I am concerned about security with my home pc. I have done a lot of reading on hackers and such and have developed my own security blockade. I just wonder what you opinion is. I run Avast free antivirus. I scan with malwarebytes and super anti spyware. I use windows firewall. I use ghostery in firefox and i use thunderbird as my email. I turn off cookies while surfing unless i absolutely need them. Is there any advice you could give me to do a more solid job? I've tried zone alarm firewall, but i don't know if it's much better than windows firewall. Thanks in advance
Answer Where your computer is physically (in proximity to other people), how you use it (Where you go) and who uses it (ever) are equally as important. I'm not comfortable with Windows Firewall but I run it on Windows machines. "Using" a tool isn't as important as how its configured since it can be "in-use" but remain worthless if it isn't configured correctly.
Not using Internet Explorer or Outlook are the biggest improvements and you seem to have made these. I don't know what "ghostery" is. Turning off cookies is a waste of time because it doesn't enhance "security". It helps protect your privacy. Turning off third-party cookies can help your protect your privacy if you don't use your computer very much. Whether or not you can do this depends on the version of Firefox. Be careful using FF plugins.
Configuring a Windows machine well (properly) requires Microsoft training in my opinion. There's really no other option other than that training unless you know how to use configuration checklists, auditing tools and penetration testing tools. You can find out more about these things from the DISA website, here: http://iase.disa.mil/
NIST also has checklists.
Does this help?
Knowledgeability = 10
Clarity of Response = 10
Politeness = 10
Thanks a bunch. It helped point me in the direction I was trying to go. I'll check out the websites that you listed.
Securing systems since 1982. Tip: Switching from a system that is (statistically) more prevalent to one that is less prevalent will help.
Organizations Information Systems Security Association (ISSA) United States Coast Guard Auxiliary (USCG Auxiliary), ACM
Publications Student Doctor Magazine EE Times Network World blog Navy CIO blog
RTCA/DO-178B, "Software Considerations in Airborne Systems and Equipment Certification", (member of SC-167), RTCA/DO-160C, "Environmental Conditions and Test Procedures for Airborne Equipment", (member of SC-135)
Education/Credentials Master of Public Health (Epidemiology and Biostatistics) Bachelor of Science in Electrical Engineering (Computer Engineering Option) Digital Forensics Basics, Texas Engineering Extension Secure Software, Texas Engineering Extension Network Security, Texas Engineering Extension Infosec Basics, Texas Engineering Extension Information Assurance Awareness, Department of Defense Information Systems Security, United States Coast Guard Online safety for parents and children, Fort Collins Police Department Spear Phishing, Defense Information Security Agency, DISA Spear Phishing, United States Coast Guard, USCG Meeting the Media, Testifying, Presentations, Arch Lustberg FEMA (ICS-100, -200, -210, -700, 800) United States Coast Guard Defense Information Systems Agency United States Coast Guard Auxiliary Crosby Quality Workgroup Facilitator Trainer Crosby Quality Education System Wisconsin University