Re: Beginner in Security

Author	All Replies
Wildcatboy Premium,Mod join:2000-10-30 Toronto, ON kudos:2 Host: Security Product V.. Security	reply to newsnerd8 Re: Beginner in Security The key to understanding security is to understand How you can get infected. A lot of people think of Trojans and spyware as these Evil programs that actively look for people and infect them automatically. In most cases, that's not true at all. It's just a misconception. The fact is that in most cases, Trojans and spyware don't infect you, you infect you. Primarily there are two ways that you can get infected: A) You run something you shouldn't have. B) Something uses a vulnerability in your system or the applications you are running and infects you. What's responsible for the majority of infections we see is "A". Once you know "How", then you can take steps to eliminate the cause and once the cause is eliminated, you can run your system even without an AV or AS, knowing that you'll be fine. Stopping "A" is probably the easiest. It requires no application or tools. Just common sense. Don't click on something you don't know. Don't install a software unless it's well known or until you ask around about it first. Don't open email attachments unless you know what they are, etc... Now you might say what if I accidentally make a mistake and click on something? Well, that's when a Good AV can help you. It's not supposed to be there to protect you all the time, it's there to save you from the mistakes you might make once every couple of years. A year or two ago I would have suggested AVG. It's not that it's a bad AV. It's still good. But in my view there are better free options available. I'd go with Antivir. The detection rate is superior to AVG and even most of the paid Avs, updates are frequent and it's easy on your resources. As for "B", the infection happens due to your system or application vulnerabilities. To solve the problem, eliminate or mask the vulnerabilities. To eliminate Network and system vulnerabilities and holes, use a firewall. This means that nothing, I mean absolutely nothing can infect you from outside. To eliminate application vulnerabilities, use alternative applications that don't have them or if you are quite familiar with how those applications work, try to harden them. Because I understand that asking new computer users to start hardening their applications is not quite practical, I always suggest alternatives until they are ready and willing to learn how to harden their applications. As mentioned by others, use alternative browsers like Firefox. Use alternative email applications like Thunderbird, etc... These two changes alone will stop majority if not all spyware that automatically install themselves on your machine. Once you take the steps above, you'll realize that there's not much you need protection from, therefore there won't be many applications that you'd want to use. I've also seen people suggest using a router. Having it is not bad at all but you also need to understand that if you don't have a network, a router provides no more advantage than the simple XP firewall does. Both will stop external attacks 100% of the times. The only advantage is that a router runs independently and outside your operating system. Keep reading, understand the threats and how they operate and you will realize that the world is not as scary a place as you thought it was. You can keep buying applications till the cows come home but none of them can protect you like you can. -- You can catch the Devil, but you can't hold him long.
	to forum · permalink · 2007-02-06 20:00:12 ·
nonymous Premium join:2003-09-08 Glendale, AZ Reviews: ·Callcentric	I've also seen people suggest using a router. Having it is not bad at all but you also need to understand that if you don't have a network, a router provides no more advantage than the simple XP firewall does. Both will stop external attacks 100% of the times. The only advantage is that a router runs independently and outside your operating system. " A NAT router is not a firewall yes but very effective on incoming.So if it has a strong p[password a good backup. The windows firewall can be turned off. Even if by accident. The nat router for incoming is a great backup.
	to forum · permalink · 2007-02-06 21:50:11 ·
newsnerd8 join:2007-01-30 Merrick, NY	I see so many suggestions, it's kind of overwhelming where to start from. If I use a router and Windows XP firewall, a solid AV, along with a program for spyware, is that good for a beginner? Do I need a seperate program for anti-trojans? I have a feeling so many of those programs aren't set and forget ones, which I really need to start off and stay protected. My main goal is to be able to just surf safe sites without getting trojans, viruses, hackers, etc. I guess nobody is really into the Anti-Malware one from AVG? Is there even a difference in the paid AVG from the free one?
	to forum · permalink · 2007-02-06 23:38:56 ·

bluezanetti Premium join:2003-10-04	said by newsnerd8: If I use a router and Windows XP firewall, a solid AV, along with a program for spyware, is that good for a beginner? Do I need a seperate program for anti-trojans? Realistically, in that list you should be able to stop at the AV, with solid being operationally defined as one that also deals well with malware in a generalized sense (including spyware and so on). Can additional things be beneficial? Sure, but the point of diminishing positive returns has already kicked in when you go beyond a solid AV and the potential of genuinely negative conflicts will start to become prominent as more is added. A beginner desiring more is probably best served by opting for a suite-type solution. Blue
	to forum · permalink · 2007-02-07 00:21:10 ·
antiserious The Future ain't what it used to be Premium join:2001-12-12 Scranton, PA	reply to newsnerd8 said by newsnerd8: I see so many suggestions, it's kind of overwhelming where to start from. If I use a router and Windows XP firewall, a solid AV, along with a program for spyware, is that good for a beginner? Do I need a seperate program for anti-trojans? Yes, that's a good start. AVG is a decent anti-virus, especially for the activities you've described. said by newsnerd8: I have a feeling so many of those programs aren't set and forget ones, which I really need to start off and stay protected. My main goal is to be able to just surf safe sites without getting trojans, viruses, hackers, etc. I guess nobody is really into the Anti-Malware one from AVG? Is there even a difference in the paid AVG from the free one? A program like SpywareBlaster is ideal for set-and-forget. It uses no resources, you simply open it, check for updates, enable all protection, and close it. It works in the background, blocking certain exploits before they get a chance to affect you. The free version of AVG Anti-Malware (which used to be Ewido) is fine - but you'll get a free 30-day trial of the full version when you install it, so you can decide if you need or want those pay features. I would also strongly recommend you learn about securing IE, and then use Firefox instead - not to start a browser war, but Firefox is simply not susceptible to many IE exploits, which fits in with your stated goal of set-and-forget. No matter what you decide to do, there's just no substitute for paying attention, and spending a little time learning about security. It need not be a full-time job, but spending a little time reading a forum like this one will go a long way towards avoiding trouble, which beats fixing things after the fact. fwiw -- "The future ain't what it used to be." - Yogi Berra
	to forum · permalink · 2007-02-07 00:23:26 ·
Mele20 Premium join:2001-06-05 Hilo, HI kudos:4	reply to newsnerd8 said by newsnerd8: I see so many suggestions, it's kind of overwhelming where to start from. If I use a router and Windows XP firewall, a solid AV, along with a program for spyware, is that good for a beginner? Do I need a seperate program for anti-trojans? Yes, what you have listed is good for a beginner, but AVG is NOT a "solid" AV. That is not just my opinion. AVComparatives is a site that is highly respected among security people and AV vendors. They run tests several times a year on AVs that want to participate to evaluate performance. Results of the latest tests will be on the site on March 1. The last tests with posted results was from last Nov and on those, AVG scored a "Standard" rating. In comparision, Avira, which I started using a few weeks ago (free version), and really like, scored the highest of all tested and got a rating of advanced plus (not just advanced). I suggested that you use BoClean partly because you are using a mediocre AV that does NOT do well on catching trojans. If you use Avira it will catch most everything and if you like it and you purchase it, instead of using the free version, you will get protection against adware/spyware (more than what is in the free version). I see nothing wrong with you using AVG if you like it, feel comfortable with it, and find it not confusing or hard to use (that's important for a beginner). But I really believe you will need an antitrojan application like BoClean to go with it. With Avira or Kaspersky for your AV (or a few others) you would not need an additional application for antitrojans as Avira and Kaspersky are top AV. However, I don't think KAV is easy for a beginner to use and even Avira might be confusing for a beginner although you can leave the settings at default and be safe with it. You don't need to tinker with it. The free version does not have a mail scanner but if you are interested in learning about and practicing safe computing you may already understand that you don't need an email scanner. If you get an attachment in an email never open it, unless you were expecting to get it, and even then always, no exceptions EVER, download the attachment to disk and right click scan it first with your AV before opening. You said to start off, you want a "set and forget it" application. BoClean is that and it will catch everything except viruses. I have not used the Anti-Malware that AVG has now so I can't speak to its ease or non-ease of use as set and forget. Others here can. AVG is very popular here (that does not mean that it is a great AV though). »www.av-comparatives.org/ Click on the November test to see the results of those AV tested. This, of course, is just one test but it is a good one and will give you some idea of which AV are really strong, good ones. One other thing: are you using IE? You should use a safer browser like Firefox and half your worries about security are gone if you just avoid IE. -- "If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions" »www.msfirefox.com/
	to forum · permalink · 2007-02-07 00:47:05 ·
rawwhide Premium join:2000-09-03 The Sticks Reviews: ·AT&T DSL Service 1 edit	reply to newsnerd8 said by newsnerd8: I see so many suggestions, it's kind of overwhelming where to start from. Start with Wildcatboy's post. In addition you may want to look at rootkit detection. »www.microsoft.com/technet/sysint···ler.mspx Also as a last line of defense you may look into encryption programs like truecrypt. That away if you become infected and something happens to your system. Anything the hacker downloads that is encrypted will not be usable by the hacker in most cases. Unless you use an easy password like 1234 were they can brute force crack it. edit: Or the hacker logged your passwords, which case you should realize as soon as you are aware of an infection not to use any your passwords at all. -- HUH!!! Sekurecom
	to forum · permalink · 2007-02-07 14:48:58 ·

Broadband Tech > Security > Security > Beginner in Security