Broadband virus protection

[jonneymendoza]

am I miss reading this ?

you've just said


so your saying its actually really good and works well for you.

then you've said


So how do you know its worked well for you if its got this massive problem of not letting you know you've got viruses ?

am I miss-reading or have you just slated a product for having a bad flaw, that you've just said works flawlessly for you ?

well i dont get no viruses thx 2 avg and my firewalls, so it seems as though its working properly for me. i can definetly say its better than norton....

[Paul Adams]

I need to clear this common misconception up, apologies for going slightly OT for a second:

...The router is very good at blocking incoming and windwos xp offers protection agaisnt outgoing trojans...

The Windows Firewall in XP SP2 and 2003 SP1 protects against inbound connection attempts and prevents processes running locally from setting themselves up as a listening service.

It does not prevent any process from making an outbound connection on any interface to which TCP/IP is bound.

The sentiment behind the post is valid, security is a layered approach and there is no single silver bullet app.

[TheAnimus]

i've yet to see an outbound firewall that can't be got round very simply in a user with debug priveldges, most you can get round as a standard "user" class.

Admitedly i've seen one which was very hard to get round, using some rather nifty security features of windows. But i'm obviously not at liberty to talk about that one (was part of a interview, so i don't really know much, i just failed to get round it!)

Outbound protection really needs a hardware firewall, or some degree of seperation useually by obscurity.

[Dorza]

Personally i don't feel the need to install any sort of anivirus program.

I just use Adaware, Spybot, Sygate PF, and for virus's i just use Trend Micro HouseCall aswell as Panda Activescan. There is an initial download for both of these but once you got the software you can scan till your hearts content without needing yet more programs in your programs folder, its all online. Im also behind a hardware firewall which is useful.

Good common sence on line is handy aswell, particularly with broadband.

[oshta]

Ive used AVG free for the last 3years, and ive never had a problem.

- We that said, ive often wondered if i would be wiser to pay for a better AV program, seeing as they are prttiy important!


Daniel

[kempez]

I use a n00b proof, and expert friendly AV/Firewall combo.
Computer Associates E Trust EZ AV and Firewall . It auto-updates and you can easily set program permissions/open up ports on it.

plus I'm behind a hardware firewall, and spybot, and adaware, and Winblows firewall......

[chrisg22]

From my personal experiance with AVG, I have found it to be very... uneffective, One of my mates keeps suggesting it to my other mates and my other mates keep coming to me saying they have a virus etc etc, I have always found NOD32 to be the best for me, but I pay for that.

[sooty]

I use a Linksys Cable Router
Sygate Personal Firewall
AVG Free Edition

I also make frequent calls to Trend Micro HouseCall and this has never found anything that AVG has missed

[jonneymendoza]

avg rules!!!

[peterb]

As others have said, good computer Sy has to be thought about, and is not just about bolt on tools. You need to consider the type of attack you will be up against, the value of the data that might be compromised, how much protecting that data and the value of its loss is worth and what level of risk you are prepared to accept - bearing in mind that you can never reduce that risk to zero, unless you disconnect your computer from any online source and never import files from anywhere!

The NAT firewall in most routers will, if correctly configured, protect against inbound opportunist attacks such as IP and port scans. Yopu should never open up inbound ports unless you really need to (and unless you are running a server that requires public access, there are few instances where you need to do that - and if you are, you are in a whole new ball game and should know what you are doing )

Once that is secured, you need to worry about malware that legitimately gets through the firewall - either inadvertantly downloaded from a dodgy website, or imported through an e mail. Keeping your OS patched and up to date will help. Avoiding non-mainstream web sites is a matter of user preference, and you might want to consider an alternative browser, such as firefox or Opera. If you MUST use IE, look very carefully at the sy settings - don't run activeX code without giving explicit permission, for example.

Finally e mail. Don't open email or attcahments from people you don't know. Preferably use a different e mail client from Outllok or Outlook express. Mulberry, evolution or the Opera E mail (quirky) are alternatives - there are many more. If you use older versions of Outlook, turn off the preview option. Outlook is much better (from a malware point of view||) than it used to be, but it isn't the be all and end all of mail clients!

Finally - software that will act as a backstop against users (your!) mistakes. A virus checker that scans incoming e mail as well as system files is a must. Keep it up to date with the latest patterns. That will probably entail a subscription. Install something like Zone Alarm (I would have said Kerio personal firewall, but Kerio have stopped supporting it) that will detect malware that is trying to open outgoing connections. It's a pain initially as you train it (don't just click on 'yes' without understanding what is happening) but worth it long term.

Above all, know your system, and scan it frequently - at least weekly - most AV software allows you to set that up automatically.

Don't get paranoid about it - but don't be complacent either!!