On Sun, 9 Dec 2007 11:44:38 -0800 (PST), Mudhutbob******.com wrote:

> Greetings,
> I am updating my brother into the 21st century and setting him with a
> cable modem. I am now in need of current firewall info. I currently
> use Zone Alarm Pro 7.0.462 and have had absolutely no problem
> whatsoever. I have been reading, however, that Zone Alarm Internet
> Suite 2007 is causing all kinds of problems and the BSOD. I was
> wondering if this is limited to ZA Internet Suite or does it also
> include the new version of ZA Pro? Any help is appreciated.
>
1. Proceed with 'Hardening' your Operating System (OS) and use a
Non-Administrator Account i.e. enable Limited User Account (LUA).

2. For day-to-day work/browsing use the Limited User Account (LUA)
and refrain from using the Administrator Account (AC).

"By running Windows the way Microsoft ships it [using the
all-powerful administrator account (AC)] you expose yourself to
huge security risks. If a Trojan horse or virus makes it onto your
machine while you're using an administrator account, it can get
its hooks deep into the operating system (often without your
knowledge.) However, by regularly using Windows under a limited
user account (LUA), you can safely avoid the vast majority of
malware out there today, simply because the limited user account
(LUA) does not have the right to install programs or change system
settings. As a result, when malicious Web sites try to use
security weaknesses in the operating system or your Web browser to
conduct "drive-by" spyware and malware installs, for example, that
installation process fails."

Least privilege
http://www.securityfocus.com/infocus/1848
"It is important that administrators follow the rule of least
privilege. This means that users should operate their computer
with only the minimum set of privileges that they need to do their
job. Typically this means operating as a normal user, and only
when absolutely necessary use the Run As or MakeMeAdmin commands
to elevate privileges."

3. Keep your OS and all software on it updated/patched.

4. Reconsider using IE and OE.

5. Don't expose Services to public networks.

6. If on Dial-Up internet connection - use the build-in firewall;
Desist from using a Personal Firewall (PFW) such as ZA, Comodo etc..

"The only reasonable way to deal with malware is to prevent it from
being run in the first place. That's what AV software or Windows'
System Restriction Policies are doing. And what Personal Firewalls
fail to do."

6a. If on High-Speed internet connection (Broadband, DSL etc.) use
a router together with the build-in firewall.

6b. Do not to use TCP/IP as transport protocol for NetBIOS, SMB
and RPC and leave TCP/UDP ports 135, 137-139 and 445 closed.

7. Routinely practice Safe-Hex.

8. Routinely Backup your data. Even after the best of intentions,
with all the best plans and procedures in place; Sh!t happens!
Hard drives die suddenly and without warning. The only sure
way to recover is from a backup of your data.

9. Familiarize yourself with re-installing ('flattening') the OS)

"So, you didn¢t patch the system and it got hacked. What to do?

Well, let¢s see: ..."
"The only way to clean a compromised system is to flatten and
rebuild. That¢s right. If you have a system that has been
completely compromised, the only thing you can do is to flatten
the system (reformat the system disk) and rebuild it from scratch
(re-install Windows and your applications)..."
http://www.microsoft.com/technet/com...mt/sm0504.mspx
--
Security is a process not a product.
(Bruce Schneier)