- #SLIMJET VS SLIMBROWSER INSTALL#
- #SLIMJET VS SLIMBROWSER UPDATE#
- #SLIMJET VS SLIMBROWSER FULL#
- #SLIMJET VS SLIMBROWSER WINDOWS 10#
- #SLIMJET VS SLIMBROWSER SOFTWARE#
Pale MoonĪ great choice for anyone with a modern CPU, any multicore processor above or equivalent to an Intel Pentium 4 or AMD Athlon 64 series, is Pale Moon. If you desire a more robust web browser with additional security, graphics, and add-ons, then you’ll want to consider sticking with the mainstream ones. Our selection is based on currently supported projects, minimal resource usage, and the number of supported OS. Here’s the list of the top 5 light web browsers you might want to try. For the most part, these browsers do the same job as their better-known counterparts, and there are no compromises in terms of performance. This is the first run with this so there are likely to be other issues that pop up that will require more tweaking but this has been a pretty easy way to make escalation to system a less threatening prospect and improve kernel security.Using less-known lightweight browsers is an excellent solution to the problem of system resources getting hogged by a more robust browser with multiple tabs opened.
#SLIMJET VS SLIMBROWSER SOFTWARE#
The folders I set to read/write were Windows\temp, Windows\Software Distribution, Windows\minidump, Windows\system32\spool\printers, and Windows\system32\LogFiles.Īll the browsers and software I tested worked as before and I was able to print after I set the \spool\printers folder to read/write. So I tested this in an Xp VM last night and every thing worked pretty much as before.
#SLIMJET VS SLIMBROWSER WINDOWS 10#
This was actually the default ACL in some Windows 10 system files I was looking at.
#SLIMJET VS SLIMBROWSER FULL#
It occurred to me that there was little reason for "system" to have full control over the system and program files folders and that it should work fine with just read and execute permissions for most files with a few set to read/write. The holy grail of Xp privilege escalation has aways been to escalate to "system". I wasn't going to talk about ACLs but reading this thread motivated me and I finally tested an ACL tweak in Xp I've thought about for a couple of months. Not sure how plausible the latter is though, since this is XP you'd probably need a third party firewall program. Not because it improves security, but because it reduces firewall log noise! If you configure your client machines to only allow TCP outbound on ports 80 and 443, say, and then start seeing TCP outbound on port 6667 in the firewall logs, it's obvious that something is fishy. Restrictive outbound configurations on client machines might be useful too IMO. Mind you, this is all anecdotal but my own experience is that outbound connections on weird ports are a good indicator of compromise, which might otherwise go undetected. An old laptop running pfSense or such, with a decent PCMCIA or USB to Ethernet adapter, will do the job. Maybe with an HTTP proxy definitely with restrictive outbound filtering, and good packet logging facilities. If there's no external firewall, it would probably help to have one. No-exec ACLs on the Downloads folder, and on temporary folders, might help with that, even if they don't provide blanket protection from drive-by installs just as a matter of encouraging some thought before double-clicking.įinally, because you shouldn't trust the client machines: Main threat is probably social engineering rubbish. I have a project related to this, it's kind of shoddy but might provide a vague reference.
You're the one who developed PGS right? You might want to check out Windows job object restrictions: PGS implements SoftwareRestrictionPolicies and SecureFolders implements AccessControlLists, so these protections use Windows build in security mechanisms which cost near zero CPU capacityġ.
#SLIMJET VS SLIMBROWSER UPDATE#
Installed SecureFolders with Read Only in Program Files and Deny Execute in user folders, with Chrome update as trusted exception (so Chrome is allowed to update).Īm thinking to replace Chrome by Slimjet and Adding Memprotect beta to protect Explorer, Slimjet and Outlook Express (Slimjet is often two releases behind Chrome, so I need Exploit Protection)
#SLIMJET VS SLIMBROWSER INSTALL#
Run as PowerUser (simular to admin minus ability to change system services and drivers, still allowed to install programs in program files folder). PrettyGoodSecurity deny execute in windows folders writeable by user, block execution of command and scripts and run all programs as basic user except Chrome and Chrome Update
Since Chrome is not supporting XP any more, I am thinking of replacing Chrome by Slimjet.Ĭonfiguration, so suggestions are Welcome (I have moved other relatives to Zorin OS with XP skin, but that is a no go for these relatives).
So I only have readers installed and they use Write as their word processor. I have them on Chrome and Outlook Express. I have some old relatives who still use XP (they are over 80).
0 kommentar(er)
