Very nice overview and expanation! Was a great read and even learned a few things.

I did notice that you did not mention CentOS as a distro, i have some erperience with this distro but wanted to know the opinion of fellow board members.

+1 Cookie

Hey Corrupted_Fear,

Nice post, think you summed it up nicely. But like i said before this post wasn't intended to be a comparison between Linux And Windows, simply because i never made a single comparison. Just some information intended for people to up there security a little bit.

I don't mind people posting comparisions here tho, but this mostly ends in a flaming war.

Thanks for posting.

Hey Pat_Track,

Windows has indeed a strong portion of the market and made it user friendly, that does not mean that it is only for stupid people. If you like command-line then you can use powershell, it can perform ANY task you can achieve by clicking and even more.

Technology is moving fast, and you can do things in 2014 on a desktop that people where only dreaming of in 2000. This does not mean that people aren't intellegent, there interest just isn't  in IT, because everyone has there own field of expertise. They use computer for the basics, so why would they need to understand the technical aspects of the OS? Would mean a lot less IT jobs if they could do everything thereself.

Hey ThePH30N1X

Ubuntu desktop is better in so many more ways than Windows

In what way is this so better then Windows?

Windows server seems very pathetic.

Based on what exactly? Very bold statement to make without any arguments

Hey Nrael,

Nobody would install Windows? So nobody is going to play ANY local install games? Please don't come with Wine or other Windows emulation software because 80% of the games won't run on it.

There is so much software out there for Windows where there are no Linux version or counter parts for it, what would make people still run under Windows.

The Ubuntu interface is completely different then Windows or Mac, one of the worse things about Ubuntu (out of the box) is that it searches online (amazon) when you use the 'local' search field.

Ofcourse the avarage person needs to troubleshoot network, what if he installs a application that requires internet access and the firewall is blocking it? This is just one example that comes to mind.

Again this post was not mend to Compare Windows -> Linux it's comparing Apples and Oranges because everything is different. This was an attempt to show people that with proper knowledge Windows can be very secure, because the majority of people ARE running Windows and will propably never switch.

If Linux was this simple and supported as you portait it, manufacturers would offer a pre-installed version as well. But it isnt for the average person, so instead of forceing people to Linux i wanted to outline security on Windows.

But ofcourse this was a stupid attempt because people here are mindsetted on Linux and 'defending' it in every way possible, even if the post isn't attacking Linux in any way.

Hi everyone,

I wanted to write a topic on Windows since a lot of people are simply bashing it into the ground. Tho Linux is a great OS for people
that know what there doing, for an average person it is not really a user friendly OS. Everyone here has friends and family that run Windows,
this is something we simply can't change because if you switch them to a Linux distro they will be calling you every day with questions!

So most people here are hackers, or wanting to learn about hacking for various reasons. Wether you are a white, grey or blackhat hacker you want
to help your friends and family to be as safe as possible right? This means that you need to know a bit more about Windows, many here probably do.
But i know there are a lot of people out there who think they know about Windows, but misses some key features to secure and properly run Windows.

I'm going to explain what people can do to get Windows more secure, if you already know this (if you are MCSA Win7/8 or MCSE 2012) then this topic
isn't for you. If you like to read go right ahead ofcourse ;-)

[Operating System versions]
Microsoft Windows has many versions that are (still) being used. There are a lot of companies and organizations out there who run a mix of different
versions in there enterprise. Some reasons are: legacy software, hardware requirements, older versions of server OS's, etc. While most of these 'reasons'
can be overcome companies and organizations hold back mostly because of costs.

Here is a list of versions that are commonly used today.

Workstations OS
- Windows 2000 Professional (no longer recieving updates from Microsoft)
- Windows XP (no longer recieving updates from Microsoft)
- Windows Vista
- Windows 7
- Windows 8/8.1

Server OS
- Windows 2000 Server
- Windws 2003 Server
- Windows 2008 Server
- Windows 2011 Small Business Server
- Windows 2012 Server

Right now i only want to focus on Windows 7 and 8/8.1, since NOBODY should run Windows XP anymore as a workstation OS! I don't have to explain
why because you know most here are hackers and know this already :-D. And well Windows Vista isn't really a recommendation because of it's many flauws

[Windows 7 and Windows 8.1]
Windows 7 is a great improvement on Windows XP and Vista, key feature that where introduced in Vista are upgraded and improved. Most companies and
organizations are making the transition from Windows XP/Vista to Windows 7, because right now this is the 'safest' option. By safest option i mean that
many companies and organizations are allready running on Windows 7, so this is a proven concept and Windows 8.1 isn't just yet. Alltho Windows 7 is a
good option, i recommend Windows 8.1 because it has a couple of benifits. I will explain these below.

[Windows 8.1 Overview]
There are many new features that come with Windows 8.1, these features can improve the experience users have with the OS. These can be cosmetic, security
or performance. While most people 'hate' Windows 8.1 because of the new 'interface' this can totally be changed to the Windows 7 style interface.
The taskmanager is totally revamped, you can now get a pretty nice in-depth view of runninng applications, services, and performance!

Here is a small list of features and improvements.
- Revamped Taskmanager
- Greatly improved performance (overall)
- Ability to 'mount' iso's by dubbleclicking (without 3rd party software)
- greatly improved LGP (Local Group Policies)
- great intergration with VPN services (intergration of Juniper components)
- Greatly improved Windows Defender

Most people would say "Great that it's improved but it's still arround $ 120,- for the basic version of Windows 8.1". While this is true Microsoft changed
a key element in Windows 8.1, From Windows 7 and up there is something called rearm. Rearm is basicly a re-activation of Windows, in Windows 7 and 8.1
the rearm count was 3. That means that you could only rearm Windows 3 times before doing a fresh installation! This ofcourse was a problem for technicians
because we sysprep a image that just recieved the latest updates so it can be re-deployed.

Because of this issue Microsoft decided to up the count to 999 times, now you might ask "Well this is great for technicians, but how does it help me?".
This will help you greatly because there are KMS tools out there that can reactivatie you Windows with the 180 day key. And the best part is, you are not
doing anything iligal!

To do a quick math.
You have a 180 day key, and you have 999 times to re-activate your Windows 8.1. To be safe you make a task that runs every 175 days to reactivate.
(175 * 999) / 365 = 478 years!

[Security]
Security is always a big issue, specially when you run the most common OS versions out there. You want to be secure and safe, or atleast help your friends
and family be secure and safe as much as possible. We all know that 100% safe is impossible, and probably will allways be impossible. Programs and yes
even an OS is a program is still written by humans, so there will always be mistakes. There are several ways to make Windows 8.1 more secure.

General
Always run your OS as a normal user! This is great advice for any OS, wether is tis Windows, OS X or Linux. Linux used 'sudo' to give you temporary
administrative rights (if setup correctly!), in Windows this is done using UAC or User Account Control. This means that you can run certain things as
another user, with administrative rights while logged in as a normal user.

NOTE: If you 'disabled' the administrator account (or any other account with administrative rights) you cannot run as Administrator or with administrative rights!

Firewall
Windows 7 and Windows 8.1 have a new feature called "Windows Advanced Firewall" this is a great improvement to the old Windows XP built-in firewall.
You can make rules and be very specific to what you allow or block going in or out with advanced firewall. Best practice is to delete every rule inbound
and outbound and manually add the rules of ports, applications and/or services you want to allow. Advanced firewall can be set that everything is blocked
except the rules you made. Once you have the basic and most common rules setup you can export these and use on other systems!

Anti-virus and Anti-malware
Windows defender is a great tool and comes free with Windows versions, but i won't do everything you want. So i advise to use a third party anti-virus
software package, there are several 'good' ones out there. My favorite is ESET Nod32 or ESET Smart security (nod32 with firewall), it can scan your e-mails,
detect active intrusions, help you with trusted sites and live protection. Eset nod 32 costs around $ 35,- a year so it isnt that expensive.

Encryption
As of Windows 7 Microsoft built-in a new feature called bitlocker, this truely is a great feature and makes for a great incryption of your drives.
It has several specific options for DATA drives and OS Drives, if used on a OS drive and your hardware has a supported TPM chip you can set different
boot options. Either boot with USB stick, boot using a PIN or normal boot. Once the drive is incrypted tools can nolonger access files like SAM to
exctract or change passwords, even when you boot into 'Safe Mode' you will need the encryption key! So securing you data just became much more easy to do.

NFTS Rights.
In order to protect your data and make sure that malware and other hacks can't easely change or alter key Windows files, you can set NTFS rights for different
users, user groups and limit access very specific. For example: you can give full rights to yourself on Documents, but limit it on every folder that is in
Documents. This can be very usefull if you need to write files in the folder, but want all other sub folders and files to be untouched.

Local Group Policy
In order to make Windows even more secure, there is something called Local Group Policy with over 2000 settings! Here you can force rules that take effect on
two different levels. You have Computer policies and User policies, things like bitlocker settings, firewall rules, etc take place in the Computer policies,
while Limitations of Control Panel items, prohibit regedit from running etc. is done using User policies. Local Group Policies is a great way of securing your
Windows even more by preventing a lot of things.

[Software]
To make Windows 8.1 look and feel like Windows 7 you only need one tool, and that tool is to make the Start Menu come back like Windows 7. My favorite and free
tool is Classic Shell, this tool supports updates and is extemely customizable! Other settings to make it look like Windows 8.1 can be set at Start Menu properties.
Ofcrouse other recommended software packages are Firefox with No Script (not ideal for avarage users), Ghostery and Adblock Plus, VLC player Abobe Flash and Reader.

This concludes my overview of Windows as an OS, this is not a way to "force" Windows onto anyone tho, it's just to outline some features and ways to secure Windows
and make it a bit safer for users to use. Like i said before, there could be things here you already know.

If there are any questions or remarks, please post them.