I replied to another thread with this information. It has worked excellent for me and I thought it deserved its own thread so more people would see it. My PC has been virtually problem-free ever since.

---------------------------

This page has excellent and extremely thorough instructions on how to clean and/or set up a well protected PC:

http://www.wilderssecurity.com/showthread.php?t=50662

Most, if not all of the programs listed, are free and have download links.
About 18 months ago I followed these instructions and I have had great success.

I also recommend using a hardware firewall (A Linksys router or other brand). Software firewalls like ZoneAlarm and Blackice are practically useless since they are easy for hackers to get around.

My PC has been clean ever since. Hope this helps :)

The best thing I ever got was the router. Most hackers just hit the open PCs and stick with that for now. Maybe in the future that won't work, but it works for me now.

One interesting tip, run your PC in user mode, not administrator mode. Then they don't have many of the rights a hacker needs to take the PC over. Vista tries a compromise, by asking you every time you want to do something like install a program, or run a program that has to run in admin mode. That gets very annoying after a while.

Before anyone shows up to say use Linux I'll be quick to point out that I had a Linux box on the net get owned and used. My ISP contacted me and I shut it down. Nothing can be 100% secure but you can get close. In fact OpenBSD (considered one of the most secure OS) had a remote exploit (http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1703) discovered recently.

I'm still more comfortable with a *nix box on the net compared to a Windows box and use a Linux router with firewall. I haven't had a problem at all with this one even though it will show port 80 (web server) and 22(?) (sshd) as open.

Doing a port scan is an important step. If you have a real computer :D the nmap tool should be available (type man nmap for usage). A much easier way is to use a free service on the web. Google port scan and take your pick. These sites will usually explain fairly well what your potential weaknesses are.

Any OS can be fairly well secured and any OS can be left open for compromising. AUP is right about adding a router. That is probably one of the simplest ways to secure a machine or bunch of machines.

Also be to sure to update regularly. Applys to all OS again.

You know what the say about anecdotal evidence...

I have had a linux box on the internet, with no firewall and no router for 8 years. Never been hacked. It's a web and e-mail server for several domains. If someone wanted to take it over they probably could, but it's been secure against script attacks so far.

It's been through 3 complete rebuilds. Twice when I completely replaced the hardware. And once when changing from Debian distribution to Linux.

You are welcome to try to hack my systems.

I'll even give you a username and password :D

Hint: it's a VMS cluster, running VMS 8.3.

83.104.60.152

You are welcome to try to hack my systems.

I'll even give you a username and password :D

Hint: it's a VMS cluster, running VMS 8.3.

83.104.60.152

OK, I'm in.

BTW, you should really delete those pics before your wife sees them.

OK, I'm in.

BTW, you should really delete those pics before your wife sees them.

:D

OK, tell me how many (plus or minus 10,000) free blocks are there on the system disk.

PM me if you want a username/password.