How Many Tools Do we need??

Discussion in 'WormGuard' started by bud, Apr 28, 2002.

Thread Status:
Not open for further replies.
  1. bud

    bud Registered Member

    Joined:
    Apr 28, 2002
    Posts:
    2
    Hello,
     Well, I get attacted from al sorts of directions.

    I've got ZoneAlarm (2.5.xxx) Pro and NAV and Ad-Aware.

    How much more do I need to keep secure??

    Also, I would love some opinions on ZAP and version 3 boggs down my system to a craw and I want a different Firewall with as good or better protection.

    Thanks ya all :cool:

    Regards, Bud
    http://www.wintrouble.net
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Bud,
    welcome here!
    things depend on the OS you are using and what we really need is personal taste as well.
    A firewall, i upgraded to ZAPro 3.0.118 and now i'm gewtting used to it i've not too many problems with it any more (lot has changed, like for instance you need to allow server option for the chats/messengers which made me furious, but i found out only in the trusted zone and on Internet Zone you can block them and they still function again, might have to allow more ports then you would like, am trying to refine that part, etc)
    There are so many different firewalls, personal taste and what works best on your system and in combination with other software.......

    Then you need at least a good (or a few) av/at scanner(s) (not running all at the time, but the one after the other when you feel to or one resident which you close to run at given times another one).
    Also which or which combination is certainly personal taste.

    I would not like to do without TDS, which has a whole bunch of tools to secure and determine and analyse my system, files, programs, connections, and a lot more.
    TDS is not a virus/trojan scanner in the first place, it has far deeper possibilities, can block nasties from ever executing with the exec protection and lots more.
    Further it works marvelous together with WormGuard which was ever created in the first place to block malicious scripts from running, but it does lots more then that, also blocking all kinds of nasties from web sites and enabling to look inside a suspicious file in the safe mode (we all are interested or at least curious, aren't we?) so we can still decide to run it or not.

    Ad-Aware is a very good one (and popular) for detection and deleting spy-ware inclusive the registry keys of them.

    So firewall (you have ZAPro), anti trojan (you have NAV, could look for some addition if you like to try), anti virus (you have NAV, but you might like to look for an addition specialised in viruses), script blocker (like WormGuard, which does lots more then just that), the spysoftware detection/deletion (you have AA already) and if you really want more and for instance from WINNT versions check and delete the NTFS files and hundreds of things more you might love TDS!

    In the viruses, trojans, firewalls threads in the forum you will certainly find good discussions, advices and recommendations. It's so hard to say, for me on my system for instance NAV was a disaster, while great parts of the world are very happy with it, some software runs wonderfull on the one pc, while on another with the same configuration it is terrible.
    Somewhere in the forums here i saw s thread about the "must have's".
    You have the email protection of ZAPro, would not like to do without anymore, your NAV has that too, etc.
    I'm more the practicle kind of what do i really need, and if i have some tools which include lots of other possibilities i don't go for all the other functions in other software, only my av/at scanners i have various ones.
    If you want more then looking into packets to and from your port 80 (TDS port listen or traffic bridge) you might like a packet sniffer, you might like to analyse the ZAPro logs any better with some special tools, you might like for security reasons and reducing spam to use mailwasher or programs like that and of course your email and browser settings are important as well for your security. You might like to use a proxy, etc.
    Many tools are available for free, btw, which do the job, and some have to be bought, of which several have a trial period too.

    About TDS and WG i can say: i love them. There is a new version 4 in the build, but registered version 3 users are upgraded without additional costs, so no reason to hold back on at least trying them if you feel to.

    Hope it helps a little bit with your looking around for what you feel comfortable with. Feel free to ask.
     
  3. controler

    controler Guest

    One thing about Norton firewall is that it was based on @guard, Blocks script cookies ect. It is good to block personal info released about your system about your past internet experience ;)
    To bee really a good paranoid person you wopuld use a good router and CUSTOM configure its packets ;)
    Lockdown ?
    Do you customize your port blocking?
    Wher is the private forum you speak of here Jooske? :eek:
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hmmm with the coming TDS-4 i would not even think of looking at any other product for the moment, until it's release and we know what's all really in it.
    As Wayne and the DCS have been working really hard we can expect some very nice surprises which keep all the internet community breathless for a while.

    The private forum is for registered TDS members, who are there with a click of the F5 button from the console and have entrance inside the forum once they registered their forum membership and all is found well.
    (no blocking cookies for instance :)

    Each product is a personal taste, i hear good stories about LnS, Kerio, Sygate as firewalls, while ZAPro does more or less for an install and forget firewall (not much to forget with version 3, keeps you busy withy changes)
    while the ATgard people will say the new fw is very different from the old product, but how far that one will still run on newer windows versions........
    Those discussions are in the firewall threads in security.
    ZAPro and the IE/NS browsers have cookie blockage as well and there are many more little tools to deal with cookies, like cookie washer and Karins tools has a fine one which also gives insights into the cookie and the URL it's linked to, etc.
    If you have TDS not any need for lockdown, which might have nice functions, i had reasons to choose for and stay with TDS long ago and more with the coming v4.
    Found out many ADSL modems are in fact a router already, only have to learn how to configure the things.
    But in that area you can certainly do a lot more.
    The port /sockets blocking we can do in the firewall, and in TDS, you can do that automated and with scripts or customize, whatever you like. To start with the automated is the most easy of course, after you might like to look deeper into it.
    With certain scripts/conditions we might decide to put some special software in control behind a port.
    Don't they call that honeypotting?:)  
     
  5. Bud Allen

    Bud Allen Guest

    Thanks a lot Jooske,
     What is TDS??

    Regards, Bud
    http://www.wintrouble.net
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Trojan Defence suite
    http://tds.diamondcs.com.au
    Also from the DCS people in Australia, the best tool i'm aware of, for detection and defence against trojans and worms and other instrusions on our systems.
    It is not just a trojan scanner, you really have the tools to analyse all that's going on on your system, including processes, connections, data packets to your system, you can determine possible intruders and fight them in appropriate ways, and lots more.
    Certainly worth the download and give it a try.
    You see some about it in the other threads, support matters as well as the fun we have adding scripts to expand the possibilities beyond imagination, while in the private members-only (registered operators) forum also the more smart and complicated scripts (and lots more) are discussed and worked on.
    We're all patiently awaiting the next upgrade to version 4 to wich all registered operators will be upgraded for free, so not any reason to wait for that!
     
  7. controler

    controler Guest

    Jooske sweetheart?

    I am a registered Wilders person. I have a username and password but are you saying I need to buy TDS and then gain access to the private forum? :(

    Yes as I mentioned before latest release of QGuard before it was bought by Norton does NOT work with any Windowz OS's after Windows 98
    I still have a copy of version 3.11 @Guard though ;)
    All Norton did was blot it some, and who the H ** cares about bloating with the systems we run today.
    We ara enot running slow systems anylonger and if we are it ourown fault ;)
     
  8. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    That's right yes, for the DCS private forum one needs to be registered operator of the software (TDS, maybe the WG licence would give access too, not sure)
    I'm not the one holding those keys:)
    How do you like TDS / WG until now?

    The older programs yes, we expect the newer replacements to be more fancy and advanced but in the case of Norton ............hmmmm
     
  9. Bud Allen

    Bud Allen Guest

    I'm Downloading WormGard as we speak, ot I write :)

    You said above:
    "How do you like TDS / WG until now?"

    Do you mean I can get WG in the same package and registration i I just purchased TDS??

    Regards, Bud
    http://www.wintrouble.net
     
  10. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi again! i'm surprised my message is posted as i crashed terrible that moment.

    No, TDS and WormGuard are two products, available separate, but they work very well together and complete each other. I was not sure if you were using both by now.
    I see TDS more for the worms and trojans and system detection among others, WG more for scripts and lots of other possible nasties, blocking files from web sites from entering our systems, i see most of time WG jumping up to alert before opening a malicious file (and we can check it all in the safe mode).
    I went to test sites and the nasties could not even run and demonstrate as my system was too well protected with those tools. Good feeling of course.
    Even no reason to cripple the system with disabling WSH as we're protected for abuse of that.

    I can not guarantee how TDS and WG might look in the version 4, it might serve really all our security needs on the highest level.
    One of the policies at DCS is they upgrade registered operators for free to the next version, so no reason to wait for that next one to save possible double costs.
     
  11. bud

    bud Registered Member

    Joined:
    Apr 28, 2002
    Posts:
    2
    Jooske,
     Wormguard I'm gonna keep.
    TDS??

     I haven't made up my mind yet.

    I'm making my next newsletter for my site about secuity, and the more I dig the more I know I'm not really qualified to write it..........YET :)

     But I'd love a good thesis to refer to. Know of any??
     
  12. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Glad you like WG, for sure it is so easy and not taking resources for so much security it offers.
    TDS you will get used to, it looks complicated, (i ever posted here a nice "configuration script" with a MSAgent pointing the most important ways as a quick start),
    first look in TDS > Configuration and get your settings to your liking, after you might like to install the Sockets for ports watching , take Automated to start with, you will need to Update the databases (in trial versions you'll have to grab them from the DCS site and just put it in the TDS directory, nothing to install but a reload of TDS in that case --http://tds.diamondcs.com.au and scroll to the radius update in downloads-- registered version get them with a click of the button or automated)
    With this you're ready for your first scan:
    TDS Console > System Testing, you might like to try some of the tests there (check all you can and sensitivity on highest), you might like to scan all logical drives (if you have a network) or a full system scan, whatever you like.
    From there you will like to discover the other options and look in running processes and netstat, the autostart (which you can edit there without a reboot!) and give yourself time to look at all the options and functions. You've a 30 day trial time so jump around with it. Be aware in the trial several functions are disabled, like the exec protection and you can run scripts of max 5k (not sure if you can edit them yourself in trial) ..
    TDS is much more then a detection and security tool, for me it is central on my system, as with the scripting i added lots of other use to it, even have it singing and all that, but the main part is it's security.
    Imagine what we can expect with the version 4 of WG and TDS!  

    There is so much going on in security matters, you could about point to anything; a hot item is nowadays the email protection, for which WG is a fine additional tool beside your other email protection/scanners.
    You might like to move suspicious emails to a special folder outside the email folders and do lot of scanning on that with TDS, other scanners, etc. Then you can see what is scanned...
    If you dig in the DCS site you have already a lot of info and of course looking around here on this forum you see a lot of hot items.
    Hope you feel inspired to grab one hot item.
    Can we see your news lettter somewhere to have an impression? always interesting!
    You never can put all your knowledge in one letter and many of your readers might not know too much of what you'r talking about, so you might like to keep it happy and not too deep but informative (practicle)
     
Thread Status:
Not open for further replies.