Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Use of a VPN - does it help with XP security?


  • Please log in to reply
10 replies to this topic

#1 jaypeecee

jaypeecee

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:11:12 PM

Posted 17 November 2014 - 07:54 AM

Hi Folks,

 

In order to increase XP security, does it benefit a user if their PC is accessing the internet from inside a VPN?

 

JPC


Edited by hamluis, 17 November 2014 - 03:01 PM.
Moved from XP to General Security - Hamluis.


BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,408 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:06:12 PM

Posted 17 November 2014 - 04:42 PM

Not really.  If you use an XP machine for web browsing a VPN will not protect you from malicious third party ads and such.  Any exploit that has been found since Microsoft stopped patching Windows XP would be a possible attack vector.



#3 rp88

rp88

  • Members
  • 3,047 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:12 PM

Posted 17 November 2014 - 05:26 PM

Not much benefit for security, a VPN can give privacy and anoymity whilst hiding your traffic from local snoopers (someone running a wi-fi network you are using or your isp) but it doesn't fight viruses. Infact as many VPNs display ads it may infact increase your risk. For security on xp follow a few simple tips, although it won't be perfect, especially not know this big range of bugs has come out which apparently affects everything back to windows 95.

1.keep your antivirus running and fully up to date, first thing to do when you connect to the internet: update it's definitions

2.have a second opinion scanner, and a third opinion scanner. malwarebytes is a good one, eset online scanner is another.

3.never, i repeat never, use internet explorer

4.if possible use a limited account, not an admin one, for all your usage except when you have to fiddle with system settings and such

5.never even open internet explorer

6.don't let it be your default browser either

7.use firefox and use an adblocker and something like noscript, these two steps reduce the risks from drivebys

8.also make sure you have as few browser plugins as possible, put them as "ask to activate" or "clcik to play" NOT "always run"

9.only visit really trustworthy sites with it, your email should be ok, here should be alright, google's own pages(the results and images pages) should be ok, the bbc should be safe, other news sites can be risky these days because of adverts they show, perhaps type the names of sites into "web of trust" (use their website not their add-on/plugin/extension) before visitng a site

10.make sure "show file extensions for known file types" is turned ON

11.don't open microsoft documents of types which can contain macros

12.use google chrome for readings PDFs, don't use adobe reader

13.don't, i repeat don't run java

14.well if you need it for a desktop program then choose the option to disble it in the browser (go into java's settings under control panel) and make sure to keep it up to date, make sure it does not jave plugins in any of the browsers

15.keep everything else up to date

16.scan every file with your antivirus and with your second opinion scanner before opening it

17.never "open" a file when you download it, rather save it to a folder then fond it and scan it before opening it

18.keep backups, online and offline, all of them not connected to the computer except when doing the backing up

19.think about moving to a newer windows system, or to linux or mac

20. don't leave the computer connected to the internet when you are not using the internet, if you are typing something in a word document disconnect from the internet until you next need to check something online

21.keep backing up

Edited by rp88, 17 November 2014 - 05:28 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#4 jaypeecee

jaypeecee
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:11:12 PM

Posted 18 November 2014 - 04:44 AM

Thanks, guys.

 

I use a subscription VPN service, which does not serve up ads. As this VPN service also has security software in place, I cannot see how malicious software could be served to my PC. I also run Norton Internet Security 2014.

 

I do not use Internet Explorer. Firefox is my default browser with AdBlock Plus add-on. I will stop using Adobe Reader.

 

Am I overlooking something?

 

JPC


Edited by jaypeecee, 18 November 2014 - 04:49 AM.


#5 rp88

rp88

  • Members
  • 3,047 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:12 PM

Posted 18 November 2014 - 12:28 PM

Perhaps but you seem fairly secure. I can't know how well the vpn protects you as it should forward anything and everything to you that you request from the world wide web, if it acts as a vpn usually would (user says to vpn "get me www.xyz.com", vpn says to xyz.com "send me all the content on this page", vpn says to user " here is all the content from the page at xyz.com" ) then it won't improve security but if the vpn company has servers which block content from certain known malware domains then it could help. The fact it doesn't serve ads means in this case ot certainly shouldn't make security worse, it either has no effect (most probable) or makes it a little better (quite possible, i think a fair few vpn providers block some malware sites these days). Malwarebytes would be good to nstall as asecond opinions acnner, there is a free version which i know from experience works well alongside norton products (last year's ones atleast, i don't have experience with this year's).
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#6 1PW

1PW

  • Members
  • 316 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North of the 38th parallel.
  • Local time:04:12 PM

Posted 18 November 2014 - 11:04 PM

Am I overlooking something?

I am afraid the answer is yes. Respectfully, you are placing too much faith in VPN, better browsers w/addons, and NIS2014.

One could start with Zero-day attacks and exploit kits...

Your XP's vulnerabilities can only increase with the passage of time.

Your NIS2014 is a mere annoyance for the highly skilled professional malware authors.

I might be mistaken but, are you assuming the sites you normally browse are impervious from attack, and always managed to the highest industry standards?

HTH :)

Edited by 1PW, 19 November 2014 - 10:28 AM.

All viruses are malware but not all malware are viruses and if the malware doesn't self replicate it just isn't a virus.


#7 jaypeecee

jaypeecee
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:11:12 PM

Posted 19 November 2014 - 11:06 AM

Perhaps but you seem fairly secure. I can't know how well the vpn protects you as it should forward anything and everything to you that you request from the world wide web, if it acts as a vpn usually would (user says to vpn "get me www.xyz.com", vpn says to xyz.com "send me all the content on this page", vpn says to user " here is all the content from the page at xyz.com" ) then it won't improve security but if the vpn company has servers which block content from certain known malware domains then it could help. The fact it doesn't serve ads means in this case ot certainly shouldn't make security worse, it either has no effect (most probable) or makes it a little better (quite possible, i think a fair few vpn providers block some malware sites these days). Malwarebytes would be good to nstall as asecond opinions acnner, there is a free version which i know from experience works well alongside norton products (last year's ones atleast, i don't have experience with this year's).

 

Hi rp88,

 

Thanks for your feedback.

 

I installed Malwarebytes yesterday and did a scan. It found a good few PUPs, which I have now deleted from my PC. It does seem OK alongside Norton Internet Security so that's a blessing.

 

JPC



#8 jaypeecee

jaypeecee
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:11:12 PM

Posted 19 November 2014 - 11:18 AM

 

Am I overlooking something?

I am afraid the answer is yes. Respectfully, you are placing too much faith in VPN, better browsers w/addons, and NIS2014.

One could start with Zero-day attacks and exploit kits...

Your XP's vulnerabilities can only increase with the passage of time.

Your NIS2014 is a mere annoyance for the highly skilled professional malware authors.

I might be mistaken but, are you assuming the sites you normally browse are impervious from attack, and always managed to the highest industry standards?

HTH :)

 

 

Hi HTH,

 

Thanks for your reply.

 

I suspected that it couldn't be as straightforward as using a VPN. Otherwise, everyone would be doing the same thing. I simply don't understand enough about zero-day attacks and exploit kits. I am therefore grateful to you for drawing my attention to these forms of malware.

 

So, it looks as though I may need to upgrade from XP. That will mean the purchase of a new PC. Given the state of flux in the IT world with Windows 8, 9 and 10, I suspect I'll end up going for a Windows 8/8.1 laptop. How long have Microsoft said they will support Windows 8? Would you happen to know?

 

Thanks again.

 

JPC


Edited by jaypeecee, 19 November 2014 - 11:19 AM.


#9 rp88

rp88

  • Members
  • 3,047 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:12 PM

Posted 19 November 2014 - 11:51 AM

microsoft is VERY cryptic about how long thye intend to support windows 8 for. They give extremely unclear, and in many cases self contradicting, information when they try and say which date will be the last time 8 gets updates and a user would need to "upgrade" to 8.1 to continue receivng updates. They also don't make it very clear when 8.1 gets it's last batch of updates. It's all pretty weird, and there have been some attempts to force users of 8 to "upgrade" to 8.1 by use of a few sneaky updates (KB2871389 and KB2973544 i think). But for keeping your system safe i would advise replacing your xp system with windows 8, windows 8.1, windows 10 (when it comes out in full), mac or linux. Especially know all these recent patches have come out for vulnerabilities that affect everything since windows 95. windows 7, 8, 8.1 and 10 will be patched for those , mac and linux were never vulnerable to them, but xp and old operating systems have this vulnerability and sooner or later criminals will rverse engineer the update and discover how the vulnerability works, at which point they will use it to attack xp and other old windows systems which will never get patched.

Edited by rp88, 19 November 2014 - 11:51 AM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#10 jaypeecee

jaypeecee
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:11:12 PM

Posted 19 November 2014 - 12:15 PM

Hi rp88,

 

Thanks for your reply.

 

What a ridiculous state of affairs!

 

Makes me wonder if Windows is the way forward at all. MS seems to have lost their sense of direction. I see that Android laptops are starting to appear. I am a big fan of Android but I still associate this OS with smartphones and tablets.

 

JPC



#11 Al1000

Al1000

  • Global Moderator
  • 7,881 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:12:12 AM

Posted 19 November 2014 - 07:26 PM

Well it costs nothing to try out or use Linux, and your current computer may well be adequate to run the latest Linux operating systems.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users