Appalbarry writes:
"Microsoft is about to abandon Windows XP to the wolves. Fair enough it's ancient. However, there are still going to be a lot of XP boxes out there, and a fair number of them are unlikely to ever get upgraded until the hardware dies.
My question is: what's available to help make this old OS stay reasonably secure and safe for the people who can't or won't abandon it?
Over the years I've been through Central Point Antivirus, Norton, McAfee, AVG, stuff like Zone Alarm, and of course the various Microsoft anti-malware offerings. But since moving over to Linux I really haven't kept up on the wild and wonderful world of Windows security tools.
Suggestions?"
(Score: 3, Insightful) by Anonymous Coward on Wednesday March 05 2014, @06:09AM
Limit the attack vectors:
- Disable any network-related service you don't use. Bind any you do use to localhost.
- Put it behind a hardware firewall or NAT router.
- Keep your browser (including plugins like Flash) up to date. The browser should be the only attack vector left, so that's what you need to worry about. That probably rules out IE (No updates for XP is likely to include no IE updates). So use Chrome or Firefox.
- Anti virus programs are false sense of security. They only catch the old bad stuff, and it's the new bad stuff you need to worry about. Think "do I really want to open this file", rather than "my anti virus says this file is ok". Plus anti virus software have holes too. Most people don't realise this. Without an anti virus program, your browser (assuming not IE4) will ask you what to do with the file. That gives your brain a chance to stop any attack. With an anti virus program with a security hole, browser downloads file, but before you get asked what to do with it, the anti virus program will "scan" the file. Now imagine a buffer overrun exploit in the anti virus program. Your computer will be "pwned" before you even get asked "do you want to open HotNakedWomen.EXE".
(Score: 1) by WizardFusion on Wednesday March 05 2014, @07:20AM
This. It's all about common sense (which isn't that common anymore)
It's the same for any device you connect to the Big Bad World (tm), make sure the attack vectors are as small as possible.
This principal was known about in Roman times.! https://en.wikipedia.org/wiki/Arrowslit/ [wikipedia.org]
(Score: 0) by Anonymous Coward on Wednesday March 05 2014, @10:02AM
Does anyone care to recommend a good consumer-grade hardware firewall?