Internet Security Advice Needed :)

GOOSE

Old Alpha
Joined
May 13, 2006
Posts
895
Location
Rotherham
Society
Freelancer but aiming high :)
Avatar Name
Ian Goose Macdonald
Hi guys,

Just set up the new PC after last one died a year ago (I know how did I manage so long without a computer at home) and I wanted some advice please.

Whats the best all around anti-virus softwear thats a free download? I have in the past used avast and AVG and wondered which of the two (or others) offered better protection while not sucking my machine Dry.

Also, what else do I need to sort out? Firewall softwear? New machine go Windows 7 if that makes a difference.

PC came with Norton 30day trial, didnt even install it as had nothing but trouble last time.

Cheers in advance guys
 

AlphaGeek

Marauder
Joined
Feb 13, 2006
Posts
6,004
Location
Central VA, US
Society
Freelancer
Avatar Name
Alpha AG Geek
I'm using Avast! v5 and Microsoft Window Security Essentials in house these days.

They both seem pretty good at catching malware, email viruses, etc.

Note: I'm not running them both on one machine! Don't do that! LOL
 

safara

Mutated
Joined
Nov 14, 2005
Posts
14,683
Location
Chair
Society
The Disturbed Ones
Avatar Name
Angel Spike Sunny
I am using Avast at the moment. Seems to be rather good so far.
 

BlueEyes

Elite
Joined
Aug 19, 2009
Posts
2,674
Location
Netherlands
Society
NBK Rangers
Avatar Name
Paul Blue Eyes Melua
MS Security Essentials. Best and lowest perf impact.
 

xillonz

Prowler
Joined
Feb 18, 2009
Posts
1,017
Location
New Zealand
Society
Antipodean Army
Avatar Name
Salix Sol Maximus
Comodo Internet Security is a antivirus and firewall bundle for free. It's really nice, not a resource hog, and although a little too paranoid at times does the job well.
 

AlphaGeek

Marauder
Joined
Feb 13, 2006
Posts
6,004
Location
Central VA, US
Society
Freelancer
Avatar Name
Alpha AG Geek
I was using Comodo, but I've had a few malware intrusion problems with it, so discontinued using or recommending it.
 

Meester

Old
Joined
May 13, 2006
Posts
81
Location
Doncaster England
Society
Freelancer....for the moment and can't see this changing for some time
Avatar Name
Master Meester Meezter
I'm using Avast and it doesn't seem to slow things down, it has a gaming mode so when your full screen it doesn't update and kick you out.
 

Pirx Danford

Elite
Joined
May 17, 2006
Posts
2,681
Location
Germany
Society
Federation of Free Wanderers
Avatar Name
Pirx Danford
I tried Panda cloud but it felt insecure to have an AV software of which the process was easily killable, so I returned to the free version of AVG.
http://free.avg.com/de-en/homepage

If you use a good router a firewall is not really necessary.

Also something which might be fun to do.
Should you want to visit risky sites or do other dangerous stuff you might want to set up a virtual PC.
Its pretty easy, just use this http://www.virtualbox.org/
You can create a virtual machine in which you install a linux or maybe you got a windows XP license lying around you want to put to some use.
 

Wody

Stalker
Joined
Aug 12, 2007
Posts
2,259
Location
TI City Copper 13G (and F)
Society
Freelancer
Avatar Name
Joshua Jot Avarius
Many are good, but don't use mcafee, norton, or microsoft antivirus/antispyware. McAfee and Norton don't protect your computer, and let thousands of virusses through they claims to protect against.
Microsoft has made deals with malware/virus-companies to not recognize their software as malware/virusses
 

Few Scars

Marauder
Joined
Aug 18, 2009
Posts
7,315
Location
Arkadia
Society
Freelancer
Avatar Name
Bjorn Bjorn Longstaff
I have been using Norton 360, no issues at all!
 

Legion

Marauder
Joined
Aug 24, 2005
Posts
6,324
Location
Sweden
Society
Supremacy Reign
Avatar Name
Iam Flatline Legion
Microsoft has made deals with malware/virus-companies to not recognize their software as malware/virusses

lol show me the proof of that xD

In every comparision or test of ms antivirus stuff etc i seen they been said to be one of the better ones.
 

Legion

Marauder
Joined
Aug 24, 2005
Posts
6,324
Location
Sweden
Society
Supremacy Reign
Avatar Name
Iam Flatline Legion
Well that is ONE spyware it might not catch or rather it did still detect it, it just didnt quaratine it. But other than that it is one of the best programs for this type of thing from every report on it i've read.
 

Aeris_is_back

Stalker
Joined
Mar 2, 2007
Posts
2,258
Location
Edmonton Eh
Society
My FL
Avatar Name
Darcy Aeris Wood : was Darcy Aeris is Back Wood
Hi guys,

Just set up the new PC after last one died a year ago (I know how did I manage so long without a computer at home) and I wanted some advice please.

Whats the best all around anti-virus softwear thats a free download? I have in the past used avast and AVG and wondered which of the two (or others) offered better protection while not sucking my machine Dry.

Also, what else do I need to sort out? Firewall softwear? New machine go Windows 7 if that makes a difference.

PC came with Norton 30day trial, didnt even install it as had nothing but trouble last time.

Cheers in advance guys

Out of the gate I would avoid Norton it tends to slow systems down to much with its over protection. I favor AVG Free for gaming systems, its a nice little lightweight app you can configure to stay out of your way with reasonable protection for skilled or new users in a way anyone can understand and control.

Edit:
as a after thought, I don't know what kind of funds you have or IT experience but you may want to consider a hardware firewall/* I use a FG 60M for my local network. with the protection it provides I have done away with costly server av programs on some of my systems.
 
Last edited:

layla54

Guardian
Joined
Jan 2, 2007
Posts
213
Location
default-free zone
Society
MANTICORE
I don't know what kind of funds you have or IT experience but you may want to consider a hardware firewall/* I use a FG 60M for my local network.

...or use PFsense for free on an Intel atom board for a industrial-class firewall that can replace Cisco ASAs in most deployments with no lock-in.

@Goose : security is a journey, it never stops. Even just browsing, reading the news, can get you infected by an unknown exploit.
Backup, backup, backup regularly. Because if you get hit, the best and fastest way is to wipe and re-install the OS.
If you plug in an external drive after you've been infected to copy `essential` files off, then plug it back in to the new install, you've just wasted your time if infection is carried back in on those files, or even "autorun" from the disk as you plug it in. Everything needs scanned before moving back - but.....
AV and Anti-Malware can't detect it all, even if you give it months of thinking time.
Don't use anything that pirated, or even slightly dodgy from your mate down the pub who swears it his own copy and he paid for it himself. That also includes anything like videos that can exploit flaws in the Media Player - yet most people are ignorant of this.
Create a second user and perform all non-admin tasks as that second user. The first user you create at the OS install time will be usually be given permanent admin rights on request. That's a definite no-no. Then, after all the software is installed, create your "own" username to play games, browse the net, do normal things. Win7 is better than it's predecessors, but still amazes those of us that use other OSs that no password or key is needed to elevate to administrator privs; just a simple, easily bypassed, click that should really say "yes, remove the condom, I agree". People winged about the UAC popups in Vista, so they tamed them down in Win7. UAC didn't go far enough if you ask me.
Of course, that is a pain with certain games that require you to run as admin every time you need to install an update (AHEM!:eek:).
After a VU is applied, change back to your normal user before you run the game.

If you're worried about drive-by attacks (*~1) consider using a modern Linux distro in a virtual machine to reduce your threat base substantially. It will cost you nothing at all and will install in about 10-30 mins with only one reboot to being fully patched up-to-date before you or the OS itself (think about it...) starts to get online to a non-signed (ie, not the update repository to collect the latest signed update patches) web address
For web browsing, you won't have to learn a single thing to use Linux. Firefox, Chrome and Opera browsers work exactly the same but the OS doesn't give them any rights.
An important plus is all the software in the repos is free, signed, and can all be set to be automatically security patched (and I do mean all, all apps as well as the OS itself. The only time you need to reboot the VM is to load a new Linux kernel (it should tell you when you need to do that), you can simply `save the state` (or `suspend`) of the Linux OS so it will start in maybe 5 seconds when you next need it.

Of course, you have to keep the hosting OS and the VM app up to date yourself :(

For first-time Linux users, I'd recommend trying "Ubuntu" (though we use BSDs and Debian at work and I'm not personally keen on Ubuntu lol ) Heck, you don't need to get all geeky, just browse the net in relative safety.

It also depends if you have legitimate MS disks or not, many "dodgy download" MS OSs are full of rootkits from the day you install them, and can never be detected. Then you have to sequentially patch the OS from the disk-version all the way up to current before you go plug the network cable in (how, exactly does a Joe Average single-PC-crashed-home-user do that?) Add that to the fact that the majority of malware is crypted to be pseudo-unique, AV only goes so far. Packet analysis at a gateway firewall can tell you the whole story - if you poke around long enough, you could get an awful shock ;)

(*~1) It's possible to get infected by just visiting an infected website. (or your PC automatically visiting - a whole other sad story)
see:-
http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/
http://www.theregister.co.uk/2009/06/02/digital_spy_malware/
http://www.theregister.co.uk/2010/06/08/jerusalem_post_malware/
http://www.theregister.co.uk/2009/08/24/mass_web_infection/

it's an endless battle; in theory EF could be compromised and you'd never know until you're hit. AV won't (can't) pick it up until its recognised by the companies and delivered in signature updates, that can take at best a few days, and for subtle cypted malware, a month or two. Heuristics is worked around by concealing as vendor patches, because you use so many different vendors with MS Windows PCs, how can you expect each vendor to recognise other people's patches as legit or not?

Last month we've seen (at a enterprise-level customer's site) a simple drive-by exploit rootkit a Win7 PC at first opening of the browser on a fully patched fresh install with AV (malicous drive-by ad on the default home page). Virustotal still doesn't detect the payload because it's delivered crypted differently each time, heuristics just ignores it whatever the settings. It sends out all your DNS requests, visited web addresses and username/password fields even on "safe" HTTPS-enabled sites, its an endpoint exploit remember! It then apprears to package screenies including (mouse-IRQ triggered?) screenies of the the password dropdowns or on-screen keyboard pickers, and uploads them to random IPs, seemingly on request from the C&C servers. We know that from the disk activity traces.
We replicated the setup and the test machines got infected in exactly the same way, so we watched the flows develop. As soon as the guys had found the payload source and delivery method we contacted the web-page's NOC and managed to get action within about a day of the initial contact.

Now-the worrying part....
To date we haven't seen a single fix or signature for it even though we delivered the payloads upstream to the main AV firms the same day - 6 weeks now and counting. They have all the disk images and captures, supplied to them the first week. I don't know why we bothered wasting our time, but the customer was impressed by our initial report at least.
Go figure.

In the Corporate environment, our guys reckon that `AV` products detect about a third of the in-situ threats they see each week if you can isolate the threat and scan it on another clean PC. It usually comes in under the radar before signatures have been written. We get called in when the on-site people reach the end of the line or need independent oversight; the customer's policies or legal stuff means the breach has to be assessed, quantified and reported. This is heavy-duty stuff, not SOHO or small firms.

I'd say (without an first-hand experience of average MS-Windows users) the main threat delivery routes to home users are, in rough order:-

.Pirated software apps (even if the AV says it's clean)
.Root-kitted OS images (I mean, really, wtf do people expect?)
.Drive-by web-based attacks like I mention above
.Malicious USB or memory-card devices (like cellphones, USB sticks, cameras, picture frames, photo-booths).
.Insecure and badly patched apps on a with a badly-patched OS.

It really depends how often you plug outside sources into your PC, if you don't have a network cable in but plug USB sticks full of pirated stuff in all day, your threat vector will be skewed.

I blame the software vendors. I'm sure that black-hatters from a neighboring tribe were deviously kill-stealing mammoths from hunter-gatherers half a million years ago, so it's not like it's a new problem. Those 10 second "disaster averted" ads make me want to puke.

Long enough answer? :) Remember, it's a journey, not a destination.
 

Sibolovin

Alpha
Joined
Apr 7, 2010
Posts
617
Location
New Zealand
Society
Aussie Entropians
Avatar Name
Mandi
Really need 2 things Firewall and Antivirus

Good free ones are
Antivirus - AVG or Avast

Firewall - Zonealarm

-----------
Optional Is a spyware checker - I like Spybot Search & destroy
 

Nobatbbi

Alpha
Joined
Jan 21, 2008
Posts
656
Location
near Chicago
Society
Brainstormers - Communications Officer
Avatar Name
Donatello Donatello Nobatti
Abstinance is the only sure fire solution
 

Aeris_is_back

Stalker
Joined
Mar 2, 2007
Posts
2,258
Location
Edmonton Eh
Society
My FL
Avatar Name
Darcy Aeris Wood : was Darcy Aeris is Back Wood
...or use PFsense for free on an Intel atom board for a industrial-class firewall that can replace Cisco ASAs in most deployments with no lock-in.

I tend to favor inline/attached hardware firewalls/av a little more then programs running on the computer they are meant to protect for a lot of reasons. the part I have seen the most is how much overhead I have freed up on each server with this addition to my network.

nice post you have here lots of great information I hope people take the time to read it =)
 

mastermesh

Mutated
Joined
Apr 21, 2007
Posts
16,296
Location
Auction room somewhere...
Society
Freelancer
Avatar Name
Maria Mesh
Avast may not be the best, but it's less of a system hog then some of the other freebies, and it auto updates all the time. It's also got that cute little voice that randomly pops up that says "Virus Database has been updated"

Well that is ONE spyware it might not catch or rather it did still detect it, it just didnt quaratine it. But other than that it is one of the best programs for this type of thing from every report on it i've read.

http://www.google.com/#hl=en&q=seaport.exe&aq=f&aqi=g9&aql=f&oq=&gs_rfai=&fp=45835207582d5ee7

Sometimes I think Windows itself is a Virus on a variety of levels...
 
Top