Layered Sercurity

Can someone explain this to me. What layers should I have in my defense?
I have Nortons Internet Security and a firewall router on a cable internet connection. How can I configure all this to "prevent" intruders. I have posted the "Many Trojans" post in the other area. I love to download little programs for ripping mp3's or misc. apps for tinkiering with windows. How can I prevent trojans and viruses? I obviously had the trojans on my system before installing Nortons Internet Security because it never detected anything ever. Never a virus or trojan. I used Spybot 1.3 and never had issues other than some small spywear. I always found with spybot and removed and imunized. Now my system is sitting idle. Running Windows XP pro.

 

Hi Iceman68,

Welcome to the Wilders forum!
While there are certainly more qualified members/moderators here, I will do my best to answer as no one else has yet.
Your first and most important layer is knowledge. If you spend a little time here learning, you will be up to speed in no time. It almost sounds like a cliche, but if you don't know how to configure the most advanced security software correctly, you will either miss all the benefits or maybe lower your security level.

There are myriad choices and options, but I'll try to keep it simple and let others elaborate.
In a nutshell, the basic layers for broadband security are:
(This assumes you are not already compromised, if you think you are try here)
1. Hardware firewall that is properly configured.
2. Software firewall that is properly configured.
3. Completely patched, updated OS.
4. Security tweak OS (remove unnecessary shares, etc.)
5. Use an alternate browser and email client (my opinion).
6. Antivirus software
7. AntiTrojan software
8. Antispyware
9. ProcessGuard (process protection and program sandbox)
10. Registry Monitor
11. Backup imaging program
12. Keep learning at Wilders!

I know it is a rather simplistic list (overkill for some), but it is a start.
The idea is that you have a good defensive barrier that keeps most bad guys out. If they manage to defeat or circumvent the first barrier, then they come upon the next barrier and so on. The idea is that you are not wholely reliant on one piece of security. After running into enough barriers most bad guys will give up. It does not mean that you should have 10 software firewalls. One of each type is usually sufficient (sometimes a little overlap is okay).

Sometimes the biggest gains in security are free.
Other times an expensive hardware provides the best solution.
One of the best ways to layer your security is to separate your riskier activity (P2P, downloads, etc.) from your secured system. This could mean a different computer, or a different hard drive with a switchbox.
It depends on how much time and money you are willing to spend.
The time spent learning is well worth it (and fun too).

Hope this helps a little.

 

Good reply Devinco, well said

Cheers

 

Thanks that sums it up nicely...Can you elaborate on the number 4. What can i remove from OS(XP)ie. uneeded programs and still surf and email.

 

I agree, Black Viper's site is great! Highly recommended by many on this forum.
In addition, spend a little time at GRC.com. Not just for the shields up!!
Implement the Three Musketeers and XPDite.
Read about the network bondage article (very informative).
Basically what I meant for number 4. was to edit the properties of your lan card and remove things that you don't need.
For example to connect to the internet and check email, you only need TCP/IP.
If you are on a stand alone computer, you don't need Client for Microsoft Networks, QoS Packet Scheduler, File and Printer Sharing for Microsoft Networks, LMHOSTS, or NetBIOS. If you have a small LAN and need to share a printer, then you will need to enable F&P sharing on the computer with the printer and Client for MS Networks on the other computer. I would rather just buy a print server (some now available for $50) and hook it up to the network hub or router. That way no sharing vulnerability and always on printer access no matter whose computer is on.
File sharing is one of the original root sources of security vulnerabilities (at least from MS). If you need to swap files just use the sneakernet. I know it is a bit extreme, but now DVD RW drives are below $100, so large files can be transferred easily. It depends on what you need to get done and how important security is to you (or how paranoid you are ).
The idea is to remove/disable features that A. you will never use and B. an intruder will exploit to attack you.

EDIT: Here is a poll on layered security. It seems the majority here at Wilders like layered security.