I am the de-facto support for our shared family PCs. I am looking for ways to secure these machines from the "click of oops", bearing in mind that my users are not technically inclined. What we have now:

Windows XP, patches kept up to date. One machine uses limited user accounts, the kids machine does not because some of the older games require admin privileges.
Avira Free
ThreatFire Free
Firefox with NoScript, and DropMyRights is used for non-limited user accounts.
ZoneAlarm Free for phone-home checks
Router with default firewall rules, no inbound allowed
DiscWizard images created periodically
MBAM & SpyBot S&D for immunization and on-demand checks.

It is not entirely clear to me how vulnerable this might be to drive-by downloads, e.g. by visiting a dangerous web site from a Google search. I have been lurking in these forums for some time now, so I know that many people like sandboxes and/or HIPS, but I am not sure that those applications are suitable for my target audience (I'm sure they're great if you know what is going on, but for casual users I would be worried about the "hey where did my file go?" or "what does this pop-up mean?"), so I have been looking at web/url shield type apps.

I did some testing in a VirtualBox VM using the "Virusremover2008" url that was refrenced in the "browser defender" thread. What I found was:

Brorwser Defender did not identify the site as being malicious, either in the search results or when I went to the page.
Finjan Securebrowsing - no reaction, same as above.
Haute Secure: I did not see any site ratings in my Google search, and HS did not complain when I visited the site. I like the idea behind HS, but I'm not sure if it is working as advertised...
Avast! blocked the URL from loading.
AVG Free 8 "safe search" did not flag the web site, but visiting the site generated a pop-up from the surf shield that a malicious script was found on the page.

I am considering replacing Avira on the kids PC with either Avast or AVG8 to get that extra layer of URL scanning/blocking - is that a false sense of security, or is there real value in the web/surf shields?

All those you mentioned I tried at one time or another. I thought Haute Secure was not updated anymore. Avast Web shield is good. Personally, I would use Sandboxie on the browsers with either Avira Free or Avast Home. Browser Defender gives some nice info on bad sites but I don't think it covers everything. Finjan similar to BD. They have some checking in realtime but I don't think it catches everything. You can throw basically all of them in the same pot, SiteAdvisor, WOT etc etc.... Stick with Firefox (NoScript, Adblock Plus), Sandboxie and Avira Free or Avast. You should be fine with the least amount of headaches.

Just my .02 cents.

Ice

-{ Quote: "Stick with Firefox (NoScript, Adblock Plus), Sandboxie and Avira Free or Avast. You should be fine with the least amount of headaches." }-
:thumb: That would work and does for me. Sandboxie does have a 5 second nag delay after 30 days of trial. Threatfire should also add to the protection and theoretically ZA should catch anything that would call home.

A couple other sandbox apps you might investigate are DefenseWall (paid) and GESWall (free and paid).
http://www.softsphere.com/
http://www.gentlesecurity.com/

For those tricky apps that won't run under a limited account, this may help.
http://www.mechbgon.com/build/LimitedSW.html

PS: Welcome to Wilders :).

-{ Quote: "
I am considering replacing Avira on the kids PC with either Avast or AVG8 to get that extra layer of URL scanning/blocking" }-

I agree, only Avira Premium (paid version) comes with a web/surf shield :ouch:

Whaaa? You don't trust SpywareTerminator's Web Security Shield? ;D

Dave

avast! Home is pretty solid and offers a nice webshield.

-{ Quote: "I am the de-facto support for our shared family PCs. I am looking for ways to secure these machines from the "click of oops", bearing in mind that my users are not technically inclined. What we have now:
opastnos

I am considering replacing Avira on the kids PC with either Avast or AVG8 to get that extra layer of URL scanning/blocking - is that a false sense of security, or is there real value in the web/surf shields?" }-
Firefox plus NoScript is enough for most of the time. The only risk is when trusted site is compromised. Other apps will cover these cases if used properly. So better try to convince your family members to take some interest in learning how to utilize them and generally PC security. Computers and internet are here to stay.

-{ Quote: "avast! Home is pretty solid and offers a nice webshield." }-

I agree. Whether or not you trust these shields, my experience with Avast shows they work. It's yet to fail me.

All these are blacklists. It doesn,t matter how many blacklists you combine, your defence is always incomplete.

Add a sandbox to your set up. You can just cover your browsers with GesWall free.

Out of URL filters, LinkScanner Pro is best IMO.

-{ Quote: "All these are blacklists. It doesn,t matter how many blacklists you combine, your defence is always incomplete.

Add a sandbox to your set up. You can just cover your browsers with GesWall free.

Out of URL filters, LinkScanner Pro is best IMO." }-

:thumb:

-{ Quote: "It doesn,t matter how many blacklists you combine, your defence is always incomplete.

Add a sandbox to your set up." }-

I think this is the best way too ... :blink: