Am I secure enough with the software I have????

Discussion in 'other security issues & news' started by ChrisP, Sep 11, 2004.

Thread Status:
Not open for further replies.
  1. TheSnowGuy

    TheSnowGuy Guest

    Better yet......you can request the opinion of CRAZY M a MOD in the firewall forum.....a highly inform person


    ok,,,thats all from me
     
  2. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Does not apply to new version. People talk a load ob ba**s about Blackice - particuarly people who know very very little about it. Anyone who is reasonably skilled with BI knows how to modify the ruleset to toughen it up.

    Snowballs, this is a forum for advice - not for people to pretend to be clever - by throwing in untrue statements that people are "so unsecure" etc to try and scare them and then purposefully not give any advice.

    Mod Note:~removed unnecessary and flamming comment. See my reply below - snap~
     
    Last edited by a moderator: Sep 12, 2004
  3. snapdragin

    snapdragin Registered Member

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi ChrisP,

    I have removed the unnecessary comment from your post as flaming comments towards members (that includes members posting under guest names too) is in violation of TOS.

    Snowman is only trying to help you like he has helped other's on this board (including myself) since this forum first opened. He has a great deal of experience, and also a registered member of this board. If he has come accross a bit anxious about your needing more security, that is because he cares, and not for any other reason. We all phrase things differently, so please take a post meant in helping you, as just that, a post to help answer your questions in your first post.

    Please stay on topic gentlemen. Any further personal attacks or off-topic posts in this thread, and I will be forced to lock it. I'd rather not see that happen.

    Regards,

    snap
     
  4. TheSnowGuy

    TheSnowGuy Guest

    Snapdragin

    Thank you for your very fine moderation.....its appreciated.....


    There is always a problem explaining things in such a way that all can understand.........people have differant levels of knowledge....one person may know something about a product that can't be posted publically.....while another person may chose to ignor that a product even has an issue.......its a matter of communicating.........an sometimes thats just not possible.

    *********************************

    Chris P

    No offense was taken by your comments......thats most likely not the comment you expected from me...but its true.........
    You posted asking a question....I made an honest reply....obviously it was not the reply you were seeking......nevertheless, looking at your security programs.....I saw a computer lacking in security.......an gave that honest opinion............for me to have done less would have been un-fair to you......for example: did you disable the xp firewall while using BI?? Running two firewalls is a real in-security...but the question wasn't asked until now......there are several other questions yet to be asked......no, not be me......Chris I have been here..done that...thousands of times.....an if you chose to belive me to be someone un-knowledgable ...thats ok.....my computers don't get hacked..cracked..infected......or have any exploits....so I am doing ok............
    Again Chris...I wish you the very best........no I wont ever offer you any suggestions.....
     
  5. TheSnowGuy

    TheSnowGuy Guest

    CHRIS P

    In regards to my making a statement...then puposely not offering advice.........the reason I didn't offer advice is that I have been away from the forum awhile that thought you would feel better taking advice from people you was motre awear of......also, I respect the members of this forum....an enjoy viewing their sharing of knowledge........if that came off as attempting to scare you...for that I give my apology.........again that may not be what you expected me to reply.....but again..its honest
     
  6. TheSnowGuy

    TheSnowGuy Guest

    Snapdragin

    As a matter of respect for you I have remained calm and polite......you certainly deserve that respect. Its un-fortunate that this thread went off into a bad direction........an in order to give Chris every opportunity to gain as much advice as he may need....it would appear best if I not make any further comments . The only suggestion I have for Chris is that he get back on track an obtain the advice he seeks.....security is most important....put it first .......
     
  7. erikguy

    erikguy Registered Member

    Joined:
    Jul 5, 2004
    Posts:
    236
    Location:
    Salem, OR
    Just one of those days, I guess... :| We all have them. The important part is not to take it personal offense I think.
     
  8. snapdragin

    snapdragin Registered Member

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Meltdown - I've removed your post as it was off-topic.

    erikguy - I had removed the post you were replying to at the same time you made your reply. But you are right in that we all do read things differently when we do not know the person.

    Snowman - Much appreciated, and thank you for your understanding and your help. ;)

    ---
    Now, the topic of this thread is: "Am I secure enough with the software I have"

    Finding the right security programs that best fits the user's needs isn't something that happens overnight. It comes with reading about the programs' security features, trying and testing the different programs available, and learning from each other's experiences (good and bad) that other's have had with them.

    In order to assist ChrisP with his initial questions, and also anyone else that may be looking for suggestions from this thread, I would ask that no further personal comments be made, and to keep further posts in relation to the original question asked. :)

    Regards,

    snap
     
  9. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    LOL, like I say, we can argue about specific programs forever. A hardware router is definitely a very good way to go. If you have an old pentium computer laying around you can also turn it into a hardware router with firewall and IDS with free programs such as SmoothWall or Mandrake (linux) Security MFT. There are a few others out there, but those are the ones that come to mind. Since you seem willing to sit down and get things working, that could provide you with even a little more security than just a NAT without the cost.
     
  10. For what's its worth I disagree fully with snowman. He is the one who is " playing expert" espically by dropping the senority card..True he has being here from the start, but that does not mean he is as qualified as some of the other people in this thread. I see no need for perfectly qualified people to tiptoe around him as his comment was way off base and from comments I have read from him, I don't think he is as qualified as many here anyway.

    Still it does bring up a interesting question, how do you answer people who ask "Am i secure enough"? A lot of times, it seems that this is a loaded question.

    Many times, I get the impression that they already decided that they are secure and they just want an endorsement. These are people who are not clueless newbies, and tend to run pretty good security tools so they do have reason to expect people to say "your security is okay".


    Still, nothing is perfect and the people here are way more paranoid (er serious about security), so invariably, somebody will point out some additonal precaution, tool that he could try that *might* improve the security.
    Sadly this is often taken the wrong way by the original poster and eventually leads to flames.

    I would recommened that future replies to threads of such nature should praise the good as well as point out possible weaknesses. It's all very well to recommend what you think are better products or even products that cover areas not already covered (sandbox etc), but in the end be sure to point out that these are ways to increase security, but if you don't follow these precautions it doesn't mean you are not secure enough...
     
  11. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I agree that not adding more does not equate to inadequate security, but I don't think everyone that posts these threads is just looking for a pat on the back. I can also see this kind of thread being started by those that have exhausted their resources, and are looking for links to other software they haven't been able to find that may tie their whole package together. It's obvious that some posters in the past weren't open to new suggestions, but others (like this thread) seem open to new bits of information that have been overlooked, and threads like this CAN provide good material for other newcommers with similar dillemas.
     
  12. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    bah i had black ice used it for two years its kinda of a tweaking fire wall yeah you can toughen the hel out of it but big deal you can do that with all fire walls lol

    bottom line i found zap more newbie friendly

    black ice isnt a bad fire wall its just most people dont have time to learn alot to fully use it

    zap is kinda a fire wall for dummys

    you cant go wrong

    id recomend black ice for a server firewall or for companys but not a newbie also recomend it for anybody into security


    yes my spelling is bad sorry

    but thats my 2 cents
     
  13. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Some very good points Playingexpert and Notok.

    I personally think that spywareblaster, hardening of the Windows OS, and the NAT router are all very good suggestions. Mainly because it will not add anymore "bloat" to ChrisP's system. Spywareblaster as mentioned does not use any system resources. Hardening the OS does not use any system resources either (may even reduce resource usage if one shuts down un needed services). Be sure to look up reliable guides though. I can help provide some links if needed. And lastly an NAT router (which I think is a must for any DSL/Cable user) which is completely OS-independent (which is always a nice plus).

    Depending on one's personal use of their computer, who is to really say they have too many or too few security programs. Only the user of that computer can really say. And keep in mind there are other purposes for a computer, not just to set a world record in how many security programs you can load up on it ;)

    P.S. Looking up the member list I found my first screen name here which i registered in Oct 11, 2002. I no longer remember the pw for that screen name but I have visited almost daily ever since then (though i only log in to write replys and start threads heh). And yes i remember a lot of the original visitors (including you snowguy :) ). But just to close, i would like to say that this is a great place to learn and share information and thoughts. And it is great to see the new and old faces alike here on this board. There is certainly no need for extra curricular activity.

    Sorry for using up so much bandwidth through the years ;)
     
  14. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Think someone has pretty much got it. Im reasonably sure Im fairly secure and just need any obvious flaws pointing out.

    Im also 90% sure that XP will have loads of undocumented security flaws and that no system is ever 100% safe.

    BlackIce suits me fine as a firewall and I have never had a problem with it.
    I like the fact that it traces attacks, takes no configuration etc. If a clean baseline is taken, it will alert you if a file is modified or a new file tries to run. (even with application protection turned off, it will still detect, identify and block most trojans if they try to connect to the net)

    I run Spystopper to protect me from any nasty code on sites (BlackICE also does this - as does F-Secure) - but mainly for blocking cookies, web bugs, adds, scripts etc.

    Spyremover is a commercial version of Spybot and therefore should be good. Im not too concerned with adware etc - but dont want it on my system.

    SpyCop protects me from most keyloggers (as does F-Secure)

    F-Secure is a top rated AV - and coupled with Ewido means Im happy with my Virus/Trojan protection.

    I have Watch Your Back to make my Outlook email safere - it removes attachments, blocks web bugs, tracking code, read receipts etc.

    I must say, things like cookies dont bother me too much, what I want is to prevent nasties which may pop in via unknown holes in XP, tighten up obvious flaws with my IE etc. I also run Kazaa lite (which is a spyware free copy of the original) and want to make this as safe as possible - I have disabled sharing files from within the application.

    I have tried Wormguard in the past but Im not convinced it is any good against Zero day attacks, I asked in the forum some time ago if it protected against some worm which had just comwe out and the reply was that they didnt know - which I read as "no it does not" since the first thing the developer would have done would be test to see if it did - and if it did then tell the world that it did.

    I have tried SurfinGuard - but seems they dont develop it any more and it does not run with many current aps.

    Looking for advice - not interested in people who want to play games and provoke arguments.

    PS - Not running Windows Firewall.
     
  15. TheSnowGuy

    TheSnowGuy Guest

    Very Brief Comment to ReRun


    Rerun

    most assuredly I remember you...gosh, its been awhile..hope you are doing well...wishing you the best.....oh, your post was very nice....
    now, in respect for Snappy...I am out of here....seeya around ReRun
     
  16. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    I have actually not heard of Spystopper but perhaps someone else can comment. But just as a suggestion, you may want to reconsider the choice of Spyremover as it does appear on the list of Rogue/Suspect Anti-Spyware products (http://www.spywarewarrior.com/rogue_anti-spyware.htm). Again this is just a suggestion. If it works good for you by all means keep it, but Spybot by itself is more than adequate IMO.

    A shared concern among many. Have you thought about an alternative browser like Mozilla, Mozilla Firefox, or Opera?

    Even using a spyware free version (with sharing off) it doesnt really eliminate/lessen the security risk in P2P programs. You are still directly connected to a third party when you wish to download files.

    To SnowGuy - It is very nice to see you as well. Though I must admit you are not very hard to miss with your unique writing style (i believe that was also commented on by someone else back in the day heh). Thank you for the kind words, and please do take care of yourself. Hope to see you around more.
     
  17. TheSnowGuy

    TheSnowGuy Guest

    ReRun

    Ah yes, back in the day......oh my yes I do recall the comment on my writing style.....quite a compliment given by a most appreciated person..
    ...

    Say, sharp of you to have noticed that rogue/suspect program.....a comment like that coming from me would have brought a flame or two LOL....an a remark about browser would have brought true exile.....LOL
    can't tell you much fun I have had reading some of the comments made.....but above all....when you mentioned certain security issues in your post......gee, does that make you a computer dummy also...LOL
    (just funning around)

    ReRun its been such a pleasure sharing with you again.....no, these days I don't hang around the forum for very long.....I am totally rebuilding my life after that bad illness I endured for so long....very time consuming
    But we'll share again....soon I hope....until then.....the very best to you.
     
  18. Brent

    Brent Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    71
    Chris P

    All that stuff is still overkill in my opinion. If you configure Internet Explorer correctly you wont get cookies.

    All those programs takes up space and resources and do no better job than Spybot and Ad-Aware

    I still dont understand what you have against Ad-Aware.... and the fact that you paid for a Spyware remover surprises me.....

    To each is own. I can only suggest things to you and you can do what you want with those suggestions.Why pay for Spystopper when you said your self its basically the same thing as Spybot which is free.

    Why when you have F-Secure do you also have two other programs that remove the same thing F-Secure does?

    The threat is not that bad as long as you watch what you click and watch where you go.

    With my set up I mentioned I have had no problems what so ever.

    I just run Windows Firewall and it works great for me.

    You are letting your fears take control it seems and to me you have gone overboard with the programs.
     
  19. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    If you could see the amount of people walking through my 2 shops you wouldn’t consider prevention as overkill.

    As a minimalist approach, we recommend the following as discussed here


    1. Nod32 – Anti-virus (paid product).
    http://www.nod32.com.au


    2. Spyware Blaster (FREE) – Spyware prevention.
    http://www.javacoolsoftware.com


    3. Spyware Guard (FREE) – Real time scanner for Browser Hijack prevention.
    http://www.javacoolsoftware.com


    4. Spybot Search and Destroy (FREE) – Spyware removal and protection, with registry monitor. If running the above 2 programs, your system should remain fairly clean.
    http://beam.to/spybotsd


    5. AdAware (FREE, paid PRO product available) – Spyware removal. What Spybot Search and Destroy doesn’t pick up, this will.
    http://www.lavasoftusa.com

    6. Zone Alarm (FREE, paid PRO product available) – Firewall with visual outgoing alerts.
    http://www.zonelabs.com




    To take this one step further I would use the following:


    7. Proxomitron (FREE) – Proxy. This allows a program (local or remote) to sit between your web browser and the Internet at large, to monitor everything and change it if you want to.
    http://www.sankey.ws/proxomitron.html


    8. Kye-U's filters (FREE) – Rule Sets for Proxomitron giving greater protection against exploits.
    http://www.kye-u.com/proxo/forums/i...topic=131&st=0#


    9. Mozilla Firefox (FREE) – Safer Web Browser.
    http://www.mozilla.org


    Cookies I am not worried about.


    Exactly ;)


    Have you tried some of the exploit tests found here?

    Using the Windows Firewall, is slightly better than having nothing at all, it has no protection for outbound traffic, see here for someone who found out this the hard way:

    Cheers :D
     
    Last edited: Sep 13, 2004
  20. <b>
    Case closed. Some pat backing seems to be requested :)

    BTW for those wishing to play the senority card, my last screen name was registered in Nov/Dec 2002 :)

    I agree with everything else in general with what Notok and rerun are saying though, I'm not too sure if spywareblaster is that useful, if you have reasonable internet explorer settings and/or don't use IE.
     
  21. Okay Chris, I think while you have made some unconventional (read not popular) choices , you do have your bases covered, so you probably arent looking for major software changes.

    I'm somewhat wary about your choices of email client (outlook express) and browser (IE), but it's your hide on the line, if you want to trust your apps to protect these weakness.


    Okay a couple of less known and small stuff, you might not have heard of

    WWDC- http://www.firewallleaktester.com/wwdc.htm
    Bugoff - http://www.softpedia.com/progMoreBy/Publisher-Merijn.html
    Safexp,XP-antispy,Xplizer plus XP SP 2 of course.
    Qwikfix

    All these are small apps that you can use to help with XP weaknesses.

    If you are game for bigger changes check out the following apps

    SSM - System Safety monitor
    PG - Processguard
    Prevx - http://www.prevx.com/
    http://www.abtrusion.com/antivirus.asp
     
  22. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,325
    Location:
    US
    Whoa, Blackspear, what was that thing? Clicking on that link downloaded a Trojan that went straight into the Quarantine folder. I'm using another pc, not mine, and this pc uses McAfee. How do I, or even can I remove the Trojan? The log said that McAfee tried but could not remove it. Thank you.

    Acadia
     
  23. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    this is absolutely not true. spystopper and spyremover (itcompany) are from the author of Spyblocker and SpywareStopper and are not affiliated to them.

    this review (anti rogue list) explains more

    http://www.spywarewarrior.com/rogue_anti-spyware.htm

    just for clarifying. (I will inform Paul - author - immediately this is a coincidence I guess and people are trying to use the good name of spyblocker related goodies.

    - thanx
     
  24. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Good catch Infinity. I just kind of wonder if it is really necessary though. If you look at the product page it appears to be exactly like Spybot (which is free) http://itcompany.com/remover.htm . It even has the same freezing problem that Spybot had when scanning c2.lop. And no where in the Spyremover page did i see anything giving credit to Spybot. So to be honest Im not really sure what to make of it, but while you are informing Paul, maybe it might be worth contacting Patrick from Spybot as well. I imagine if it is legitimate that it is some how an extension of Spybot for schools and companys. Though it seems rather confusing as Spybot has pursued other people who had used their database so that they could sell their product.

    Spybot and Spywareblaster to me make a very good combination. Both are free and Spywareblaster uses no resources. While Spywareblaster's main benefit is for IE users. It is also quite nice that it blocks tracking cookies under Mozilla and Firefox.
     
  25. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Say Acadia, I've been there with that and you can probably leave it right where it is.....in quarantine.

    GF
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.