Jump to content


Photo

Ideal no. of programs to get to fully protect us from virus/worm/trojan/etc


  • Please log in to reply
15 replies to this topic

#1 joms

joms

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 23 July 2006 - 10:26 PM

My comp:
AMD 2400+ XP
2GB RAM
200GB HD
Win XP SP2
Fast DSL connection


Concern:

Given that my computer is all cleaned up from viruses/etc, i have been thinking of a good set of programs that would protect my PC from being taken over again. I know that there is not one best program and things have their own advantages and such but sometimes, people dont have time to test and try each and every program that comes by thereby they rely on those that are more educated in the field.

With this in mind, i would like to request for your comments on the following programs i have decided to protect my computer. Kindly tell me if yout hink i would benefit in dropping one from the list and getting an alternative.

1) Kaspersky 6 - I still dont know if i should get the Anti-Virus or the Internet Security. I dont really want to dwell too much on the technicalities but can someone say in a brief manner if the added cost of the internet suite is justifiable or would you rather spend the $$$ in an alternative program?

2) Ad-Aware - Im not sure if this is better than PestPatrol/SpySweeper/Spyware Doctor but from the limited forum posts ive read, this came up more than the others... If im getting this, should i get the SE? PRO? etc? By the way, is this program free? In some forums it says its free. Ive downloaded and installed it and used it but why is it indicated in the site that i can purchase it at $ xx ? What benefits are there from purchasing it?

3) SpywareBlaster - read its good and its free

4) SpywareGuard - read its good and its free

5) IE/Spyad - free

6) Im also thinking of using Firefox instead of IE. Would you think IE+Spyad would be better than Firefox? or should i forget Spyad and just get Firefox?

Edited by joms, 23 July 2006 - 10:41 PM.


#2 joms

joms

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 31 July 2006 - 10:45 PM

anyone? im also considering gettintg Ewido. I can run Ewisdo/Kaspersky/Adaware Pro/etc all at the same time right?

or do i have to choose 1 only? I want to be protected from virus / worms / trojan / hacking / etc. Please suggest me a complete program menu to fully protect my ssytem. thanks

#3 joms

joms

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 31 July 2006 - 11:28 PM

Ive heard that we need to have at least 1 AV program, 3x anti spyware program, 1x anti trojan program ... etc to protect us fully. Can someone help me here.

Im not sure if what programs protects what but if i get the following programs below, would i be generally considered safe already (i know that theres no such thing as perfectly safe but what i mean is in "general")

List of programs im considering to get:

a) Kasperspy 6 AV
b) Ewido Anti-Spyware
c) Adaware SE Plus
d) Microsoft Anti-Spyware Beta
e) SpywareBlaster
f) SpywareGuard
g) Winpatrol
h) Spybot Search and Destroy

and i will be using FireFox.

Do i still need a firewall? whats a good one? Zone alarm?
Are any of the above programs redundant? or would conflict with another program listed above? Is the list above good enough or do i need more programs to protect me from : Viruses / worms / spyware / trojans / ETC.

* Note: i only use YAHOO MAIL so i think i dont need any spam filter program.

Edited by joms, 01 August 2006 - 12:36 AM.


#4 Swandog46

Swandog46

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 10,190 posts

Posted 01 August 2006 - 08:09 AM

Start by reading this:

http://forums.spywar...showtopic=60955

#5 esoterica

esoterica

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 02 August 2006 - 12:35 AM

I see people with this same type of request poping up daily all over the internet. The outcome is always the same, 100's of clueless people telling you all this garbage software they run and recomend because they read it was good from some other clueless person out there.

Don't install any of it on your computer, how's that for an answer?

Instead, just invest in a good quality HARDWARE Firewall and enjoy your computer booting, running and loading as fast as it was initialy designed to without all that garbage software cluttering things up and stealing more system resources than even the worse virus you could possibly infected with would rob from you.

There are alot of good quality Hardware Firewalls available out there and many you'll find to adapt to what ever price range you can afford or consider your security to be worth. I currently happen to be using one known as a Sidewinder G2, not because I thought it to be the best one out there, but because I got an insanely good deal on it from someone who was selling it.

http://www.securecom...ex.cfm?skey=232

The basic version of this will offer you more protection than you'd likely ever need at about the same cost of a new laptop, but it will protect your entire internal network with just the one device and not require you to install a bunch of cheaply written, overpriced garbage software on your computer.

Shop around and research these on your own as a solution to what your asking and you'll find a good one that offers you the levels of protection your after in a price range you can afford.

#6 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,526 posts

Posted 02 August 2006 - 05:41 AM

Please note that the member esoterica has no standing at SWI or anywhere else that I am aware of as an expert and that his/her advice needs to be taken in that light... To rely on a hardware firewall as your sole form of protection would be an extremely bad idea and we do not recommend it... To include it in an array of protection makes sense... The type that he/she is advocating is intended for large server arrays and not home use as well... The issues are different for home systems versus large business networks...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#7 Swandog46

Swandog46

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 10,190 posts

Posted 02 August 2006 - 11:32 AM

You think a hardware firewall will protect you from malicious code run on the local machine?

#8 hornet777

hornet777

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 607 posts

Posted 02 August 2006 - 05:17 PM

respectfully esoterica, what makes your recommendation any less clueless than the others you disparage? Your points are well-taken, but this is from someone who has some amount of technical savvy and experience; to a non-technical user -- particularly one who is taking an interest, and just starting out -- isn't your post more likely to confuse than enlighten?
After all is invested in correctness, then how does it stand with truth?

#9 esoterica

esoterica

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 03 August 2006 - 01:36 AM

I think it's bad advice to inform people to install and run multiple, particularly shareware and freeware apps that offer people a false sense of security leaving them feeling like they are completely bullet proof to the world.

Shareware, even freeware software are great things, don't get me wrong, I'm old school and a long firm believer in people helping others not for the sake of sheer profit, but to just help for the sake of helping. So don't get me wrong and take me as if I'm saying all other options are total garbage and should not be considered. Instead I was however answering this persons actual question in what is best for them, in the hopes they would research this further on their own to find a solid answer as opposed to just what someone has told them.

Budfred, no offense, I'm sure your a great person, obviously you are, your here doing what you can to help who you can as a volunteer. I applaud that effort of you. Sorry, I've been picking through this Forum and reading as much of the non repetative and senseless questions as possible just to get a feel for what's going on around here and what this web site is all about. Your reply to me comes across as strongly defensive and I'll take that as you'r feeling I've condemed active advice you've and probably this web site has offered to people and my own suggestion here seems to be contradictive of that very advice.

I assure you that was not my intent to downplay anyone here's advice, but instead to offer what I feel to be better advice raising the level of quality information and knowledge here in doing so, for both you and your members.

Am I new here? Obviously, am I new to the material being discussed here though? Not at all, trust me, I've been around and known under my pre retired and now different user name for many years longer than this web site has even been in existance. I've actively competed on the winning teams in the capture the flag competitions at every single DEFCON held in Vegas except the very first DEFCON and the last, due only to circumstances beyond my control. In three of those years, I even competed there with team IMMUNIX and our team took 2nd place each time under the very user name I'm now here with despite this name being my alter ego and since retirement username I sometimes use.

No I haven't been at this web site before but I have been dealing with computer security longer than probably a majority of the people who read here have even been alive. I've never even heard of this website before, sorry, I've had little interest in researching the after effects people are left dealing with from an attack and have instead spent my time in the study of such attacks and annoyances as they were being developed and working as a white hat hacker in the development of counter prevention befor they even took place and got unleashed upon the world from the script kiddie attackers. Like you, I've been adavant since day one in doing so 100% for the good of mankind and absolutely not at any level for the sake of profit.

Do I want to join your "boot camp"? No sorry that's not for me, I don't wish to use even my retired user name as a promoter of this web site because, mainly that's not me or how I work, and also I don't believe in the over all message being sent to people here, that being you can install program A, or program B, or Program A and B but don't conflict with program C and the worries of the world will be fixed for you. Again, I respect the heck out of what all of you are doing for the best interest of the world here, but I disagree with the base or core of your methods in doing so by convencing people that there is a software fix for everything. Beyond that, I've already spent my years working hard in the trenches, I'm retired now, I have a legacy of followers who still come to me for help that I'm weeding out through further education daily.

Myself working here as an "official" helper wouldn't work, sorry, I get too annoyed too easy at extreme ignorance and I would not be what you all would consider a good representative of this fine web site. If it would make you feel better feel free to email me your "test" which I'll answer the questions I'm sure your looking for as well as add why I disagree with the answers your obviously looking for and what I feel the correct answer should actually be.

Enough of my response though to your personal or our personal indifferences or what ever is going on here, basicly all any of that amounts to is Dxxx sizing. A little advice though, don't make comments like that because all it will amount to is chasing off otherwise good help. If you want to publicly disagree with what I've said then do so, show what you have to conflict with what I've posted. Do not just imply though that I'm off on an ignorant rant with what I've suggested as sound advice based only on my number of posts submitted here.

For your only point of actual argument you state the advice I've given is only good for, and I'll quote you... "intended for large server arrays and not home use as well... The issues are different for home systems versus large business networks..."

Again, no personal offense in what I'm about to say, but that has got to be the most ignorant thing I've ever heard anybody say who claims themselves to be in a position of absolute advice.

Allow me to only argue this single point, who actually needs any hardened level of protection to begin with? The basic AOLer who doesn't want the evil hacker to read his "LOL" messages in a chat conversation -or- your majority home user who may use his work laptop at home, thus needing extended security for the sake of the company at home. The majority and basic these days home user who does everything online from paying their bills, to banking, to stock market exchanges to sharing their own business ideas and future planning online from their home based computer?

Are you honestly in your seemingly infinate wisdom going to tell me these people should rely on shareware and freeware software, or garbage like Norton, McAffee, Panda, etc... antivirus software to confidently secure their data and information?

Please, do your homework on such matters, software based anything running on the local machine is the absolute easiest means of "protection" to defeat. In the real security world it's considered a joke, not even as you put it "an added layer of defense".

To imply a $400 - $1400 hardware firewall or security appliance is only intended for extreme situations like "larger server arrays" and "not home use" is completely assnine. The modern internet connected home is being run as a small business these days where bill paying, purchasing, and banking is all being done on that home system, be it a single computer or a small LAN where various members within the household each have their own computers. Such small networks are the exact ones who are at the highest level of risk because they aren't running a "not home use" as you put it firewall. Instead they have dad and mom trying to do their online banking on their computer while Jr is in his bedroom on the same LAN trying to install every single P2P app he can find so he can download a pirated version of every mp3, dvd, or commercial application he runs across.

How tell me please is your software based on the single computer protection preventing a family networkwide disaster from taking place? Brilliant, install anti everything on Jr's computer so dad can feel safe doing his online banking and what does Jr do? He turns it all off so he can download his pirated Korn mp3 from a P2P network.

Swandog46,
Please, where have you been shopping for your hardware firewalls at, Home Depot? A modern hardware firewall will do everything in real time without delays directly within the appliance that all of your localy installed software suggestions can do, and then some, also all without causing any system resource hogging and intensive applications to be running on the local machine. I'm very specificly not talking about the $59 POS Linksys or simular router "with built in firewall" you can buy for under $100 and claims to offer you a level of security which I assure you all offers you nothing beyond basic script kiddie protection, if even that.

If your going to give a person asking for sound and good advice, then give them exactly that, sound and good advice. The poster didn't ask "how can I keep myself from becoming just a low hanging piece of fruit", he has since edited his post, but the original post asked clearly what the experts thought was best for absolute protection.

If your answer included a software based anything for "absolute best protection" then do the world a favor and take your name off the list of those offering "expert" advice.

In defense of what I'm arguing against you "experts", not the almighty "HJT" log files presented here. People are in a constant flow here coming in with problems they are having. I don't see a single example where they haven't already installed and are running one or more of your suggested solution softwares and yet despite that they are still here showing their log files and having issues. Please, prove me wrong and point out a single person who has ever posted here having a problem while running a good quality hardware based firewall. I haven't found a single one in all my searches on your web site, plenty of people though having issues while running all your "suggested software" though, go figure Mr expert.

joms,
You've re-edited your initial post to be more specific, based I'm guessing mainly on my reply to you and your not liking the idea of spending $1400 + or - dollars on a good quality hardware firewall system or appliance. Further review and thought of your edit leads me to believe you'd like absolute protection with the expense of zero to $1 spent in obtaining that goal.

Your in luck, I can offer you sound advice that will cost you zero dollars and the best part is you won't need any of those garbage software based apps you list to obtain your objective.

Understanding now the less wise amongst us and self claimed experts may attempt to downplay my solid advice to you, I'll start first with a story explaining the hows and whys. Like my former advice to you, I'd like to see the self proclaimed "experts" argue with facts as to what is actually wrong with my advice as opposed to just claiming it to be false with no supporting arguments behind their own claims.

I'll start this story with first explaining to you what "DEFCON" is, it basicly amounts to being the ultimate hacker show off competition in the world, where the absolute best and highly known hackers in the world come together in direct competiton against each other every year in a competition known as "capture the flag". See www.defcon.org

You refined your question to imply, no offense intended, want the absolute best in no brainer no cost security. I have an answer for you and it's where my implications of DEFCON come into play.

I think it was maybe DEFCON 8 where during the capture the flag competiton there seemed to be this one server a guy was running that no matter what the best of us did, not a single one of us could figure out a way to crack it and defeat his securioty attempts. Prior to and even after this, there has yet to ever be a single system that was truly "bullet proof". This guys system however was actually so bullet proof that after it was learned what he actually did it was listed in the rules as being illegal after that because there was truly no way to possibly ever hack his system. Not much of a point in having a hacker competition where no one could ever hack anything.

Here's what he did, he made a CD image of the operating system and booted the server to that image. The entire server was running off memory and that read only CD. What we then learned was, you could be the best hacker in the world, but you can't over write code written on a read only CD that the computer is actually running on.

A great security idea transpired from that day even though this method was quickly written as being unfair and cheating in the hacker community. Something now known as "Knoppix" transpired from it in one way or another.

If you seek absolute security, like at a level that no matter what you can toss at it will absolutely 100% NOT penetrate it.

If you seek security that will cost you absolutely nothing, not as shareware or freeware but simply just as Open Source Software.

If you seek security that has an absolute zero needed learning curve in order to configure or use it.

If you seek the absolute most solid proven protection that no matter what someone tosses at you even if they are the best of the best gas to offer.

If you want to surf the internet and be truly 100% bullet proof, able to click on what ever where ever you want to click on and have no fears, then there is a solution for you that 100% works in achieving this.

It involves installing no software and spending no money.

You have two real options, run this or leave your computer unplugged from the wall outlet for this level of absolute security at any price or effort.

Here's the link...

http://www.knoppix.org/

Download the ISO file, burn it to a CD and set your system BIOS to first boot to CD instead of the Hard Drive.

Surf the internet with no fears or cares, do everything you have always wanted to do on the internet but were afraid to before this. Should you somehow run into something nasty that infects you, all you need to do is reboot again back to the read only CD and it's fixed. The absolute best hacker or virus writter can not over ride a read only CD your system is running off no matter what.

Pull the Hard Drive out of your computer if you want to, all you need is the read only CD to do everything. You can boot your computer with the cables to your hard drive unplugged and all your data 100% SAFE!

You don't have to spend weeks learning how to use Linux, though you get the chance to experience what it's like running a UNIX type based Operating System with absolutely no risk to anything on your current Hard Drive. If you want to further study how the knoppix system works all the info is there and you can easily custom configure the CD image to do what ever you want it to do, with zero limitations.

Check it out, it is truly though the absolute in security, you can't pay 1 million dollars for anything that will make you more secure on the internet and the best part is it's 100% free, all while being able to do what ever you want and then some.

There's nothing else you could buy or install at any price that could even come close to offering you this same level of true 100% safety and security.

#10 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,526 posts

Posted 03 August 2006 - 05:47 AM

esoterica,

I don't care what credentials you claim to have... This forum does not accept disrespectful flaming responses from anyone... Please note this is your final warning and you will be removed from this forum if you make one more insulting comment to anyone... I lost count of how many insulting comments you had in this post... Please note that I did not ask you to join Boot Camp and I would frankly not want to ask someone who is so clearly aggressive and judgemental to join Boot Camp... If you wish to keep posting here as a member, I suggest you show a bit more respect to everyone...

By the way, saying you do not intend to be insulting and then calling someone ignorant or assinine is insulting...

Edit: I just saw the insults you posted in another topic and decided you have been warned enough... You are taking a little vacation from this forum... If you would like to be able to post in the future I suggest you maintain a more respectful approach next time... Since you obviously have no respect for anyone here, I can't imagine why you would want to post here though...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#11 Nancy McAleavey

Nancy McAleavey

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 275 posts

Posted 03 August 2006 - 06:38 AM

Ive heard that we need to have at least 1 AV program, 3x anti spyware program, 1x anti trojan program ... etc to protect us fully. Can someone help me here.

Im not sure if what programs protects what but if i get the following programs below, would i be generally considered safe already (i know that theres no such thing as perfectly safe but what i mean is in "general")


Yeow! You don't need that much, all that much will actually do is slow down your system and create possibilities of conflict.

All you need is a good AV, a good full spectrum antimalware to cover what your AV misses and a firewall (hardware firewall counts!). (If you use IE you may want to add secured cookie handling and browser manager like IEClean.) I have F-prot on demand, BOClean real-time and a hardware firewall (Netgear). I have an old Zone alarm but I only use it when I'm out, as I find its disruptions annoying, which wouldn't likely be an issue if I actually was stopping malware from connecting out on it. But it pays to be cautious in those situtations when away from home.

Your surfing habits, your email handling habits, the places you go and what you click on matter just as much as the software you use.

edit:typos

Edited by Nancy McAleavey, 03 August 2006 - 06:40 AM.

Ten years of Privacy and Protection
 

#12 Swandog46

Swandog46

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 10,190 posts

Posted 03 August 2006 - 11:15 AM

esoterica, I am not sure you understand what a firewall is. A firewall filters packets inbound/outbound from the internet according to certain rules. These rules might involve particular network protocols (TCP, UDP), ports targeted, IP ranges, whatever. The firewall approves or rejects the particular connection. The firewall basically becomes a device to make your computer "invisible" on the internet.

So-called "application level" firewalls, which I assume is what you are talking about, can filter by more sophisticated criteria including looking at the packet content itself and approving/denying the transmission depending on whether the packet is deemed "appropriate" --- safe, malicious, whatever.

However, if you are going to use a sophisticated firewall that claims to be able to recognize and reject packets based upon virus/malicious content, this firewall will need to be kept updated with signature-based scanning. How else will the firewall be able to determine what is and is not an "in-the-wild" virus that should be rejected? (and please, don't tell me it will be able to do this entirely by heuristics. It won't. No antivirus heuristics are that good yet, including the best corporate systems created by private vendors. Every detection system requires signatures too.)

This leads to an immediate problem: what happens when a virus is too new, and has not yet been added to signature detection? Suppose this virus is polymorphic and is not detected by heuristics. Antivirus vendors are adding new detections every single day, so don't tell me this doesn't happen, because it does.

Then your firewall will not filter every single potentially-malicious inbound packet.

So suppose this happens and a malicious piece of code gets to the local machine (the user downloads a malicious email attachment, whatever). Suppose it is executed. What does your hardware firewall do now? Suppose the malware is a backdoor trojan. The firewall might filter outbound traffic from the trojan to block the backdoor functionality. (that is easier to do by heuristics.) But that still won't prevent the malicious code from being active on the local machine and doing whatever else it wants to do (spawning popup ads, whatever). A firewall will not and cannot protect against that.

As a result, local protection software (first and foremost antivirus) is critical......

Does this clear things up?

#13 hornet777

hornet777

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 607 posts

Posted 03 August 2006 - 03:23 PM

seems to me that the issue was a computer user that wanted to educate him/herself about security practices; these days a rare bird one only encounters occasionally, and for that reason should be given priority, perhaps even over remediation (though I'm not standing firm on that). Nevertheless, and despite intentions stated otherwise, the "esoteric" response was entirely from the insiders' POV, with no clue about the attitudes faced by a non- or semi-technical user faces when just starting out. That is ordinarily ccalled "alienation" and is far more likely to scare off this rare bird than anything, although it probably does provide solace to an overheated ego that feels the need to throw its weight around.

I have said before that its about "practices", not "products" and I still stand behind that, but in the past few months, it has occurred to me that the focus of this is all wrong, since it completely overlooks the most important part: its not the machine (the computer); its the person operating it that needs to be taken into account before anything meaningful can be accomplished in our task together (fighting malware). The fact is that computers are just still too hard to use, and people aren't willing to make the investment in education, resources and time to do it. Who can blame them? Just a little thoughtfule reflection reveals its essential insanity....

Not a criticism, just my insight, FWIW. The relevance is that although eso claimed to take a 'bold, new approach' (to characterise it), it was just more of the same. When are humans going to start figuring into this? (to summarise) is my question. (Its meant for the industry, not just a segment of it).
After all is invested in correctness, then how does it stand with truth?

#14 TaoWine

TaoWine

    Member

  • Full Member
  • Pip
  • 13 posts

Posted 10 August 2006 - 08:52 PM

its the person operating it that needs to be taken into account before anything meaningful can be accomplished in our task together (fighting malware). The fact is that computers are just still too hard to use, and people aren't willing to make the investment in education, resources and time to do it. Who can blame them? Just a little thoughtfule reflection reveals its essential insanity....

Not a criticism, just my insight, FWIW.


hornet777, how true that statement is! Most people don't want to learn, they just want someone to fix it for them. I happen to like the comment from esoterica about http://www.knoppix.org/ I downloaded it to try it and it works great. What an awesome idea, especially for kids. I have Fedora on one of my computers and that's the one I let my kids use. When they get a hold of my Windows XP, they destroy it! They load Ares, and other p2p progrmas, and POOF, I'm infected.

Since I've been using Linux, what a difference it has made. I understand that I can still get infected, but my chances are reduced dramatically.

My thanks to everyone for thier thoughful inights to many ways to reduce malware/spyware etc.

One more thing, hornet777, what does FWIW stand for? I think I'm going to publish a book called "Acronyms for Dummies" lol Take care everyone :)
O thou invisible spirit of wine! if thou hast no name to be known by, let us call thee devil!
William Shakespeare 1564 - 1616 Othello [1604 - 1605], act II, sc. iii, l. 285

#15 dave38

dave38

    Devout Murphyite!

  • Retired Staff
  • PipPipPipPipPip
  • 8,508 posts

Posted 11 August 2006 - 03:23 PM

FWIW- For What Its Worth
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum

#16 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Retired Staff
  • PipPipPipPipPip
  • 15,830 posts

Posted 11 August 2006 - 05:00 PM

ITEKT! :lol:
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.




Member of UNITE
Support SpywareInfo Forum - click the button