Best Practices Security Guide For Desktop/Home Network

3

I'm trying to find, a 'Unified Theory' on desktop security. Over the last few years, I've run into a bunch of really common problems. My little sister's laptop got infected with malware. My e-mail account got hacked. My girlfriend lost some files when her hard-drive failed.

What I'm really hoping to find is a list or blog or a book that doesn't just say things like 'Use a unique password for every site and make sure it's complex!', but something that goes further and says, 'One great way to facilitate that is to use LastPass, or Dropbox and PasswordSafe. And here is how you set that up'.

A step-by-step guide that starts with install the OS, applying updates, installing drivers, configuring backups, malware/antivirus software, encryption tools, possibly cloud-synch services like dropbox or something similar, scheduling future updates, disabling potential security holes, creating user accounts, restricting everything as much as possible, and I don't want to limit it to the things I know of. Maybe there is some really cool setup where all your web-browsing is done in a virtual machine or some sandbox tool. Also, it'd be nice to know what not to install. As an example, (and maybe this isn't true) but I've heard Adobe Acrobat/Reader has often been a security problem. But there are plenty of other alternatives that are free, faster, smaller, and more secure. So, if it said, 'Use X instead of Y' to avoid some likely vulnerabilities. And setting up/securing the wireless router or other common network devices.

Basically, I want to setup my machine the same way I would if I were a really smart, IT security professional, and had spent a bunch of time getting my desktop/home network setup to be rock-solid, awesome, innovative, and hassle free.

If my hard-drive fails, I want to say, 'Oh well. All of my important files are backed up thanks to $software' If the PSN gets hacked (again), I want to say, 'Oh well. All my username and passwords are unique and effortlessly managed by $software.' If my girlfriend says, 'Ummm, my laptop isn't working right' I want to be able to say, 'Hold on, let me restore from the back up that was automatically created Tuesday night with $software'

Does such a guide exist? I feel like something like this has to already exist, but I really struggled to find it online. Like I said, I'm pretty clueless when it comes to this stuff; maybe I'm asking too much.

Currently, I run Windows7 but I'd be willing to switch to another OS.

Rob

Posted 2011-05-16T21:55:41.403

Reputation: 747

Something like this does exist, as SOP for many businesses, but they will all contain different conglomerations of software and hardware that don't translate well to home usage. Honestly, the best way is to read about various pieces of software and hardware and find what fits your style and your budget. There are an infinite number of ways you can set up what you are looking to do and everyone will have a different opinion as to which way is best. – MaQleod – 2011-05-16T22:14:22.300

It doesn't, but it could and should. The biggest issue you will have is that you will be unable to reach consensus. Everyone swears by different solutions to the problems. Add to that the fact that you have 3 major OS families (Windows, OS X, *nix, even though OS X is a *nix), each of which requires different solutions, and many of those solutions are not consistent through different versions of these OSes, and you will rapidly get a huge document. – Lukasa – 2011-05-16T22:27:10.167

Answers

2

It really comes down to your setup, but here's a few

Keep your install disks handy, and have a soft copy (an iso ripped with imgburn) for example. Same with all your software - always have at LEAST two copies or more. Disks get lost, hard drives die.

Backups arn't just a good idea, they can save your hide - with windows 7 or better, use the built in backups, use macrium reflect free or acronis for windows. For OS X i'm told carbon copy cloner is good. For linux systems, it would depend - i use remastersys on ubuntu boxen, and would probably use mondo/mindi on systems where it'd work

keep systems updated - where there are windows systems where routine, standard updating is not an option i use the wsus offline updater

Never EVER run an admin account for day to day use.

Standardise on software - this is made easier cause good number of tools i use on windows are open source or free, and can be installed via ninite - this means its easier to track down issues since you arn't managing different setups.

For PDFs, i use sumatra or pdfxchange viewer (watch out on the installer for pdfxchange for the rather annoying ask toolbar and turn it off). Sumatra is basic, light and fuss free, while pdfxchange is a little more featureful

Journeyman Geek

Posted 2011-05-16T21:55:41.403

Reputation: 119 122

I probably should update/blogify this - quite a lot of things have changed. remastersys is dead, my favoured free backup tool has changed and so on. – Journeyman Geek – 2014-12-25T23:12:10.943

Asked: 2011-05-16T21:55:41.403

Viewed: 973 times

Active: 2012-09-02T00:18:16.293