Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: bill
Generally I trust them but their from another country & are a little strange so I dont have a 100% confidence.
I only have one login for both my computers. (computer & laptop) And its Admin only. I dont feel like creating other users & dont feel a need to.
But just for security reasons while their over..and while I might be sleeping or whatever, what can I do to feel safe that they dont install anything weird or cause security issues on my PC's ? I've got Windows Vista on both & I have both computers running all the time.
I guess im being a bit paranoid, but most guys worried about security usually are... hehe
any help would be great.
Instead of running around, worrying on how not to allow them to ruin you perfectly secure machine, plan their vacation for them, make it fun and keep them busy. Show them how good it is where you reside and to do something else instead of being glued to the monitor/keyboard. Simple, NO, can't use this PC; with the password protected login should do the trick.
I think there are some valid points by WebmasterWorld members, but in reality it is a vacation for your relatives make it one that they will remember as one of their best one so far. Unplug the router and spend some time with your family.
windows 7 has great parental controls, you can disable file download, allow/dissallow certain sites they can or can not visit, time limits. You can also tell which programs they can use, limit folders access and more.
hope this helps.
It's sensible to have AV, software firewall, and a router with up to date firmware and firewall activated.
Also prevention, Spyware Blaster and Spybot S/D immunizer are good free tools to download and use. There are many more, I prefer those two.
Have never owned a Norton product so can't comment on that, but the mere mention sure stirred up a bee's nest.
Besides that, I agree with and will not repeat previous Admin account debacle other than create a user account for your guests.
Its always best to lock your admin account with a password and have one 'limited' account just for those occasions when someone wants to 'borrow' your machine.
I've got to confess that I continue to run XP as the administrator rather than as a user, and I do know better.
Having used computers for 20 years, professionally for most of it, running exclusively as administrator on every system I've owned since that was an option, and during that time NEVER having acquired any malware worse than couple of small adware apps that install just as readily under a user account, I can tell you that it's not as big a deal as this thread makes it appear.
Off topic: the best net security, in my experience, is a good hardware firewall. Once you've got that you're pretty safe unless you install the malware yourself, regardless of how you log in to Windows.
Alternatively, what about coughing up a couple hundred dollars on a netbook and saying "My computer is vital to my life, my livelihood and my survival. It just worries me too much to let anyone on it. You are welcome to use the netbook all you want."
Then it comes down to whether or not you trust them not to be malicious. No matter what security feature you have on your computer, unless it's locked in a vault and connected to the peripherals through the wall, someone could be gone with your hard drive in about 3 minutes.
So if you're afraid they will be foolish, get a netbook.
If you're afraid they will be malicious or if they have teeanagers who might enjoy the challenge of cracking cousin Mike's passwords just because they're bored, you need a place to hide your computer.
The problem with SteadyState is you can't save any files. If you did they would be gone when you next booted. One workaround for this I have used is to install a 2nd hard drive after you have activated SteadyState. Save your files on the new HD. Because SteadyState will recover to its original condition on each boot, it will ignore the 2nd HD. Every time you start the pc you will get a notification balloon saying "Found new hardware Disk drive" It will be available to use as soon as you boot and your saved files from other sessions will be there also.
regarding your cousins, tell them to bring their laptops! seriously I wouldn't let anyone near my PC an I wouldn't expect anyone else to let me use theirs. Its a very personal and private thing.
lol. I have the same issues leaving the 17yr in our house when we go out.
hehe.. sounds like me when I was 17.
I didnt move out of my parents house till after 25.. and I noticed their stress levels seemed to increase year after year. Until I moved out of course.. then things got so much better on both sides.
It seems like just after 17 is when we turn to crapola. All our youth & innocents is gone. :-(
Basically an off-topic point..but if you could move out of you're parents house before age 19, you're doing them a big benefit.
As to Norton, in the latest version they've really stepped up their game. Its light years ahead of previous versions. I don't use it, but many of the security reviews look upon it pretty favorably. Not only is it getting the job done, but its firewall, anti-virus and anti-spyware engines are now the fastest in the industry in most benchmarks.
In addition to guest accounts and other advice already given, run one of the freely available security audit programs for your computer. Windows has several default settings which need to be changed to secure it better, too many to go into here in a single post. Remove Internet Explorer access from the guest account, and install Opera or Firefox for the guest account to use. Install Truecrypt and create a container drive... move anything you want to keep private to that drive, then use a utility to securely wipe free space on the drive. Turn off all unused services - not only will this help secure the computer it will also boot faster. Turn off autoplay so files on a USB drive, flash memory card and CD are not run automatically when inserted. There's instructions somewhere on the net for disabling mounting of additional drive letters as well, which will offer further protection against inserted devices.
For the ultimate in protection, use a partition manager to create a bootable 10 gig partition. Use Truecrypt to encrypt your "real" partition. Both will be available on the boot menu, but they'll need the password to access the encrypted drive. Their 10 gig guest partition should have just the basic browser and that's it. Backup the drive before you encrypt it should the worst happen and malware gets on the computer and wipes out your encrypted partition. When your guests leave, unencrypt the "real" partition, delete the 10 gig partition and use the partition manager to reclaim the space.
Lastly, if you don't trust someone enough that you're concerned... don't give them access (or as noted, rent a laptop for a week).
The only useful way to go further than this is to lock up your modem. There is very little real harm they will be able to do without an internet connection.
You can purchase removable (and lockable) hard drive docks that fit into your case's front 5.25 bays. They cost about $20-30 each. I have three in my PC, including one for my primary HDD. If I were to have to lock down my PC, I would simply remove all drives with sensitive data (click) and install a fresh version of windows onto another drive to use for the duration of the security risk. Once everything is back to normal, or if I had to access something I would simply swap my primary back into the computer (click).
It takes a little time to set up (installing the hardware) but it makes local physical security a breeze as all you have to do is grab your drive and run.
I had our modem programmed to disconnect the kids late at night. Until one of their friends completely reprogrammed it! It didnt even enter my head they knew how to connect to the modem, let alone also knowing the stupid password I set. Setting a proper password and an earlier cut off fixed that :)
I get to review 2-3 brands of AV software most years and was happy to trust my main desktop to Norton 360 and more recently to NIS 2010. There are Norton haters around who last used the brand perhaps ten years ago. I just trust my own assessment. I don't usually encounter malware but daily tasks such as POPping my email and the time taken to process it by the AV software is part of my consideration.
people who don't know how to use computors
And then set their machines to dual boot ..linux for the net and mail ..doze for photoshop ( and locked out of the router while it's in doze ) ..
as to snatch trays ..just as easy to run only one machine at a time to the net linux / doze ..the others ( here that means currently 6 others ..each with their own OS and specific software ) dont connect ..ever ..and updates ( if and when needed ..and actually beneficial ) are carefully screened and moved in via USB ..
How much malware one meets depends on where one goes ..hiding oneself behind the shutters doesnt stop the bad guys from breaking in next door ..
As I said earlier ..I do know from first hand conversation and observation what MS security people think of Norton ..and not from 10 years ago :)..But if you think you know how to protect their code better than they do ..
I think that the OP is actually looking for way to use his machine as admin at the same time as his guests are in his house ..
"You'll have to wait a moment before you can get your email ..I just need to swap out the OS on this here HD 'cos I cant trust you"..
Old time welcome ?
like incredibill ( and others said ) ..letting people you dont trust use your IP ..even if they bring their own machine ..
explain you use it for work ..and that not even your mom gets to touch it or connect via the IP in case some horrible error happens ..and then find them a cyber cafe for their emails ..
personally I dont invite people I cant trust to stay ..YMMV