yep a system totaly invulnerable doesnt exists except if u coded your own system and your own apps, in this case, the lamer that wants to attack your system will be defeated by a unknow system as he knows nothing about it and u’re the only one that got the code.
but even in this case as you’re connected to the web, there’s always a danger,
u can reduce the danger by using good AV and good FW (comodo of course )
i use superadblocker too to block almost 100%of Ads on any webpage, this is a good prog, but not freeware, anyway u can get a lifetime serial, what decided me to buy it.
no one can see your ip if u use some proxy but u’re always connected somewhere that logs your true ip or maybe u’re connected to some “open” pc to surf the web…
anyway as u’re connected somewhere with your ip there’s always a possibility to find u.
java disabled or not doesnt change anything about that, but it’s safer to have no java installed on a system, i had trouble once with some java code integrated on a webpage that contaminated my machine in no time, the lamer hacked a normally safe site to integrate a java code that installed a trojan, admins corrected the security failure but it was too late in my case. at this moment i didnt use an AV i thought i was safe just with a Firewall, what is not the case, so now no more java and FW+AV+anti Ads, and my system is more secure but there’s always someone that can break into any securised system. u can always use some router + some hardware firewall to improve security even more, but nothing is 100% safe for the moment.
with some new hardware cpu+mobo that will block malicious codes or some chipset that will control security maybe it will be more hot to hack machine or they can authorize access to the web for a machine that is confirmed safe and registered so people without a registered safe pc will not be able to connect the world network.
it’s restrictive and controled so we can trace u if u do bad activities over the network, but in other case, i don’t know how to stop all this mess that never stops and use bandwitch for nothing except to annoying people.
if u scan the world network u can find so many infected machines…
i used to think i was safe but now as i realize the hidden possibilities to attack systems and control them, i can’t tell if my machines are really safe, i hope so but i would not bet that i’m 100% secure.
how manies security holes are known just by a minority of people and codes that travel and are not tagged as malwares yet.
i found 2 of them with defense+ comodo as AVs said there was no malicious code detected…
so people without defense+ that trust their AV and think they’re safe cause the AV is uptodate are contaminated until the malware is detected by someone and tagged by the AVs.
but who can tell that defense+ is 100% safe, no one even if it’s the best solution facing an unknow app.
there’s always someone to turn around security progs and comodo is not safe at 100% but it’s the best solution i know, if it’s not 100%, it’s probably 90% or more, what is far better than any other security app.
i read that comodo cannot make ads about his FW as it’s a freeware, but i think soon or late all will heard about this FW simply cause it’s the best prog u can use on windows systems, the fact that it’s freeware may be a brake about his usage cause people can think as it’s free, it’s not better than a shareware, what is just wrong, cause we have no FW that can touch the comodo FW level, it’s not a fanatic attitude, it’s just the actual reality.
this FW is a big problem for others security teams, it’s the best and it’s free.
and using netbios or not is not a problem if u got comodo installed.
port 135 is Not as easy to stop compared to port 137,138 and 139. if u stop netbios port 137,138 and 139 will not appear anymore but the port 135 needs some change in the registry to stop it. same for port 445.
some search in google will tell how to disable port 135 and 445.
there are the ports 1900(udp) and 5000(tcp) too named universal plug and pRay , u can stop that just by disabling the right windows services. SSDP Discovery service and Universal plug and play can be disabled in admin tools/services. it’s easy to disable that and no one need those services but it can be a eventual gate as worms that crashed a windows service on XP sp1 (lsass.exe) and shutdown the pc automatically, people just had to modify a rule, do nothing if the service is stopped instead of restart the computer,
lsass.exe is a process u cannot stop or u will not login into your windows session anymore so it was a dam security hole.
once i blocked a malicious dll locked to lsass.exe then as the process couldnt start the dll, i stayed out of my system with a black screen. lsass.exe didnt want to start cause of the locked maliciouse dll it couldnt load.
there was no way to recover from this prob as it was on the laptop and i had no hd case for laptop HD size,
with a hd case i could login my vista desktop and change the permissions of the dll so lsass.exe could start the dll and start to authorize myself to login my session.
each mode i tried to start vista resulted by a black screen.
so as a machine is impossible to secure at 100%, a backup app is a need to save your system every day so u can reload a system not contaminated very fast,
i knew the file was a malware with defense+ but i wanted to see what the file would do on the system and clean it, but a dll attached to a windows system file can’t be deleted. was an activeX that oppened urls, i succeeded to clean the activity but impossible to delete the dll locked to lsass.exe, maybe unlocker could help, i didnt try, i just changed the permissions to block all activities of the dll. bad idea, i was locked out and nothing to help me to correct the prob.
so instead of trusting into your security, a backup is a better idea.
it can save u when u’re facing probs u didnt expect. if u cannot fix your system, the backup u did the day before will fix it for sure.
i prefere using acronis echo every day than trust my security pc level.
a backup app is the most secure solution for people.
what will u do if your security scheme is bypassed by a new malware? cry or backup your system every day ?
i prefere backup than lose all data cause i thought my pc was a fortress
one day or an other anyone is caught by some malware, security experts would never just trust into their capacities to defeat any new danger, they install a system to backup all that is needed even with a extremly high network protection…cause they know that they don’t know what will happen tomorrow…