Hardening your windows security

General Topics
1

Hi malware fighters,

Some good advice here:
http://searchwindowssecurity.techtarget.com/tip/0,289483,sid45_gci1065280,00.html

polonus

2

Unfortunately this person also recommends using the Windows Firewall… :cry: and,
by now we all know that’s only half protecting your computer.

3

I dont think that is an established fact any where. Just something some people say. Inbound control is what matters, why Microsoft and most routers use it.

If you actually use both her checklists then why bother with outbound control? A minor feature in her setup, just half of what she says would make computer very very safe.

4
just half of what she says would make computer very very safe.
It might be good for your computer but using a firewall that doesn't protect what leaves your computer isn't healthy for your personal information. :)
5

Hi bob3160,

Also watch your browser cache. See the handling of meta-tags.
Note that no-cache does actually allow a copy of the document to be stored whereas no-store prohibits it. As you might expect, Internet Explorer (IE) and Mozilla browsers have different implementations of these cache-control directives.

Both browsers will cache a document requested over an HTTP connection that has the “no-cache” directive set. Mozilla will not cache any pages by default over an HTTPS connection, whereas Internet Explorer will, unless the user has enabled the “Do not save encrypted pages to disk” option. A Mozilla browser never stores documents set with the “no-store” directive, but Internet Explorer only fully follows this directive when the page is requested over an HTTPS connection. So the only way of ensuring that your sensitive documents and pages are not cached without requiring your users to manually set any IE options is to use the “no-store” directive over an HTTPS connection. All browsers supporting HTTP 1.1 will support this directive.

You can set the no-store response header in IIS by opening the HTTP Headers property sheet for a Web site or preferably for a folder within a Web site as it not a good idea to use this header globally across an entire Web site but purely for content that absolutely must not be cached on the client.

polonus

6

i have firefox clear out all my stuff when i exit. I also run CCleaner

7

Yes cheater07,

Giving your FF or Flock for that matter the three finger salute, and run CrapCleaner after a computer session, can be considered good practice.