Apart from an AV and a decent firewall, what other software do I **really** need to stop a persistant hacker?

Thanks!

Are you limiting your threats to persistent hackers? If you have a hacker problem I would imagine the firewall is your first and best line of defence, but you will also need some specialized help from someone with relevant experience.

If you are just speaking about security in general - browser exploits, phishing, spyware, redirects, trojans, DDoS, hacking, etc. - there will be a long (but valuable) list.

Hi Daf, Difficult question but here are few ideas from my website:

Lines of Defence:

Here is a suggested range of solutions which MAY protect you, Why MAY? Because putting it simply nothing is 100% foolproof.

FIRST lines of defence:

Ensure you have the latest security updates for your chosen OS & programmes
Secure password strategy
Router with NAT or other firewall configuration. (networked environment) especially in a broadband environment.
Software firewall preferably with both application & rule based capabilities, to allow outbound control where NAT routers usually only control inbound
System Application Monitoring such as, Process Guard

Second Lines of Defence:

Anti-virus - resident
Anti-Trojan - resident (execution protection)
Dedicated Worm / script guards with registration protection
Spyblocking Pop-up & Ad stopper, Unsafe Java, Active X , unfriendly cookies + parental control i.e Browser protection & set up
Email, AV + Spam removal identification / removal facilities.
Secure encryption facilities
Proxy browsing etc.
Practice Safe HEX!

Other Lines of Defence:

Spyware and registry cleaners
Temporary internet file & unwanted cookie cleaners.
On demand AV & AT scanners
Secure data back-up facilities.
Monitoring utilities & logging

There will be other requirements based upon your perceived personal needs.

Unfortunately there are no "foolproof" answers.

Process Guard
SSM
Abtrusion Protector
Take your pick of the above and possibly consider Prevx Home(free) for some added protection.

Process Guard
SSM
Abtrusion Protector
Prevx Home(free)

The best is...

Worth installing them all?

-{ Quote: "Worth installing them all?" }-
Probably a bit over the top :) You can use Process Guard to protect which ever ones you choose.
You would also find a noticeable degradtion in performance with that lot fighting each other + probably some incompatability issue.

Pilli

Unfortunaltey Process Guard Free only allows me to protect 1 process e.g. firewall software. Worth installing this or maybe use one of these which are free?

SSM
Abtrusion Protector
Prevx Home(free)

??

Kaspersky Anti-Hacker 1.5??

Opinions?

No don't install all of them. My advice is to try Process Guard, SSM, and Abtrusion Protector and decide which works best for you.

For me, Process Guard is what I trust to protect me from trojan and rootkit installations as well as application hijacking. I also use Prevx, which is for intrusion prevention, as extra protection.

To clarify, SSM and Abtrusion Protector serve a similar purpose as process guard.

If the firewall is properly configured, then your PC will be "STEALTH" when you're connected to the internet. Hackers have plenty of unprotected PCs to hit. There is NO need for them to hunt for STEALTH PCs. It is very very rare for bugs to sneak past a properly configured firewall. Most infections occur because the bugs is contained within a downloaded application. You wouldn't invite any stranger into your home. Use the same logic when it comes to downloading data from the internet.

I see but with not being in a position to pay for Process Guard which out of SSM and Abtrusion Protector is more likely to stop hackers?

To nod32_9

Normally I'd agree but without wanting to go into what this is all for I really need to basically lock down my PC to intruders and hackers wanting to get at it and take it down.

I think you would do well with SSM. It's probably one of the best of the free one's. Then use Process Guard free to protect SSM. Of course newer versions of SSM will no longer be free, but there are still free versions available.

Like nod32_9 is getting at, a firewall would be your first line of defense. This should not be overlooked as this will be the most utilized piece of protection. The other products (PG, SSM, Abtrution...) are more aimed at protecting you if your security (firewall, antivirus, antitrojan...) is compromised. If you feel that you need this type of protection, SSM is free and I think there's a price on Abtrusion Protector and there is a price on PG.

Right, at the moment my defence is:

1. Kerio 2.1.5 firewall

2. AntiVir Personal Edition 6.28

3. SSM 1.9.5 beta 3

4. Process Guard

Should PG protect SSM or Kerio firewall?

Anything else needed?

Thanks!

What it's the website of SSM?

Thanks

-{ Quote: "Should PG protect SSM or Kerio firewall?" }-
Your firewall because is the first line of protection on your pc!

http://maxcomputing.narod.ru/ssme.html?lang=en

How can I classify the PG and SSM?

I would say if you have ssm protecting your av and fw, then process guard should protect ssm. (that's if I'm right by thinking ssm is not kernal level software and needs protection)

The only other thing you might what (depending on your level of paranoia :) ) is a trojan scanner. A free on-demand scanner could do some good (ewido or A2 are the only free ones I know of). You could install ewido without the background scanner and you'll have a top knotch trojan scanner.

But already you are pretty heavilly guarded with what you listed before.
http://www.wilderssecurity.com/showthread.php?t=29492&highlight=stop
This thread could be helpfull if you need some help with your firewall rules. Toward the end of the thread there is a link to download a ruleset for kerio 2, created by a firewall guru.

Good Luck

Actually SSM 1.9.5 and above features kernel-mode protection for *NT (2k, xp) ;)

-{ Quote: "Apart from an AV and a decent firewall, what other software do I **really** need to stop a persistant hacker?" }-Taking into consideration your remark about not wanting to get into details....I hope your understanding what Nod_32 and others have said. IF you have Kerio set properly and IF someone hasn't found a way to exploit Kerio. Your firewall IS all you need. IF....you can not trust a properly configured firewall....no amount of extra programs is going to help.

-{ Quote: "Actually SSM 1.9.5 and above features kernel-mode protection for *NT (2k, xp) ;)" }-
I like it very much, but it's a problem after a while if activate "Watch App Activity". It seems to freeze system to freeze a 1st time launched app. I tested it on wk2000 and xp and... same result.

So now I use Process Guard + SSM without WAA waiting a solution.
Am I the only one that has this problem?

-{ Quote: "
http://www.wilderssecurity.com/showthread.php?t=29492&highlight=stop
This thread could be helpfull if you need some help with your firewall rules. Toward the end of the thread there is a link to download a ruleset for kerio 2, created by a firewall guru.
Good Luck" }-

Anyone know of a very secure ruleset for kerio 4?

Hi daf,

You have asked about rulesets for Kerio4 in your other thread in the "Other Firewalls Forum" here: http://www.wilderssecurity.com/showthread.php?t=51230

Please stay with that thread for further firewall questions so this one doesn't go off topic. ;)

Regards,

snap

Sorry, just thought if 'se7engreen' only looked here then they wouldn't see the other thread, but I do take your point though :)

daf, thanks for understanding. ;)

Regards,

snap