7 Steps to Create a Defensive Security Shield for MS Windows

November 23, 2015 | Views: 8749

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Almost 80% of home users use Microsoft Windows daily, as it’s their OS of choice and pretty easy to use. Most Hackers, like myself, are against using Windows as it’s a very insecure environment for a normal user to work in. Plus, most of the people don’t understand the kind of threats they’re facing and think installing antivirus software is a solution for all their problems. So, I thought that I should teach you guys the steps to create a multi-layered security shield. But before starting, let me give you guys some more info.


What Do I Mean By a Security Shield ?

For me, a security shield means multiple layers of security that can increase the security of a common Windows User at the level it should be. If you use your favorite Linux based hacking distro, like Kali, on virtual machine like most Hackers do, you’re also vulnerable because the security of the VM depends upon the security of Host OS which is usually Windows.

How Will a Security Shield Protect Me ?

I want to protect everyone from some no-so-smart people who call themselves H@ckers, who, in reality, don’t understand How Stuff Works. Trust me, most of the time, they’re a very big threat. Any good Hacker will easily manage to defeat the security, but if they can’t even protect you from a N00B, then that’s a great concern for me.


So, let’s get started…

1. First Layer : Desktop Locker :-

Everyone knows they should setup a startup password on their computer to outsiders from accessing it. But, there’s a ton of software’s that can bypass the Windows Logon screen. Protect yourself by downloading a Desktop locking solution. This software has proved difficult to evade. Some of this software is USB Raptor, Eusing Maze Lock, etc.


2. Second Layer : Antivirus :-

Antivirus software is the second layer of defense against threats that a common user faces. Some people don’t favor using antivirus. In my opinion, antivirus can be helpful in making your computer secure. You don’t need to buy an expensive one. Download a free antivirus like AVG or Avast, and it will be enough. Don’t run two antiviruses at the same time because they will make your computer more vulnerable. Once you have the software installed, keep it up to date. Set a password so that no one can mess with it easily.


3. Third Layer : Firewall :-

A properly configured firewall can defeat a wide array of threats like remote hacking and backdoors. Sadly, Windows builtin firewall doesn’t get the job done because it’s easy to defeat and it’s a pain to configure properly. So, you might need a new firewall. There are free firewalls available that are more than enough for a normal user. I recommend using Comodo Free Firewall or Zonealarm Firewall because they’re very effective and easy to implement and configure. Just installing the firewall won’t help; you should configure it to make it a tough wall against all threats. Like antivirus software, set up a password so that no one can modify the rules you set when you’re not around.


4. Fourth Layer : Antikeylogger :-

Keyloggers are one of those threats that are usually neglected. When securing our systems, we think that protection against keyloggers will be provided by the antivirus and the firewall. In reality, there’s a 90% chance that keylogger will easily defeat your defense. They are easy to code and install in the computer. Not only can they log all your keystrokes, they can also hack your webcam, take pics of your computer’s screen, etc. That’s why they’re considered just as much a threat as many other things. There’s a lot of Antikeyloggers software available; most of them will fail to stop most keyloggers. However, there’s a free software called “Key Scrambler,” which is the best antikeylogger solution I’ve found. It doesn’t detect whether a software is trying to log keystrokes. Instead, it encrypts every keystroke you enter. If a keylogger manages to log keystrokes, all he gets is a encrypted letter which is worth nothing. I recommend using it.


5. Fifth Layer : Virtualization :-

You could download a file from the web that might contain a Trojan horse. There’s no easy way to protect yourself from this threat, but there’s software called ‘SandBox’ which might prove helpful. Once you’ve downloaded a file from the Web, run it in SandBox and check if the file causes a suspicious process to run. This is little bit difficult for non-experienced users. Practice with this tool and you’ll learn how to do it. Bonus: The file runs in Virtual Environment and doesn’t effect your computer.


6. Sixth Layer : Browser Security :- 

We all use web browsers that are highly vulnerable. I recommend that you not store your passwords in your Web Browser as they are very easily to be grabbed. Also, use SSL if possible. Another good thing to do is to install some security extensions like HTTPS. Everywhere, AdBlock, etc. in your browser, which will provide additional protection.


7. Last Layer : Use Your Brain :-

All layers above can be easily evaded if you have your head in the clouds. Keep everything up to date and keep installing Windows patches regularly. Download software from trusted sources and keep an eye out for any suspicious activity happening on your computer.


A Few Last Words :

I’ve tried to give you some tips for improving the security of your computer. If you don’t understand any of the terms mentioned above, Google them. Remember that getting hacked by an Elite Hacker is possible but getting hacked by a N00B is an insult of your abilities. Implement countermeasures to prevent this from happening. For assistance, suggestions or support, email me at “Usmanaura47@gmail.com”

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Really helpful !

  2. Nice one USMAN. the 7th is atmost important one.

  3. Love the post, but I’m wondering if anyone can recommend any other desktop lockers besides EUsing Maze or USB Raptor. I don’t mind having to pay for one.

  4. Good advice, Usman! Thanks for your post.

    May I suggest adding two things: 1. the use of a hosts file and/or hosts file manager can proactively block a great deal of traffic you really don’t want – which can include some known to be malware-related; and 2. A pre-hardened web browser, such as Whitehat Aviator. With security built-in by default, this will provide a smaller attack surface than just about any basic web browser.

    • Hosts file? Seriously?
      Without a doubt use DNS filtering, but forcing your local stack to sift thru the thousands of entries in a host file loaded down with “malaware-related” sources of malicious content will retard your surfing to an extent that will make your browser virtually unusable.
      In days of yore the hosts file was a go to option, when there were only a few dozen domains you might chance upon that brought a browser much more than expected. These days you’re better off using a few trusted source browser plugins and disabling scripting altogether. Scripted web content is running code with your local privileges on your local machine. No need for backdoors when you leave the front door wide open.

      • Yes, HOSTS files, seriously. Your comments are well intended but ill-informed. In 20+ years in IT, I have never once seen a well-crafted HOSTS file “retard” one’s surfing to any significant extent, and in fact it can speed your browsing for simply skipping over known and well documented adware/malware sources. Just because it’s old school doesn’t make it bad. And just because one is snarky doesn’t make one an authority.

        DNS filtering is no doubt a great option for some of us, but good old hosts files are still around and work great given the power of today’s computers. Browser plugins are fine when they work, but also require some of that compute power to process just like loading up a HOSTS file. And you’re right about disabling scripting. But let’s not stop there — how about avoiding the use of Flash or Java plugins? The list goes on and on, but my point is that even a simple thing like a well-crafted HOSTS file and a lock down browser will improve your security posture.

Page 8 of 8« First...«45678
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge



Is Linux Worth Learning in 2020?
Views: 740 / December 14, 2019
How do I Get MTA Certified?
Views: 1312 / December 12, 2019
How much does your PAM software really cost?
Views: 1749 / December 10, 2019
How Do I Get into Android Development?
Views: 2139 / December 8, 2019

We recommend always using caution when following any link

Are you sure you want to continue?