I'm reformatting my rig and giving it a much better setup with drive partitions and so on. I was wondering what AV and Firewall everyone uses and if its even worth it. This is my "clean" computer and no garbage gets DL onto it. My only concern would be malicious emails. Now i have ZA and Norton installed... seems to be giving a big performance hit. I'm also running a router blocking incomming calls. Are these things needed to keep my system safe and if so what should I use?
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
To Use, Or not to Use? AV and Firewall
- Thread starter n64man120
- Start date
Firewall?
If you have a NAT router, maybe you can live without one...if you configured it to a point where you got zero ZA alerts over a period of time. I'm there, but the software firewall stays. Call me paranoid. (ZA or Kerio)
An aside: Hopefully, I'll have a Smoothwall Linux router built shortly. This is an effective, but cheap solution.
AV?
Norton's does eat resources...lots and lots of them.
Take a look at NOD32.
While you are looking around, take a look at PocoMail. It is an extremely secure mail client.
If you have a NAT router, maybe you can live without one...if you configured it to a point where you got zero ZA alerts over a period of time. I'm there, but the software firewall stays. Call me paranoid. (ZA or Kerio)
An aside: Hopefully, I'll have a Smoothwall Linux router built shortly. This is an effective, but cheap solution.
AV?
Norton's does eat resources...lots and lots of them.
Take a look at NOD32.
While you are looking around, take a look at PocoMail. It is an extremely secure mail client.
burningrave101
[H]F Junkie
- Joined
- Sep 9, 2003
- Messages
- 11,825
Kerio or Zone Alarm would be your two best choices for a firewall. Sygate is another thats fairly popular. I use Kerio myself.
The new SP2 firewall seems to work alot better then the original. I dont know how it stacks up against a REAL software firewall though.
AVG would be my first choice for a free firewall. NOD32 and Kaspersky are both really good but you'd have to pay for those two.
The new SP2 firewall seems to work alot better then the original. I dont know how it stacks up against a REAL software firewall though.
AVG would be my first choice for a free firewall. NOD32 and Kaspersky are both really good but you'd have to pay for those two.
t. shuffle
Limp Gawd
- Joined
- Jun 11, 2004
- Messages
- 381
Here's my home security setup:
Inexpensive D-Link router/firewall. (It's amazing how far a little NAT goes)
Windows firewall.
Symantec AV that I don't even allow to run in the background, and is just used to manually scan downloaded files and email attachments from sources not 100% trusted.
While I don't recommend being this lax to the average user, I can say that I''ve never, ever, had a single infection of any kind. (Unless you count spyware, and that was before I learned the joys of Firefox.)
Inexpensive D-Link router/firewall. (It's amazing how far a little NAT goes)
Windows firewall.
Symantec AV that I don't even allow to run in the background, and is just used to manually scan downloaded files and email attachments from sources not 100% trusted.
While I don't recommend being this lax to the average user, I can say that I''ve never, ever, had a single infection of any kind. (Unless you count spyware, and that was before I learned the joys of Firefox.)
BillLeeLee
[H]F Junkie
- Joined
- Jul 2, 2003
- Messages
- 13,486
Norton AV is a resource whore.
I like Kerio 2.5 (their best version) and a low resource using AV running, like AVG or Avast. If you can afford it, NOD32 is one of the best AV software out there.
I like Kerio 2.5 (their best version) and a low resource using AV running, like AVG or Avast. If you can afford it, NOD32 is one of the best AV software out there.
Ice Czar
Inscrutable
- Joined
- Jul 8, 2001
- Messages
- 27,174
n64man120 said:
its so refreshing to see someone actually decompile ever bit of code they put on thier computer
http://hardforum.com/showthread.php?t=768776
http://www.microsoft.com/technet/security/guidance/avdind_0.mspx
firewalls and AV arent necessary
they can be completely avoided with three simple steps
1. disconnect the computer from the internet
2. encase in cement
3. stand a 19 year old with a rifle over it
A little money spent on this kind of software will go a long, long way. I've spent a few hundred on software over the last few years, in addition to the OS. Still, I spent less than a really good video card costs. When I upgrade rigs, I move the software, too. That saves money, if you don't mind using software as it ages. I still use Word97, for example. My point is that money spent for NOD32 and other security oriented software is money well spent. You can't get freeware for everything. Well, you can, but it may not be the best thing to do everytime.BillLeeLee said:
RanceJustice
Supreme [H]ardness
- Joined
- Jun 9, 2003
- Messages
- 6,620
Personally I use Sygate Pro, as I like its wealth of features and relatively small footprint. If you don't neccessarily need all the detail of sygate but good an free protection, Kerio is the way to go.
As far as an AntiVirus goes, I suggest either MKS_Vir (a new product with killer heuristics, but is still in its first release) or AVK Pro (www.boomerangsoftware.com). AVK Pro utilizes 2 anti virus heuristics and definition sets at the same time for greater protection, and its only like $30.
Stay away from Norton at all costs! Zone alarm is in my opinion flawed in many ways but still better than nothing. With a nice little NAT/SPI router, a software firewall, and good antivirus you have a decent measure of protection.
As far as an AntiVirus goes, I suggest either MKS_Vir (a new product with killer heuristics, but is still in its first release) or AVK Pro (www.boomerangsoftware.com). AVK Pro utilizes 2 anti virus heuristics and definition sets at the same time for greater protection, and its only like $30.
Stay away from Norton at all costs! Zone alarm is in my opinion flawed in many ways but still better than nothing. With a nice little NAT/SPI router, a software firewall, and good antivirus you have a decent measure of protection.
Ice Czar
Inscrutable
- Joined
- Jul 8, 2001
- Messages
- 27,174
Xaeos said:
feel quite proud of myself, for being able to recognize that lanuage as Polish
the English link
http://english.mks.com.pl/products.html
AntiVirus : NOD32
Firewall : MS Windows SP2 built-in - plus NAT
Also tjek here for track records : Virus Bulletin - Independent Anti-virus Advice
Firewall : MS Windows SP2 built-in - plus NAT
Also tjek here for track records : Virus Bulletin - Independent Anti-virus Advice
Falls Included
I'm happy & gay too
- Joined
- May 30, 2003
- Messages
- 3,701
norton system works 2003 (hey, hey, found it in a dumpster)
tiny personal firewall 2.0 (best yet that i've found)
nat
between those 3 and the top 2 are the VERY FIRST things that i install, even before any drivers (well, mouse drivers, so i can use it...)
tiny personal firewall 2.0 (best yet that i've found)
nat
between those 3 and the top 2 are the VERY FIRST things that i install, even before any drivers (well, mouse drivers, so i can use it...)
t. shuffle
Limp Gawd
- Joined
- Jun 11, 2004
- Messages
- 381
Falls Included said:
you ever wonder why it was there?
that pos has caused way more problems than it has ever prevented or fixed
how about Thunderbird (set for IMAP), FireFox, Kerio and AVG?
I have separate restricted accounts for email and internet on my sys. The internet account is not set up for any email at all so that if something gets in that way there is no way for it to read the email address book. my email account is not used for surfing, just for emails. obviously it needs an internet connection but IE and FF are never started if at all possible. It is started only for resume submission at sites that are in the newspaper, for example, or for hitting a link in a read email. It is a POP3 while the internet account uses IMAP email reading. obviously all 'net purchases use a non-ISP account.
If you have an ISP never give out your real email address but rather give them a sub account which you have created. Then use mailwasher...
I have separate restricted accounts for email and internet on my sys. The internet account is not set up for any email at all so that if something gets in that way there is no way for it to read the email address book. my email account is not used for surfing, just for emails. obviously it needs an internet connection but IE and FF are never started if at all possible. It is started only for resume submission at sites that are in the newspaper, for example, or for hitting a link in a read email. It is a POP3 while the internet account uses IMAP email reading. obviously all 'net purchases use a non-ISP account.
If you have an ISP never give out your real email address but rather give them a sub account which you have created. Then use mailwasher...
If you don't look at shoddy porn sites, download music, and open e-mail attachments, then you're probably not going to need an av prog. And unless you're running a server/website off your pc or broadcasting yourself all over the net, a firewall won't be necessary.
Ice Czar
Inscrutable
- Joined
- Jul 8, 2001
- Messages
- 27,174
poopy said:
welcome to 2004
this is called a search engine
search queries may or maynot take you where you think they should
where they may or maynot exploit one of a various number of flaws
and since most people from time to time, want to get something for free
there is this type of software, that is quite popular, its called freeware
(we wont discuss the other kind you pointed out
)it may or maynot contain malicious code as well, bringing us to
email and IM which alas no longer require user assistance in many cases
or, are in fact fairly clever with social engineering,
not to mention direct attacks through flaws in the OS or applications
leaving brute force attacks
while your advise is certainly a cornerstone of a security policy
you forgot the rest of the house
a few links
3 real security guides
http://www.nsa.gov/snac/
http://www.microsoft.com/technet/security/guidance/avdind_0.mspx
http://www.uksecurityonline.com/husdg/wxpp2.php
and a basic checklist
http://hardforum.com/showthread.php?t=768776
and an out of date linkfarm
http://radified.com/Articles/internet_security.htm
and a security freeware repository
http://www.wilders.org/free_tools.htm
and never, ever, leave your IP Stack hanging in the wind
A conversation with Lance Spitzner, Sun Microsystems senior security architect
and a founder of the Honeynet Project
a Honeynet (or pot) is a system that is bait for intrusion so it can be detected, monitored, mined for data and techniques
and eventually deflected, causing no harm from it, not an easy thing to do, considering the intruder has "root"
Excerpted Transcript
Used with permission from both Lance Spitzner and Dana Greenlee Producer and co-host of the WebTalkGuys
but she is a Lady, and very nice one for letting me do this
and of course Lance for taking time out to give me permission and answer a few questions.
We join the discussion of Honeynets in the middle here
poopy said:
Lollerberries...
I don't look at shoddy or quality porn sites, download music or open untrusted email attachments. Yet I still sit here behind my router, daily updated AV and software firewall and pay attention to what's going on.
Your kind of attitude is why my router activity light has reached the point where it just doesn't go off at all anymore, it's solid on. Nothing much going on on my side of the router, it's mostly crap from infected peoples computers bouncing off the router.
There's no excuse to not have some kind of firewall and av.
Even with AV and a firewall I am paranoid. I try to stick to known sites, if it's freeware I try to get it from a known site, and sometimes from two places to compare byte sizes. I don't use instant messengers, I don't use and idle on irc. I don't use P2P. And also because of that paranoia I don't mention what brands of router/av software/firewall I use.
t. shuffle
Limp Gawd
- Joined
- Jun 11, 2004
- Messages
- 381
Do you have a tinfoil hat?
Ice Czar
Inscrutable
- Joined
- Jul 8, 2001
- Messages
- 27,174
t. shuffle said:Do you have a tinfoil hat?
no but I do have tinfoil underwear