connection might have issues, but I think at least some of those are NAT addressed so it is hard for people to send you packets to hack you.
Shaolin_K (03-09-2015)
Cisco Pix 501. Highly recommended. Far less intrusive (as in not at all) than any software solution, and significantly less vulnerable to any attack, internal or external. OTOH, I don't think Windows has been as vulnerable as you described since Win98.
Then again, I'm starting to lower my buy in to the individual identity theft thing anymore - it's far less expensive and far more profitable, both in terms of money and data, to do large scale hacks of companies than it is to steal grandma's pension info from her old PC. That's not to say there aren't plenty of people out there doing the wrong thing - I just think they're less of an issue than at any time in the past.
I was thinking of Window XP which apparently had an expected survival time unpatched of 4 minutes, way shorter than the amount of time it would take to patch. Sounds like Vista wasn't much better.
https://isc.sans.edu/diary/Survival+...+Internet/4721
But as it says on that page, using a NAT router puts the odds in favour of the PC.
Thanks guys for your insights.
I'm on a router with built-in firewall. So this, along with Windows Firewall and updated Defender should be OK?
Good tip on Adobe Flash GuidoLS. Keep on forgetting about its vulnerabilities.
I install a third party anti-virus, but otherwise yes that is as much as I bother with.
I am as paranoid with Java as I am with Flash as well, but that isn't a first connection thing it is always a flaw to look out for
Nice bit of kit.
I do similar BUT .... here's my problem with that.
Robust hardware firewall does, assuming it's ruled properly of course (and that ain't a trivial exercise) provide a substantial degree of protection against intrusion from the outside. It provides far less warning of issues with legitimate software on the inside wanting to talk out. Some installed software has legit reason for talking out, but when something that does not still tries to, it's red flag time.
There are currently 1 users browsing this thread. (0 members and 1 guests)