Comments on: How to install Windows XP “safely” http://www.thetlog.net/2005/09/05/how-to-install-windows-xp-safely/ Fri, 10 Oct 2008 22:16:06 +0000 http://wordpress.org/?v=2.5.1 By: 301b13498343 http://www.thetlog.net/2005/09/05/how-to-install-windows-xp-safely/#comment-35286 301b13498343 Sun, 11 May 2008 07:24:48 +0000 http://www.thetlog.net/?p=34#comment-35286 <strong>301b13498343...</strong> 301b13498343bfdd8486... 301b13498343…

301b13498343bfdd8486…

]]> By: Dehumanizer http://www.thetlog.net/2005/09/05/how-to-install-windows-xp-safely/#comment-63 Dehumanizer Mon, 05 Sep 2005 15:42:02 +0000 http://www.thetlog.net/?p=34#comment-63 I admit I have little experience with the Windows Firewall, as I've never needed it, but I heard about worms and viruses that were able to disable it, at least with the pre-SP2 version. And, to install SP2... chicken and egg again. Anyway, activating a software firewall is something that a newbie can very well do wrongly, which may lead to a false sense of security. Having it behind "something", with a NATted address, is (other than nuking the site from orbit :)) the only way to be sure. I admit I have little experience with the Windows Firewall, as I’ve never needed it, but I heard about worms and viruses that were able to disable it, at least with the pre-SP2 version. And, to install SP2… chicken and egg again.

Anyway, activating a software firewall is something that a newbie can very well do wrongly, which may lead to a false sense of security. Having it behind “something”, with a NATted address, is (other than nuking the site from orbit :)) the only way to be sure.

]]> By: vd http://www.thetlog.net/2005/09/05/how-to-install-windows-xp-safely/#comment-62 vd Mon, 05 Sep 2005 15:15:53 +0000 http://www.thetlog.net/?p=34#comment-62 "My point is still valid: if you have a normal modem/cable/ASDL connection (meaning that your PC will get a public Internet address), you should really take your PC somewhere where it will not be directly connected, and update it there. " Or... you should activate windows firewall. That solve 90% of the common problems. The other problems derivate from the IE use, that should be only used _after_ windows update. “My point is still valid: if you have a normal modem/cable/ASDL connection (meaning that your PC will get a public Internet address), you should really take your PC somewhere where it will not be directly connected, and update it there. ”

Or… you should activate windows firewall.
That solve 90% of the common problems. The other problems derivate from the IE use, that should be only used _after_ windows update.

]]> By: Dehumanizer http://www.thetlog.net/2005/09/05/how-to-install-windows-xp-safely/#comment-61 Dehumanizer Mon, 05 Sep 2005 14:57:51 +0000 http://www.thetlog.net/?p=34#comment-61 Yes, a router with a firewall could solve this - NAT, forwarding only from the inside to the outside, no port redirection from the outside to the inside unless manually configured. But we're not there yet. And I don't know whether it's a good idea to force that on ALL users - I much prefer having my own OpenBSD gateway, directly connected to the Net, and with the Windows games machine behind it. My point is still valid: if you have a normal modem/cable/ASDL connection (meaning that your PC will get a public Internet address), you should really take your PC somewhere where it will not be directly connected, and update it there. Yes, a router with a firewall could solve this - NAT, forwarding only from the inside to the outside, no port redirection from the outside to the inside unless manually configured. But we’re not there yet. And I don’t know whether it’s a good idea to force that on ALL users - I much prefer having my own OpenBSD gateway, directly connected to the Net, and with the Windows games machine behind it.

My point is still valid: if you have a normal modem/cable/ASDL connection (meaning that your PC will get a public Internet address), you should really take your PC somewhere where it will not be directly connected, and update it there.

]]> By: vd http://www.thetlog.net/2005/09/05/how-to-install-windows-xp-safely/#comment-60 vd Mon, 05 Sep 2005 14:48:53 +0000 http://www.thetlog.net/?p=34#comment-60 The problem here isn't Windows security flaws properties - that will ever exist - , it's the hardware :-) - USB modems suck real hard. E.g.: They dont have any kind of firewall embedded. - Any "normal" router do have firewall, DDoS and SPI properties. - All routers from ISP's should have firewall enabled. So, if you; 1) Enabled Windows Firewall, and 2) Use a router with firewall Then you can do Windows Update safely. The problem here isn’t Windows security flaws properties - that will ever exist - , it’s the hardware :-)

- USB modems suck real hard. E.g.: They dont have any kind of firewall embedded.
- Any “normal” router do have firewall, DDoS and SPI properties.
- All routers from ISP’s should have firewall enabled.

So, if you;
1) Enabled Windows Firewall, and
2) Use a router with firewall
Then you can do Windows Update safely.

]]> By: Dehumanizer http://www.thetlog.net/2005/09/05/how-to-install-windows-xp-safely/#comment-57 Dehumanizer Mon, 05 Sep 2005 13:47:56 +0000 http://www.thetlog.net/?p=34#comment-57 That's mostly what I have at home, except that it's OpenBSD instead of Linux. :) That’s mostly what I have at home, except that it’s OpenBSD instead of Linux. :)

]]> By: Mario Valente http://www.thetlog.net/2005/09/05/how-to-install-windows-xp-safely/#comment-56 Mario Valente Mon, 05 Sep 2005 13:44:19 +0000 http://www.thetlog.net/?p=34#comment-56 The best way is to install Linux on a small/old machine with two ethernet cards, use it as a nat/firewall and connect the XP machine through it and update. -- MV The best way is to install Linux on a small/old machine with two ethernet cards, use it as a nat/firewall and connect the XP machine through it and update.

– MV

]]>