- Next »
- Previous
What 1101doc has learned about security
If you've ever browsed some of the user forums on the net you've read reports from people whose computers have been infected with malware: virus/worm/trojan/rootkit. The new breed of malware is being designed with profit in mind, and these baddies will often enlist your computer into a spam-spewing army of 'bots. They also very often make changes to the system that makes them very hard to remove. Many users have just given up and done a clean install of Windows with full format because it was actually easier than removing the malware. Prevention is the key, and there is no one solution that will guarantee saftey. But. Layers of protection will make your system very hard to infect, and allow you considerable peace of mind as you surf the net.
First-use a router between your LAN or DSL modem and your computer. It will act as a hardware firewall, and when you add your own password and enable the built -in encryption you create a strong first layer of defense that is quite difficult to break through.
But not impossible.
So second- use a strong personal firewall. There are quite a few excellent (and free) firewalls available. Everyone you ask will have an opinion. I think "Gizmo" Richards does a great job of sorting things out, and offers his recommendations based on personal use and testing. For Firewalls and other free security tools see his site:
http://www.techsupportalert.com/best_46_free_utilities.htm#5
For firewall testing use "Shields Up!"
https://www.grc.com/x/ne.dll?bh0bkyd2
Click the "Proceed" button, and then select "All service ports." Please wait for the test to complete. Green is good.
I use the new top-rated Comodo:
http://www.personalfirewall.comodo.com/
Next, use a full-time anti-spyware client. These are most usually commercial programs, but I think that having strong realtime spyware protection is worth it. Often one comes packaged with antivirus. From my reading it seems that AVG (formerly Ewido) is highly regarded:
http://www3.grisoft.com/doc/2215/us/crp/0
(Also offered as part of the commercial protection package which includes anti-virus)
Another that gets good marks is Webroot Spysweeper:
http://www.webroot.com/consumer/products/spysweeper/
I personally use A-Squared anti-malware:
http://www.emsisoft.com/en/software/download/
Whichever you choose (and there are other good ones) be sure to get full-time/real-time protection/immunization with automatic updates. Mine updates hourly. Included should be download protection and e-mail protection, and "scan this file" add-on to the right click menu.
Of course, Anti-virus is a basic necessity. Curiously, the free Avira anti-virus (when fully updated) recently out-performed both Norton and MacAfee in tests.
I read excellent reviews of NOD32:
http://www.eset.com/
Also very highly regarded is Kaspersky:
http://www.kaspersky.com/
I use Avira free behind the Comodo Firewall
http://www.free-av.com/
There are many good alternatives, but I go on record as opposed to Norton from personal experience and MacAfee from my research. Both are too invasive and resource demanding for the protection offered. Much better choices are available. Choose wisely.
Unfortunately, this is not the end of the story. There can still be problems with things that you encounter before any of your security utilities updates have installed protection. I like protection from "Zero-day" baddies as well. This requires a Host Intrusion Prevention System.(HIPS) "Gizmo" offers a good review of the top contenders:
http://www.techsupportalert.com/security_HIPS.htm
As you can see Defense Wall won the top spot:
http://www.softsphere.com/
It is a commercial product.
Second place went to free CyberHawk:
{EDIT: Cyberhawk has been changed. I have not used the new application.
I went back to SpywareGuard after problems with Cyberhawk.}
Still not the end of the story.
Malware is designed for the most commonly used applications. Windows over everything else, and by connection Internet Explorer over all other browsers. Sure, other browsers can have weaknesses, but you are much less prone to problems using Opera or Firefox just because they are NOT Internet Explorer. My own preference is Opera. Arguably the most secure, but I think that it is more intuitive for former IE users than Firefox. Whatever. Both offer better cookie control. In Opera, I clear all cookies except for the ones I want every time I close the program. Please give alternative browsers a good try--it's another layer of protection.
To give yourself extra protection on the internet, run your browser in a "Sandbox." That way anything that happens
while surfing the net is confined to the sandbox, and the entire contents can be deleted after each session. Even if
you do run into malware, it cannot infect your system. The highest rated is Defense Wall (see above) but Sandboxie
is very well respected and is free: http://www.sandboxie.com/index.php?DownloadSandboxie It's the one I use.
Almost there. (to the end of the story)
Malware comes from the Internet. Where I go, and what I do can make a BIG difference. There are actually sites that a user can visit (depending on system configuration) and become infected without any action at all--just by visiting the page. Fortunately, almost all these "Bad places" are quickly recognized. There are good people keeping track of this kind of thing and providing help for those of us who might stumble into traps. Open DNS is one way to prevent visiting dangerous sites: http://www.opendns.com/ It works very well.
An other way to add protection is through the use of a "Hosts File." I use the MVP Hosts File:
http://www.mvps.org/winhelp2002/hosts.htm
It updates twice a month and includes most of the addresses for the ads which appear on web pages. This means that not only does it keep me out of trouble, but it automatically blocks the ads so that I don't have to see them or wait for them to load. This make surfing considerable faster.
Email comes from (and through) the Internet as well. For best protection, maintain a web-based email account (Like Yahoo or Google) and open your messages there. Bring home (to your machine) only those messages and attachments that you have investigated (and maybe scanned) online and know are safe. Even so, have all incomming mail checked by your antivirus/antispyware utilities.
What you've read so far is how I have layered my defenses. Since adopting this configuration, I have been happily surfing for months without so much as a tracking cookie. Does that mean I'm now immune? No. I scan my system with five different tools each week to be sure, and make daily backups of my Registry with ERUNT. But having these layers of protection in place makes it much less likely that I will become infected with malware, and that feels good!
