Hi All:

What does "fully layered" mean? Currently I'm running Win2K Pro with Netscape 7.1 as my default browser and
have the following programs installed to:

(1) help me monitor and/or control what's going on;

Active Ports
AnalogX - DHCP Fix
AnalogX - Port Blocker
Attacker v.3.0 TCP/UDP Port Listening Program
CodeStuff Starter v.5.6.1.23
DCOMbobulator v.2.00
DiamondCS - Advanced Process Manipulation
DiamondCS - AutoStart Vewer v.1.00.0001
DiamondCS - Port Explorer v.1.800
Disk Tray drive r/w activity LED
HiJack This - v.1.97.7
Hosts File Viewer
ShootTheMessenger
SocketLock v.0.92
SocketToMe v.0.92
SysInternals Autoruns v.3.02
SysInternals Diskmon v.1.1
Sysinternals Filemon v.6.07
SysInternals Process Explorer v.8.0
SysInternals RegMon v.6.06
TaskInfo 2000
UnPlug n' Pray v.1.2
Vision v.1.0 TCP/UDP Port & Service Mapper
Visual Zone 5.7

(2) help keep things clean and tidy:

AnalogX DLL Archive v.1.00
Diskeeper Pro Disk Defragmenter
ERUNT Ntregopt Registry Optimizer
SysInternals PageDefrag v.2.21
Registry Medic v.2.90
RegCleaner v.4.3
Washer v.4.8

(3) make backups:

Acronis True Image v.6.0
ERUNT Registry Backup/Restore v1.1a
WinDriversBackup v.1.0.8
WinRescue 2000

(4) block or beat up any nasties that try to venture in:

DiamondCS - TDS-3 v.3.20
DiamondCS - WormGuard Scan Module v.1.00
Eraser v.5.6
Norton AV v.9.05.1015
SpyBot-S&D v.1.2
SpywareBlaster v.2.6.1

Am I "fully layered"? Or am I just paranoid? :-) If there's anything I've overlooked your comments and/or suggestions would be appreciated.

Cheers,

tepi.

Hi Tepi,

The greatest defense is based not in a wall of software, but in safe behavior. Common sense (e.g. "safe hex" (http://www.claymania.com/safe-hex.html)) is the most important security feature. If you're careful and knowledgeable (unlike perhaps 98% of PC users I know), then you are very well protected.

{QUOTE-> quoting: tepi link=board=9;threadid=17332;start=0#msg107131 date=1070630753] Am I "fully layered"? Or am I just paranoid? :-) <-QUOTE}

Appears you are both. ;)

Regards,
Optigrab

Hi Optigrab:

Thank you. It's just that it seems that almost daily I hear of yet another program that is more or less required for a reasonable security setup. The latest was Spyware Blaster. And as a relative newcomer to security matters I've naturally been wondering if there's some important area I've overlooked, as other than a hardware firewall I can't really think of any other "layers" to add.

Cheers,

tepi.

I thought AnalogX's DHCP fix was only for Win98, if it is you can remove it.

You should also be fine with one port to process mapper. See if you can choose between Active Ports, Attacker, and Vision. Vision I believe also shows running processes, so if you do choose Vision you could probably also get rid of Process Explorer. Port Explorer by DiamondCS also makes for a good investment in the area of port to process mappers.

AnalogX Portblocker is probably not needed if you have a good firewall (which I do not see listed). Some firewalls also have backtracing features so you may not need VisualZone as well. It might actually be better to go here http://www.visualware.com/personal/products/visualroute/index.html or here http://www.all-nettools.com/ if you want to do backtracing or a whois.

You seem to also have a lot of registry tools which you may want to cut down on. The registry is confusing enough by itself, so having so many different programs to handle cleaning the registry may add to the confusion, and may even cause instability on your system.

SpywareGuard may be a nice addition to your spyware protection as well.

RegRun Security Suite is also a program that I enjoy very much. It includes a lot of utilities that may even reduce the need for even more of the programs you listed.

Some of the other programs I am not that familiar with, so it is probably not a good idea if I commented on them. I ask you to cut down some of the programs because very rarely can I see one using so many programs to do the same task on a daily basis. They will be taking up resources that could be better used in other aspects of your computing world :) .

The idea of being layered is to have a specific app or policy or hardware etc to handle a specific threat. Thus having an intruder to break each layer to do "damage." Also keep in mind that some apps have certain features within itself that will make it even harder to bypass (which Nancy reminded me of today). Thus you have a layered approach within the app itself. Depending on one app and one policy to do everything will allow the intruder to only break one layer to do "damage." Im sorry this is a dumbed down version and Im sure someone else can explain it much better. For Home users it is basically finding the best app to handle each threat that they will likely encounter.

Greetings tepi and welcome to Wilders Forums

SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) and SpywareGuard (http://www.wilderssecurity.net/spywareguard.html) are good to have and use almost no system resources. It is good to see your desire for layered security and it would be so good of you to "spread the word" as computer security is so important for defence against cyber criminals who want to invade your privacy, hijack your computer and attempt cyber terrorism.

These defences are necessary not only for you and your computer(s) but for the defence of your nation and every freedom loving individual. As a citizen of your country your computers' defences will help to strengthen your entire country and add one more part of the necessary wall of defence against those whose only desire is to wreak havoc and destruction wherever they can.

Best wishes and we hope to see you here in Wilders often.

Tepi

Please don't "believe the hype" associated with every new security app that is released. It is better to study, learn, and decide what you need to address, then find the appropriate SW to meet those needs.

Rerun2 mentions the apparent omission of a SW firewall. I don't see one on your lengthy list, but recommend one as important to both your security and your journey of learning. I have learned much from selecting and configuring a SW firewall.

The basics, IMO, are: Firewall, AV, AT (or perhaps KAV as an AV that is also an exceptionally competent AT). Then comes the backup regimen, which you seem to be prepared for. Of course having the backup tools but failing to use them regularly will do you no good. My next concern would be a NAT/SPI router (even in conjunction with a SW firewall).

Beyond the basics come all of the additional programs you have collected. I largely agree with Rerun2 and QSection on what's worthwhile and what is probably superfluous. Again, it is better to take your time to learn about security and decide for yourself what you need than to simply accept at face value what every SW author says about his/her product. Oh, and refer back to my earlier post about "safe hex" behavior.

Best regards,
Optigrab

Hi rerun2:

Thanks for this very full and interesting reply.

{QUOTE-> quoting: rerun2 link=board=9;threadid=17332;start=0#msg107183 date=1070643727]

"I thought AnalogX's DHCP fix was only for Win98, if it is you can remove it."

No. Here's what they say about it at AnalogX:

AnalogX DHCP Fix is just a simple program that closes a security hole in Windows 95/98/2000 that can make it possible for another computer to monitor every piece of information that comes and goes from it. The program will allow you to enable or disable the registry entry that closes this particular hole.
---

"You should also be fine with one port to process mapper. See if you can choose between Active Ports, Attacker, and Vision. Vision I believe also shows running processes, so if you do choose Vision you could probably also get rid of Process Explorer. Port Explorer by DiamondCS also makes for a good investment in the area of port to process mappers."

You're right about all this, but since they all have different features which may come in handy at some point I prefer to keep them all.
-----

"AnalogX Portblocker is probably not needed if you have a good firewall (which I do not see listed)."

Dang! How silly of me. I forgot to mention that I use the free version of Zone Alarm for a firewall and so far it's performed quite well. As for Portblocker, it's a program I was interested in trying out. But now I've done so I may just remove it as you suggest.
-----

"Some firewalls also have backtracing features so you may not need VisualZone as well. It might actually be better to go here http://www.visualware.com/personal/products/visualroute/index.html or here http://www.all-nettools.com/ if you want to do backtracing or a whois."

Thanks. I'll check them out.
-----

"You seem to also have a lot of registry tools which you may want to cut down on. The registry is confusing enough by itself, so having so many different programs to handle cleaning the registry may add to the confusion, and may even cause instability on your system."

Although this may seem to be the case, in fact all of these programs do very different jobs, cause no instability, and I wouldn't want to part with any of them.
------

"SpywareGuard may be a nice addition to your spyware protection as well."

Thanks. I'll check it out. Recently I added SpywareBlaster when I learned that, although Spybot is better at removing things, SB offers more protection. But just what does SpywareGuard do that these don't?
-----

"RegRun Security Suite is also a program that I enjoy very much. It includes a lot of utilities that may even reduce the need for even more of the programs you listed."

Yes, I did take a look at RegRun recently, but decided I didn't really want to cough up so much for it.
-----

"Some of the other programs I am not that familiar with, so it is probably not a good idea if I commented on them. I ask you to cut down some of the programs because very rarely can I see one using so many programs to do the same task on a daily basis. They will be taking up resources that could be better used in other aspects of your computing world :) ."

Yes, I see your point, but since I have lots of RAM plus a huge hard drive here of almost 40 GB most of which is empty, and after having put so much effort into finding what seem to me to be among the best programs, I'm not exactly eager to toss any of them out.
-----

"The idea of being layered is to have a specific app or policy or hardware etc to handle a specific threat. Thus having an intruder to break each layer to do "damage." Also keep in mind that some apps have certain features within itself that will make it even harder to bypass (which Nancy reminded me of today). Thus you have a layered approach within the app itself. Depending on one app and one policy to do everything will allow the intruder to only break one layer to do "damage." Im sorry this is a dumbed down version and Im sure someone else can explain it much better. For Home users it is basically finding the best app to handle each threat that they will likely encounter.
<-QUOTE}

Hmm... I see.... Yes.... Well, it's clear that I'm going to have to learn more. Many thanks again for your comments, and my apologies in advance in case this reply ends up with a faulty layout. I'm not getting a chance to make corrections because when I hit the PREVIEW button it just goes ahead and posts.

Cheers,

tepi.

Oops. Sorry, folks. As I feared I seem to have made a mess of my last posting. In case anyone is confused, the 'quote' from rerun2 above, besides quoting his post, also contains my interspersed comments. As I mentioned at the end though, for some reason I can't seem to get the PREVIEW button to work.

With apologies,

tepi.

Hi tepi,

No worries... Multiple quote / reply posts are rather difficult at times.

Here's a couple threads to help you. We had a couple people with the "preview" button does posting problem in the past. Take a look at this thread and the one linked inside it:

Help!! Posting Gone Awry!!! (http://www.wilderssecurity.com/showthread.php?t=12537)

Also, we have an FAQ that explains quoting here in the forum. It's here:

FAQ: The Art of Quoting in Posts (http://www.wilderssecurity.com/showthread.php?t=12498)

I hope these help. :)

{QUOTE-> quoting: QSection link=board=9;threadid=17332;start=0#msg107197 date=1070647092]
Greetings tepi and welcome to Wilders Forums

SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) and SpywareGuard (http://www.wilderssecurity.net/spywareguard.html) are good to have and use almost no system resources. It is good to see your desire for layered security and it would be so good of you to "spread the word" as computer security is so important for defence against cyber criminals who want to invade your privacy, hijack your computer and attempt cyber terrorism.

These defences are necessary not only for you and your computer(s) but for the defence of your nation and every freedom loving individual. As a citizen of your country your computers' defences will help to strengthen your entire country and add one more part of the necessary wall of defence against those whose only desire is to wreak havoc and destruction wherever they can.

Best wishes and we hope to see you here in Wilders often.
<-QUOTE}

My sincere thanks, QSection, for your very warm welcome. This is a terrific forum and I very much appreciate being in touch with such a friendly and helpful bunch of people.

As for what you say, although It had never occurred to me to see things in that light, you are of course quite right. Security isn't merely a private concern; it becomes one's duty to the entire community, and now that I've seen the light I'll certainly be spreading the word.

One word in your post that resonates very powerfully here is the word "terrorism" since the vermin who infest the internet, and who are involving us all in such a wasteful expenditure of time and money and effort, have always seemed to me to be a very real species of terrorist.

It's wonderful to have found, here at Wilders, a group of iinformed and concerned people who are doing their best to ensure that the thugs don't have too easy a time of things.

Regards,

tepi.

{QUOTE-> quoting: LowWaterMark link=board=9;threadid=17332;start=0#msg107401 date=1070692266]
Hi tepi,

No worries... Multiple quote / reply posts are rather difficult at times.

Here's a couple threads to help you. We had a couple people with the "preview" button does posting problem in the past. Take a look at this thread and the one linked inside it:

Help!! Posting Gone Awry!!! (http://www.wilderssecurity.com/showthread.php?t=12537)

Also, we have an FAQ that explains quoting here in the forum. It's here:

FAQ: The Art of Quoting in Posts (http://www.wilderssecurity.com/showthread.php?t=12498)

I hope these help. :)
<-QUOTE}

Many many thanks. I've done as you suggested, read the threads, now understand how to quote, have enable java and scripting, and am about to test the PREVIEW button.

Cheers, and here goes -

tepi.

Hmm... No luck. The PREVIEW button just went ahead and posted as before. Maybe I should restart my browser (Netscape 7.1) and give it another try later. But thanks anyway.

Cheers,

tepi.

{QUOTE-> quoting: optigrab link=board=9;threadid=17332;start=0#msg107215 date=1070650944]
Tepi

Please don't "believe the hype" associated with every new security app that is released. It is better to study, learn, and decide what you need to address, then find the appropriate SW to meet those needs.

Rerun2 mentions the apparent omission of a SW firewall. I don't see one on your lengthy list, but recommend one as important to both your security and your journey of learning. I have learned much from selecting and configuring a SW firewall.

The basics, IMO, are: Firewall, AV, AT (or perhaps KAV as an AV that is also an exceptionally competent AT). Then comes the backup regimen, which you seem to be prepared for. Of course having the backup tools but failing to use them regularly will do you no good. My next concern would be a NAT/SPI router (even in conjunction with a SW firewall).

Beyond the basics come all of the additional programs you have collected. I largely agree with Rerun2 and QSection on what's worthwhile and what is probably superfluous. Again, it is better to take your time to learn about security and decide for yourself what you need than to simply accept at face value what every SW author says about his/her product. Oh, and refer back to my earlier post about "safe hex" behavior.

Best regards,
Optigrab
<-QUOTE}

Hi Optigrab, and thanks again:

Yes, you're right. I forgot to mention that I was also using ZoneAlarm. Also, of course, one doesn't believe the hype. That's why I had to test so many programs - to find out which of them actually did what they were supposed to do.
And since most of them don't, or not on my setup, when I find one that does work well, whether I have an everyday use for it or not, I usually keep it. Hence the 'superfluity.'

Forgive my ignorance, but what is KAV? I thought that DiamondCS TDS-3 was the best Anti-Trojan, but a good AV/AT sounds worth looking into. And what is a a NAT/SPI router. That one has me completely stumped.

Cheers,

tepi.

{QUOTE-> quoting: rerun2 link=board=9;threadid=17332;start=0#msg107183 date=1070643727]

SpywareGuard may be a nice addition to your spyware protection as well.

<-QUOTE}

Hi again:

I just had a look at SpywareGuard and it seems that it has to be constantly running in memory. May I ask how much memory it uses? When I ran SpyBot last week it quarantined just 8 items (4 Windows Media player; Doubleclick; eAcceleration setup info; and 2 Microsoft DSO Exploit), none of which seem to me especially dangerous, thugh I could be wrong here. And since then SpywareBlaster has immunized my setup against 952 other nasties. But just how easy is it to pick up these nasties? Since I don't go out of my way to visit 'dangerous' sites, I'm wondering if I really need a spyware program constantly running in memory, although to be on the safe side I probably will take your advice and add it.

Cheers,

tepi.

:) Kaspersky AntiVirus Home (http://www.kaspersky.com/products.html?chapter=595708&tgroup=2)

You can also try the Search feature here. Just type in KAV. ;D

And btw, Welcome to Wilders! :)

{QUOTE-> quoting: tepi link=board=9;threadid=17332;start=0#msg107434 date=1070698647]

I just had a look at SpywareGuard and it seems that it has to be constantly running in memory. May I ask how much memory it uses? <-QUOTE}

It uses about 6% system resources on this machine.

{QUOTE-> quoting: tepi link=board=9;threadid=17332;start=0#msg107434 date=1070698647]
And since then SpywareBlaster has immunized my setup against 952 other nasties. But just how easy is it to pick up these nasties? Since I don't go out of my way to visit 'dangerous' sites, I'm wondering if I really need a spyware program constantly running in memory, although to be on the safe side I probably will take your advice and add it. <-QUOTE}

Even the most "innocent" sites can give one malware. The possibilities are almost endless as to your privacy being compromised, malware running and slowing down your computer, an attacker using your computer for a Distributed Denial of Service Attack etc.

Best wishes

{QUOTE-> quoting: Prince_Serendip link=board=9;threadid=17332;start=0#msg107441 date=1070700129]
:) Kaspersky AntiVirus Home (http://www.kaspersky.com/products.html?chapter=595708&tgroup=2)

You can also try the Search feature here. Just type in KAV. ;D

And btw, Welcome to Wilders! :)
<-QUOTE}

Hi!

And thank you. I'll check it out.

Cheers

{QUOTE-> quoting: QSection link=board=9;threadid=17332;start=15#msg107447 date=1070702838]
{QUOTE-> quoting: tepi link=board=9;threadid=17332;start=0#msg107434 date=1070698647]

I just had a look at SpywareGuard and it seems that it has to be constantly running in memory. May I ask how much memory it uses? <-QUOTE}

It uses about 6% system resources on this machine.

{QUOTE-> quoting: tepi link=board=9;threadid=17332;start=0#msg107434 date=1070698647]
And since then SpywareBlaster has immunized my setup against 952 other nasties. But just how easy is it to pick up these nasties? Since I don't go out of my way to visit 'dangerous' sites, I'm wondering if I really need a spyware program constantly running in memory, although to be on the safe side I probably will take your advice and add it. <-QUOTE}

Even the most "innocent" sites can give one malware. The possibilities are almost endless as to your privacy being compromised, malware running and slowing down your computer, an attacker using your computer for a Distributed Denial of Service Attack etc.

Best wishes

<-QUOTE}

Is that so...? Thank you. I thought it was just the more 'popular' sites that one had to be wary of. Alright. I'm convinced. I've downloaded SpywareGuard and will do a clean install right away.

Regards

Thanks guys. SpywareGuard installed without a hitch and is now running. It takes up a fairly hefty 7.26 MB of memory, but since, with all utilities running, I currently have 173 MB to spare, that's no great sacrifice. Glad I finally got the point.

Cheers

And while on the topic of Spyware, there's a wonderful letter signed by, among others, Paul Wilders, that tears apart the policy at Dell's which:

"forbids Dell technical support persons from providing assistance to customers in removing infections of unwanted commercial parasites. This policy forbids providing removal instructions or recommending a spyware removal program. The policy even forbids mentioning informational web sites that can provide information about the spyware and how to remove it."

The entire letter deserves to be read as it makes some of the same points that were made at this forum a little earlier. It can be found at:

http://www.spywareinfo.com/articles/dell/support_letter.php

Cheers

{QUOTE-> quoting: tepi link=board=9;threadid=17332;start=0#msg107421 date=1070696638]
And what is a a NAT/SPI router. That one has me completely stumped.
<-QUOTE}

Hi Tepi

Forgive my laziness, but rather than compose my own lengthy answer, here's a link (http://www.citrusparkcomputers.com/routers_firewalls_tampa_florida.html) that IMO explains NAT routers and firewalls in nice simple terms. Plus I do not want to misrepresent myself as an expert - the clever members here at Wilders would spot my errors in a flash. ;)

To the above explanation, I'd add that a NAT router can protect you from most INCOMING attacks. So like a SW firewall, a NAT router by iteslf should close/hide all your ports from online scan tests like Shields Up!!!

A software firewall behind a router is useful in that it monitors both inbound and OUTBOUND traffic, useful in catching trojans, adware, and other programs that may try to "phone home" from your PC without your knowledge. Also, it provides added security if you find you must "forward" any ports through the router (no need to worry about this yet).

Regards,
Optigrab

Hi Optigrab:

Many thanks for the NAT link. I'm reading it now.

Cheers

{QUOTE-> quoting: rerun2 link=board=9;threadid=17332;start=0#msg107183 date=1070643727]

SpywareGuard may be a nice addition to your spyware protection as well.

<-QUOTE}

Hi rerun2:

Thanks again for a great post. After thinking it over I've realized that you were quite right about the superfluity and have now trimmed things down considerably. Many thanks also for pointing out that glaring hole in my setup - no SpywareGuard. Since adding it I'm feeling much better.

Regards.

{QUOTE-> quoting: LowWaterMark link=board=9;threadid=17332;start=0#msg107401 date=1070692266]
Hi tepi,

Here's a couple threads to help you. We had a couple people with the "preview" button does posting problem in the past. Take a look at this thread and the one linked inside it:

Help!! Posting Gone Awry!!! (http://www.wilderssecurity.com/showthread.php?t=12537)

<-QUOTE}

Thank you. I read the threads and finally figured it out. After enabling java in Netscape I needed to REBOOT to activate it. Now PREVIEW is working fine.

Regards