A Secure System

[chaseman]

I simply want

 

1. a secure system which is hard to hack

2. and I want to surf the web anonymously

 

I'm wondering can I achieve these goals with Windows 7, or would it be necessary to go over to Linux?

 

I researched this and found out that there's more to it than I thought and it it's quite harder to have a tight system than I thought it would be.

 

Are there any resources you'd recommend?

[AyKay47]

can you be more specific with what you are trying to accomplish

[chaseman]

I think it was specific enough, I want to harden the OS so it's hard to hack into, and I want to surf the web anonymously probably through proxy services. But these two goals are harder to achieve than I thought it would be. So I'm trying to figure out how I can achieve these goals.

 

Any books or tutorials to recommend?

 

Can stay with Win7 (since I like it) or should I rather go over to Linux (which I find hard to use)?

[requinix]

1. Windows per se is already difficult enough to hack into. Has a good built-in firewall, and if you're behind a router or other hardware firewall then that's even better.

2. Proxies are configured on the browser, not the operating system.

[chaseman]

1. Windows per se is already difficult enough to hack into. Has a good built-in firewall, and if you're behind a router or other hardware firewall then that's even better.

2. Proxies are configured on the browser, not the operating system.

 

That's pretty good to hear, I think I'll stick with Windows I just like it to much, I just had a look at Linux again in videos and I just don't like the whole geeky Terminal procedure.

 

I'll probably buy some books on security and try to tighten Win7 up and then I'll see if I can use a proxy service like Hide My Ass, if you have any book recommendations let me know.

[AyKay47]

1. Windows per se is already difficult enough to hack into. Has a good built-in firewall, and if you're behind a router or other hardware firewall then that's even better.

2. Proxies are configured on the browser, not the operating system.

 

That's pretty good to hear, I think I'll stick with Windows I just like it to much, I just had a look at Linux again in videos and I just don't like the whole geeky Terminal procedure.

 

I'll probably buy some books on security and try to tighten Win7 up and then I'll see if I can use a proxy service like Hide My Ass, if you have any book recommendations let me know.

win is secure enough, why do you need to secure it further? ....

[thehippy]

Head on over to nist.gov, they have some publications, papers, standard practices and policies on desktop security.  I don't believe the FDCC (Federal Desktop Core Configuration) has established profiles/policies for Windows 7 yet, there is a policy available for Vista though which I'm sure you can use as a guideline.

 

Firewall security is good, but to secure the OS itself or rather use the OS in secure manner takes some discipline.  Strict filesystem permissions, patching within reasonable times from release, using a good AV/Spyware scanner (MS Security Essentials is good), limiting running services, requiring increased password complexity, removing administrative privileges for any regular user account (I always want to log in as admin but its naughty), not using unsigned driver or software, being a bit stricter with browser control, limiting software installation, securing communications between your computer and others (email, ftps, etc), securing data/harddrive encryption (ex. bitlocker), and the list goes on and on.  You can continue to harden a computer until its unusable, so beware.

 

Get familiar with group policy, Windows has lots of security features which most people never see.  Get familiar with Windows command line tools, cacls, netsh, etc, they're helpful and the CLI is not just for Linux geeks!

 

If you want to be in the know and or conscientious, signup on mailing lists for the software you use, Microsoft has a security bulletin mailing list and a Patch release mailing list.  Get on a few security mailing lists, vulnerability and bug notices will give you some insight into what exploits people will be using (usually within days of their appearance on such lists).

 

Security is a vast topic, so I'll stop with this.

 

If you want to browse the web anonymously you can use a free service like Tor but you'll never get great speeds with it, so its up to you.  You can pay for a web proxy service as mentioned.  If you want to access the internet (all protocols/services) anonymously use a private VPN service.  I say anonymous, but those paid service providers know who you are and a court order can breach that anonymity.  A credit card gift card and a fake name may shelter you a bit, but if they keep logs... I'm getting off topic. 

 

Oh yes, purchase some tinfoil and wrap your keyboard and mouse in it.

[chaseman]

Great post, that was what I was looking for.

 

Regarding the last part, there are services which do not log the users as well.

[cs.punk]

1. a secure system which is hard to hack

Anti virus + Firewall...

2. and I want to surf the web anonymously

Firefox with private browsing on...

 

 

[Wolphie]

Just jumping in here real quick, using a proxy is often slow and it's restricted to the browser/applications that support proxies. I'd recommend going with a secure VPN service and although it may cost a little bit it will encrypt all of the data being sent and received from your entire computer. Anything that you communicate with outside of your local network will be encrypted by the VPN. Not to mention that most VPN services provide 100/1000Mbps connections.

 

Check out http://www.sh3lls.net/, they're VPN service is pretty cheap and they support OpenVPN and PPTP which makes setting it up easy.