dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
60
PX Eliezer704
Premium Member
join:2008-08-09
Hutt River

1 recommendation

PX Eliezer704 to Trooper

Premium Member

to Trooper

Re: What AV are you running?

said by Trooper:

I am curious what AV everyone is running these days.

AV is probably the [least] important part of a balanced security breakfast.

Hardware/router firewall, software firewall especially with malware defense, HIPS and/or other system hardening, keeping the OS and all software updated, running the OS with limited privileges, disabling Java, using broswers other than IE, disabling Javascript in your browsers, using the anti-malware features in your browsers, being careful on what e-mails you open, being careful when you plug someone else's flash drive or other data device into your machine, etc., etc....

By the time something reaches your AV, that's bad news if it hasn't been stopped by then....

SparkChaser
Premium Member
join:2000-06-06
Downingtown, PA

SparkChaser

Premium Member

said by PX Eliezer704:

AV is probably the [least] important part of a balanced security breakfast.

Hardware/router firewall, software firewall especially with malware defense, HIPS and/or other system hardening, keeping the OS and all software updated, running the OS with limited privileges, disabling Java, using broswers other than IE, disabling Javascript in your browsers, using the anti-malware features in your browsers, being careful on what e-mails you open, being careful when you plug someone else's flash drive or other data device into your machine, etc., etc....

By the time something reaches your AV, that's bad news if it hasn't been stopped by then....

Okay, I'm here to learn. If you take a look at my post above, what should I be using to stop that type of intrusion?
PX Eliezer704
Premium Member
join:2008-08-09
Hutt River

1 recommendation

PX Eliezer704

Premium Member

said by SparkChaser:

If you take a look at my post above, what should I be using to stop that type of intrusion?

Well, my first answer would be to not respond to [any] e-mails purportedly from Linked-In. However I realise that you might say it's necessary for your business.

My second point would be to ask if you are using a Microsoft e-mail program. If so, I would consider an alternative such as Thunderbird. This is especially true if you are using an older MS e-mail program.

In any event, your e-mail program should be set to screen for spam/phishing/malware, to block scripts and active content, and (unless you need them) to block images.
ke4pym
Premium Member
join:2004-07-24
Charlotte, NC

ke4pym to PX Eliezer704

Premium Member

to PX Eliezer704
said by PX Eliezer704:

... running the OS with limited privileges...

This one always makes me raff-out-rowd.

But, for the record, McAfee Enterprise Edition.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20 to PX Eliezer704

Premium Member

to PX Eliezer704
Windows 8 is the problem. Online Armour is NOT compatible so there goes your HIPS. ProcessGuard, of course, is not compatible and it still is the best HIPS ever developed. There is no way to run Win 8 as a limited user as it will drive you insane very quickly. It is FAR WORSE than even Vista in regards to UAC. You can do it only if you run sucky programs that don't require FULL ADMIN at all times.
Disabling javascript in browsers? Oh come on, then you might as well just stop using the internet. Same with Java unless you have a FABULOUS ISP that ALWAYS gives you what you are paying for or you simply don't care if you are getting bad speeds and are being grossly overcharged. Flash you can do away with so it is no longer a problem.

Of course, one should always practice safe hex but to say that it is bad news if something reaches your AV and hasn't been stopped before that is absurd. If one uses a local proxy like the Proxomitron one cannot also use the utter crap junk that most AV offer now because of user ignorance that detects "threats" before the browser displays a page. That not only GROSSLY slows your surfing (and is impossible if you use a local proxy like Proxo) but is silly. The point of having an AV is so it will prevent EXECUTION of malware on your computer. It doesn't matter if malware gets on your computer. What matters is does your AV stop it from executing?

DownTheShore
Pray for Ukraine
Premium Member
join:2003-12-02
Beautiful NJ

DownTheShore

Premium Member

said by Mele20:

There is no way to run Win 8 as a limited user as it will drive you insane very quickly. It is FAR WORSE than even Vista in regards to UAC.

For Vista users, if you can find a copy of Norton Labs' UAC Tool somewhere, it works well, because it includes a check-box in the window for UAC to remember that a program is allowed, so you don't get repeated warnings about it every time you reopen the program. I've been using it for years on both computers - much less hassle than the original Windows UAC yet still does the job. It never went beyond the Labs' development, and from what I've read, doesn't work well on Win7 and beyond.

Davesnothere
Change is NOT Necessarily Progress
Premium Member
join:2009-06-15
Canada

2 edits

Davesnothere to PX Eliezer704

Premium Member

to PX Eliezer704
said by PX Eliezer704:

AV is probably the [least] important part of a balanced security breakfast.

Hardware/router firewall, software firewall especially with malware defense, HIPS and/or other system hardening, keeping the OS and all software updated, running the OS with limited privileges, disabling Java, using broswers other than IE, disabling Javascript in your browsers, using the anti-malware features in your browsers, being careful on what e-mails you open, being careful when you plug someone else's flash drive or other data device into your machine, etc., etc....

By the time something reaches your AV, that's bad news if it hasn't been stopped by then....

 
Yes, it's simply amazing how far that some common sense and care will get ya !

= = = = = = = =

Though I have found that recently, the MSE has caught my fancy.

It doesn't bog down my PCs as much as most other AV apps would, and seems to do its job.

= = = = = = = =

Also, I would like to wring the neck of each and every general news announcer who does a piece on Internet security and preaches :

"Don't open emails/attachments from people who you don't know !"

While that sometimes can be good advice (though most of those are just SPAM), these semi-educated 'a little knowledge can be dangerous' types all plumb ferget to state that the vast majority of software pestilence comes from emails originating [allegedly, as per its 'From' field and subject line] from folks who you DO know, as most of these pests will find your name and email address in the 'contacts' list of some such person who was unlucky/careless enough to let their computer get infected first.