|
As far is I know, WannaCry was patched for Windows 7 by Microsoft, as well as for Windows XP.
If you really have to, ask yourself how to protect the operating system as best as you can from attacks.
1.) Put the machine behind a NAT on IPv4 (by using a separate router), or a virtual machine. Attacks on the network card from outside of the NAT or virtual machine are impossible (blocked by the router).
2.) Use a Rasperry Pi or similar for adblocking (Google -> PiHole). It's an excellent blocker. It's a as good as it gets blocking bad sites.
3.) Use a secure DNS Server (for example Adguard DNS - Google it). Configure it to use it in Firefox, or in the Rasperry Pi. That option blocks more bad sites.
4.) Use Firefox only. Google Chrome and Microsoft Edge end support for updates this month as far as I know. By using a current browser, you greatly reduce the attack surface. With using a current browser "Firefox", you greatly reduce the attack surface when browsing.
5.) Virus Scan, see what you can find for Windows 7. Old stuff. Not sure what is available.
6.) Don't go to random sites and visit mostly known sites only. Don't try to download stuff.
That's probably as good it gets, when you don't have other possibilities.
Another tip: With CCleaner (Crap Cleaner) you can investigate all startup programs and services. Once a month check for any bad startup entries.
You won't be 100% safe, but by using the Internet by not calling up "bad", random sites, you probably will be fine. Try using the computer mostly on known sites, use another computer with a current operating system for trying out new sites. Don't randomly click on stuff.
And now let the shitstorm start how to give that advice.
|
|
|
|
|
Member 15861385 wrote: Try using the computer mostly on known sites
Don't forget that a common problem here is that even known, trusted sites can get compromised and start serving malware. A patched OS might not be susceptible to this...but nobody can say the same for 7.
|
|
|
|
|
Ask not how but why.
See OG post, VM.
If because need to access 1 site with an older version of firefox, VM windows 7 for that 1 site, and use main OS for ALL other activity.
If because need to run an application that only works in Windows 7. Use VM of windows 7, and do ALL other activity on the main OS.
both minimise need for extended security complexities beyond windows defended.
Other guesses, machine only runs windows 7. If critical enough that needs a such security, then things like life expectancy of components more important then running windows 7. Replace HD, if CPU gonna konk out in 2 months.
If doing any extra activity stuff, dark web/torrenting, do not use windows 7.
|
|
|
|
|
I mostly still run Windows 7 here. I just retired a Windows 2000 machine and shifted it over to a new dedicated Windows 7 machine.
Up until recently, I HAD been running Avast as my antivurus on all machines. But Avast didn't want to install on that latest Windows 7 machine, so I switched to the antivirus I was using on the Windows 2000 machine: an open source antivirus called 'ClamWin'.
Some web content absolutely can't be accessed with Firefox, i.e. many videos. The only success I've had is with Chrome, which I hate. I just watched my Firefox update itself to version 108.0.2, which was a surprise as everytime I open it, there's been a banner that says I will need at least Windows 10 for future updates, so updates could halt at any time. Best advice: many forks of Firefox have also announced an end of support for Windows 7, so be prepared to clone the repository and compile it yourself, taking out the trap that prevents the compilation from running on a Windows 7 box. Probably have to keep cloning with every change.
Watching web videos is frequently important for me as I access video tutorials that I haven't found an equivalent textual answer. And sometimes I have to sort through multiple videos for the same issue because I can't understand the narrator due to the thick accent.
As for WannaCry protection: disable SMB level 1 access. Also a good idea to disable remote desktop access on all systems. This caused me a headache a few years ago when I spun-up some Linux boxes to use as my NAS, and I had to get them all on the same level to talk with each other.
Your router should keep out most traffic hammerinag at your location, though port forwarding to any box (computer) can be an issue.
I don't use 'Virtual Machines'. Except on the odd occasion I need to run something in the virtual XP environment that Windows 7 let's me have.
And I have a lone Windows 11 tower I put together for primarily for some programs that absolutely would not run on Windows 7 or 8 (I don't have an 8-machine) or Linux. But it has been a tough project to get it stable. It was a couple of months to figure out why the nvidia gpu driver was being disabled at every system-start, resulting in only one monitor working. That was solved by simply changing which Ryzen chip I was using. Go figure.
Good luck. I feel your pain.
|
|
|
|
|
Steve I am curious why you are using the ClamWin
ClamWin isn't the best antivirus program out there. In fact, it will be ludicrous for anyone to rate it as the best free antivirus program available to users. However, ClamWin is an effective tool for scanning your device for viruses hourly, daily, and even weekly.Feb 9, 2022
The above was a review of ClamWin
I have been running Windows 7 Pro with Firefox and ProtonMail lso Microsoft Security Essentials
My biggest fear is downloading PDF files and watching YouTube videos
Sooner or later I fear I will need to move to Windows 10
I have survived the Windows Me debacle so Windows 11 seems like a ploy to make me buy a new computer
FWW the box I have is a Dell Precision T7600 32 gig RAM 4GB Nvidia I use Cloudflair 1.1.1.1
my ISP is crap Frontier Communication only ISP available where I live Thought about StarLink but $$$
|
|
|
|
|
The box that is running ClamWin is an HP Compaq 6005 SFF.
I've been on Frontier and feel your pain. The only thing more painful is Comcast.
I don't trust 'security' products made by Microsoft.
I went with ClamWin when I spun up this particular Win7 box because the then-current Avast-free refused to install on it for some undetermined reason. So it was either ClamWin or nothing. That particular box isn't doing anything critical: it is simply my caller-ID display and logger for the call logs I've been collecting for the past 15-20 years when I had to start screen robocalls and other spam calls.
I'm open to ideas about an anti-virus solution myself. Many products have soured me to the point I no longer consider them.
|
|
|
|
|
@steve,
Microsoft security:Quote: I don't trust 'security' products made by Microsoft. I understand that. Microsoft was not always that way. Would you please supply a list of Windows 7 updates and service packs that you use? Maybe use with modifications?
ClamWin: I was reading on their site, Quote: Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware.
For Windows 7, as you use ClamWin, having to manually scan each file seems time consuming. I use malwarebytes and just tell it to scan all drives on its own, and it does it. Please explain how one at a time is better for you, if it really is one at a time.
BIOS vs UEFI:
Staying with Windows 7, not going off topic; Did you install Windows 7 via BIOS or via UEFI? Whichever you did, how do you see this choice affecting your anti-WannaCry barrier(s)?
|
|
|
|
|
|
Hi yourself! Welcome to the site.
Tell us a little about yourself if you want to, or just have a look around and see what interests you.
This area is for "chatty stuff", but you'll find articles on software development via the menu at the top of the page, and area for you to ask tech questions (or to help others by answering them) up there as well.
Just remember we don't like spam, plagiarism, or abuse and we'll all get alone fine!
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Hi, and welcome.
>64
Some days the dragon wins. Suck it up.
|
|
|
|
|
Hello. This is an awesome site, stocked full of amazingly technically informed individuals. Use the resources as needed and don't be afraid to post questions or comments.
|
|
|
|
|
I'm an engineer. I like my data ORGANIZED. It used to be I could go out to usenet and talk with really smart people and get stuff done - even Microsoft tech.
Then companies realized we want to be able to control all that - and the Microsoft forums were born. But that was okay because the topics and data were still ORGANIZED.
The companies realized allowing google to cypher their data was bad, and google or any other search tools no longer delved into the microsoft forums. But it was okay - it was still ORGANIZED.
Then Microsoft created learn.microsoft.com where it's all one amorphous blob. Or maybe it's just me, but I think not. For me to learn how to use this abortion, I give you this: Microsoft Q&A Articles | Microsoft Learn[^]
I dare you to click. And if I want to ask a question? Well instead of being organized by topic, we get to use random tags, etc.
But maybe it's just me.
Charlie Gilley
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Has never been more appropriate.
|
|
|
|
|
All of that is now obsolete and is being replaced by ChatGPT in short order.
*hides*
To err is human. Fortune favors the monsters.
|
|
|
|
|
ditto
"A little time, a little trouble, your better day"
Badfinger
|
|
|
|
|
Worse - Bing assisted by ChatGPT!
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Ah yes more stupid answers.
Charlie Gilley
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Has never been more appropriate.
|
|
|
|
|
I agree. Every time Microsoft "reorganizes" their support sites entropy increases. I remember being able to quickly find what I was looking for. Now it's just a mass of spaghetti.
|
|
|
|
|
The fact that 'Profile and reputation' comes before 'Asking and answering questions' tells it all...
The site is full of code samples that not even compile, a bunch that barely touch the surface of the object, or just simply does not related to the subject...
Nowadays it is next to impossible to find good documentation on new and developing technologies of MS... It reminds me the days when we learned by reading others - mostly assembly - code...
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid." ― Albert Einstein
|
|
|
|
|
It's not just you. Microsoft's so-called documentation is starting to resemble the late, unlamented, Novell's documentation.
This may be deliberate. Has Microsoft opened a consulting subsidiary?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Not exactly, but if you pay good money to became a MS partner you can get a better support... On phone, and emails and meetings...
It is most annoying, and takes more time to actually get results...
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid." ― Albert Einstein
|
|
|
|
|
Ah, but on the plus side...
I have a business O365 account with a client. Every day, MS sends me a "digest mail" telling me the contents of any email I sent recently. Very handy in case I sent any email in my sleep, that I am unaware of. Or have forgotten. I think it is limited to in house (as opposed to outhouse) emails. I rarely use the account so am not sure. I do use it to have the NVR software send me surveillance camera alerts, with photo, created by Chris's AI software. Very few misses or false alerts. And it is using <gasp> Python.
>64
Some days the dragon wins. Suck it up.
|
|
|
|
|
well, I feel a little better now.
The latest trend for Microsoft is to remove links to support items for older products. I still run VS2008 for "smart device" development. On occasion, I need to rebuild a VM or some other developer wants to wander into the code base. To get VS2008 to do the work, you need 2008, SP1 and a patch to fix SP1 .
All long gone from Microsoft's site, but I still have them. Just sent a link to a guy suffering ...
speaking of old stuff - anyone here with a usenet account? I'm curious if usenet still hosts the old MS development groups.
Charlie Gilley
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Has never been more appropriate.
|
|
|
|
|
I've looked through my list of usenet groups, but I could find only these two that have posts and might be of slight interest (the numbers are the number of posts on eternal-september).
alt.comp.microsoft.windows 939
alt.windows7.general 5568
I didn't see any MS development groups.
--
Dave W
|
|
|
|
|
charlieg wrote: I still run VS2008 So do we. We have several products and tools still maintained using VS2008. Our 'new' product development uses VS2019, and will probably move to VS2022 this year.
When you've got products with a 20+ year life span and a very busy dev team, you don't change tools unnecessarily.
Software Zen: delete this;
|
|
|
|
|
I totally agree. The Microsoft help files are abysmal. Not only poorly organized, but most often incomprehensible.
Ed
|
|
|
|