Anyone want to try a test CompletelyBonkers (new user here) turned me onto?

[Namslas90]

Stupid Belarc Advisor, after running test, said I got a 2.4 (sorry no pic,read on); The stupid program got into a fight with my system had to reboot and Un-install Belarc and do a few other things just to get back online(took almost 3 hours). The thing I noticed is that to increase my score I would have to;

SET Min and MAX password lengths;

Have a different password for Administrator, and User (Even though they are the same person).

Set passwords Schedule to require Passwords be changed ever day.

Thats allready to much trouble, I want to turn the computer on and have it work; I don't need any passwords or any of that crap!!

This Belarc thing is for big coorporate applications, not home computers.

 

[Alec§taar]

Stupid Belarc Advisor, after running test, said I got a 2.4 (sorry no pic,read on);

That's actually NOT "all that bad" man, look @ some other folks' scores, & see what I mean by that... & it's NOT their faults, @ least not entirely... Ms' ships their OS "pretty wide open" so it deploys easily, & runs w/ EVERYTHING pretty much!

This has downsides, but makes life 'easier' @ the outset @ least, until someone finds holes in said default setup, creating the need for change.

Don't dismiss it entirely though - it does make a LOAD of good suggestions, & per your objections list below? I'll help you thru some, hopefully.

The stupid program got into a fight with my system had to reboot and Un-install Belarc and do a few other things just to get back online(took almost 3 hours).

That is ODD that it would... what webbrowser is your default one? I ask, because you may have found a bug in the browser YOU use, and you ought to report it to its maker(s), IF you can consistently duplicate it, that is.

The thing I noticed is that to increase my score I would have to;

SET Min and MAX password lengths;

Have a different password for Administrator, and User (Even though they are the same person).

secpol.msc is where you change this...

Go up to, iirc, 12-14 (iirc, 14 is the max, but I could be off here) characters as MIN @ least, max?

Heck... whatever it will take.

See, the longer THIS is?? The longer it takes 'brute force dictionary crackers' to work... & the time involved for that, even on a FAST computer, is huge & especially @ those lengths & up...

Also, you can supplement THAT, by allowing only say, 3 tries on an incorrect password entry (all done in secpol.msc iirc), & that also helps 'stall' those types of attacks.

Set passwords Schedule to require Passwords be changed ever day.

Logging on as Administrator, even though largely 'frowned upon' nowadays? Offsets this usually, iirc.

See, I do... but, I am out to secure the HECK out of logging ON as Administrator... they say that though, WITH good reason, because anything YOU run on your machine (while you are logged on) runs in that user's security privelege context (most of it that is, some stuff runs as SYSTEM, like installers, imo a NO NO, but how they are currently)... so, that said?

IF you 'suck in' a malware? It has ALL of your powers... & if you logon as Admin? Well... it can do, pretty much what YOU can!

Thats allready to much trouble, I want to turn the computer on and have it work; I don't need any passwords or any of that crap!!

Well, I see YOUR point: A matter of convenience. That is, until you get "hit" by something that uses the 'security-holes' this & other programs like it, can find, & help you patch up!

This Belarc thing is for big coorporate applications, not home computers.

Well, I tend to differ, but... to each his own!



* If you have nothing to worry about on your local system? Then, agreed, you can do without it... me? The ONLY reason I go thru this, @ least @ home?? Is so I do NOT have to redo my system setups (ghosting helps though) due to being busted up by some kind of attack via malware/spyware/virus, OR remote intruders... it's a PAIN for me, trust me, because my systems are SO 'customized', & not only @ the OS level, but in my games, compilers, & more...

Well, thank goodness for GHOST & progs like it!

They help, some, & a LOT, if I keep their images up to date... but, problem is, what if I ghost some setup that has an exploit that nothing I have in the way of security stopped, & I didn't keep multiple images ready (& I do, 4 deep, & though it takes up a LOT of my space, it's worth it to me)? I am screwed, blued, & TATOOED, even IF I ghosted.

Anyhow... to each his own, I respect that, above all else.

APK

 

[BXtreme]

i got a 0.63 w/ default setting in 2k3, but i'll turn it up for sure

 

[Alec§taar]

i got a 0.63 w/ default setting in 2k3, but i'll turn it up for sure

Turn it up MY way, for example? Here is where you can be:

By the time I am done with this? It should be higher than that... especially once I get feedback from BELARC themselves, & I wrote them about this all, per what I found, thusfar.



* I'm going to beat 5.00... just like I beat my init. score of 4.17, just takes time & perseverance is all. I take my time about it, but @ this point?

I need consulting w/ BELARC, & last page? I wrote them, & you can see what I did @ this point @ least. I don't expect an answer until Monday or so, it is, after all, the weekend!

APK

P.S.=> And, on that note? Folks need their rest & play too... best security? A SHARP MIND! And, weekends help that imo... so does rest! apk

 

[BXtreme]

hmm, considerable..Vista gave me 4.32 as 'default', bit xp gave me 2.x something, it means Vista is really secure , but i just uninstalled it for some time....

 

[Namslas90]

Well I ran it again, and noticed i got a 2.5. Also noticed that I got no scores because it could not detect a lot of the things I have installed, IE Virus Protection, Spyware Protection, Im protection, Password protection ETC- Basicaly all of my security was undetected by the Belarc Advisor, and yet I see the name of My Protection Software on their list of supported applications. It also list all the User accounts on my system as DISABLED and NEVER logged in. Now the way I see it is; if they say they can't detect it and therefore give me a lower score, they are just fishing for my business by offering to sell me their service to admit I have the protection I allready have!! i think something is fishy about this program, and still think it is only for Business applications and networks. (I have neither)!

I do like the way it can scan your computer and give you more Information than Windows!!

 

[Alec§taar]

Learn to know the DarkSide of the Force, & YOU ACHIEVE A POWER, GREATER THAN ANY JEDI

hmm, considerable..Vista gave me 4.32 as 'default', bit xp gave me 2.x something, it means Vista is really secure , but i just uninstalled it for some time....

Excellent point on VISTA security... I am GLAD somebody decided to test IT, this way, as well!



* Proof's in the security pudding, per Bxtreme!

APK

P.S.=> I helped Scavar in 'pm' achieve up to nearly 2x his score intially already (1.88 -> 3) & he was already 'into' this area... & this area? It's one of the 'more arcane' & useful (especially out there online today, w/ all the risks inherent) ones, & I think of it THIS way (along w/ coding):

"Learn to know the DarkSide of the Force, & YOU ACHIEVE A POWER, GREATER THAN ANY JEDI" - Darth Sidious

Per my subject-line/title-line for this reply here in this thread, above... lol!

... going for MORE now with him... it's DOABLE! apk

 

[Alec§taar]

Well I ran it again, and noticed i got a 2.5. Also noticed that I got no scores because it could not detect a lot of the things I have installed, IE Virus Protection, Spyware Protection, Im protection, Password protection ETC- Basicaly all of my security was undetected by the Belarc Advisor, and yet I see the name of My Protection Software on their list of supported applications. It also list all the User accounts on my system as DISABLED and NEVER logged in. Now the way I see it is; if they say they can't detect it and therefore give me a lower score, they are just fishing for my business by offering to sell me their service to admit I have the protection I allready have!! i think something is fishy about this program, and still think it is only for Business applications and networks. (I have neither)!

I do like the way it can scan your computer and give you more Information than Windows!!

It does have some 'drawbacks & shortcomings' & I also have objections, but this IS part of why I wrote them (list of mine are in this thread, some in particular REALLY bother me & I repeatedly note 1 or 2, because I am fairly CERTAIN they are 'off' on them).

Also, per your reply?

BELARC ought to let users do a 'customized exceptions list' for yours in particular (in that they do not account for different programs used for security, such as less known or used AntiVirus programs, & even AntiSpyware resident ones etc. or diff. firewalls, et al)...

(In fact, in my discussion w/ them, per the letter I wrote them on last page (upcoming talking to they, it's the weekend, so I don't expect reply until Monday or so), I will direct them @ this thread, so they can see your objections (all of you), & yes, mine as well!)

* All to make this program, ALL THAT MUCH BETTER!

APK

P.S.=> Again: "Learn to know the DarkSide of the Force, AND YOU ACHIEVE A POWER, GREATER THAN ANY JEDI!" - Darth Sidious... apk

 

[BXtreme]

just wanted to know, what does all these security tweaks matter ? i reinstall my os (any1 of them, i have lots but not all) every 40 days so i can't tweak everytime. so i let tuneup utilities do it for me.any others reason to security tweak for a gamer/hardcore user ?

 

[Alec§taar]

just wanted to know, what does all these security tweaks matter ? i reinstall my os (any1 of them, i have lots but not all) every 40 days so i can't tweak everytime. so i let tuneup utilities do it for me.any others reason to security tweak for a gamer/hardcore user ?

Well, if you like having a long-term setup preserved, so you do NOT have to do reinstalls? GHOSTING helps, but keeping that current is a bit of work & yes, even GHOST has downsides, see my ps below for that... do read on please, thanks!

AND, imo? On the account above?? It matters... for me to redo my system, reinstall ALL programs, customize the OS & my compilers & much more (games even, & many system files, movements of them to diff. disks like logs & more)??? Takes DAYS, literally, if not a week in total hours!

I save a great deal of time using prebuilt generic .reg files for instant merges, but even w/ that? Takes a while... GHOST saves some time, but it is tough to keep 100% current on it.

It also matters, regarding others... try to think of this, this way:

Ever heard of "typhoid mary"?

Well, if not? She had a plague (typhus/typhoid fever) & was a carrier, but operated JUST FINE...

* If you get infected or exploited, you may not just "go down" but could be serving as a carrier/spreader, & also functioning as part of a "bot net" etc., so it is really also, considering others...

APK

P.S.=> This is ALL personal preference though... up to the individual! I do it, mainly, to NOT have to go & rebuild it all again (even if I have timesaving tricks)...

AGAIN, on GHOST: Though a great program & concept (outta the shareware/freeware leagues no less is where it came from so you guys know), is subject to backing up infectors too, & I will NOT stand for that!

(I keep 4 backup deep here, each one building a BIT MORE ontop of the next, but they are out of date on patches from MS & other apps too... a 'downside' of GHOST, imo @ least - you can never be totally current, AND you can never be sure you didn't back up the plague, like a melting glacier might have 'trapped under ice' (per Metallica tune of the same name, lol))... apk

 

[BXtreme]

for long term use then, ok.
vista gets that score with default state, after applying current 18-20 released patches, it should get more score, right ? i'll try this later for verifications.

 

[Alec§taar]

for long term use then, ok.

That, & not doing what this tune by Queensryche said:

"Spreading the disease"

(Awesome tune, check it sometime)

Per my "p.s." in my last post above, & especially regarding GHOST on a couple accounts (this one, & the fact it's going to be out of date on patches most likely & MAY CONTAIN BUGS, especially unknown ones @ the time of the backup)...

vista gets that score with default state, after applying current 18-20 released patches, it should get more score, right ? i'll try this later for verifications.

Yes, you ought to... applying the latest service packs & also patches raised guys from scores like .63 to 3's ranges alone on XP here earlier (see back in this thread for that statement's evidence)... doing what I do? Takes you farther...

EVEN PAST SECURITY you saw on VISTA, by default!



* Looking forward to your patched level score on VISTA though, eagerly!

APK

 

[BXtreme]

it's 8:30p.m here, so i'll try it later any free partition resizers with gui ?

 

[BXtreme]

never mind, i'll try it tomorrow on Vista...

 

[Alec§taar]

never mind, i'll try it tomorrow on Vista...

Cool, because I, for one, am seriously looking forward to it...



* I have a feeling, that my 'challenge' (per the Achilles photo I always put up & HIS challenge lol) will be met by you!

(Simply by your using a more modern & secured OS, especially after you update it, that it will be even more secure, per this test, than the model I use is by default (it is already, this much I can guarantee @ this point) but, even past what I am achieving thusfar after my personal methods fr this topic: securing an OS + its apps)...

Finally, I think, if anyone does pass my score?

It will be you, on VISTA!

APK

 

[BXtreme]

maybe, 5 years by the hardworking Vista programmers didn't go in Vain, they've made it the best os ever. Though i still love mac os x tiger, i just couldn't get it to work on my 'test setup', i'll try that after a month cuz i also haven't got time hehe, well...hope to see this forum after 6-7 hours as it's night time here, loggin out

 

[Completely Bonkers]

From CIS themselves, a more detailed test with remedies...

Belarc is still nicer for a one page diagnostic of the whole computer, but the CIS tool looks promising for pure security issues:

http://www.cisecurity.org/tools2/windows/ng_scoring_tool-gui-1.0-win32-nojvmbundle.exe

 

[BXtreme]

OMGWTF!!! Now that I start belarc in Vista it says only compatible with 2000, XP, 2003 ???? last time it didn't say anything, what's happened ???

 

[Alec§taar]

Hey man... patch that beastie, & have @ it: Show us VISTA @ "max-security"

never mind, i'll try it tomorrow on Vista...

Did you get to fully patch VISTA on its critical security updates & what-not? If so, run her again as you stated you'd "get around to" & let 'er rip!



* Anticipating surprising results here... & good luck!

APK

P.S.=> If anyone's going to pass my score of 5.00/10 on this test, imo, it is going to be fully patched VISTA users, & if not? Then fully patched VISTA users, using the suggestions that BELARC yields... apk

 

[Alec§taar]

OMGWTF!!! Now that I start belarc in Vista it says only compatible with 2000, XP, 2003 ???? last time it didn't say anything, what's happened ???

Ok, per my last post above, I did not see you did try it again... &, I am assuming this is on VISTA, & this round, FULLY security critical updates patched.

I have seen folks w/ XP Home state this earlier on in this thread, & unlike many software installers that say for "XP only"? There is doubtless actual VALID & LEGITIMATE reasons for OS version checks @ installation (because they are slightly different, & @ the registry &/or features levels for instance)... not just to get more money out of you asking for "server versions only" for instance of particular softwares.

My guess would be, first: TRY IT AGAIN... & if no go still, & you patched? Ms has done SOMETHING subtle in one of the updates that is hosing it now, on the aforementioned OS version checking programs of THIS nature, doubtless RIGHTFULLY & CORRECTLY perform... & as I noted to XP Home users here earlier? They are probably not aware of the version check string to account for in this version of VISTA (patched ones) most likely.

* Ugh... & I was SO looking forward to your results on this, on a FULLY SECURITY PATCHED VERSION OF VISTA!!!

APK

P.S.=> Another issue I'll discuss today hopefully, w/ BELARC's folks, once they respond to my letter I wrote them (content thereof on the last page of this thread before this one), & I will probably direct them to THIS VERY THREAD... to help them make their program all that much better on ALL levels noted for objections to Security, & OS version checkings... apk

 

[BXtreme]

i've installed all updates up-to-date, and tried again, tried w/ out updates but still no luck.
something's quite wrong here, has belarc's prior version thought that my vista was xp and rated it ? Or in any of vista's updates done something. The last time i did it it, gave me 4.32, all hotfixes installed and antivirus up-to-date was the status.
and now it gains the understanding of that it ain't compatible ???
pls see this page from download.com, it says it's requirements state that it can run on vista, but practically not!
http://www.download.com/Belarc-Advisor/3000-2094_4-10636466.html?tag=lst-0-1

 

[Completely Bonkers]

I have the 7.2h and 7.2k installers if you need an "old" version.

 

[Alec§taar]

I have the 7.2h and 7.2k installers if you need an "old" version.

BxTreme: DO TRY AN OLDER VERSION OF THE PROGRAM AS BONKERS SUGGESTS!



* Odds are, something has changed in the new models, & it is messing w/ you now, per the explanation of "OS VERSION STRING CHECKING" many programs perform (usually to get you to buy a more expensive 'server model' of a program, same thing, w/ MAYBE client-server tools (easy to make no less) for network wide central admin'ing mostly in programs of that class, vs. their 'end user' models... like you see in NAV for consumers, vs. NAV Corporate Edition AntiVirus for example)...

This program HAS good reason to do checking of this nature, because @ this level, some folder structures, features & registry entires ARE diff. between PRO/WORKSTATION models of Windows, & Server Class ones... & thus, the program has to check what model of Windows it is running on, & then, treat it accordingly for security analysis to account for the differences.

I hope I explained that ok so you understand it... I have had trouble expressing myself well the past week or so... I think I need more sleep, lol!

Anyhow... there you go!

APK

P.S.=> BELARC wrote me back, w/ what looks like a std. form letter, & too bad, I would help them out, gratis, on suggestions & EVEN CODE if needed, to make it better to account for my objections noted above & thru this thread (small sampling only too, I would have given them more, reasons why they are 'off' & I am CERTAIN they are in places)... oh well! Letter is below... apk

 

[Alec§taar]

LETTER I GOT IN REPLY TO BELARC, per the first one I sent a page or two back...

Hi,

Thank you for your question or comment regarding our Free Belarc
Advisor. Since this is a free product, we may not always be able to
provide individual responses or assistance for this program. We do
read every email we receive and respond when possible.

It's best to get the latest version of the Advisor from
<http://www.belarc.com/free_download.html>http://www.belarc.com/free_download.html

and check to see if your issue has already been resolved.

If you are finding that your browser is not showing your PC's Belarc
Advisor profile please try the following steps:

1. Open Internet Explorer
2. Select File>Open
3. Select Browse, then navigate to the following directory:

c:\program files\belarc\advisor\system\tmp

4. In this directory you will find a file named like
(computer_name).html. Please highlight this file and select Open.

When you don't see your PC's profile, that's caused by Windows being
mis-configured so that it doesn't use your web browser to open files
with the .html file extension. This usually happens when you switch
the web browser you use, or install an application that helps view or
edit web content. You can fix this in the Folder Options Control
Panel. On the File Types tab, select the HTML extension and click the
Change... button to set your browser to be used for HTML files.

Please let us know how the above help out with your question.

Best regards,
Angela

**************************
Angela F. Mosscrop
Sales/Marketing Assistant
Belarc Inc.
Email: amosscrop@belarc.com
Web: http://www.belarc.com
**************************
====================

MAN - a std. 'form letter'...

... too bad, like I said above...

* IMO - The BELARC ADVISOR FOLKS do NOT seem receptive to critique, OR seem willing to discuss POSSIBLE errs on their end.

(Could be mine, but on the few I note here & in another thread? I actually STRONGLY doubt it!)

It's that (std. reply form letter from BELARC), or this is std. practice w/ them, initially!

APK

P.S.=> I'll pursue it more, because this IS a decent program, & w/ a BIT of advice? IMO, I can help them make it a LOT better... & so can you guys here, in your objections noted above... some very recent (like Bonkers & BXTreme's version check issue above)... apk

 

[BXtreme]

Alex, you MUST LOOK AT this !

I've downloaded 7.2M, and started it, and now it thinks my vista ultimate is 2000, how-e-ever, I got a 3.75 this time.....gotta try some other versions too, do report this glitch