Anyone want to try a test CompletelyBonkers (new user here) turned me onto?

[Alec§taar]

BELARC ADVISOR -> Dowload URL:

www.belarc.com



I got a 4.17 out of 10 & CompletelyBonkers got a 3.13 out of 10!

His lesser score IS w/ GOOD reason: He needed help implementing some of its suggestions... secpol.msc/gpedit.msc stuff, MOSTLY...

(Still, I don't FULLY TRUST that score of mine... I list some reservations I noted @ in the URL below, as to why (the URL next below was my post of objections from the bottom of the thread where I did this test per his request))

Still, CompletelyBonkers expected me to get a "10/10", but that's flat out impossible imo, for the most part!

(&, imo @ least, on ANY security test 'right-off-the-bat', & especially THIS one)

You'll see WHY I say that, once you read on below!

Securing Windows 2000/XP/Server 2003 services HOW TO - list of APK findings/thoughts/objections to BELARC ADVISOR RESULTS:

http://forums.techpowerup.com/showth...581#post261581

(That's what it listed I failed, but I had reservations about its messages too, & they are RIGHT in that post (edited that URL to put in my EXACT reasons of objections post linkage, to see if others agree w/ them, once they run this, etc. OR otherwise)).

* Personally, I think that BELARC ADVISOR, while a GOOD & DECENT PROGRAM, does make SOME mistakes in some cases!

APK

P.S.=> Anyhow, you guys oughtta give this SECURITY TEST a shot, & see HOW YOU DO... apk

[Alec§taar]

My score result, beat it IF you can!



& again, IF you do? I'd like to know HOW you overcame some of the ones the program faulted my setup on, per this URL from above:

http://forums.techpowerup.com/showth...581#post261581

Some of it I do not agree with @ all, & not for how I setup a system, but I will listen to objections, if you state them logically, as to where you feel I went wrong in my setup, vs. BELARC's suggestions... it is possible I am OUTRIGHT WRONG, but unlikely for how & why I setup things it yelled about (lol, imo @ least so far).

* & Above all else... thanks for participating, because this ought to be interesting.

APK

[Alec§taar]

I'm going to beat that score...



* I am nearly certain of it: I definitely object to the things I do above, vs. its opinions, but should be able to beat my former score above!

APK

P.S.=> Nobody else? Come on... We're starting to get that snowstorm here, expecting 2 ft., so my neighbor & I played Chess for hours in this snowstorm - so, I didn't get around to it, yet, but... soon I will! apk

[Alec§taar]

Well, I tried & tried, for most ALL of last night (into early a.m., I knew we'd all be snowed in today, so the most I had to look forward to was using my snowblower this a.m., lol, & freezing my tail off!)...

I still can't beat the score I got above - & almost locked myself outta my system going 'ape' on registry hive/key rights to try get higher than 4.17.

(Got it back though - it was to the point, kid you not, where I was running Windows Server 2003, WITHOUT ANY SERVICES RUNNING @ ALL - yes, it is possible, & not going thru the gymnastics this URL below puts you thru either):

Running Windows with No Services

http://blogs.technet.com/markrussino...-services.aspx

* I managed to 'accomplish' that, just by knocking out rights to various registry hives/keys for the SERVICE entity itself... & it was pretty cool, because I had more free RAM & CPU cycles, this is certain, & I ran Quake 4 SMP on it (no sound though)... F A S T, faster than usual imo!

APK

P.S.=> Still, it was NO fun not being able to get online, so, I had to reverse some of the changes... interesting experiment so far, & a challenge! apk

[Alec§taar]

* Up, from 4.17 before, to a 5.0... "she's getting there!"

APK

[ace80]

doesn't give me a score, says its only compatible with win 2000/2003/xp pro. I run xp home.

[Alec§taar]

Quote:

Originally Posted by ace80

doesn't give me a score, says its only compatible with win 2000/2003/xp pro. I run xp home.

Man... that sux!



* You'd have been the 1st taker too, other than the person who tuned me into its abilities for this in CompletelyBonkers, for taking this security examination...

("DAMN!")

APK

P.S.=> Hey, @ least YOU "took a shot @ it"... it's the thought that counts! apk

[ex_reven]

I scored a 1.8 LOL


You can probably see why:

[Alec§taar]

"Hector.... Hector... HECTOR!!!"

Per the film TROY when Achilles stands outside the gates of troy issuing a challenge to Hector to do battle?



* Anyone who's a Greek here, (& I KNOW THAT YOU ARE HERE) I would like to ask a question:

How many hours/days, & HOW MANY TIMES, did Achilles SCREAM that, while outside the gates of Troy??

APK

P.S.=> LOL! apk

[ex_reven]

Quote:

Originally Posted by Alec§taar

"Hector.... Hector... HECTOR!!!"

Per the screenshot above & the same film?



* Anyone who's a Greek here, (& I KNOW THAT YOU ARE HERE) I would like to ask a question:

How many hours/days, & HOW MANY TIMES, did Achilles SCREAM that, while outside the gates of Troy??

APK

P.S.=> LOL! apk

Sadly, historical evidence cant point out how many times Achilles screamed, nor even if he fought Hector. Most evidence points that the war was over trade and not that of a female love interest. However, Id say that from this report, my computer is far from the Greek Phalanx

[Scavar]

I got a 1.8 as well......though the reasoning behind it all seems a little iffy. Still im fixing some of the things I can now see as obvious holes.

[Alec§taar]

Quote:

Originally Posted by ex_reven

I scored a 1.8 LOL

Well, you can work on it, per the suggestions I gave CompletelyBonkers in the "Securing Windows Services" thread, if you like...

I.E.-> You use tools like Windows Explorer.exe, Regedit.exe, secpol.msc, gpedit.msc, & lusrmgr.msc to do it. See this thread, slightly above THIS post there (3-4 posts above it, both of those):

http://forums.techpowerup.com/showth...581#post261581

(Doesn't take ALL that long, but you really have to PAY ATTENTION to the section where I put in BOLDED "IMPORTANT" type warnings regarding ACL rights in the registry especially, & using Explorer.exe NTFS rights - you CAN lock yourself out, if you do it wrong, & no way back in using std. tools @ that point)...

As far as NTFS rights, & Registry Hives/keys rights, NEVER REMOVE System, or Administrators group (or, your local machine level Administrator) from FULL CONTROL rights to them... you can always get back in, that way, no matter what.

Quote:

Originally Posted by ex_reven

You can probably see why:

Yea, it's taking you down on points because it says you are WAY outta date on security updates/patches/hotfixes.

Some of the stuff astounds ME in it as well: For example, it says I have this key in my registry that is secured, that DOESN'T EVEN EXIST (SNMP related path)... & others that I KNOW are secured properly, say they aren't...

I outline SOME of them in the "Securing Windows Thread" & point to it above iirc in my first post, to the exact posting I did complaining about it... it is a 'valid bitch' on my part, because I know the program IS making errors on those accounts.

BUT, all-in-all, it's a decent program.

APK

[Alec§taar]

Quote:

Originally Posted by ex_reven

Sadly, historical evidence cant point out how many times Achilles screamed, nor even if he fought Hector.

I read D'Aulaire's Greek Myths & others like it about the Trojan War when I was a boy, & it was something like a WHOLE day & night from their accounts of it!

However, the point above in my stating that per the film's portrayal of that, was just for humor really!

I.E. -> Calling out to more of you to try this test is all.

(Sometimes, I have a "StRaNgE" sense of humor I guess... Plus, lol, I posted that after my neighbor & I drank a bottle of Tequilla last night (real 100% Agave based stuff) too, & after I watched the film again w/ him, because he never saw it, I posted that, lol!)

Quote:

Originally Posted by ex_reven

Most evidence points that the war was over trade and not that of a female love interest.

Probably true, most wars are given a 'false front' to enflame the masses (e.g.-> Catholic vs. Protestant in Ireland, OR, lol, how about "staying the course, for Iraqi Freedom & WMD's"?)

Agamemnon wanted the Aegean Sea & control of it, FULL NTFS/ACL rights control, lol!

Quote:

Originally Posted by ex_reven

However, Id say that from this report, my computer is far from the Greek Phalanx

That's ok - you can make it so, if you wish... takes time though, on some of the settings involved this program points out, & imo, it STILL makes some errors in regard to some of what it suggests.

I guess still, it is a GOOD program, because it makes you take a look @ things & 'shore them up'...

APK

P.S.=> HOWEVER, OVERALL? I do feel that it's a good program!

A regular "Chiron to Achilles" (keeping the theme alive, lol - Chiron MASSIVELY educated & raised Achilles).

It teaches you, to be far more invulnerable!

Thus - giving you guys, w/ all your Super-Powerful hardware the GREEK IDEAL of "Sound Body (good hardware) & Sound Mind (secure solid OS)" in a way, lol... apk

[Jimmy 2004]

I'm on XP home too, so doesn't work for me (don't know why they can't make it work). I'd probably get an ok score, but nothing incredible.

[Alec§taar]

Quote:

Originally Posted by Jimmy 2004

I'm on XP home too, so doesn't work for me (don't know why they can't make it work).

Basically, I'd wager it'd work FINE, but the author of the program's going thru a CASE statement testing values returned from Win32 API calls @ its startup, testing what version of MS OS is running, due to the TINY diff.'s in its registries on them, & testing later as well for this while it performs its security analysis... he is simply, on a guess, missing detecting XPHome...

Quote:

Originally Posted by Jimmy 2004

I'd probably get an ok score, but nothing incredible.

Some guy out online CLAIMS to have an 8.34 score on it... but, he never posts any proofs that I saw, & I am VERY 'big' on putting out proofs to backup statements.

I am TRYING to work my way higher still, but the suggestions where it says I am missing security on registry permissions/ACL's, make NO sense, because they ARE SECURED PROPERLY... it's weird!

EDITING THIS IN A FEW DAYS LATER (02/19/2007), so folks know what I mean, on "weird": For example? It detracts from my score, badly & imo, wrongfully, in its services section!

Funniest part is, it does this for SERVICES I AM NO LONGER EVEN RUNNING, first of all... & secondly, even though I disabled them? I also lessened their logon entity to LESS THAN SYSTEM (down to NETWORK SERVICE or LOCAL SERVICE, just in case they somehow got remotely started (doubtful, but you NEVER know)).

That said - I can't see how this person could claim that score, unless he runs ALL of his services (which I doubt he needs to period & is wasting memory & cpu cycles + other forms of I/O in doing so):

After all - He has the same registry paths for the most part, that I do, regardless of the OS version he runs, & couldn't have secured himself any differently than I did w/ out locking himself outta his rig, OR possibly severely crippling some of its abilities. I give a specific example of this below in fact...

APK

P.S.=> Another one it SPECIFICALLY & EXPLICITLY says to turn down, is the rights of the Windows Installer (runs as SYSTEM by default), which is EXACTLY what Joanna Rutkowska took Mark Russinovich 'down a peg' on recently here:

http://blogs.zdnet.com/security/?p=29

Problem is, when you DO secure it, by removing SYSTEM as the program suggests? Well, trying to use "Add-Remove Programs" in Control Panel, to uninstall something will NOT work anymore! apk

[PVTCaboose1337]

.63 on my laptop I'm on now... Wow.

[Alec§taar]

Quote:

Originally Posted by PVTCaboose1337

.63 on my laptop I'm on now... Wow.

I understand your reaction:

Almost spooky, isn't it? Microsoft really sort of HAS to ship their systems in a 'less secured' & 'generic state', imo, so the OS' install & run, no problems on ANY machine...

BUT, you are 'open' in some ways, because of this.

(Yes, there ARE 'hardened' installations of the OS that some oem's make, not for the masses, but I know this has been done over time... or, there are folks out there making monies doing it, independently, for others).

* This is how you can LEARN to do that imo.

APK

[PVTCaboose1337]

I could make it better, but I am too lazy to update to SP2...

[Alec§taar]

Quote:

Originally Posted by PVTCaboose1337

I could make it better, but I am too lazy to update to SP2...

LOL, awww... come on man!



* That only takes a few minutes to apply!

APK

P.S.=> That will help, SOME, but there is a LOT MORE this thing looks @ besides patches levels (that is very important though)... security's NOT a big priority for most folks imo... after all - PC's are just another "home appliance" to they, but, I guess my point is, for folks like us who are "into it" &/or make our living from it? This can be a job-skill learning session in many ways, in Computer Security related areas... GOOD for network techs & such especially, imo! apk

[Alec§taar]

Nobody else, eh?



* Oh well... what can you do! You can lead a horse to water, can you make him drink??

(Too bad, because I was truly hoping someone would beat my score up there, & show us ALL how he did it, sharing "the good word" & all that!)

APK

P.S.=> Thing is guys, this is NOT a competition to me, or me vs. YOU: It's about learning more, each of us participating.

Heck, anything I found? I'd share it + did (in the URL's noted above) for everyone's good... but, again, imo?

Security isn't a priority for most folks on a PC, not by a longshot (well, @ least not until they get 'hit' by it being weak - I was the SAME, until I did get 'taken advantage of' years ago on IRC... some guys told me HOW they did what they did, others not - that's what got me into securing a system really)...

Then again, maybe folks are right & I am wrong - you probably can NEVER be totally secure nowadays online... apk

[wazzledoozle]

I got a 1.88/10. Im missing 16 "critical/important" updates and it says I should reinstall a lot of those already installed. Meh. I also dont run any local antivirus, so that probably cost me a lot of points. I think im just gonna nuke my XP installation today.

[Alec§taar]

This is a testimonial to how Windows Machine are setup TOO generically outta the factory imo @ least...

* APPEARS TO BE A PROBLEM TO ME AT LEAST... That is, IF you value security @ all.

(Above all - No offense intended regarding anyone's scores, but if the scores we're seeing are stock setups purely? Well, seeing's believing!)

APK

P.S.=> You CAN shore it up though, I did, it seems to work fine & my system's the same as before function-wise, + faster... There is now enough literature on these forums to let you do so!

I'm going to write the folks @ BELARC though about some of the readings I got - scoring me downwards for services I don't even keep running & also disable + knock down their logon entity rights to ZIP (LOCAL SERVICE) as well, plus, how they scored me down on other things that I feel are "off", because I think my score's actually QUITE A BIT HIGHER than 5.0 in reality... apk

[PVTCaboose1337]

Now my laptop is a 3.13 of 10

[Alec§taar]

You're doing better... Service Pack #2 alone get you up from your last score?



* If you work @ it, you can ALL get to "5.0"... I am going to try to get higher, & am going to inquire on some of the results as well w/ BELARC as I noted above.

APK

P.S.=>

Screenshots? apk

[PVTCaboose1337]

Yep .