Advice for security setup...

[Kuroudo Akabane]

Hello, new to computers and I'm using a HP 110 Mini with Windows XP Home Edition.

I'm thinking about using FireFox as my primary browser and Internet Explorer as my secondary browser if that matters...

A coworker installed Comodo and ThreatFire but last night I removed them because the ThreatFire wouldn't open (reason unknown) and after scanning the HDD Comodo was reported as being fragmented.

I've cleaned the HDD several times and ran several defrags and am ready to install some security protection.

Should I go back to the above setup or somethng else and what are the installaton and setup suggestions to make the program(s) work well?

[mattfrog]

Are you willing to spend money on security, or are you trying to keep to the free options?

The best approach to security is layered. This essentially means that installing an antivirus is generally not going to be enough, you'll want to cover more bases than just viruses.

I personally use a security suite (ESET Smart Security) which includes antivirus, a firewall (monitors connections to and from your PC), a HIPS (which monitors what software does with your PC to ascertain whether or not it may be malicious) and antispam (blocks junk emails). It also has a parental control feature, if needed.

Others prefer several apps to cover the bases. You could use an antivirus such as avast! free, combined with the excellent free firewall from Comodo (which includes a HIPs too).

Other good providers of antivirus include Avira, BitDefender and Webroot.

Sandboxing is also a good security practice. It is essentially running programs like your web browser in a "fake PC", and everything that happens in it cannot affect your real computer. Sandboxie is the usual recommendation here.

Other wise security practices include backing up your data regularly, an easy solution being BackBlaze. Some security suites come with backup built in, such as Webroot's excellent SecureAnywhere product.

The most important part of security, however, is a learned skill. Get a feel for what is a trick and what isn't. If something sounds too good to be true, it normally is.

Oh, and make sure you run Windows Update after every second Tuesday in every month to keep updated! You can do this on XP via http://update.microsoft.com

I hope this helps

[tomazyk]

Hi Kuroudo!

Comodo files being fragmented should not be reason to stop using it. Did it also slow down your computer? If not, I wouldn't remove it.
I would also add Sandboxie for browsing the net.
If you think you need it, you can add a lightweight AV like Panda Cloud or Microsoft Security Essential.

[Kuroudo Akabane]

Quote:

Originally Posted by mattfrog

Are you willing to spend money on security, or are you trying to keep to the free options?

I want to use free software.

Quote:

I personally use a security suite (ESET Smart Security) which includes antivirus, a firewall (monitors connections to and from your PC), a HIPS (which monitors what software does with your PC to ascertain whether or not it may be malicious) and antispam (blocks junk emails). It also has a parental control feature, if needed.

And your opinion of it? Would it be easy to use for someone with little computer knowledge?

Quote:

Others prefer several apps to cover the bases. You could use an antivirus such as avast! free, combined with the excellent free firewall from Comodo (which includes a HIPs too).

So forget about ThreatFire?

Quote:

Other good providers of antivirus include Avira, BitDefender and Webroot.

Better than Comodo?

Quote:

Sandboxing is also a good security practice. It is essentially running programs like your web browser in a "fake PC", and everything that happens in it cannot affect your real computer. Sandboxie is the usual recommendation here.

Ok, does that interfere with proxying?

Quote:

Other wise security practices include backing up your data regularly, an easy solution being BackBlaze. Some security suites come with backup built in, such as Webroot's excellent SecureAnywhere product.

What data and how often?

The only thing on my netbook will be programs, I plan on using an external HDD to store pictures, videos and other information.

Quote:

Oh, and make sure you run Windows Update after every second Tuesday in every month to keep updated! You can do this on XP via http://update.microsoft.com

Thanks.

Quote:

I hope this helps

Yes, but I have questions.

Quote:

Originally Posted by tomazyk

Comodo files being fragmented should not be reason to stop using it. Did it also slow down your computer? If not, I wouldn't remove it.

The netbook was running very slow... don't know if Comodo had anything to do with it. But I thought getting rid of fragmented files couldn't hurt (can always reinstall Comodo).

Quote:

I would also add Sandboxie for browsing the net.
If you think you need it, you can add a lightweight AV like Panda Cloud or Microsoft Security Essential.

So this in addition to Comodo and ThreatFire?

[iRRiTaTeD]

I will second Eset, but I'd reccommend only Antivirus and use a secondary software such as mbam or mamutu. No need in loading your pc full security software out of paranoia.

[Amit]

Use Sandboxie with forcing all internet facing apps and usb flash drive to start in sandboxes adding settings of auto-deletion after closing sandboxed app, appropriate start and internet restrictions. Use Secunia PSI and Windows XP built in updating from Security Center to keep system and all apps up to date. Use Malwarebytes Antimalware and HitmanPro to check downloads. And Keyscrambler for your browsers against keyloggers. NoScript, LastPass, Adblock Plus, HTTS Finder, HTTPS Everywhere and WOT will certainly strengthen your Firefox against malware. Making images with apps like Keriver 1-Click Restore or Macrium Reflect will eliminate malware within minutes. Use Skydrive to backup personal and important files you would regret if deleted by malware. And use 7-Zip to encrypt those files. Norton ConnectSafe seals the deal off.

Have a nice day and stay safe with safe internet habits.

[tomazyk]

Quote:

Originally Posted by Kuroudo Akabane

So this in addition to Comodo and ThreatFire?

If you're using Comodo with Defence+ enabled, you don't need ThreatFire.

[mattfrog]

Quote:

Originally Posted by Kuroudo Akabane

I want to use free software.

No problem, there are many competent programs you can use still

Quote:

And your opinion of it? Would it be easy to use for someone with little computer knowledge?

I trust it, after deploying it within a corporate environment. I do occasionally scan with other "on-demand" scanners, such as HitmanPro, when I'm bored

Quote:

So forget about ThreatFire?

I've never used ThreatFire, but I've also never known anyone that does, either (apart from a few forum members here).

Quote:

Better than Comodo?

Most things are - Comodo's antivirus products are lacking detection wise. Their firewall, however, is top notch.

Quote:

Ok, does that interfere with proxying?

Not as far as I know, no.

Quote:

What data and how often?

The only thing on my netbook will be programs, I plan on using an external HDD to store pictures, videos and other information.

Whatever data is important to you and would hurt to lose. It sounds like pictures, videos and documents to you. Your external hard-drive can fail just as easily as your internal hard-drive, so I would back those files up to somewhere else, too. Even if it is another external hard-drive!

Quote:

Thanks.

More than welcome, please check your PMs

[Kuroudo Akabane]

Also, is there a con to installing Microsoft Security Essentials?

[Kuroudo Akabane]

Quote:

Originally Posted by iRRiTaTeD

I will second Eset, but I'd reccommend only Antivirus and use a secondary software such as mbam or mamutu.

Because?

[Sully]

You don't say how new to computers, so I will treat you as brand new

First, you should understand the difference between an admin and a user. Google it or whatever you need to be able to comprehend the difference. The short answer is that a user only has rights to read and execute files, but not create/modify/delete files in areas that are "protected". Therefore, logging in daily as a user will mean that if you execute something you should not have, it can do minimal damage to the system.

However, it also means that when you actually do want to do something a user cannot do, such as change a system setting or install software, you will have to do it AS and administrtor. Google up RunAs in XP. You have two basic choises - you logoff your user account and log into the admin account, then do your activities that require admin, or you run things AS the admin while logged on as a user.

You could look up the term LUA maybe that would also help.

Once you understand how a user (that is, an account who is a member of the users group and NOT the admins group) is restricted, you might see how that protects you. By default XP creates an admin account. It makes it convenient to do things, but if you don't know what you are doing, it can lead to problems pretty easily.

Once you get what the difference is between a user and admin, you will have to decide which route you wish to go. If you stay as admin, you will have to find a way to plug the holes that comes with being admin. Some use inbuilt OS tools, some use 3rd party tools, some use both. No way around it though, if you are going to be admin, you have to do something or you WILL have issues at some point.

Apart from that very basic concept (although not really basic to the new users), I would suggest a sandbox application. The idea would be to run your internet facing applications in the sandbox, which keeps what happens in the sandbox out of the real system. Be aware though, that there are a few things to pay attention to when using sandboxes. Just because you use them does not mean you are 100% safe. But with minimal learning they can offer a great way to secure things.

I am sure you will get lots of other advice. None of it is really bad around here. We all are interested in security, and like to share. It just so happens that most of us use a different recipe to create our own security.

Good luck.

Sul.

[RJK3]

Get rid of threatfire IMO (slow, out of date program - was good years ago).

Don't think you need to learn everything at once - there's a big learning curve learning security even for experienced users.

Try not to install too many active security programs, as they'll just slow down the machine.

Do read as much as you can in these forums and elsewhere. There's plenty of approaches. Personally I prefer simplicity.

[narenbisht]

Quote:

Originally Posted by mattfrog

No problem, there are many competent programs you can use still

Most things are - Comodo's antivirus products are lacking detection wise. Their firewall, however, is top notch.

More than welcome, please check your PMs

I dont agree here. Previously Comodo AV detection was not that good. But now it has improved a lot both in detection & FPs. Now I find it comparable & even better & can be used as a standalone AV.

I am running it on XP 32 & Win 7 64 with few customization for last six months & I browse everything from basic to nasties & no infection or FPs or system slowdown or any other prob yet. But this is my experience & opinion about Comodo AV.

As for my customization of CIS............

My family members are not experienced enough for HIPS & Sandbox so I wanted to run only Comodo FW & AV with no D+ & Sandbox. I can easily disable D+ for that but disabling D+ also disables the self protection. So I customized it the following way........

Kept D+ enabled but under D+ settings enabled dont give popup alerts & set it to allow & disabled Sandbox. This way I get CFW & AV & Cloud protection with self protection enabled & no D+ & sandbox hassles.

When CIS 6 with Full Virtualization will release I will definitely keep D+ & Sandbox fully enabled coz I believe with full virtualization it will be much easier to use & no probs running apps in sandbox.

[Amit]

Quote:

Originally Posted by narenbisht

I dont agree here. Previously Comodo AV detection was not that good. But now it has improved a lot both in detection & FPs. Now I find it comparable & even better & can be used as a standalone AV.

ROFLMAO. HA ha ha. You make me laugh. Comodo AV, really?

[CyberMan969]

I use Comodo free Firewall (which includes the Defense+ anti-execution module), Avast free antivirus (for real-time antivirus protection), MalwareBytes' Antimalware (which has a very useful function that blocks your internet-enabled programs from accessing dodgy IP addresses and websites), as well as Sandboxie (for safe web browsing and also to test suspect executables - you can browse the sandbox and see at a glance what would happen to the real system if the executable was allowed to run outside the sandbox).

I also use Shadow Defender in order to test programs that do not require reboots. Shadow Defender is also my safety net against certain very sturdy rootkits/bookits (TDL3/TDL4/TDSS); but if you use Sandboxie then adding a light virtualization app like Shadow Defender would probably be overkill for you.

If I were you I'd use Comodo Firewall/Avast/Sandboxie. For as long as you control changes in your system with Comodo's Defense+ and you also test any suspicious programs first with Sandboxie before installing them on the real system, then you should be fully covered with just these three.

BTW Comodo antivirus is crap. Their firewall is great, but their AV leaves a lot to be desired. Also disable the Comodo sandbox, Sandboxie is way better.

[Solarlynx]

The antivirus component of Comodo Internet Security was a crap about 4-5 years ago but now it is a really very decent part of security. Look here, for instance.

[CyberMan969]

Quote:

Originally Posted by Solarlynx

The antivirus component of Comodo Internet Security was a crap about 4-5 years ago but now it is a really very decent part of security. Look here, for instance.

Thanks for the link Solar, you're right I haven't used it for ages. What has always irritated me as well is how long it took to update its definitions. At times it would hang there for 10 minutes or more, updating itself. BTW, do those numbers also include false positives? That was another major flaw when I was still using it.

[Solarlynx]

Now the antivirus component of Comodo Internet Security has a very good detection, but still has relatively high false positves (though according to all known to me tests fps constantly decrease, and for 3-4 years of intensive usage of CIS I have never suffered from this) and moreover it cannot disinfect files.

[RJK3]

Don't forget he's using a HP 110 Mini netbook, with an Atom 270 CPU. It's not going to handle anything too heavy. I've tried Comodo Firewall on a netbook and it was a dire experience, but YMMV.

Just something simple like Avast or Panda, and Sandboxie will be sufficient. Turn off Windows Defender, leave Windows Firewall on.

Keep Windows & software up to date; use a good browser like Opera, Firefox, or Chrome; only install plugins that you need.

[Solarlynx]

Sure, the comp performance must be considered too. The weakest my comp is my office comp - Celeron D 2.4 GHz, 500 Mb RAM, Win XP. When there was Comodo Internet Security - about 6 month ago - I felt some slowdowns when updating. But not like now as there I have Kaspersky - I can't work on the comp for 2-5 minutes when it updates.

If Comodo proves to be too heavy I would try DefenseWall - but it's paid.

[TyRidian]

Quote:

Originally Posted by Iron Man

ROFLMAO. HA ha ha. You make me laugh. Comodo AV, really?

Actually he is right, the AV component of Comodo has vastly improved.

[Amit]

Quote:

Originally Posted by RADEON0101

Actually he is right, the AV component of Comodo has vastly improved.

Hmm....I hear what you are saying.....I might give a try.....

[TyRidian]

Quote:

Originally Posted by Iron Man

Hmm....I hear what you are saying.....I might give a try.....

Yeah, give it a go...You'll be surprised how well it does now a days.

[The Hammer]

Quote:

Originally Posted by Kuroudo Akabane

Because?

The last part of the full quote would have answered that.

[Amit]

Quote:

Originally Posted by RADEON0101

Yeah, give it a go...You'll be surprised how well it does now a days.

If you say so.