…I am thinking that I should block my media players and .pdf files viewer from connecting to the internet permanently. Is that good thinking or unnecessary?
I feel that it would add to the already existing BO protection.
For the apps. for which I have to allow internet connections I have the BO protection, ‘running executables’ privilege has been blocked, and access to critical system areas has been denied. This is my approach for preventing exploitations.
If I block complete access to the internet for the other applications, I might increase my level of security by at least a little?
On my mind for each application you should discover all features and piculiarities of an application and create rules. If you need not to update the application, which is not a network application the most wise way is to block network access for this application. This is just my opinion. There are could exists another opinions, of course. The ideal customization of a firewall exists, on my mind.
The necessity of the ideal customization of CIS depends on the iq or/and forcefulness of your attackers O0 At present attackers are hungry and every people have their attackers, cause they are the inalienable part of the environment
For applications like media players, I never let the application update automatically; I go and check the application’s website for new releases and then update myself.
In case of these applications, I think blocking auto-updates shouldn’t be a problem?
What problems? It depends on application. I know one media-player which refuses to work without internet-access (by the way it is the “spider player”. It sounds like spy-player). In the majority of cases there are no problems.
Can you explain to me how exactly program hijacking works? What are the chances that vulnerabilities in the lesser-known softwares, such as the ones I use, are discovered and exploited?
… I dont know… but, maybe if one application, for example, has installed the service which is listening some ports and has the vulnerabilities which can make posiible execution of some code with high privileges. Windows have very dangerous services such as RPC, net bios etc. By means of these services an attacker can discover many things…