New security tools help protect your PC

Topic

New Reply

	TOP STORY[/size][/font] New security tools to help protect your PC[/size]
	By Robert Vamosi The latest routers, security suites, and software patches can help protect your PC against today’s ever-more-sophisticated Internet attacks. These security tools are easy to install, easy to maintain, and provide the average PC user with basic protection against viruses, botnets, Trojans, rootkits, and other types of malware.[/size]

---

The full text of this column is posted at WindowsSecrets.com/2010/03/18/01 (opens in a new window/tab).

Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.[/td]

[/tr][/tbl]

Reply | Quote

Replies

I read the article on security suites with interest and surprise. Whatever has happened to Checkpoint’s Zonealarm Security Suite or it’s big brother Extreme Security Suite. I can’t be alone in still using this one time WS favorite barrier to the infidels…

Why no mention of it ?

Should i change to one of the recommended ones or is there an omission. After all it wasn’t long ago that Norton was notorious in being inadequate and a sod to get rid of…

Someone enlighten me…

Tom

Reply | Quote

In my area, TimeWarner Cable is offering free wireless routers with WEP encryption. This is wholly inadequate. WPA or WPA2 encryption is much better. I also think that NAT (network address translation) is crucial to securing networks. Yet I’m unsure about which routers provide NAT. Finally, I think that 802.11g is fast enough for many households. Why are only more-expensive 802.11n routers mentioned?

It would be very helpful to comment on the security aspects of older WPA2-capable, NAT-capable, 802.11g routers, many of which are available for much less than $100.

Reply | Quote

Quote: “Advanced PC users can put together a custom suite of apps for little or no cost — but then again, maintaining a max-and-match set of programs is more difficult than installing a single security suite.”

There’s no need for this old fashioned “max-and-match [sic] set of programs”. This article is embarrassingly incomplete without mentioning Comodo Internet Security. I’ve been using this evolving security suite for more than 5 years on all household PCs. It’s hard to find a better counter-example to the aphorism that “you get what you pay for”. With CIS, you don’t; it’s free and you get more than you would from “today’s top-rated suites [which] cost $30 to $70 a year”.

Reply | Quote

I love the way the newsletter updates us on the latest good stuff. It’s really great to be reminded of what needs to be done.

At this side of the black stump (userland) change is a serious, costly and diverting issue. We don’t want to ditch one thing, and replace it with the next, simply because it is no longer ‘first’ on the list. I have a software firewall which was great last year – the list no longer gives me a clue where it sits. I worry. I’d love not to have to.

Could you consider adding a list of ‘adequates’ alongside the ‘bests’ so that those of us who adapted last year can work out if it is time to change.

Reply | Quote

Top Security Suite – I find it hard to believe that these titles are given to these software suites based solely on a bunch of test ran in a lab. Both PC World and PC Mag need to take a look at how they rate these software suites. These suites are resource-hungry, slow and invasive for the most part. Test results in a lab do not always equate to best performance in the real world. If you want to determine the top security suite then ask those of use who have to support systems using these suites. Just as important as what these suites detect is what happens when they become corrupted or something is missed and there in lies the rub. Most of these suites Norton in particular are almost impossible to uninstall, difficult if not impossible to repair, do not play well with other security software and cost much more than they are worth resulting in most users never updating their subscriptions past the trail period. So while these suites may be tops in the lab in the real world they have become my biggest headache.

Reply | Quote

Please ask Brian to look at InZerosystems.com and click on the news items to see the Businessweek article and a photo of Aleksey Shevchenko, whom I sent to meet Brian back in 2004 with the very best security device in the world! Now, the gov’t agrees… Paul Waters in Kiev since 1992!

Reply | Quote

There is no way I would recommend Norton Internet Security to anyone. It runs like a slug and it can lock down innocuous Web browsing. After running it for six months on my own computers and being embarrassed by it with clients, it is permanently off my list. (I replaced it with Microsoft Security Essentials.)

But that’s not why I’m responding. When Windows Secrets publishes on security, I want to take it to the bank. Giving recognition to a review that says “where the editors noted its polished user interface” strikes me as blindingly superficial. Yes, I’d like all my software to have nice UIs. But for a security product? “Polished UIs” are for productivity products where a good design saves time. For security, I don’t care how ugly or inconvenient the thing is as long as it stops the bad guys and doesn’t suck up the PC’s resources doing so.

As for whether the UI is actually polished or not, I find Security Essentials much easier to use and understand than Norton. I used Norton AV products for over 10 years before dumping them due to onerous licensing and I found NIS to be the least approachable, least well-designed version I’d ever seen.

I expect more from Windows Secrets, which I consider the premier source for Windows security information.

Reply | Quote

In addition to the security tools recommended here I also think using a vitualized enviroment can significantly improve your computers security. Personally I use both entire virtualized machines with VMWare and VirtualBox as well as a virtualized environment with Sandboxie. For my most dangerous serfing I use Sandboxie inside of VMWare. The virtual environment won’t prevent the malware or virus infection, you still need the other tools, but it makes it easy to recover and reset your environment without much hassle or risk to your computer.

Reply | Quote

Unfortunately, I must agree with the others who have posted in this thread. For the first time ever, I feel compelled to give the article low marks. While I understand that WS doesn’t run a lab, and doesn’t have the financial resources to do so, I think you guys can do better than trust the likes of PC Magazine, with its advertising driven revenue model that depends on giving high marks to big advertisers. Since Brian used to work for InfoWorld, he should know better.

Points to Ponder

[*]Form versus Function. For a security package, form is less important than function, unless the form is so bad that it adversely affects effectiveness. Since I expect security software to fall into the “set and forget” category, I can forgive a dull, boring user interface that I see maybe once a month.[*]Resource Requirements. Security software is supposed to guard the door, not hover over your shoulder. It should be as unobtrusive as possible, consistent with doing its job, staying out of the way unless there is a real emergency, or an engine update requires a restart. Even in that case, it should confine itself to notifying you that a restart is needed; it shouldn’t arbitrarily restart, or even say “I’m going to restart when you hit the OK button.”[*]Suites versus Best in Class. The argument for suites is that integration leads to better performance and shorter learning curves. While this can be true, it isn’t necessarily so. Over the last three decades, there have been plenty of examples of “suites” that were little more than a collection of independently developed programs thrown into a box, with a common installation script. From a commercial perspective, suites motivate their publishers to continuously add new features. Sooner or later, the suite crumbles under the weight of all the new features. Perhaps my bias as a toolmaker and heavy batch job user is showing a bit, too, though I could name scores of instances in which a single purpose tool earned its keep by doing a better job, being easier to use, or both.

Brian and Woody know that he can’t cover everything; that’s why Woody started this board, and Brian took it over. The article that spawned this thread was below par, but we can make up for it by sharing our real world experiences in this forum. That’s why it is here, and why we all need it.

What’s In My Kit?

[/b]
I’ll start things off with an overview of the items in my security kit. I’ll admit that my kit hasn’t received the attention that it once did, but it seems to be getting the job done for my particular circumstnaces.

Background. I am and independent consultant, and my office is in my house. My network is at the end of a fiber optic network.

Hardware Firewall. I use the fiber optics vendor’s router, but my usage is confined to the wired router and its built’in DHCP server. My printers have Ethernet adapters and static IP addresses. Everything else gets an address from the router, and the leases expire in a day.

Software Firewall. I use the Windows Firewall. All of my machiens run Windows XP SP 3 or Windows Vista SP 2. I’ve debated substituting another firewall for the Windows Firewall, as I once did, with ZoneAlarm Pro. However, as ZA became more complex, it also became more fragile, and I let it go several years ago.

Anti-Virus. I use AVG 9, with the on-access, email, and link scanners enabled, and the shell hooks installed.

Anti-Malware. AVG 9.

Software Updates. Microsoft Update is configured to notify only, and I run the Microsoft Baseline Security Analyzer from time to time, since my environment has numerous server applications (IIS, SQL Server 2000, etc.)

Carbon Unit. That would be me, and I see my mind as the most important security software in my environment. I am very conservative about email and Web usage. Unexpected attachments, even if they appear to come from a client, are set aside and vetted. If a Web site looks dodgy, I don’t go there, even if my Google search report says they have something that I want or need. I’ve usually been able to find the same thing elsewhere, on a more trustworthy host. In the few cases when I couldn’t, I did without, or rolled my own.

David A. Gray

Designing for the Ages, One Challenge at a Time

Reply | Quote

“Secunia’s report on Google’s Chrome 4.x lists no unpatched security issues — which would appear to give Chrome a bit of a security edge over Firefox, at least for the moment.”

Is this appropriate since your article already called into doubt whether in fact the Firefox 3.6 was in fact non existent?

Reply | Quote

There is a new kid on the block for “suites” that I feel is very effective with a small footprint. I use Vipre AV with anti-malware, and firewall all in one. It updates very regularly (every 2 hours) and includes definitions for all three components. Check out http://www.sunbeltsoftware.com/ and see what you think.

Reply | Quote

Although not specifically a security tool, I guess, I like the simplicity and speed of filehippo.com’s Update Checker.

Reply | Quote

Once again, I feel the need to point out that as long as your security software meets or exceeds the standards of West Coast Labs, or some other independent testing lab (This does NOT include Matousek!), you are good enough. Your baseline therefore could include:

A) Upgrade from Windows XP or earlier to Windows Vista or Windows 7.

B) Upgrade from Internet Explorer 6 or 7 to IE 8 — NOW!!

C) Once done with these, download and run Secunia PSI, and update plug-ins, like Java and Flash Player and Apple iTunes/QuickTime.

Then look into security software. But don’t overbuy.

1) Set up the Vista or Windows 7 Firewall so that you have easy access to the outbound controls. Sphinx Software provides a better user interface than the built-in Windows controls. ( http://www.sphinx-so…ista/order.html Decide for yourself whether you want the free version or the paid version. ) Trust me, you WILL need to adjust the outbound Windows Firewall at some point.

2) Download and install Microsoft Security Essentials (MSE) and set it to auto-update and auto-run in its deepest scanning mode when you seldom use your computer. (Try 3 AM Sunday Morning, or some such time, and leave the PC on Saturday Night.) Once a week scanning is fine. Do quick-scans if anything suspicious happens in between deep scans.

3) If you want advanced heuristics protections, it wouldn’t hurt to have PC Tools Threatfire on your computer. Just be aware that not all third-party scanners are compatible with Threatfire. I haven’t heard of problems with Threatfire on top of MSE.

4) You might want second-opinion antispyware scanning, but this is optional. There are many fine free antispyware scanners, and each has its strengths and its weaknesses. Just make sure (if your Windows is 64-bit) your choices are Native 64-bit security programs. Most today are NOT (including some pricey paid suites!) .

5) If your router does have security features, be sure they are properly implemented.

Then sit back and relax! You are well enough protected, and you did not buy into the Security Suites. Don’t feed their greed.

I like that Microsoft is finally putting some of its own resources into securing Windows. They are not all the way there yet, but I believe MS’s efforts should be encouraged through Windows users using MSE primarily and staying away from paid suites. That is a moral and ethical position on my part, not a declaration that MSE is better than anyone else’s products. But make no mistake — MSE, when combined with the Vista/Windows 7 Firewall and a good security router, is definitely good enough for nearly any home user. Just as long as you use Firefox or Chrome, update IE 8, and dump older versions of your plug-ins.

Windows XP needs much more protection, but I do not recommend using Windows XP anymore. I do still use Windows XP, but my next laptop will run 64-bit Windows 7 Home Premium. Convert older hardware to Linux, if the hardware MUST still be used online. Otherwise upgrade, even if it means upgrading your hardware. Just my opinion, but one shared by much of the Tech Press.

-- rc primak

Reply | Quote

Thankyouall for all the good advice regarding security software! But don’t you, as I do, feel that there is something fundamentally wrong here, when all this work and cost is necessary just in order to browse the internet?? Why do we accept all this criminal software on the internet threatening us?? Wouldn’t it be easier to eliminate that?

The situation on the internet today is like the old wild west. Lots of gunned criminals around, and a weak society lacking a police force, a developed court system etc. At that time every man and home had to take care of their own security. But in a modern society you don’t have to wear a bulletproof vest whenever outdoors, or turning your home into a fortress. It is simply not allowed to walk around threatening people with a gun, or trying to break in to peoples houses. But on the internet, any computer turned into a weapon by a botnet, is still allowed to connect, threatening our security. Why not simply disconnect them from the internet? That would not be a problem technically.

Or is the internet still ruled by the romantic idea of total freedom to do anything, like in the old wild west, and we are willingly paying the price with all this security software and hardware??

Reply | Quote

Thankyouall for all the good advice regarding security software! But don’t you, as I do, feel that there is something fundamentally wrong here, when all this work and cost is necessary just in order to browse the internet?? Why do we accept all this criminal software on the internet threatening us?? Wouldn’t it be easier to eliminate that?

The situation on the internet today is like the old wild west. Lots of gunned criminals around, and a weak society lacking a police force, a developed court system etc. At that time every man and home had to take care of their own security. But in a modern society you don’t have to wear a bulletproof vest whenever outdoors, or turning your home into a fortress. It is simply not allowed to walk around threatening people with a gun, or trying to break in to peoples houses. But on the internet, any computer turned into a weapon by a botnet, is still allowed to connect, threatening our security. Why not simply disconnect them from the internet? That would not be a problem technically.

Or is the internet still ruled by the romantic idea of total freedom to do anything, like in the old wild west, and we are willingly paying the price with all this security software and hardware??

Here’s an interesting article for you, from it World[/u][/color][/url][/u][/color][/u][/color]. Similar stories, some with more details about Microsoft security guru Scott Charney’s proposals, have appeared in CNet News and Infoworld.com. Of course, IT industry and ISP industry support for this way of making the Internet safer, has been underwhelming to say the least. EFF and other civil libertarian groups have yet to be heard from on this issue, last I read. What do you think?

-- rc primak

Reply | Quote

With Vista Home Premium, up-to-date with security patches, I run ThreatFire alongside Comodo’s firewall and NOD32 without problems. For manual scans with Anti-Vir Personal or MBAM, I flip ThreatFire into suspend mode temporarily. I wish Webroot’s SpySweeper had co-existed this nicely with my Vista setup; I might have kept it.

Reply | Quote

There’s some very useful info here on security software, but I think it’s worth pointing out that the majority of the complaints that IC3 received were not the result of some insidious virus or Trojan horse that managed to get through firewalls and AV software. Rather they are mundane threats such as advanced fee fraud (aka Nigerian 419) and stuff bought from web sites that never got delivered. In preventing these ‘attacks’, an ounce of common sense is better than a ton of software precautions – most of which are completely helpless if someone chooses to order from a suspect web site or can’t resist the opportunity to claim their “23 MILLION DOLLARS” prize from a sweep-stake they never entered.

Such scams have been going on for a very long time, certainly long before the Internet was invented. And they will probably continue, irrespective of the technology involved, as long as humankind still contains its share of the greedy and the gullible.

Reply | Quote

There’s some very useful info here on security software, but I think it’s worth pointing out that the majority of the complaints that IC3 received were not the result of some insidious virus or Trojan horse that managed to get through firewalls and AV software. Rather they are mundane threats such as advanced fee fraud (aka Nigerian 419) and stuff bought from web sites that never got delivered. In preventing these ‘attacks’, an ounce of common sense is better than a ton of software precautions – most of which are completely helpless if someone chooses to order from a suspect web site or can’t resist the opportunity to claim their “23 MILLION DOLLARS” prize from a sweep-stake they never entered.

Such scams have been going on for a very long time, certainly long before the Internet was invented. And they will probably continue, irrespective of the technology involved, as long as humankind still contains its share of the greedy and the gullible.

That’s part of the motivation for the last item listed in my “kit” – the carbon unit. IMO, it is the most important, and the least discussed. Of course, some of them may need firmware upgrades.

David A. Gray

Designing for the Ages, One Challenge at a Time

Reply | Quote

Of course, some of them [carbon units] may need firmware upgrades.

That’s the whole point, isn’t it? Even the best of us can be led astray with what would otherwise be just a tiny mental lapse. It’s why we need smart walls – to protect us from ourselves.

Reply | Quote

Social engineering, as it’s called, has more success than I would have expected. It’s puzzling but, psychologically, I think too many people falsely assume their closed doors somehow include the Internet, as if only face-to-face threats are real. Then there’s always common denial and rationalization on the side of these “social engineers” as well; after all, I haven’t died out on the highway yet, even though over 40,000 do every year in America alone. Reality’s a fine instructor though—if you heed its lessons. If not, I’m not sympathetic.

Reply | Quote

With the rise in PDF-based malware (e.g. Report says “Malicious PDF files comprised 80 percent of all exploits for 2009″) it’s also worth considering whether to use an alternative PDF reader. While the alternatives also have vulnerabilities, the majority of malware currently distributed targets Adobe’s PDF reader (as it’s the most common).

Another tip from the Security Now podcast is to set the security level for the ‘Internet’ and ‘Local Intranet’ zone to high if you don’t normally use IE as your browser. Because the IE components are used by other programs you can still be vulnerable to IE-based problems even if you don’t use IE, however setting the zone settings to high disables scripting etc. which mitigates most attacks. Note though that you have to be cautious if you amend this setting because it can cause problems in other programs, therefore you need to exercise caution and be mindful that if something stops working it may be related to this..

Reply | Quote

Reading this article, I have to weigh in as well. Not to mention AVG 9.0 in an article about all-in-one security suites, is like leaving Kleenex out in discussing tissues on the market today.
I have to heartily concur with the assessment of Symantec products. Their anti-virus may have been good at one time, but their current programs run like malware themselves! Have you ever tired to delete their 360 or security suite trial version from a computer, and not have it suddenly, surreptitiously jump out and bite you again? Over the years, when Symantec has gobbled up their superior competition, they have proceeded to ruin the software, starting with PC Tools then the Powerquest products etc!

Reply | Quote

Adobe Reader alternatives:

Because of intractable issues between Foxit’s reader and my Vista setup, I use PDF-XChange Viewer, which has more features than I need but is smaller than Adobe’s product.

Reply | Quote

Vamosi’s article was excellent especially for the un-initiated and the near-initiated but in some ways he swallowed the lead. One of the most important points he made was relegated to the last sentence and paragraph. It bears repeating:

“Even if you don’t use IE for browsing, though, various important Windows services use Internet Explorer, so you must keep it updated.”

in bold.

Eric C Williams

Reply | Quote

It always amazes me that almost any security review completely ignores NOD32. It is the only anti-virus product I would ever entertain. I have used it since the middle 90s on several computers and have never had an issue. I also recommend it to all customers I come in contact with. And I have never heard of any issues from them either.

Reply | Quote