I think it's bad advice to inform people to install and run multiple, particularly shareware and freeware apps that offer people a false sense of security leaving them feeling like they are completely bullet proof to the world.
Shareware, even freeware software are great things, don't get me wrong, I'm old school and a long firm believer in people helping others not for the sake of sheer profit, but to just help for the sake of helping. So don't get me wrong and take me as if I'm saying all other options are total garbage and should not be considered. Instead I was however answering this persons actual question in what is best for them, in the hopes they would research this further on their own to find a solid answer as opposed to just what someone has told them.
Budfred, no offense, I'm sure your a great person, obviously you are, your here doing what you can to help who you can as a volunteer. I applaud that effort of you. Sorry, I've been picking through this Forum and reading as much of the non repetative and senseless questions as possible just to get a feel for what's going on around here and what this web site is all about. Your reply to me comes across as strongly defensive and I'll take that as you'r feeling I've condemed active advice you've and probably this web site has offered to people and my own suggestion here seems to be contradictive of that very advice.
I assure you that was not my intent to downplay anyone here's advice, but instead to offer what I feel to be better advice raising the level of quality information and knowledge here in doing so, for both you and your members.
Am I new here? Obviously, am I new to the material being discussed here though? Not at all, trust me, I've been around and known under my pre retired and now different user name for many years longer than this web site has even been in existance. I've actively competed on the winning teams in the capture the flag competitions at every single DEFCON held in Vegas except the very first DEFCON and the last, due only to circumstances beyond my control. In three of those years, I even competed there with team IMMUNIX and our team took 2nd place each time under the very user name I'm now here with despite this name being my alter ego and since retirement username I sometimes use.
No I haven't been at this web site before but I have been dealing with computer security longer than probably a majority of the people who read here have even been alive. I've never even heard of this website before, sorry, I've had little interest in researching the after effects people are left dealing with from an attack and have instead spent my time in the study of such attacks and annoyances as they were being developed and working as a white hat hacker in the development of counter prevention befor they even took place and got unleashed upon the world from the script kiddie attackers. Like you, I've been adavant since day one in doing so 100% for the good of mankind and absolutely not at any level for the sake of profit.
Do I want to join your "boot camp"? No sorry that's not for me, I don't wish to use even my retired user name as a promoter of this web site because, mainly that's not me or how I work, and also I don't believe in the over all message being sent to people here, that being you can install program A, or program B, or Program A and B but don't conflict with program C and the worries of the world will be fixed for you. Again, I respect the heck out of what all of you are doing for the best interest of the world here, but I disagree with the base or core of your methods in doing so by convencing people that there is a software fix for everything. Beyond that, I've already spent my years working hard in the trenches, I'm retired now, I have a legacy of followers who still come to me for help that I'm weeding out through further education daily.
Myself working here as an "official" helper wouldn't work, sorry, I get too annoyed too easy at extreme ignorance and I would not be what you all would consider a good representative of this fine web site. If it would make you feel better feel free to email me your "test" which I'll answer the questions I'm sure your looking for as well as add why I disagree with the answers your obviously looking for and what I feel the correct answer should actually be.
Enough of my response though to your personal or our personal indifferences or what ever is going on here, basicly all any of that amounts to is Dxxx sizing. A little advice though, don't make comments like that because all it will amount to is chasing off otherwise good help. If you want to publicly disagree with what I've said then do so, show what you have to conflict with what I've posted. Do not just imply though that I'm off on an ignorant rant with what I've suggested as sound advice based only on my number of posts submitted here.
For your only point of actual argument you state the advice I've given is only good for, and I'll quote you... "intended for large server arrays and not home use as well... The issues are different for home systems versus large business networks..."
Again, no personal offense in what I'm about to say, but that has got to be the most ignorant thing I've ever heard anybody say who claims themselves to be in a position of absolute advice.
Allow me to only argue this single point, who actually needs any hardened level of protection to begin with? The basic AOLer who doesn't want the evil hacker to read his "LOL" messages in a chat conversation -or- your majority home user who may use his work laptop at home, thus needing extended security for the sake of the company at home. The majority and basic these days home user who does everything online from paying their bills, to banking, to stock market exchanges to sharing their own business ideas and future planning online from their home based computer?
Are you honestly in your seemingly infinate wisdom going to tell me these people should rely on shareware and freeware software, or garbage like Norton, McAffee, Panda, etc... antivirus software to confidently secure their data and information?
Please, do your homework on such matters, software based anything running on the local machine is the absolute easiest means of "protection" to defeat. In the real security world it's considered a joke, not even as you put it "an added layer of defense".
To imply a $400 - $1400 hardware firewall or security appliance is only intended for extreme situations like "larger server arrays" and "not home use" is completely assnine. The modern internet connected home is being run as a small business these days where bill paying, purchasing, and banking is all being done on that home system, be it a single computer or a small LAN where various members within the household each have their own computers. Such small networks are the exact ones who are at the highest level of risk because they aren't running a "not home use" as you put it firewall. Instead they have dad and mom trying to do their online banking on their computer while Jr is in his bedroom on the same LAN trying to install every single P2P app he can find so he can download a pirated version of every mp3, dvd, or commercial application he runs across.
How tell me please is your software based on the single computer protection preventing a family networkwide disaster from taking place? Brilliant, install anti everything on Jr's computer so dad can feel safe doing his online banking and what does Jr do? He turns it all off so he can download his pirated Korn mp3 from a P2P network.
Please, where have you been shopping for your hardware firewalls at, Home Depot? A modern hardware firewall will do everything in real time without delays directly within the appliance that all of your localy installed software suggestions can do, and then some, also all without causing any system resource hogging and intensive applications to be running on the local machine. I'm very specificly not talking about the $59 POS Linksys or simular router "with built in firewall" you can buy for under $100 and claims to offer you a level of security which I assure you all offers you nothing beyond basic script kiddie protection, if even that.
If your going to give a person asking for sound and good advice, then give them exactly that, sound and good advice. The poster didn't ask "how can I keep myself from becoming just a low hanging piece of fruit", he has since edited his post, but the original post asked clearly what the experts thought was best for absolute protection.
If your answer included a software based anything for "absolute best protection" then do the world a favor and take your name off the list of those offering "expert" advice.
In defense of what I'm arguing against you "experts", not the almighty "HJT" log files presented here. People are in a constant flow here coming in with problems they are having. I don't see a single example where they haven't already installed and are running one or more of your suggested solution softwares and yet despite that they are still here showing their log files and having issues. Please, prove me wrong and point out a single person who has ever posted here having a problem while running a good quality hardware based firewall. I haven't found a single one in all my searches on your web site, plenty of people though having issues while running all your "suggested software" though, go figure Mr expert.
You've re-edited your initial post to be more specific, based I'm guessing mainly on my reply to you and your not liking the idea of spending $1400 + or - dollars on a good quality hardware firewall system or appliance. Further review and thought of your edit leads me to believe you'd like absolute protection with the expense of zero to $1 spent in obtaining that goal.
Your in luck, I can offer you sound advice that will cost you zero dollars and the best part is you won't need any of those garbage software based apps you list to obtain your objective.
Understanding now the less wise amongst us and self claimed experts may attempt to downplay my solid advice to you, I'll start first with a story explaining the hows and whys. Like my former advice to you, I'd like to see the self proclaimed "experts" argue with facts as to what is actually wrong with my advice as opposed to just claiming it to be false with no supporting arguments behind their own claims.
I'll start this story with first explaining to you what "DEFCON" is, it basicly amounts to being the ultimate hacker show off competition in the world, where the absolute best and highly known hackers in the world come together in direct competiton against each other every year in a competition known as "capture the flag". See www.defcon.org
You refined your question to imply, no offense intended, want the absolute best in no brainer no cost security. I have an answer for you and it's where my implications of DEFCON come into play.
I think it was maybe DEFCON 8 where during the capture the flag competiton there seemed to be this one server a guy was running that no matter what the best of us did, not a single one of us could figure out a way to crack it and defeat his securioty attempts. Prior to and even after this, there has yet to ever be a single system that was truly "bullet proof". This guys system however was actually so bullet proof that after it was learned what he actually did it was listed in the rules as being illegal after that because there was truly no way to possibly ever hack his system. Not much of a point in having a hacker competition where no one could ever hack anything.
Here's what he did, he made a CD image of the operating system and booted the server to that image. The entire server was running off memory and that read only CD. What we then learned was, you could be the best hacker in the world, but you can't over write code written on a read only CD that the computer is actually running on.
A great security idea transpired from that day even though this method was quickly written as being unfair and cheating in the hacker community. Something now known as "Knoppix" transpired from it in one way or another.
If you seek absolute security, like at a level that no matter what you can toss at it will absolutely 100% NOT penetrate it.
If you seek security that will cost you absolutely nothing, not as shareware or freeware but simply just as Open Source Software.
If you seek security that has an absolute zero needed learning curve in order to configure or use it.
If you seek the absolute most solid proven protection that no matter what someone tosses at you even if they are the best of the best gas to offer.
If you want to surf the internet and be truly 100% bullet proof, able to click on what ever where ever you want to click on and have no fears, then there is a solution for you that 100% works in achieving this.
It involves installing no software and spending no money.
You have two real options, run this or leave your computer unplugged from the wall outlet for this level of absolute security at any price or effort.
Here's the link...http://www.knoppix.org/
Download the ISO file, burn it to a CD and set your system BIOS to first boot to CD instead of the Hard Drive.
Surf the internet with no fears or cares, do everything you have always wanted to do on the internet but were afraid to before this. Should you somehow run into something nasty that infects you, all you need to do is reboot again back to the read only CD and it's fixed. The absolute best hacker or virus writter can not over ride a read only CD your system is running off no matter what.
Pull the Hard Drive out of your computer if you want to, all you need is the read only CD to do everything. You can boot your computer with the cables to your hard drive unplugged and all your data 100% SAFE!
You don't have to spend weeks learning how to use Linux, though you get the chance to experience what it's like running a UNIX type based Operating System with absolutely no risk to anything on your current Hard Drive. If you want to further study how the knoppix system works all the info is there and you can easily custom configure the CD image to do what ever you want it to do, with zero limitations.
Check it out, it is truly though the absolute in security, you can't pay 1 million dollars for anything that will make you more secure on the internet and the best part is it's 100% free, all while being able to do what ever you want and then some.
There's nothing else you could buy or install at any price that could even come close to offering you this same level of true 100% safety and security.