Post by DarkPikachu on Apr 29, 2015 10:14:43 GMT -5
WIP: I'll edit with more detail in time ;)
This guide is directed at the general user who just wishes to use their compy and have it last no matter what they do.
Note: This isn't official, this is just a compilation of my horrible experiences put together to deliver something that avoids them.
There may be cases where you're still likely to get a virus.
(guide will be improved over time)
[glow=none]
OS downloads:
x64 - Win XP Pro x64 SP2
x86 - Win XP Black SP3
XP Black has a few hacks which disable a few security holes and ease up usage a tad.
XP64 is safer (ActiveX was removed, and interfaces were patched), but won't install on all systems w/o minor issues.
(XP64 has support for x86 CPUs, but last time my brother used it, he had no audio with a standard card)
During installation, make sure there is no available internet connection.
(it's possible to catch a virus during the second stage of XP installation)
Keep your internet disconnected while performing these installations:
install your drivers and everything to get your setup working properly.
Software downloads:
- Comodo FireWall (CFW)
- Avast
Before installing anything, once you're at your desktop:
1: Remove Internet Explorer as best as possible!
(if there was ever a browser that could fully compromise your OS, IE would be it)
^ note, this doesn't completely remove IE, it just shoves it in a corner to prevent most of it's use.
(you need to mod the windows ISO to not install IE during windows installation)
2: disable: ActiveX, Windows Update, Windows Firewall, Security Alerts.
(Windows Update is known for killing many computers with bad updates, and Win Firewall just doesn't work.)
[style].CCS_icon{width:14px; height:14px; display: inline-block;}
.CCS_icon img{width:14px; height:14px; }[/style]
Install CFW and allow it to redirect your internet connection through it's secure DNS.
(it should also install [class="CCS_icon"][/class] Comodo Chromium Secure aka Chromodo which is a faster browser with extended security)
Configure CFW and enable HIPS:
^ blocking all requests can cause issues with some trusted applications
^ blocking fragmented traffic can possibly cause connection issues with things like Minecraft over a bad connection.
other configs:
- block and sandbox execution of iexplore.exe in HIPS
(like I said earlier, IE can still be ran and can still damage your OS)
- more coming soon -
Install Avast (CFW: [Treat As] Installer)
There isn't much you need to configure here, but take a look into them and modify them for your needs, just to be safe. ;)
Configure Chromodo: (block all web content and allow what you know to be safe)
everything not shown is fine as defaulted ;)
^ I've hacked the settings page so you could see more :)
once you're properly set up here, you can connect to the internet
(be careful about what processes you allow through HIPS)
we're not safe yet though, for exteneded protection, you will probably want to add these:
[style].aos{background-color:white; width:20px; height:20px; display: inline-block;}
.aos img{width:20px; height:20px; }[/style]
security extensions:
- AdBlock
- AdBlock Plus
- AdBlock Pro
- AdGuard
- Ghostery
- Disconnect
- [class='aos'][/class] Avast Online Security (best icon I could find, had to use CSS to resize it and give it a white BG)
- ScriptBlock (extended JS protection)
- NetCraft (firewall)
- incognito filter (automated protection from all trackers of specified websites)
optional:
helpful extras:
- Web of Trust (tells you what links are trustworthy before you click on them)
[style].FVD_SD{width:20px; height:20px; display: inline-block;}
.FVD_SD img{width:20px; height:20px; }[/style]
ease of use:
- [class="FVD_SD"][/class] FVD Speed Dial (keeps all of your bookmarks and dials synced between browsers)
allowing sites should be as easy as a few clicks, but ScriptBlock gets annoying as you have to refresh a second time.
also, I know these extensions seem a bit overkill, but 1 extension doesn't cover everything (and never will)
think of them as layers of clouds that block out the sun's harmful rays (aka viruses).
if 1 of them gets through, your OS could catch cancer and be compromised.
these extensions aren't friendly on RAM though.
[/glow]
WIP: will get more detailed
This guide is directed at the general user who just wishes to use their compy and have it last no matter what they do.
Note: This isn't official, this is just a compilation of my horrible experiences put together to deliver something that avoids them.
There may be cases where you're still likely to get a virus.
(guide will be improved over time)
[glow=none]
OS downloads:
x64 - Win XP Pro x64 SP2
x86 - Win XP Black SP3
XP Black has a few hacks which disable a few security holes and ease up usage a tad.
XP64 is safer (ActiveX was removed, and interfaces were patched), but won't install on all systems w/o minor issues.
(XP64 has support for x86 CPUs, but last time my brother used it, he had no audio with a standard card)
During installation, make sure there is no available internet connection.
(it's possible to catch a virus during the second stage of XP installation)
Keep your internet disconnected while performing these installations:
install your drivers and everything to get your setup working properly.
Software downloads:
- Comodo FireWall (CFW)
- Avast
Before installing anything, once you're at your desktop:
1: Remove Internet Explorer as best as possible!
(if there was ever a browser that could fully compromise your OS, IE would be it)
^ note, this doesn't completely remove IE, it just shoves it in a corner to prevent most of it's use.
(you need to mod the windows ISO to not install IE during windows installation)
2: disable: ActiveX, Windows Update, Windows Firewall, Security Alerts.
(Windows Update is known for killing many computers with bad updates, and Win Firewall just doesn't work.)
[style].CCS_icon{width:14px; height:14px; display: inline-block;}
.CCS_icon img{width:14px; height:14px; }[/style]
Install CFW and allow it to redirect your internet connection through it's secure DNS.
(it should also install [class="CCS_icon"][/class] Comodo Chromium Secure aka Chromodo which is a faster browser with extended security)
Configure CFW and enable HIPS:
^ blocking all requests can cause issues with some trusted applications
^ blocking fragmented traffic can possibly cause connection issues with things like Minecraft over a bad connection.
other configs:
- block and sandbox execution of iexplore.exe in HIPS
(like I said earlier, IE can still be ran and can still damage your OS)
- more coming soon -
Install Avast (CFW: [Treat As] Installer)
There isn't much you need to configure here, but take a look into them and modify them for your needs, just to be safe. ;)
Configure Chromodo: (block all web content and allow what you know to be safe)
everything not shown is fine as defaulted ;)
^ I've hacked the settings page so you could see more :)
once you're properly set up here, you can connect to the internet
(be careful about what processes you allow through HIPS)
we're not safe yet though, for exteneded protection, you will probably want to add these:
[style].aos{background-color:white; width:20px; height:20px; display: inline-block;}
.aos img{width:20px; height:20px; }[/style]
security extensions:
- AdBlock
- AdBlock Plus
- AdBlock Pro
- AdGuard
- Ghostery
- Disconnect
- [class='aos'][/class] Avast Online Security (best icon I could find, had to use CSS to resize it and give it a white BG)
- ScriptBlock (extended JS protection)
- NetCraft (firewall)
- incognito filter (automated protection from all trackers of specified websites)
optional:
helpful extras:
- Web of Trust (tells you what links are trustworthy before you click on them)
[style].FVD_SD{width:20px; height:20px; display: inline-block;}
.FVD_SD img{width:20px; height:20px; }[/style]
ease of use:
- [class="FVD_SD"][/class] FVD Speed Dial (keeps all of your bookmarks and dials synced between browsers)
allowing sites should be as easy as a few clicks, but ScriptBlock gets annoying as you have to refresh a second time.
also, I know these extensions seem a bit overkill, but 1 extension doesn't cover everything (and never will)
think of them as layers of clouds that block out the sun's harmful rays (aka viruses).
if 1 of them gets through, your OS could catch cancer and be compromised.
these extensions aren't friendly on RAM though.
[/glow]
WIP: will get more detailed