Security Basics mailing list archives
RE: Permissions scanner
From: Di Fresco Marco <superdif () caltanet it>
Date: Mon, 24 Feb 2003 20:43:53 -0800
There are a number of ways to do what you're talking about, but I don't think that's necessarily the correct approach to solving what you're worried about. There are two kinds of permissions on a microsoft system (assuming that you're running NTFS which XP normally does)
Yes, I am using NTFS (I forgot to mention it).
share permissions and Access Control Lists. You should check your drive and make sure that any of your shares (folders with the little hand under them) are not set to everyone (the default), I usually use authenticated users or something like that but if you're really paranoid you could add each of your four accounts by name.
I do not have any shared folder (at least I never configured any folder to this sitting), so I should be fine on this metter.
ACLs on the other hand aren't really for protecting you from outsiders, they're more about protecting you from authorized users. For example you may not wish to give everyone who uses your machine access to your mp3 files, in case they might accidentally delete one.
The configurtion between user shoud be fine (at least the accounts of my parents do not have permission over my files, but my account has permission over their for backup purpose). But I am worring (other then attacker, that you solved my doubts with the first line of the above paragraph) about viruses, trojan, etc (even if I shuld be quite protected, see reply to the next paragraph). As far as I have understood (as I said in the previous e-mail, I am a newbie home user), when loaded, the viruses infect as much as it can with the permission of the current active user and since I am affraid to have given to much permission to my daily use account, I am worry to be too vulnerable. I am already considering to make backups more often (and especially to a separate media, right now the automatic backup goes in a local folder) and use the system restore.
As you have an always on internet connection, the main three things you should do as a home user to protect your system are: 1) Install a firewall (zonealarm is free, there are lots of others that would work just fine as well) 2) Install and keep updated an anti-virus program. My personal favorite is norton corporate, its packed with features, but if you're on a limited budget you can get AVG for free. 3) Download and install all microsoft updates.
On these three thing I am fine; I (already) have ZoneAlarm, McAfe Personal Firewall and McAfee VirusScan Professional 7 and I look for updates (for either these programs and Windows Update) almost every days.
There are lots of other things you can do to secure your computer, but just by doing these three you'll eliminate 95% of all trouble you'll probably experience as a home user.
Thank you. Di Fresco Marco ICQ #51985192 |--------------------------------------------------------------------------| | Spock (Court Martial - TOS): If I let go a hammer on a planet having a | | positive gravity, I need not see it fall to know that it has, in fact, | | fallen. | |--------------------------------------------------------------------------|
Current thread:
- Permissions scanner Di Fresco Marco (Feb 22)
- iptables log analysis tools Skip Morrow (Feb 24)
- Re: iptables log analysis tools Yvan Laverdiere (Feb 24)
- Re: iptables log analysis tools Chris Travers (Feb 24)
- <Possible follow-ups>
- Re: Permissions scanner Chris Berry (Feb 24)
- RE: Permissions scanner Di Fresco Marco (Feb 25)
- Re: Permissions scanner Harvey Cary (Feb 26)
- RE: Permissions scanner Di Fresco Marco (Feb 25)
- iptables log analysis tools Skip Morrow (Feb 24)