A group of softwares, choose only one - Version 2

Ouch! I'll pass on the punishment for now....

For my own purposes, I tend to treat decent software firewalls as fairly interchangable. I don't set up complex rule sets, don't pour over logs, and tend to use them myself only for application based outbound control at the application is allowed or disallowed level. Thus for 2 & 3, I ignored the firewalls as a discriminator.

Although we don't tend to approach Ewido as a top level general antimalware program (say to replace a general AV package...), I do believe that it will function as well to better in that role than AVG. This is a somewhat gut level feel on my part based on using Ewido (sans Guard) for some time as a periodic check. With the Guard active, it should stop what worries me most - trojan downloaders/droppers. It also has process memory and registry scanning capabilities rounding out things. In my opinion it is a very powerful package. Opera is a solid browser, while AdAware/Spybot/Past Patrol are there if needed. If I want to push things I can run PestPatrol full on and suffer the false positives, but I'd probably use AdAware/Spybot/Past Patrol as demand scanners.

I relegated 2 to third place due to AVG as the prime AV. I realize that Proxomitron is present and a bit of a wildcard. In the end, I went with that placing since I don't use Proxomitron and would be relying solely on third party impressions for weighing it's impact.

Blue

 

My choice would be #1 and to answer your other question you must have horse shoes up your but and wise can be eliminated if the quote above is serious.

 

Pete,

You forgot two of the most important dependencies - user knowledge and experience. Knowledge and experience to understand what is occurring and how to remedy the situation. These are independent of the others mentioned and critical in determining the appropriate path, especially with respect to the general direction of this thread.

Blue

 

Hi,

@Peter, answering a post is voluntary. If you don't like you, you need not answer. As to purpose, I want to see how people think, and what they fear.

@Hammer, the prose was lost on me. What did you mean by horseshoe up the butt?

Mrk

 

Two of my "bodyguards" softwares were not included in the selections...that is Avast Anti-virus and ProcessGuard.

I could not live and surf the net using my own pc without these two important softwares I have mentioned above. Avast is an antivirus, anti-worm, also detects some trojans and spywares...very fast updater and upgrades and has lots of features not found on other AV and then ProcessGuard protects my system from stealthy trojans and protects critical programs from being terminated and modified.

 

Hi,
What will you do if suddenly both products become incompatible with your pc, for whatever reason. Try to work with me. What happens if you CANNOT use your favorites? Seriously. What would you choose?
Mrk

 

Of course his quote is serious. It's the same for me really.

Oh sure, i surf to some site, and some av will tell me the site has some dangerous thingie. But even without the AV, the dangerous thingie is still inert in my cache.

Oh the email scanner blocks some dangerous attachment filled with the latest whizbang worm, again, harmless, since it's damn obvious what it is.

Perhaps The hammer you could tell us the last time AV really saved your butt.

 

Hi,
Devil and me in agreement, impossible!
Anyhow, i understand the farrier (re horseshoe) thingy now. Talisman of luck, oh me! I did not know we put it there!
For browsing I usually use Proxomitron (not always) + Firefox with noscript (java, flash and some other plugins forbidden), adblock, flashblock, spoofstick, block cookies, referrer, agent switcher and some more - and before things ever reach AV, they are filtered away.
Peter, if you tell me you download things like mad, and your av pops all the time saying I'm saving your horseshoe, I'm saving your horseshoe, then you seriously need to revisit thy surfing habits.
Mrk

 

Wow that sounds paranoid. When was the last time any of these extensions saved your butt?

Mrkvonic, if you tell me you are visiting bad sites like mad, and your extension+proxo pops all the time saying I'm saving your horseshoe, I'm saving your horseshoe, then you seriously need to revisit thy surfing habits

 

Hi,
Truth to be told, I cannot say what is filtered and what is not. I don't know. It's rather quiet.
But look at this from this perspective: firefox extensions are 10-30kb, a whooping 20 extensions weigh <1Mb and firefox runs as before (cpu and such usage). Primarily, these extensions allow you to customize your browsing to your liking, and clean the pages from crap. Luckily, they are also secure.
When I visit a page, I don't wanna see flash movies, ads and such. I just want clean content, regardless of the site's nature. So I use the relevant extensions for that purpose. And then, some more, because extensions are fun, like tab mix plus, customize google, ie view, ie tab etc...
But conceptually, noscript + adblock will clean 99% of available crap. If you don't wanna see flash movies - flashblock. If you don't like cookies - block cookies. If you don't want certain sites to earn money from your clicks - referrer control. If you wanna play with browser header - user agent switcher.
No paranoia really - more of a fetish.
Mrk

P.S. I also have a computer that runs naked firefox, firewall and browser only. I have a comp without firewall and only nat/ics. I have a comp with windows firewall and restriction policies only. Do you approve? 'Cause your approval means a lot (quote: Martin Lawrence).

P.S.S. I should not have complimented you, devil, all of a sudden you turned bossy and sassy. You need to be kept in tight reign with a good stout switch.

 

Which movie was that? As for approval, I'm not in the business in giving one, try getting it from Blue, Hollywood, Blackspear etc They are the ones in the business of judging and giving seal of approvals to newbies needing advise for setups.

Actually I thought you were being bossy and sassy, that is why I gave you a taste of your own medicine. Feel free to return the favor.

 

Why must you choose options mixed with good software and also useless?.

Is this for your machine then out of that list use.

Kaspersky internet Security [i.e Firewall and Antivirus]
SpywareBlaster
Firefox browserl
And MS Antispyware.

So all you have done is bought 1 application (KIS)

 

Hi,
Peter, a bit of imaginative thinking. A bit of fan. Now, lots of good software is disappearing. Sygate, Kerio, TDS-3 - Not the end of the world, especially not in the case of firewall, which can run on for years, but just imagine a very cruel world where you are limited.
BTW, with Windows Vista, this could actually happen. What will you do then? Back to topic, it is NOT a real situation, although it could be. It's a question where you need to analyze your behavior faced with 'tough' choices.
I like to see how people think and what different rationales bring out.
It would easy if I gave you Tiny, PG, Kaspersky, Opera, ShadowUser, wouldn't it? What will you do when you do not have those? Are you saying that your ability to survive the net relies only of heavy weaponry? Isn't there some room for flexibility?

Devil, the movie is Nothing to Lose, with Tim Robbins too. Makes some of his dumbest faces ever.

Mrk

 

I would go for option 1.

For me it's a case of which uses the least resources. I think you can make windows and IE safe without needing to add anything.

I could use KAV as an on demand scanner for any dodgy downloads and e-mail attachments.

 

I've had NOD intercept two nasties in 2005 and one in Jan 2006 heuristically via email as it was being downloaded. Also a half dozen by signature again via email in 2005 and one via daily scheduled scan in Jan/06. I'm glad your all having fun with the horseshoe analogy.

 

I must defer that I'm not in the business of awarding seals of approval, although I will plead guilty to providing a perspective, occasionally in affirmation, occassionally in disagreement, with someones plans if either that is the direct request or if the configuration is forwarded as a general template. Typically I look for concordance with my own views and approaches. I realize that the path I follow is one of many that will work with equal performance, and I do try to reflect that in my comments. While I do continually reassess what I do, change is rather infrequent since I haven't noted glaring holes in the approach to date.

As for the groups of software indicated in this and the previous thread, while none follow the specific template that I tend to adhere to, many should work fine for the majority of users.

What would I do if the proposed scenario occurred? Well..., I'd pretty much stick to my current decision tree. Each step has multiple options if one or more is unavailable, so the substitutions are already known to me. If some of the discrete layers/steps are removed, that's OK as well - they are either back-up or have back-up. With respect to Vista, I won't convert prior to assessing the situation carefully. If I was forced, had no recourse, and was left completely bare, well there's always a Linux Live CD distro to be had, and some work quite well. At least that's how I'd handle the situation in real life.

Blue

 

rather then give us packages, u shouldve just asked that question. it much easier that way. for me, in place of nod32, looknstop, and firefox, i would have avast, outpost pro, and mozilla/seamonkey.

 

hmm , restrictive choice here...

I'd go for the second setup: it appears to me as the most balanced of the three, with a good FW, a decent Av, safe browser and a devilish filter.

the first one is security after the facts, Kaspersky compensating weakness of other components, browser anf FW. The third one has two anti-malware, but no AV; Opera is good, but it doesn't prevent you to download bad files yourself ...

But how restrictive... , is that Jugement Day scenario??

Cheers,
nicM

 

Hi,

TheHammer - are these files the usual Re: document and Re: your file mails with stupid attachments you would never open, or mails that you honestly believed contained genuine content, but turned out to be evil.
I'm talking about out-of-the blue alert. Something you totally did not expect, while browsing or such, and boom - a drive-by-downloaded trojan was stopped from executing.

Nico - This is hardly the Judgment Day scenario. The Judgment day scenario is the following:
You are forced to use AOL Browser with AskJeeves toolbar. OS is Improved Windows ME - ala Vista ME. Bundled OS security is NIS running at 400Mb and 50% CPU. You cannot install anything else because it has not been approved by Big Brother DRM. You cannot install P2P software, and you cannot access sourceforge.net (it's blocked by default in the local host - all communist sites are). The IM of choice is improved MSN messenger that must display at least 20 spam messages.
And finally, the bombon of the whole thing - You can only save your files and folders inside My Documents, My Pictures etc.
Mrk

 

My answer is mail that I believed contained genuine content and I also had one drive-by-download trojan that was stopped from executing. I tend to follow the conventional/generally accepted security practices of which an Av is a required component as I am a non expert user.

 

Oh, about P2P, I don't care, I've never used it ;

Looking forward to your next software proposals polls

Cheers,
nicM

 

@Blue - Relax, I was just having some fun at your expense.

Your security must be pretty bad to require your Av to safe you from a drive by download. Are you certain that if you did not have the AV, the driveby download would have worked?

But then again you claim to be a non expert user, so maybe you can't really tell the difference. No offense intended.

 

DA,

I realize that..., just didn't want any seal seekers coming my way only leave disappointed, or a casual reader uncritically reading threads here as context free fact, when it is much closer to either context laden opinion or incomplete guidance from a distance.

Blue