First & Last line of defense against malware

I know there are a lot of possible responses to this question due to all the different variables. There are many types of malware (e.g., virus, trojan, rootkits, spyware, adware, etc.) and many types of anti-malware (e.g., AV, AT, HIPS, IDS, firewall, etc.).

What do you consider your first line of defense against malware, either general (e.g., AT) or a specific product (e.g., Boclean)?

and

What do you consider as your last line of defense against malware (i.e., this will catch it if it gets past everything else)? Also, either general or a specific product.

To keep it simple you could use:

First = ?

Last = ?

 

Too general a description: malware, because of the many attack vectors there are many first lines. But generally...

First Line: Discrimination
The good kind of discrimination, like the power of finely distinguishing the software you want from the malware you don't.
Not the bad kind like racial discrimination.

Last Line: Offline, disconnected, offsite backup.
When all else fails, your proven, reliable backup will save you.

 

First = anything that blocks executables (e.g. Process Guard)

Last = anything that cleans system on reboot (e.g. Deep Freeze)

 

1st = XPL ScoketShield
Last = BOClean

 

That is almost too general of a question. Not including common sense, the real "first layer", it depends on where the attack comes from. it My firewall, Kerio 2.1.5 is responsible for stopping most attacks from the net. For malicious web pages and other problems that use/exploit the browser, Proxomitron gets the call first, filtering out unwanted material. The majority of my internet applications connect thru Proxomitron. For exploits not filtered by Proxomitron, malicious code in downloaded files, e-mail attachments, etc, System Safety Monitor is first in line.
My last line of defense is my system backups, which I've never had to use.
Rick

 

I totally agree with Rick

1srt layer : my brain, common sense or call it like you want
Last layer : instant restoration or image backup

Regards

 

Hello,
I assume you asked about tools that concern malware directly (NOT experience or imaging tools) so:
First line of defense: browser.
Last line of defense: hijackthis tool.
Mrk

 

Right now :

First = Frozen snapshot (FirstDefense-ISR) + Faronics Anti-Executable
- FDISR's frozen snapshot removes all threats after reboot.
- Anti-Executable stops the execution of all threats, except rare non-executable malwares and rare exploits.

Last = Acronis True Image Home.

 

First: CHX-I, SSM w/ disconnected interface, & SandboxIE
Last: Antivir

Cheers,

Alphalutra1

 

First - FF with noscript run through Sandboxie.

Last - Kav and Comodo FW.

Just to be sure - Ghost images and a clone on a slave drive.

 

First = Any Linux distribution (not root)
Last = Image backup on DVD

 

First SAV
Last BOClean

TrueImage is my fall back.

 

First: Settings (especially WinXP & browser - user is protected against zero day exploits).

Second [optional]: Firewall or Router (to terminate all inbound attempts to the closed ports).

Last: Any other aplication like AntiMalware, HIPS, etc (malware is allowed to get into the PC).

 

I agree, a secure browser & HijackThis!!!

 

First and foremost patch your system with available security updates
Then Get a great Firewall you can customise like Ghostwall - then test it (GRC.COM is good) or Auditmypc.com
Go through all your settings and test for weaknesses - Then plug the holes
GFI's Penetration and Port testing Tool works http://www.gfi.com/lannetscan/
Get A Great Process Monitor like AppDefend - Please learn about your system.
Get a great Antivirus NOD32
Get A Great Antispyware - Spyware DR is my recomendation... The free stuff simply isnt doing the job anymore.
Get a good Log manager - http://www.eventlogxp.com/ Configure your logs for full reporting and please... Monitor the logs!
You want to protect your data? Encrypt the hell out of it. Sentry from Softwinter.com works or the "FREE" True Crypt http://www.truecrypt.org/

Then Backup backup and backup again.

Why I mention all this.... Not one or two tools can currently by themselves keep you safe, if you put your trust in any one tool or suite.... You are doomed!
Besides if you harden every weak area of your system it will quickly deter hackers since they love an easy way in that is provided by unprotected systems...

 

First : myself.
Last : switch off the modem.

 

First- My secret HIPS
Last- Image for DOS

 

@Bellgamin

Go on .....?

 

First = Common Sense
Last = Backup Image

-- Tom

 

I couldn't agree more.