Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Are my security measures adequate?

01 Oct 2009   #1
Jester45

Windows 7 Ultimate 64bit
 
 
Are my security measures adequate?

Quick background for me is that im 18, love computer and currently the tech support for my family(close and extended), neighbors, family friends, etc etc. While I dont have the strictest policies I do try to keep my home network along with anyones computer i work on non-infected.

Some of my scheduled task are:
  • Nightly backups to a WHS box.
  • Nightly full system virus scans (Avast! home) on all desktops and the WHS. Laptops dont have scheduled taskes but my WHS warns me if i dont do either after a week.
  • Automatic updates on Avast and Windows/linux(gentoo based so not completely automatic)
And general precautions:
  • My servers(except WHS) are on a different subnet as my desktops.
  • Servers are all linux except 1 and ssh is on non standard port with ssh only via keys
  • Servers also do mail and that is scanned for viruses
  • Router's UPnP is disabled, default password changed
  • Only needed ports are forwarded
  • Wifi clients can't communicate with desktops except for WHS.

I know this isnt completely Win7 related but i do have a few machines running it. i listen to a few security podcasts because they are interesting to me but I don't think im overly paranoid(no pseudo-random 265bit passwords).

Do you guys have any extra suggestions for me to do? Does windows7 introduce any "features" i should be on the lookout for?


My System SpecsSystem Spec
.
02 Oct 2009   #2
Dinesh

Windows® 8 Pro (64-bit)
 
 

Your security measures are excellent except that fact that you are using just 1 anti virus. there are many things that antivirus misses during scans. hence you should also use Malwarebytes.org alongwith avast.
My System SpecsSystem Spec
02 Oct 2009   #3
Creer

Windows 7 Home Premium x32 SP1
 
 

Hi,

your configuration is mainly about Detection (AV) and Cure (backup plan) - it's not bad approach but on these days you should add also Prevention to your security arsenal - already you have FW/Router and you do OS updates.

Under term of Prevention I mean: HIPS softwares, virtualization, sandboxes, policy based-sandoboxes, SRP, LUA, UAC, DEP, and also FW - hardware/software or both.
Of course you don't need all of them, but to make a decision better will be give a try and test which meets your needs.
My System SpecsSystem Spec
.

03 Oct 2009   #4
Jester45

Windows 7 Ultimate 64bit
 
 

while i understand the concepts behind visualization and sandboxes but i dont see the point for the most part. My linux systems have their daemons jailed but i do no sandboxing on Windows.

As for IDS ive heard of snort but is IDS really overkill for a large-ish home network? if a machine goes down not much if affected, backups are there so settings/programs are not lost and media is stored on WHS. If my WHS was lost i would have have a problem but i don't think that will happen as it doesn't connect to the internet except for updates.

UAC is enabled on my win7 machines and for linux boxes im the only person who can access them other than by the services they provide.

I'm not sure what you mean by SRP and LUA.
My System SpecsSystem Spec
04 Oct 2009   #5
gforce23

Win7 RTM, XP Pro, Arch Linux, Puppy (Quad boot)
 
 

Quote   Quote: Originally Posted by Jester45 View Post
I'm not sure what you mean by SRP and LUA.
SRP = Software Restriction Policy. For more information, click here.
LUA - Limited User Account, a non-admin, non-power user account with limited privileges. Also known as SUA (Standard User Account) in Vista and Win7.
My System SpecsSystem Spec
04 Oct 2009   #6
Jester45

Windows 7 Ultimate 64bit
 
 

well i do LUA/SUA. along with that all windows based users need a "complex" password enforced by WHS which is 1 CAPTIAL letter, numbers, and >6 characters long. My linux boxes have root but only i have a normal user, and have to su to root.

and ill have to look into the SRP stuff, sounds real nice on the laptops. and SRP on the WHS would be a good thing too as i only use ~15 programs max (including system processes) so i could lock that down pretty tight.
My System SpecsSystem Spec
06 Oct 2009   #7
Creer

Windows 7 Home Premium x32 SP1
 
 

Quote   Quote: Originally Posted by Jester45 View Post
well i do LUA/SUA. along with that all windows based users need a "complex" password enforced by WHS which is 1 CAPTIAL letter, numbers, and >6 characters long. My linux boxes have root but only i have a normal user, and have to su to root.

and ill have to look into the SRP stuff, sounds real nice on the laptops. and SRP on the WHS would be a good thing too as i only use ~15 programs max (including system processes) so i could lock that down pretty tight.
Here you find nice software to manage SRP:
http://mrwoojoo.com/PGS/PGS_index.htm
PGS Pretty Good Security by Sully from Wilders.
My System SpecsSystem Spec
Reply

 Are my security measures adequate?




Thread Tools




Similar help and support threads
Thread Forum
Security measures to take when installing or updating?
I've heard from several people that it is possible to get hacked within minutes of installing Windows, while retrieving updates (this actually happened to someone I know... he was actually "lucky" that the hacker posted a terminal window informing him with a message that read "gotcha"). The...
Installation & Setup
Would this backup method be adequate?
I have read many entries regarding backing up in this forum and get more and more confused! System images creation work fine with win 7.but making backups in addition gives an error message, which I have researched here without clarification. My situation is that I have clickfree usb which...
Backup and Restore
SSD speed adequate ?
Hi Guys, Ive got and ASUS P7P55D-E PRO motherboard, and a new Corsair Force 3 120gb SSD as my main drive. Im using my boards Marvel 6gb/s sata conncection with a 6gb/s sata cable. Ive set AHCI in bios, how are my speeds looking?? I was expecting more :cry: lol :p ...
Hardware & Devices
MS Support & Remote Access/my PC-Recomend any xtra Security Measures?
TIME IS OF THE ESSENCE MS SUPPORT will take remote access in a few hours. If there is anything else you recommend I do for security purposes let me know asap. Short story - MS Support working to resolve issues started after restart hangs during the install process for Aug 9, 2011 Windows...
System Security
Pagefile refuses to maintain adequate size
Sup ppl? I got this problem with my page file. Weather it's managed by the system or given a custom size, it refuses to stay at a decent size. Every time I login, it's at about 200MB. I have 1GB RAM, and I set the page file to 1500 MB, but it keeps going back to a small size, and as a result, I...
Performance & Maintenance
Default UAC level adequate for most users ?
Just wondering what you think of keeping the UAC level to it's default setting ? Do you think one would be better protected having it enabled to the MAX ?
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 16:24.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App