RE: Whats your fav OS? :) |
||
On 2003-05-14 12:48:30, XCoyote wrote >I'm sure you can see what mine is :] a bare windows is really a good Operating System and by bare i mean a Windows Me downgraded to a 98lite micro this means no activeX,no scripting and no netbios no IExplorer intertanged with the Operating System a lighter,stableler Win95 shell installed No Fileprotection etc installed,just a barebone Operating System WINDOWS SHOULD BE !!! A brief description of how my computer is installed Drive C: 1.5GB used for the swapfiles off all windows installed this swapfile has a fixed size 512Mb Directories stored: COOKIES stores all coockies off all windows installed DOWNPROG.FIL downloaded program files all windows HISTORY all windows JPI_CACH cache Sun Java NETCACHE cache netscape OFFLNWEB.PAG offline surfing all windows RECENT all windows TEMP all windows TEMPIE cache all windowd TMP_CACH cache all operas WEB WUPDSTUP.FIL I made registry settings to change those windows protected directories to the C drive problems: if there is a virusinfection , its mostly onto the c swapfile corrupted cache,history coockies to clean well a small batchfile formats , recreates the directories drive d : 5 00 Mb only used for invoices drive e 2.5 Gb stores all program common to all windows favorites common to all windows setupfiles all windows My Documents all windows Startup all windows all batchfiles reg files everything i use dayly this drive is formatted every 6 month ? to eleminate possible defragmentation drives F,G,H,I,J each 512Mb containing different versions of Windows ME installed with 98lite and IExplorer 6 sp1 Mostly I use ME_Micro which is bare +-40MB instead of a full ME = nearly 500MB When I got anomalies I just change to another windows , format that 512Mb Window drive, copy back a spare windows, with all the program installed, which in fact stay onto drive E as Favorites, as startup etc, I never loose anything This takes less than 5 minutes How long takes a virusscanner to scan ? How long takes a defrag ? how long takes spy and add removal ? then I got a drive K = reserve copy for Drive E all the other drives up to p are between 6 and 10 Gb and used to store everything Once in a while I empty one and format Defrag, I never used it I hope this will give you some idea pasfr PS to install more windows onto the same system You need to rename WIN.COM after each install Afterwards rename them WIN.COM again I didn't try it with windows 2000 or XP Mayby if XPLITE is available I switch over ? As for ME_Micro THIS is really solid, Never,never it blocks Registry entry to switch drives: rightclick startbutton,You 'll REGEDIT4 [HKEY_CLASSES_ROOTDirectoryshellChange_Windows_Boot_Drive] @="&Change_Windows_Boot_Drive" [HKEY_CLASSES_ROOTDirectoryshellChange_Windows_Boot_Drivecommand] @="E:BATChange_Win.pif" Batchfile: Change_Win.bat @E:UTKEYB.COM BE @ECHO OFF @E:BATCOLORSET 74 @cls @ECHO Enter C for ME on Drive C @ECHO Enter F for ME on Drive F @ECHO Enter G for ME_Micro on Drive G @ECHO Enter H for ME_Micro on Drive H @ECHO Enter I for ME_Micro on Drive I @ECHO Enter J for ME_Micro on Drive J @ECHO Enter P for ME on Drive P @E:BATchoice /C:efghijp Geef Keuze in ? if errorlevel 7 goto P if errorlevel 6 goto J if errorlevel 5 goto I if errorlevel 4 goto H if errorlevel 3 goto G if errorlevel 2 goto F if errorlevel 1 goto E :E ; "START ME on Drive E" @copy AUTOEXEC.C C:AUTOEXEC.BAT @COPY E:BATMSDOS.C C:MSDOS.SYS @ECHO "ME on DriveC is CHOOSEN" goto END :F ; "START ME on Drive F" @copy E:BATAUTOEXEC.F C:AUTOEXEC.BAT @COPY E:BATMSDOS.F C:MSDOS.SYS @ECHO "ME on Drive F is CHOOSEN" goto END :G ; "START ME_Micro on Drive G" @copy E:BATAUTOEXEC.G C:AUTOEXEC.BAT @COPY E:BATMSDOS.G C:MSDOS.SYS @ECHO "ME_Micro on Drive G is CHOOSEN" goto END :H ; "START ME_Micro on Drive H" @copy E:BATAUTOEXEC.H C:AUTOEXEC.BAT @COPY E:BATMSDOS.H C:MSDOS.SYS @ECHO "ME_Micro on Drive H is CHOOSEN" goto END :I ; "START ME_Micro on Drive I" @copy E:BATAUTOEXEC.I C:AUTOEXEC.BAT @COPY E:BATMSDOS.I C:MSDOS.SYS @ECHO "ME_Micro on Drive I is CHOOSEN" goto END :J ; "START ME_Micro on Drive J" @copy E:BATAUTOEXEC.J C:AUTOEXEC.BAT @COPY E:BATMSDOS.J C:MSDOS.SYS @ECHO "ME_Micro on Drive J is CHOOSEN" goto END ; "START ME on Drive P" @copy E:BATAUTOEXEC.P C:AUTOEXEC.BAT @COPY E:BATMSDOS.P C:MSDOS.SYS @ECHO "ME on Drive P is CHOOSEN" :END @ECHO @ECHO @ECHO @E:BATPLAY.COM E:BATPLAY.DAT @BEEP @ECHO "RESTART COMPUTER NOW" You need to make a link to this batchfile and adapt the registry file to this link this windows has no activeX,no scripting and no netbios so I never need a firewall as I am shielded from the outside I only need to look at the inside , with barebone 98micro and all programs in the registry desactivated there are only 4 programs, apart from those I installed myself,installed, these are: Kernel33.dll msgsrv32.exe mmtask.tsk mprexe.exe I use appswat to view the loaded programs and see directly any strange entry and where they are located, so it's very easy to eliminate addware,spyware and even viruses I just copied the screens at Gibsons: URL: https://grc.com/x/ne.dll?bh0bkyd2 do the test on your computer, this is the result of mine, sorry only in txt format NanoProbe Technology Internet Security Testing for Windows Users by Steve Gibson, Gibson Research Corporation. Shields UP! is checking YOUR computer's Internet connection security . . . currently located at IP: 213.224.83.38 Please Stand By. . . Attempting connection to your computer. . . Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. And that it may be serving up all or many of your personal files for reading, writing, modification and even deletion by anyone, anywhere, on the Internet! Preliminary Internet connection refused! This is extremely favorable for your system's overall Windows File and Printer Sharing security. Most Windows systems, with the Network Neighborhood installed, hold the NetBIOS port 139 wide open to solicit connections from all passing traffic. Either this system has closed this usually-open port, or some equipment or software such as a "firewall" is preventing external connection and has firmly closed the dangerous port 139 to all passersby. (Congratulations!) Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet. Before You Break Out the Champagne... It is true that this server was unable to connect to your machine just now and that's definitely great news! But with the benefit of the incredible experience I'm gaining from the impact of this site's 19,874,144 (and counting) recent visitors, I'm rapidly evolving more robust and reliable means of determining a remote machine's Internet vulnerability. What I could NOT do today, I MIGHT be able to do tomorrow. Useful as this facility is today, I have the feeling it's going to get better and I'm working on a few new ideas right now. So please consider this site to be in "BETA" condition and please return here at least briefly a week or two from now to verify that your system is still hardened against all the experience I've gained during the first few weeks of this site's life. When this message has disappeared, you'll know that I've explored every possible Windows NetBIOS file sharing avenue and penetration strategy that I, or anyone else, have imagined. I will be notifying the members of my User Managed eMail System when this site has stabilized, and also at any future time when significant new vulnerability detection has been added. You are invited to join our 692,172 members to receive these notifications. A FALSE sense of security is worse than being unsure. ------- NanoProbe Technology Synchronous Internet Port Probe by Steve Gibson, Gibson Research Corporation. Quickly Check for Connectable Listening Internet Ports This Internet Port Probe attempts to establish standard TCP Internet connections with a handful of standard, well-known, and often vulnerable Internet service ports on YOUR computer. Since this is being done from our server, successful connections demonstrate which of your ports are "open" or visible and soliciting connections from passing Internet port scanners. Your computer at IP: 213.224.83.38 Is being 'NanoProbed'. Please stand by. . . Total elapsed testing time: 10.445 seconds (See "NanoProbe" box below.) Port Service Status Security Implications 21 FTP Closed Your computer has responded that this port exists but is currently closed to connections. 23 Telnet Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 25 SMTP Closed Your computer has responded that this port exists but is currently closed to connections. 79 Finger Closed Your computer has responded that this port exists but is currently closed to connections. 80 HTTP Closed Your computer has responded that this port exists but is currently closed to connections. 110 POP3 Closed Your computer has responded that this port exists but is currently closed to connections. 113 IDENT Closed Your computer has responded that this port exists but is currently closed to connections. 135 RPC Closed Your computer has responded that this port exists but is currently closed to connections. 139 Net BIOS Closed Your computer has responded that this port exists but is currently closed to connections. 143 IMAP Closed Your computer has responded that this port exists but is currently closed to connections. 443 HTTPS Closed Your computer has responded that this port exists but is currently closed to connections. 445 MSFT DS Closed Your computer has responded that this port exists but is currently closed to connections. 5000 UPnP Closed Your computer has responded that this port exists but is currently closed to connections. Note: Several of the "Service" names shown above link directly to items on the ShieldsUP! FAQ Page to provide specific discussion of ports and services. If the port status shown above concerns you, please read the general descriptions below, then click on the port's service name for specific discussion. NanoProbe Port Probe was placed online Oct. 17, 2001 If you have used ShieldsUP! in the past, you may have just noticed that the Port Probe system is much faster than ever before. This is the result of the emerging deployment of our much-anticipated NanoProbe Technology. It is finally becoming real. Since MUCH more than speed will be coming soon, be sure to join our free, user-managed eMail system to be notified of new developments during the next few months. Click this link to learn more about our eMail system. Demystifying Your System's Ports This enhanced Port Probe facility is just the beginning. I have some exciting "port awareness" innovations planned for the near future. So please be sure to add yourself to our eMail system so I can keep you in the loop and apprised of new developments. (I only send a few pieces of eMail per year, and you can easily remove yourself from our eMail system at any time, so you need not worry about receiving a flood of self-serving commercial eMail from me. That will never happen.) Port Status Descriptions: Stealth! If all of the tested ports were shown to have stealth status, then for all intents and purposes your computer doesn't exist to scanners on the Internet! It means that either your computer is turned off or disconnected from the Net (which seems unlikely since you must be using it right now!) or an effective stealth firewall is blocking all unauthorized external contact with your computer. This means that it is completely opaque to random scans and direct assault. Even if this machine had previously been scanned and logged by a would-be intruder, a methodical return to this IP address will lead any attacker to believe that your machine is turned off, disconnected, or no longer exists. You couldn't ask for anything better. There's one additional benefit: scanners are actually hurt by probing this machine! You may have noticed how slowly the probing proceeded. This was caused by your firewall! It was required, since your firewall is discarding the connection-attempt messages sent to your ports. A non-firewalled PC responds immediately that a connection is either refused or accepted, telling a scanner that it's found a live one ... and allowing it to get on with its scanning. But your firewall is acting like a black hole for TCP/IP packets! This means that it's necessary for a scanner to sit around and wait for the maximum round-trip time possible across the entire Net, into your machine, and back again before it can safely conclude that there's no computer at the other end. That's very cool. NOTE: If your system did NOT show up as Stealth! but you wish that it could, you'll need to use one of the inexpensive (or FREE in the case of ZoneAlarm 2!) personal firewalls I've discovered. I will also be creating my own firewall which you can monitor and be informed of, by adding your lf to my eMailing System. But in the meantime . . . I'd advise you not to wait! (Especially since ZoneAlarm 2 is completely FREE for individual use!) Closed "Closed" is the best you can hope for without a stealth firewall in place. Anyone scanning past your IP address will immediately detect your PC, but "closed" ports will quickly refuse connection attempts. Your computer might still be crashed or compromised through a number of known TCP/IP stack vulnerabilities. Also, since it's much faster for a scanner to re-scan a machine that's known to exist, the presence of your machine might be logged for further scrutiny at a later time for example, when a new TCP/IP stack vulnerability is discovered. You should stay current with updates from your operating system vendor since new "exploits" are being continually discovered and they are first applied upon known-to-exist machines . . . like this one! AS NOTED ABOVE: If your system did NOT show up as Stealth! but you wish that it could, you will need to use one of the inexpensive personal firewalls I've discovered. If your system's security is a concern (as I'm afraid it needs to be in this day and age), I would advise you not to wait! OPEN! If one or more of your ports are shown as OPEN! then one of the following two situations must be true: You have servers running on those open ports: If your system is running Internet servers on the ports shown as OPEN, you should stay current with PC industry security bulletins. New security vulnerabilities are being found continually. When crackers learn of a new vulnerability, they quickly grab their scanner logs to search for systems that have been scanned in the past and are of the known-to-be-vulnerable type. This allows them to be attacking logged systems within moments of learning of a newly located security hole. It is therefore important for you to respond to any news of new vulnerabilities in your systems as quickly as possible. The crackers are hoping you'll take your time. You DO NOT have servers running on those open ports: If you are not actively offering Internet services through the ports shown as OPEN, something is very wrong with your system: It is actively advertising its presence on the Internet and soliciting the attention of ALL PASSING PORT SCANNERS! Logs of open ports are maintained by crackers and used as points of attack. Either a server has been started without your knowledge as is done by Trojan horse programs like Back Orifice or you may be running one of the many "Evil Port Monitors" which has altered your system's "open port profile" in order to monitor TCP/IP connections. Evil Port Monitors will tell you that a passing scanner has just successfully probed into your system . . . but the problem (for you) is that it was a successful scan probe and the existence of your system's wide open ports will have been noticed and logged! Your system may be monitored for Internet attacks without alerting crackers to your presence by using a real personal firewall product instead of one of the many evil port monitors. For the best monitoring and protection I recommend ZoneLab's FREE firewall: ZoneAlarm 2.x. (See the "Personal Firewalls" page for more information.) pasfr Replies:
|
||
| CyberArmy::Forum v0.6 Generated In 0.12738 seconds |
2003-05-14 12:48:30
2003-08-11 09:05:33
2003-08-11 00:04:52
2003-05-29 11:21:45
2003-05-18 00:31:40
2003-05-16 19:30:39
2003-05-16 08:30:03
2003-05-14 21:06:22