The New Tech - View Single Post - HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA

**APK** · 09:54pm

"Checks & Balances" (accuracy check of this article by "pros" (still, test for yourselves, because a simple certification doesn't a security-pro make)), Part 1

I also "took the liberty" of contacting a "security-pro" (in Don Parker of "SecurityFocus.com" fame)!

This is in regards to my outline/article/guide here, & here were HIS thoughts/opinions on its content @ this point:

**********

Hello apk,

I don't see any real downsides to what you posted. The only thing is that
you need to remember the audience that it is you are trying to reach. If
your goal was to hit the newbies as it were then you may have missed the
mark a bit. Beyond that, it looks fine to me.

--Don

**********

That's so you guys all reading here have SOME idea this stuff is SOLID, & works, & 'passes muster' with the "top geeks" (lol, no offense intended, but lacking a better expression here is all - because mere certifications do NOT an 'expert make', as in the fellow I note above, because iirc, that is ALL he has going for him afaik & to myself @ least? THIS IS NOT ENOUGH, certs are not the same as full degrees, & not by a LONG shot in this field) in the arena of computer security!

So, test for yourselves, via CIS Tool - to be sure... because ANY music person can tell you this: THERE IS A DIFFERENCE BETWEEN TABLETURE, & BEING ABLE TO READ MUSIC (which is the diff. between mere certs. & degrees in Comp. Sci./MIS)

--------------

Also - Do please check this page out, for even more security points:

http://csrc.nist.gov/itsec/download_WinXP_Home.html

Especially the downloadable guide for security there to supplement this one's points, it is named -> SP800-69.pdf

----

The PDF file guide above from NIST (in association w/ the U.S. Gov't. on securing PC's no less), like my guide here also?

That also lists a "6.32 Removing Malware" section as well!

So, that is in response to 'my naysayers' from various forums that cricized me for listing such a guide here!

(In fact, many of them were MS-MVP mods too no less, but many on many forums would NOT cite "why" or yield specifics I asked for as to WHY I SHOULD NOT LIST SUCH A GUIDE in this article's content... well, experts in this area appear to agree with myself, as it IS part of "securing a computer" in knowing HOW TO REMOVE INFESTATIONS, as I do, like THEY do as well!)

Anyhow/anyways - The .pdf guide from NIST either tend to reinforce my own, OR, go beyond in some cases!

E.G.->

Securing wireless networks

Securing MS-Office apps better

Script file extensions associations with notepad.exe for instance (for safety vs. scripted attacks)

More on email & webbrowser security

The SIGVERIFY utility (file signature checker)

Disabling unneeded accounts

That's for some things I did not cover well imo, here (OR RATHER, well enough earlier), & to supplement my guide (both have good ideas & they both work).

APK

Mar 14, 2008, 01:10pm	"Checks & Balances" (accuracy check of this article by "pros" (still, test yourself)
APK Elite Member Posts: 367 Name: The Duke of URL Karma:	"Checks & Balances" (accuracy check of this article by "pros" (still, test for yourselves, because a simple certification doesn't a security-pro make)), Part 1 I also "took the liberty" of contacting a "security-pro" (in Don Parker of "SecurityFocus.com" fame)! This is in regards to my outline/article/guide here, & here were HIS thoughts/opinions on its content @ this point: ******** Hello apk, I don't see any real downsides to what you posted. The only thing is that you need to remember the audience that it is you are trying to reach. If your goal was to hit the newbies as it were then you may have missed the mark a bit. Beyond that, it looks fine to me. --Don ****** That's so you guys all reading here have SOME idea this stuff is SOLID, & works, & 'passes muster' with the "top geeks" (lol, no offense intended, but lacking a better expression here is all - because mere certifications do NOT an 'expert make', as in the fellow I note above, because iirc, that is ALL he has going for him afaik & to myself @ least? THIS IS NOT ENOUGH, certs are not the same as full degrees, & not by a LONG shot in this field) in the arena of computer security! So, test for yourselves, via CIS Tool - to be sure... because ANY music person can tell you this: THERE IS A DIFFERENCE BETWEEN TABLETURE, & BEING ABLE TO READ MUSIC (which is the diff. between mere certs. & degrees in Comp. Sci./MIS) -------------- Also - Do please check this page out, for even more security points:** http://csrc.nist.gov/itsec/download_WinXP_Home.html Especially the downloadable guide for security there to supplement this one's points, it is named -> SP800-69.pdf ---- The PDF file guide above from NIST (in association w/ the U.S. Gov't. on securing PC's no less), like my guide here also? That also lists a "6.32 Removing Malware" section as well! So, that is in response to 'my naysayers' from various forums that cricized me for listing such a guide here! (In fact, many of them were MS-MVP mods too no less, but many on many forums would NOT cite "why" or yield specifics I asked for as to WHY I SHOULD NOT LIST SUCH A GUIDE in this article's content... well, experts in this area appear to agree with myself, as it IS part of "securing a computer" in knowing HOW TO REMOVE INFESTATIONS, as I do, like THEY do as well!) Anyhow/anyways - The .pdf guide from NIST either tend to reinforce my own, OR, go beyond in some cases! E.G.-> Securing wireless networks Securing MS-Office apps better Script file extensions associations with notepad.exe for instance (for safety vs. scripted attacks) More on email & webbrowser security The SIGVERIFY utility (file signature checker) Disabling unneeded accounts That's for some things I did not cover well imo, here (OR RATHER, well enough earlier), & to supplement my guide (both have good ideas & they both work). APK Last edited by APK; May 23, 2008 at 09:54pm.