Limit the OS to run with least privilege as possible instead of
granting administrator access to normal user.
This is common for Linux OS, Mac OS and Windows 7 onwards to have apps
running with normal user privilege and required User Access Control
(UAC) to confirmed any changes that required root/admin privilege.
Train the end-users to not simply ignore any UAC pop-up window(s), to
read carefully and understand it well before accepting the action
requested. If in doubt, always train end-users to choose No/Reject as
usually there's less harm to do this.
Kind regards,
SJ Alex Taidri
On Tue, May 22, 2012 at 11:10 PM, <synja (at) synfulvisions (dot) com [email concealed]> wrote:
>
> A layered security model.
>
> If browsers are run as limited users, and you set ACLs on the temp folders
> to deny execute permission, etc... You've just prevented most 0day malware.
>
> Compartmentalization of services limits the scope of compromise. You can
> limit the priveleges of older software by running their services as
> NetworkService or LocalService instead of LocalSystem.
>
> There are thousands of ways, but you need to define a scope and
> environment.
>
> Rob
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
Limit the OS to run with least privilege as possible instead of
granting administrator access to normal user.
This is common for Linux OS, Mac OS and Windows 7 onwards to have apps
running with normal user privilege and required User Access Control
(UAC) to confirmed any changes that required root/admin privilege.
Train the end-users to not simply ignore any UAC pop-up window(s), to
read carefully and understand it well before accepting the action
requested. If in doubt, always train end-users to choose No/Reject as
usually there's less harm to do this.
Kind regards,
SJ Alex Taidri
On Tue, May 22, 2012 at 11:10 PM, <synja (at) synfulvisions (dot) com [email concealed]> wrote:
>
> A layered security model.
>
> If browsers are run as limited users, and you set ACLs on the temp folders
> to deny execute permission, etc... You've just prevented most 0day malware.
>
> Compartmentalization of services limits the scope of compromise. You can
> limit the priveleges of older software by running their services as
> NetworkService or LocalService instead of LocalSystem.
>
> There are thousands of ways, but you need to define a scope and
> environment.
>
> Rob
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]