Re: Beginner in Security in Security

Re: Beginner in Security in Security http://www.dslreports.com/forum/r17784630 en Thu, 03 Dec 2009 12:58:44 EDT Thu, 03 Dec 2009 12:58:44 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17809231 Hutch : This is what I Run.

Router with in-built Firewall.
Windows XP SP2 fully patched. Windows Firewall Disabled.
Kav 6.0.2.614.
TrojanHunter 4 disabled from start up.
IE 7 With all Patches.
SpywareBlaster
I Surf with a limited user account in Windows.
And common sense. (not click happy)

This set up suits me. It may not suit you. You have try many alternatives like I did for years. I have come to this configuration, which I find frees me up to spend more time with family. I haven't been infected with any nasties for over two years with this configuration.

The members of this board have passed on some great information in this thread, it can be a bit daunting for a newbie.

My advise would be try different applications, that don't harass your system and suit you, and your ability to use them. Eventually you'll find the configuration that suits you and your system.
--
Who Gives A.......Don't Ask Me.......Cos I Don't Give A **** :D]]> http://www.dslreports.com/forum/remark,17809231 Sat, 10 Feb 2007 19:14:30 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17809043 nonymous : I still say a basic nat router. No wireless until you are ready for that can of worms. A known brand and cheap is fine. Mail in rebates heck free.
For a beginner they are set and forget. So no wireless unless you need it and then realize that is a large can of worms for a newbie but not impossible. Just another topic.
I have had windows firewall turned off by other security programs. Software firewalls glitch out and not start.
The router well once every now and then I have to pull the power cord and plug it back in to reset a connection. But it was still protecting.
Most if not all nowadays have the web interface off by default and then change the password as a backup. My opinion only.]]> http://www.dslreports.com/forum/remark,17809043 Sat, 10 Feb 2007 18:34:16 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17797126 Mele20 :

said by antiserious

:

I now regret having posted in this thread at all. I don't know if I helped or hindered, but I dislike having contributed to all the 'noise'. I wish you good luck and safe surfing.

I thought your post was one of few that really helped a newbie so I don't think you should regret having posted in this thread.

--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"

»www.msfirefox.com/]]> http://www.dslreports.com/forum/remark,17797126 Thu, 08 Feb 2007 17:33:26 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17795444 antiserious :
Another problem I see is knowing who to believe. If you're not a regular visitor here and you get conflicting information, which suggestion do you take? That's where the FAQ and polls can help. They provide a bit of consensus, so you're not relying solely on anyone's opinion - and, as should be obvious by now, we have some VERY opinionated members, who don't hesitate to pontificate at any and every opportunity.

I now regret having posted in this thread at all. I don't know if I helped or hindered, but I dislike having contributed to all the 'noise'. I wish you good luck and safe surfing.

--
"The future ain't what it used to be." - Yogi Berra
]]> http://www.dslreports.com/forum/remark,17795444 Thu, 08 Feb 2007 12:51:19 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17794127 jabarnut :

said by Wildcatboy

:

You asked what time it was and they tried to teach you how to make a watch.

So true.....reading through this entire thread could easily overwhelm any 'beginner in security'.
(And most people who aren't beginners for that matter).

said by hpguru

:

What Wildcatboy

said. All of it. Study what he is telling you. Take it to heart because the man knows what he is talking about. He won't steer you wrong. :)

Agreed- Follow Wildcatboy

's straightforward advice and you'll be fine. (He has a few posts in this thread...read them all again).

If it will help you feel any better, there's no way I'm going to attempt to make a watch either....I would end up nuttier than I already am. ;)
--
I had a life once.....now I have a Computer and a Modem.]]> http://www.dslreports.com/forum/remark,17794127 Thu, 08 Feb 2007 08:45:13 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17793434 hpguru : What Wildcatboy

said. All of it. Study what he is telling you. Take it to heart because the man knows what he is talking about. He won't steer you wrong. :)]]> http://www.dslreports.com/forum/remark,17793434 Thu, 08 Feb 2007 02:19:10 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17791490 MagMan : Amazing if you people here don't have the original poster scared into a corner he soon will be. ;)]]> http://www.dslreports.com/forum/remark,17791490 Wed, 07 Feb 2007 20:05:42 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17789439 rawwhide :

said by newsnerd8

:

I see so many suggestions, it's kind of overwhelming where to start from.

Start with Wildcatboy's post. In addition you may want to look at rootkit detection. »www.microsoft.com/technet/sysint···ler.mspx

Also as a last line of defense you may look into encryption programs like truecrypt. That away if you become infected and something happens to your system. Anything the hacker downloads that is encrypted will not be usable by the hacker in most cases. Unless you use an easy password like 1234 were they can brute force crack it. edit: Or the hacker logged your passwords, which case you should realize as soon as you are aware of an infection not to use any your passwords at all.
--
HUH!!! Sekurecom]]> http://www.dslreports.com/forum/remark,17789439 Wed, 07 Feb 2007 14:48:58 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17789426 Wildcatboy :
You asked what time it was and they tried to teach you how to make a watch.

If you find this thread with all the 16 suggested products confusing, you're not alone and you're not dumb. You're quite normal.

Get back to basics. If an AV doesn't catch enough, the answer is not complementing it with another AV-like application. The answer is finding another one that does, which is why I suggested free Avira.

You have a firewall, you have an AV. Keep your computer up to date, keep yourself up to date, switch to firefox or any alternative browser, live your life and that's my prescription. Do it for 6 months and I'll see you then for your next checkup. :)
--
You can catch the Devil, but you can't hold him long.]]> http://www.dslreports.com/forum/remark,17789426 Wed, 07 Feb 2007 14:45:27 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17788965 mysec :

said by Mele20

:

1) I think newbies need very simple to use and set up programs to protect them in the beginning.

2) Then and only then can they be free to begin really learning about security

3) and LATER after they learn then is the time to re-evaluate what is being used and whether or not some of what is used is not really needed now that a solid knowledge of their computer and computer security is theirs.

I took the liberty of dividing your paragraph into three parts.

I would begin with 2) because if the person doesn't understand some basics of security, she/he won't understand what the security programs are actually doing. "Preventing viruses" isn't much of an explanation to a new person. But understanding what an executable is, and how it is handled differently than a text file by the computer, is easily explained and demonstrated, and is basic to security.

Let me say here, as I've mentioned in other threads, on a forum it's difficult because you don't really know what the person's background/knowledge is.

But assuming you can speak with the person, that's how I start.

Proceeding from understanding file types naturally gets into email security and attachments. Then to the browser and how it handles file types, downloads, how remote code execution works, etc.

Now, I proceed to your 1), and in a recent situation with a family friend, we set up a custom computer with:

XP and firewall enabled
Opera
Forte Agent
Anti-Executable
External HD backup

There is nothing simpler than this for a person new to computing to prevent accidents, as the original poster was inquiring about. The white list protection is "default deny" and there is no tweaking, configuring, updates - nothing complicated at all, as I described in my first post.

Another system we set up is similar to above but different browser/email by choice of the user, and Deep Freeze added at the bottom.

So, no two situations are the same, and that is what I meant by my reluctance to recommend specific products right out of the gate, without knowing more about the poster's situation. Often the poster will explain more, and then it becomes easier to talk about specific products.

I would restate your 3): later as the user progresses and encounters new situations that she will have to learn about, different tools may be useful to add at that time. But this gets them started with the basic functions of email/surfing in a safe manner.

regards,

-rich

______________________________________________
"Talking About Security Can Lead To Anxiety, Panic, And Dread...
Or Cool Assessments, Common Sense And Practical Planning..."

--Bruce Schneier

]]> http://www.dslreports.com/forum/remark,17788965 Wed, 07 Feb 2007 13:35:16 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17788791 amungus : "What they really need to understand is that what's been saving them from trouble, is not the applications they use but the knowledge they have accumulated by reading and hanging around forums like this. The moment they accept that, they can throw most of their applications out and still be safe and feel safe."

...that was a fantastic quote.

"I think newbies need very simple to use and set up programs to protect them in the beginning. Then and only then can they be free to begin really learning about security and LATER after they learn then is the time to re-evaluate what is being used and whether or not some of what is used is not really needed now that a solid knowledge of their computer and computer security is theirs.'

Sure, newcomers appreciate simplicity. Not sure if that means they'd learn anything though...

Anyway, to the Original Poster, another vote here for Spyware Blaster. I think it's one of the greatest programs out there for blocking unwanted junk on the 'net.
Spybot Search and Destroy even suggested you use it instead of/or in conjunction with their "immunize" function.

It uses ZERO resources. It blocks garbage. It is very simple to understand.

Here's my top 10 for you. Granted, there is already MUCH great advice here... my list is by no means complete, just a few top things I'd suggest since you asked for help...

1) Use a router. It is worth the approximately $50, and you will learn a whole lot about basic networking and security if you tinker with it even a little bit... Really, once it's setup though, you don't have to go back in to the configuration and change much... These magic little boxes will also protect your connection instead of leaving your computer directly connected to a real world IP address...

2) Spyware Blaster - protects Internet Explorer, Firefox, and I think it protects Opera as well... Check for updates about monthly.

3) AVG is a fairly lightweight antivirus that you seem to like. No need to change that. Try another program or two if you feel like it...

3) Antispyware: AVG Antispyware was Ewido. Ewido used to rock. I would say go for it if you want. Pretty sure the free version still has basic functionality after the trial period... I'd personally rather trust this over Windows Defender, though it can't hurt to keep both. Spybot S&D, Ad-Aware SE, are also well known and pretty well trusted spyware scanners that have decent track records for removing nasty things.

4) Keep reading this and other security forums to be aware of what's out there, what works, what doesn't.

5) UPDATES. Cannot be understated. Update your OS, let your AV update itself, make an effort to check up on any other security software that doesn't auto update......

---the next couple listed here apply to the Firefox browser. They are "add-ons" that are simple to install and never bug you after the 1st quick setup... Use your favorite search engine to find them...

6) "Ad-Block plus" if using Firefox. Fantastic program. Much like Spyware Blaster, it doesn't use any resources, it's more like a blocklist.

7) "Customize Google" - has a lot of nice and easy to understand options. Also has a few nifty privacy options and ad blocking. Not a true "security" thing, but it is nice...

8) Software Firewall. Others have vouched for the ease of Zone Alarm, I will too. I've put it on family computers, college student's laptops, or anyone curious about having that extra layer of protection. MUCH better than Windows firewall, easy to understand, and you'll learn about which programs you have that want to go online... I also still like Sygate.

9) Use your gut instinct. Most times, if you don't feel that you trust something, you're right. Is that email really from somebody you know??? Is that attachment something you requested???? Does that site that popped up on a search engine have a URL (ie, "htt p :/ /www . scam scam. com" ..broken up so that it's not a real link...) that looks trustworthy??? Does this or that popup really look like it came from a legit program that you installed on your computer??? Was it an update for a real program, or just a popup window that looks almost like the real thing... check your actual programs, go to their website, do a search, check forums for what others are saying... be patient, do some research before clicking anything that moves...

10) If you're really worried something might go wrong, turn your computer off when you're gone for the day, and later when you go to sleep. Nothing can "sneak in" to your computer while it's turned off!

Hope everyone here's been helpful and that you aren't too overwhelmed. Just go one step at a time. Don't rush ahead full speed or you might flip out on something and lose your patience. Take it all in at a slow and deliberate pace and you'll be better off in the long run, with a much better understanding of what's going on. ]]> http://www.dslreports.com/forum/remark,17788791 Wed, 07 Feb 2007 13:09:02 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786957 Mele20 : Sorry, but I disagree strongly. I know when I started out I had not heard of this site so I couldn't come ask here. I found just understanding the basics of McAfee 4.2 to be extremely difficult...what the heck was "bloodhound" and "heuristics"? Geez...I looked up the definition in Wikipidia or something and didn't understand a word of what it said. I didn't know how to get McAfee to scan my email...that wasn't easy to set up...of course McAfee has greatly improved its interface since then but back then Norton was much more understandable for a newbie but McAfee came on my computer and no one told me I might be better off getting Norton which I did a year later after I got my first and only virus and I was so relieved that I could easily understand Norton and still didn't really understand McAfee.

I think newbies need very simple to use and set up programs to protect them in the beginning. Then and only then can they be free to begin really learning about security and LATER after they learn then is the time to re-evaluate what is being used and whether or not some of what is used is not really needed now that a solid knowledge of their computer and computer security is theirs.

If I had come here when I was new and asked and been told what you wrote, I would have turned tail and slunk off and looked for a site (like Wilders) where the users would give me excellent information on what programs could best protect me, a newbie, right then and there. Of course, I cannot speak for the OP, but this is how I would have felt and I would have been very grateful to anyone who either provided me with some easy to use protection here or sent me to a site where the members would do that.

I suppose this post will be deleted because I am not towing the Security forum mantra but this is my honest feeling.
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"

»www.msfirefox.com/]]> http://www.dslreports.com/forum/remark,17786957 Wed, 07 Feb 2007 05:05:48 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786877 mysec : The reason I didn't suggest specific programs is that without knowing more about the user's computing habits, it can be counterproductive.

For example, I agree that the XP firewall, inbound only, is the easiest for a beginner.

But if he is on broadband, or has several computers on a home network, then he needs to consult with a network person to learn about router and other configurations.

Even if just starting out, if this is his setup then he's got to jump in and learn what's needed.

regards,

-rich

______________________________________________
"Talking About Security Can Lead To Anxiety, Panic, And Dread...
Or Cool Assessments, Common Sense And Practical Planning..."

--Bruce Schneier

]]> http://www.dslreports.com/forum/remark,17786877 Wed, 07 Feb 2007 04:01:56 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786841 mysec : My suggestion for the OP's concerns about getting infected while surfing and wanting a set & forget solution was to describe the system starting from the bottom, working up to the top, and analyzing what is necessary for protection at each of the levels.

I find that often the advice is to install this or that protection, and the user ends up with a list of products, and doesn't really see the whole picture of the system and what is involved in protecting the various components.

Looking back down, we see:

---------------------------
Router/Firewall
Browser/Email
White List Prevention
Operating System Protection
Backup/Storage
----------------------------

While people discuss ad infinitum the plusses-minusses of firewall/router, browser/email, it's all a moot point if something is in place to catch any thing that slips by. Someone just starting out may not have a browser/email configured for maximum protection. Or may make a mistake in email or on a web site.

My suggestion for Whitelist was in response to his set and forget: there are no updates as required with AV-AS.

I gave the zero-day example to show that AV cannot be relied upon for the peace of mind which the OP wants in his situation:

said by newsnerd8

:

I'm a beginner in security, and am trying to learn as much as possible. Besides having a firewall, what are the best options for protecting my computer from trojans, viruses, keeping a hacker off my computer, etc?

There is more than one way, of course, but this is one of the simplest ways for a person just starting out. Nothing can intrude by accident.

Later, as the person gets into other aspects of computing, he will require other tools, as I mentioned in my above post, but by building on a firm foundation, and understanding how various tools are applicable, he doesn't just pile up a long list of applications needlessly.

regards,

-rich

______________________________________________
"Talking About Security Can Lead To Anxiety, Panic, And Dread...
Or Cool Assessments, Common Sense And Practical Planning..."

--Bruce Schneier

]]> http://www.dslreports.com/forum/remark,17786841 Wed, 07 Feb 2007 03:39:47 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786838 Mele20 : I've been thinking the same thing...that we are overwhelming a beginner. I think what you use is very good. Avast is not the best AV but it is better than AVG and is easy to use (at least last I tried it that was true) and BoClean is a great compliment to Avast and it is easy to set up and use. XP Firewall is easy to use too. ]]> http://www.dslreports.com/forum/remark,17786838 Wed, 07 Feb 2007 03:37:48 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786799 greenhatch : I'm a simple soul and still rate myself as a novice even after a while having my own computer. Most of the above advice is grand and I can follow most of it: too much for a beginner to take in though, in my opinion. The problem with having a router, for instance, is that they can be too complex for the novice if something needs resetting: similarly with a software firewall (including those in security suites), dealing with outgoing popups can be daunting for the novice.
XP firewall, Avast, BoClean, WinPatrol Plus and AdMuncher are what I have on my machine; and of course I practice careful surfing and emailing. ]]> http://www.dslreports.com/forum/remark,17786799 Wed, 07 Feb 2007 03:08:43 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786548 mysec :

said by newsnerd8

:

I checked out the whole security section, including reading hours of posts and faq.

It's still a little complicated when not knowing all the basics for good prevention.

It seems to me that the basics for good prevention start with securing your system from the bottom up and understanding the various points of attack.

In a worst case scenario (fire, theft), do you have off-site backups of your personal files, installation discs, manuals?

Going up from the bottom, how is your operating system/registry protected in case of some unforseen bad situation? Do you have an imaging program? Rollback, or Reboot-to-restore program?

Next in line should be the prevention of the installation of any unwanted executable. This could happen by a mistake in clicking on something, or remote code execution (aka drive-by download), where going to a website will trigger a download. Or by surreptitious running of a setup.exe on a CD/DVD.

There are many ways to prevent this, from running as Limited User, invoking Software Restriction Policies, using 3rd Party programs: Process Guard was mentioned; also Anti-Executable, and some newer players on the block. This type of protection works on the White List Principle, where nothing can inadvertently install in the scenarios I mentioned.

As others have pointed out, your own common sense will prevent most of the above, but it's a nice feeling to know that this type of protection is in place.

said by newsnerd8

:

I have AVG Free Edition for the AV, but would like to know if I need more protection to keep hackers and trojans/viruses out.

I would suggest that this is the least effective means, since it works on the Black List Principle, where the malware needs to be in the AV database before it can be detected.

A recent example is related here:

more code injection sites 8.js
»isc.sans.org/diary.html?storyid=2178

Note that the goal of this attack, as is seen in most attacks, is to install a trojan - here, a script connects to zj5173.com to cache qq.htm which downloads the executable, 2.exe.

Note also that not many AV programs have caught this trojan. Just to check, I uploaded it again to KAV:

However, some type of White List protection will *prevent* any inadvertant installing of an executable not already on the system:

Now, it's true that this example uses an exploit pertinent to IE, and if on high security, the iframe would not load the .htm file which attempts to download the trojan, 2.exe.

But there are many other such exploits, such as the recent ACER vunerability, and MSWord Vulnerabilites. No application is immune from being exploited. Until patched, White List protection prevents these exploits.

From a white paper by Dennis Szerszen:

An Ounce of Prevention
http://www.infosec.co.uk/ExhibitorLibrary/123/An_Ounce_of_Prevention.pdf

quote:
What if we were to take a more proactive approach and determine which processes and software should be allowed to run instead? Such a whitelist approach exists today in the form of software solutions that enable enterprises to enforce a security policy for the use of approved application, denying all else by default... Malicious code by default is not on the white list which means that enterprises can rest assured that their exposed software vulnerabilities are safe from potential exploitation, enabling their IT staff to work proactively to develop scheduled patch deployments rather than being in a constant state of emergency.

said by newsnerd8

The great advantage of having White List protection is that it is set and forget - default deny so that you can safely surf and not inadvertently get trojans, viruses.

Some exploits run a script, such as the 8.js above, and the recent ACER one, but ultimately the goal of the script is to install some executable, which will be blocked.

It's also true that avoiding vulnerable-prone applications, and considering the *liklihood* that something inadvertant as the above would happen, most users would not encounter something like the above.

However, I want something in place to prevent *any* possibility of a mishap.

As an aside,some type of White List protection is great for the family computer, where Mom and Dad control everything and the little kids can't install anything without their permission.

Continuing up, you come to your applications such as email, browser. This is the "front gate" so to speak, but should not be considered as the "stopgap," in my opinion. I always want something more secure "behind" these front line applications.

And of course, router or firewall at the top.

I've addressed just the inadvertent types of entrance points, since this seems to be your main concern here.

By setting up a strategy that secures your system from the bottom up, you can think through the tactics you want to employ at each level. For example, you might want an AV for file scanning, or such, but you would understand what the function of your AV is - what it protects against, and what its limitations are, and at what level it's affording you protection.

regards,

-rich

______________________________________________
"Talking About Security Can Lead To Anxiety, Panic, And Dread...
Or Cool Assessments, Common Sense And Practical Planning..."

--Bruce Schneier

]]> http://www.dslreports.com/forum/remark,17786548 Wed, 07 Feb 2007 01:08:15 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786481 Mele20 :

said by newsnerd8

:

I see so many suggestions, it's kind of overwhelming where to start from.

If I use a router and Windows XP firewall, a solid AV, along with a program for spyware, is that good for a beginner? Do I need a seperate program for anti-trojans?

Yes, what you have listed is good for a beginner, but AVG is NOT a "solid" AV. That is not just my opinion. AVComparatives is a site that is highly respected among security people and AV vendors. They run tests several times a year on AVs that want to participate to evaluate performance. Results of the latest tests will be on the site on March 1. The last tests with posted results was from last Nov and on those, AVG scored a "Standard" rating. In comparision, Avira, which I started using a few weeks ago (free version), and really like, scored the highest of all tested and got a rating of advanced plus (not just advanced).

I suggested that you use BoClean partly because you are using a mediocre AV that does NOT do well on catching trojans. If you use Avira it will catch most everything and if you like it and you purchase it, instead of using the free version, you will get protection against adware/spyware (more than what is in the free version). I see nothing wrong with you using AVG if you like it, feel comfortable with it, and find it not confusing or hard to use (that's important for a beginner). But I really believe you will need an antitrojan application like BoClean to go with it. With Avira or Kaspersky for your AV (or a few others) you would not need an additional application for antitrojans as Avira and Kaspersky are top AV. However, I don't think KAV is easy for a beginner to use and even Avira might be confusing for a beginner although you can leave the settings at default and be safe with it. You don't need to tinker with it. The free version does not have a mail scanner but if you are interested in learning about and practicing safe computing you may already understand that you don't need an email scanner. If you get an attachment in an email never open it, unless you were expecting to get it, and even then always, no exceptions EVER, download the attachment to disk and right click scan it first with your AV before opening.

You said to start off, you want a "set and forget it" application. BoClean is that and it will catch everything except viruses. I have not used the Anti-Malware that AVG has now so I can't speak to its ease or non-ease of use as set and forget. Others here can. AVG is very popular here (that does not mean that it is a great AV though).

»www.av-comparatives.org/
Click on the November test to see the results of those AV tested. This, of course, is just one test but it is a good one and will give you some idea of which AV are really strong, good ones.

One other thing: are you using IE? You should use a safer browser like Firefox and half your worries about security are gone if you just avoid IE.
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"

»www.msfirefox.com/]]> http://www.dslreports.com/forum/remark,17786481 Wed, 07 Feb 2007 00:47:05 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786360 antiserious :

said by newsnerd8

Yes, that's a good start. AVG is a decent anti-virus, especially for the activities you've described.

said by newsnerd8

:

I have a feeling so many of those programs aren't set and forget ones, which I really need to start off and stay protected. My main goal is to be able to just surf safe sites without getting trojans, viruses, hackers, etc. I guess nobody is really into the Anti-Malware one from AVG? Is there even a difference in the paid AVG from the free one?

A program like SpywareBlaster is ideal for set-and-forget. It uses no resources, you simply open it, check for updates, enable all protection, and close it. It works in the background, blocking certain exploits before they get a chance to affect you.

The free version of AVG Anti-Malware (which used to be Ewido) is fine - but you'll get a free 30-day trial of the full version when you install it, so you can decide if you need or want those pay features.

I would also strongly recommend you learn about securing IE, and then use Firefox instead - not to start a browser war, but Firefox is simply not susceptible to many IE exploits, which fits in with your stated goal of set-and-forget.

No matter what you decide to do, there's just no substitute for paying attention, and spending a little time learning about security. It need not be a full-time job, but spending a little time reading a forum like this one will go a long way towards avoiding trouble, which beats fixing things after the fact.

fwiw
--
"The future ain't what it used to be." - Yogi Berra
]]> http://www.dslreports.com/forum/remark,17786360 Wed, 07 Feb 2007 00:23:26 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786350 bluezanetti :

said by newsnerd8

:

If I use a router and Windows XP firewall, a solid AV, along with a program for spyware, is that good for a beginner? Do I need a seperate program for anti-trojans?

Realistically, in that list you should be able to stop at the AV, with solid being operationally defined as one that also deals well with malware in a generalized sense (including spyware and so on). Can additional things be beneficial? Sure, but the point of diminishing positive returns has already kicked in when you go beyond a solid AV and the potential of genuinely negative conflicts will start to become prominent as more is added. A beginner desiring more is probably best served by opting for a suite-type solution.

Blue]]> http://www.dslreports.com/forum/remark,17786350 Wed, 07 Feb 2007 00:21:10 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17786095 newsnerd8 : I see so many suggestions, it's kind of overwhelming where to start from.

If I use a router and Windows XP firewall, a solid AV, along with a program for spyware, is that good for a beginner? Do I need a seperate program for anti-trojans?

I have a feeling so many of those programs aren't set and forget ones, which I really need to start off and stay protected. My main goal is to be able to just surf safe sites without getting trojans, viruses, hackers, etc. I guess nobody is really into the Anti-Malware one from AVG? Is there even a difference in the paid AVG from the free one?]]> http://www.dslreports.com/forum/remark,17786095 Tue, 06 Feb 2007 23:38:56 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17785350 nonymous : I've also seen people suggest using a router. Having it is not bad at all but you also need to understand that if you don't have a network, a router provides no more advantage than the simple XP firewall does. Both will stop external attacks 100% of the times. The only advantage is that a router runs independently and outside your operating system. "

A NAT router is not a firewall yes but very effective on incoming.So if it has a strong p[password a good backup. The windows firewall can be turned off. Even if by accident. The nat router for incoming is a great backup. ]]> http://www.dslreports.com/forum/remark,17785350 Tue, 06 Feb 2007 21:50:11 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17784668 Psicop : Let me reinforce what has been already reinforced in this thread and numerous others in this forum:

1. Secure Windows
2. Router with a built-in FW
3. Antivirus
4. Secure browser + Web filtering application (eg. Proxomitron, Ad-Muncher...) + intelligent web surfing

That's it! No need for more.

There are other free extras than can be added on top but they aren't that necessary as the correct router will do that job. They are: SpywareGuard & SpywareBlaster, Windows Defender, Process Guard/System Safety Monitor/WinPatrol/PrevX, etc., Sandboxie (good for risky surfing), etc.]]> http://www.dslreports.com/forum/remark,17784668 Tue, 06 Feb 2007 20:06:27 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17784630 Wildcatboy : The key to understanding security is to understand How you can get infected. A lot of people think of Trojans and spyware as these Evil programs that actively look for people and infect them automatically. In most cases, that's not true at all. It's just a misconception. The fact is that in most cases, Trojans and spyware don't infect you, you infect you.

Primarily there are two ways that you can get infected:

A) You run something you shouldn't have.

B) Something uses a vulnerability in your system or the applications you are running and infects you.

What's responsible for the majority of infections we see is "A".

Once you know "How", then you can take steps to eliminate the cause and once the cause is eliminated, you can run your system even without an AV or AS, knowing that you'll be fine.

Stopping "A" is probably the easiest. It requires no application or tools. Just common sense. Don't click on something you don't know. Don't install a software unless it's well known or until you ask around about it first. Don't open email attachments unless you know what they are, etc...

Now you might say what if I accidentally make a mistake and click on something? Well, that's when a Good AV can help you. It's not supposed to be there to protect you all the time, it's there to save you from the mistakes you might make once every couple of years.

A year or two ago I would have suggested AVG. It's not that it's a bad AV. It's still good. But in my view there are better free options available. I'd go with Antivir. The detection rate is superior to AVG and even most of the paid Avs, updates are frequent and it's easy on your resources.

As for "B", the infection happens due to your system or application vulnerabilities. To solve the problem, eliminate or mask the vulnerabilities. To eliminate Network and system vulnerabilities and holes, use a firewall. This means that nothing, I mean absolutely nothing can infect you from outside.

To eliminate application vulnerabilities, use alternative applications that don't have them or if you are quite familiar with how those applications work, try to harden them. Because I understand that asking new computer users to start hardening their applications is not quite practical, I always suggest alternatives until they are ready and willing to learn how to harden their applications.

As mentioned by others, use alternative browsers like Firefox. Use alternative email applications like Thunderbird, etc... These two changes alone will stop majority if not all spyware that automatically install themselves on your machine.

Once you take the steps above, you'll realize that there's not much you need protection from, therefore there won't be many applications that you'd want to use.

I've also seen people suggest using a router. Having it is not bad at all but you also need to understand that if you don't have a network, a router provides no more advantage than the simple XP firewall does. Both will stop external attacks 100% of the times. The only advantage is that a router runs independently and outside your operating system.

Keep reading, understand the threats and how they operate and you will realize that the world is not as scary a place as you thought it was. You can keep buying applications till the cows come home but none of them can protect you like you can.
--
You can catch the Devil, but you can't hold him long.]]> http://www.dslreports.com/forum/remark,17784630 Tue, 06 Feb 2007 20:00:12 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17784470 nonymous : A real time AV/whatever scanner running full time in the background. Free or paid. Search for ratings here for decent ones. The full time to me is mandatory for a beginner. Not just an on demand.
Then a nat router with a firewall maybe. There is a long thread here somewhere on el cheapo nat router proving nat is ok for now.
Then a software firewall for outbound. Free like ZA etc. is fine. This covers the outbound that a nat router does not catch. You may grow out of this with learning and experience. Or if more advanced uses a rules based software or hardware/software firewall.
Then a free on demand spy scanner like lavasoft or spybot or both.]]> http://www.dslreports.com/forum/remark,17784470 Tue, 06 Feb 2007 19:35:58 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17784045 Mele20 :

said by Wildcatboy

:

As far as I'm concerned, anything besides a good AV and a firewall is a waste, unless you are in the high risk category or unless you like playing with them.

I agree pretty much with that statement except it is not clear if you are referring to a hardware or software firewall (or both). I certainly think everyone on broadband should be behind a router which acts as a hardware firewall. I also think that some application is needed to protect and control applications and that could be a software firewall or an HIPS (in the broadest sense) program. I personally dislike software firewalls so I use ProcessGuard in place of a software firewall but I don't think everyone should use PG or that everyone should use, say, ZoneAlarm, but I do think everyone needs a way to protect and control applications and the way they choose to do this is up to them.

As for the OP, I suggested BoClean primarily because of the OP's choice of AV.
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"

»www.msfirefox.com/]]> http://www.dslreports.com/forum/remark,17784045 Tue, 06 Feb 2007 18:30:35 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17783994 PageTurner :

said by newsnerd8

:

Is the AVG Anti-Malware program good?

I don't know the difference between the paid AVG AV and the free one I have now, but I know the Anti-Malware has the anti-spyware as well.

I'm thinking if the AVG Anti-Malware offers enough protection.

I have heard good things about it. You can download it free and the resident (all the time) scanner works for a couple weeks.Then you can run it manually to scan your computer. I use Boclean myself.

Remember, no one or two programs can possibly protect you from everything.

Your computer settings are very important.

Don't be afraid to get your feet wet, try a recommended program and see how it works for you. :)]]> http://www.dslreports.com/forum/remark,17783994 Tue, 06 Feb 2007 18:22:02 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17783846 newsnerd8 : Is the AVG Anti-Malware program good?

I don't know the difference between the paid AVG AV and the free one I have now, but I know the Anti-Malware has the anti-spyware as well.

I'm thinking if the AVG Anti-Malware offers enough protection.]]> http://www.dslreports.com/forum/remark,17783846 Tue, 06 Feb 2007 18:03:52 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17783764 PageTurner : Spyware Blaster uses no resources. It puts 'kill bits' on selected spyware, so they can't run. You open the program to update it and then you close it.

What I try to do when putting a new program on my PC is set a restore point before I install it.That way if I don't like it, or if it conflicts with another program, I can restore back.

I also try to wait a day or two between installing new programs, so if there is a problem I know what program installed it.

»www.javacoolsoftware.com/spywareblaster.html]]> http://www.dslreports.com/forum/remark,17783764 Tue, 06 Feb 2007 17:50:48 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17783284 AB :

said by newsnerd8

:

. . What would you suggest for solid protection for a beginner under those corumstances? I know it sounds like I want to have my cake and eat it too, but I'm just looking for solid protection being a beginner. I don't know if I need "on demand" "scanning", etc. . . .

»Re: Beginner in Security]]> http://www.dslreports.com/forum/remark,17783284 Tue, 06 Feb 2007 16:41:51 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17783260 newsnerd8 : Thanks so much for everyone getting back to me.

Well, I have one computer and that's all. My surfing habits are basic websites, like sports, news, google, and other sites, but no adult sites. I am sure I have typed in the wrong website addresses in the past that took me to websites that could have spyware. I use Outlook 2003 for my e-mail & IE 6. I have Windows XP SP2 with all the patches. I do not do anything online related to music, and haven't downloaded many programs besides AIM, Windows Media, Real Player, Adobe, and those basics.

My AV is AVG Free. I have had some kind of virus or attack in the past, where someone changed all my passwords. I did reinstall my Windows XP after that.

I'm just trying to get the best protection while being user friendly. I know that doesn't always go hand and hand, but I feel it's counter-productive to let certain programs have access to my computer because I "let them in" soley because I didn't know if I can trust the program or not.

I guess I'm looking for a user friendly anti-trojan and/or anti-spyware program like AVG Free, where it's light on resources, user friendly, and hopefully solid protection. I do not want it to affect my internet speed since I use that the most. If the programs aren't free, that's okay.

What would you suggest for solid protection for a beginner under those corumstances? I know it sounds like I want to have my cake and eat it too, but I'm just looking for solid protection being a beginner. I don't know if I need "on demand" "scanning", etc.

Thanks a lot for all your help!]]> http://www.dslreports.com/forum/remark,17783260 Tue, 06 Feb 2007 16:37:46 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17782173 anon : The arts of security is not something you can learn overnight but in time reading,understanding,and tweaking your pc to your specs is the way.
When i came to BBR years ago thanks to a friend telling me about this site, i was taken back on how much i did not know about my pc, that i kept coming back to read and learn from such a great pool of security users that in three years i have to say i can hold my own at any level of attack.
What you learn here will go a very long way in protecting you in the cyber world.I have to again thank the posters at BBR for teaching me what i need to know about security for my pc. ]]> http://www.dslreports.com/forum/remark,17782173 Tue, 06 Feb 2007 13:49:29 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17780932 Daniel :

** I also suggest you consider giving OS X a try.
--
dmiessler.com -- grep understanding knowledge]]> http://www.dslreports.com/forum/remark,17780932 Tue, 06 Feb 2007 10:16:17 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17780577 koma3504 : If you dont use file sharing between computers at your physical location Disable those services and or completly unistall them.

And disable some unedded services assuming your running Windows Xp]]> http://www.dslreports.com/forum/remark,17780577 Tue, 06 Feb 2007 09:04:24 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17780236 Wildcatboy :
It all depends on who you are, how many people use the computer, what your browsing habits are and how cautious and informed you are. This means that you can read dozens of posts and FAQs and get dozens of different answers. Until you answer the above questions for yourself, you can't get a right answer for your question.

Adding applications upon applications has never been the answer and I doubt it will ever be. Most people who use a bunch of applications, will also tell you that those applications have hardly ever caught anything.

And I tell you why. Because the only people who use that many applications are the ones who hang around forums like this and they are using them because most forums are application based and promote applications. The average Joe hasn't even heard of 90% of those applications.

What they really need to understand is that what's been saving them from trouble, is not the applications they use but the knowledge they have accumulated by reading and hanging around forums like this. The moment they accept that, they can throw most of their applications out and still be safe and feel safe.

As far as I'm concerned, anything besides a good AV and a firewall is a waste, unless you are in the high risk category or unless you like playing with them.
--
You can catch the Devil, but you can't hold him long.]]> http://www.dslreports.com/forum/remark,17780236 Tue, 06 Feb 2007 06:57:26 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17779971 Psicop : Several resources for you (if you are an XP user):

1. »tweakhound.com/xp/security/page_1.htm
2. »www.tweakhound.com/xp/xptweaks/s···aks1.htm
3. »www.markusjansson.net/exp.html (the author posts regularly in here ;) )
4. »labmice.techtarget.com/articles/···list.htm]]> http://www.dslreports.com/forum/remark,17779971 Tue, 06 Feb 2007 03:08:18 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17778620 Mele20 : For a newbie to security the best program I could possibly recommend is BoClean. It is extremely light on resources. You won't even know it is running it is so light. It is very easy to set up and use. It was designed for corporate users who don't know anything about security but need their computers protected. It will protect you from trojans, spyware, keyloggers, rootkits, just about everything except viruses and you have AVG for that. The BoClean support is superb. There is no trial of BoClean (there is a specfic reason for that. PM me if you want more info on the reason or do a search here or at Wilders Security). But if you are unhappy with it for ANY reason, your money will be cheerfully and promptly refunded and that is not an empty or iffy promise. It is a one time purchase and future upgrades are included. The makers of BoClean have great integrity and their word is as good as gold so don't let the fact that is is no trial of BoClean put you off. If you do a search here or at Wilders Security site you will find a large number of extremely satisfied users.

»www.nsclean.com/boclean.html

edit: looks like a sale price currently!
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"

»www.msfirefox.com/]]> http://www.dslreports.com/forum/remark,17778620 Mon, 05 Feb 2007 21:16:59 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17778503 Kayrac : it really depends on your browsing/internet habits, when i was younger i ended up with a trojan horse because i accepted a file, and the guy thought he was some giant hacker cause he did it, either way i freaked out and got into computer security......since then never really had an issue, i personally have used basically every security software known, i personally like zonealarms firewall and kaspersky antivirus, i also use BOCLEAN

zonealarm recently aquired kaspersky for there antivirus, BUT it isn't free, zonealarm with antivirus and zonealarm security suite cost a little bit, but i think it's worth it, and it's very user friendly......www.zonelabs.com

»www.zonelabs.com/store/content/c···=ho_zass

thats the suite that i'm using currently, 50 bucks for a year, i think it's worth it if you can afford it........OTHERWISE AVG is not a bad antivirus, and is free, and if you wanted a firewall, zonelabs offers a free firewall, and like i said zonealarm is VERY user friendly]]> http://www.dslreports.com/forum/remark,17778503 Mon, 05 Feb 2007 20:58:14 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17777639 AB : Use a router, run your OS under a Limited user account.]]> http://www.dslreports.com/forum/remark,17777639 Mon, 05 Feb 2007 19:02:24 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17777360 newsnerd8 : I checked out the whole security section, including reading hours of posts and faq.

It's still a little complicated when not knowing all the basics for good prevention.

I know if someone is really into security, my situation seems pretty subtle, but I really was just looking for tips from experts on the best protection. I just need suggestions that are user friendly, light on system resources & good, quality programs.]]> http://www.dslreports.com/forum/remark,17777360 Mon, 05 Feb 2007 18:14:02 EDT Re: Beginner in Security http://www.dslreports.com/forum/remark,17777264 habya : Well you could check out the Security FAQ »Security

Pretty much can answer a lot of questions.
--
HABYA HABYA HABYA TEAR DOWN THE HEM STALKS EAT UP THE OLD MAN AND WOMAN AND CARRY OFF THE LITTLE GIRL MAY YOU DIE ALONE]]> http://www.dslreports.com/forum/remark,17777264 Mon, 05 Feb 2007 17:55:51 EDT Beginner in Security http://www.dslreports.com/forum/remark,17777143 newsnerd8 : I'm a beginner in security, and am trying to learn as much as possible. Besides having a firewall, what are the best options for protecting my computer from trojans, viruses, keeping a hacker off my computer, etc?

I have AVG Free Edition for the AV, but would like to know if I need more protection to keep hackers and trojans/viruses out.

The software doesn't have to be free, but because I'm not very familiar with security programs, files, etc. it does need to be user friendly, and also light on system resources. Any help would be very much appreciated. I guess I'm looking for user friendly programs that would delete trojans and other stuff, but more importantly, programs that would prevent any "hacker" and viruses in the first place. Thanks a lot in advance!]]> http://www.dslreports.com/forum/remark,17777143 Mon, 05 Feb 2007 17:37:50 EDT