What am I doing wrong ?

I keep reading about this firewall being better than another, this anti-virus program being the best, how I can't live without online protection and so on.

Well I can't remember the last time I saw any real nasties - but it must have been more than 10 years ago.

I sit behind a netgear router, use Firefox (no scripts) to surf, my mail is collected and checked by www.netaddress.com and I don't open any unknown emails that might slip thru the net.

Every so often I run programs such as AVG anti-spyware, A2, Super Anti Spyware, Spybot, Ad aware, Antivir, and many others and nothing ever shows up - with the exception of harmless cookies and the normal amount of false positives. I have tried with and without software Firewalls, I have run HIPS programs and yet nothing exciting ever happens.

So what am I doing wrong ? how come everyone else seems to run 25 different security programs and are still able to find nasties on a regular basis ?

Is it possible that security is much ado about nothing ? and that by and large most of these programs are little more than a harmless way of having fun but not really necessary ? I know that in the commercial world Fear Sells but I'm surprised that so many here seem to think that it is dangerous to even get out of bed without the latest update to the latest form of protection.

 

You aren't alone ... I use only a a hardware and software firewall, no AV or AS or anything else on my one lone XP box [all others run Linux - they also employing pretty much only a firewall and some hardening] and not an issue yet.

 

Long View,

If you manage e-mail as you state, restrict your Internet surfing to major known good sites (say standard news sites, etc.), your experience is pretty much as I'd expect. Step beyond those bounds and you may or may not experience an issue. Go well beyond those bounds, and my experience is that you may encounter an issue a few times a year that your one or two security programs will ably handle.

Blue

 

Hello,

You're doing nothing wrong. My envelope of web experience is even wider than yours with games, p2p and I have a similar story to tell.

I did clean lots of friends' and such PCs - but the manner of their infection still remains a talent that I have yet to unravel. I guess it takes special people to fish out nasties on a daily basis.

Mrk

 

Surfing without Javascript can be safer. It is a bother though with that restriction, so many times I ran my Firefox inside Sandboxie with having NoScript allowing all.
But in general I agree with you. An outbound controlling firewall is not really needed if you just mainly surf and read your emails and not install any possibly dangerous executables.
Windows XP SP2 fw or one with Vista if you ran it should be just fine.

Many of us like myself need to know what is going on in our systems, so this is the main reason we do run 3rd party firewalls and hips programs. They are not always totally harmless in a way that security programs can cause much havoc on your system if not being prepared to take the added learning that running them needs.

Running XP I should say that I recommend a working antivirus but no more than that real time blacklist scanning software and also it is preferable to run it usually with a limited user account when having internet access. A real time AS is not needed in my opinion if you are a safe user.

 

NAT Firewall+Windows Firewall+Prevx1, or SSM free+Common Sense=Happy Camper

 

Thanks Guys for your replies.

I must admit I had half expected a number of people claiming that large numbers of security programs were essential.

I very much agree with those who are essentially saying that "safe surfing" should not result in major problems.

I have no problem with having a bit of fun, playing, testing various programs and so on but would hope that overtime those who have little interest in such programs might get the message that overloading a computer with security is not necessarily a good idea and very often provides little or no protection in the hands of many users.

Some time ago a friend rang to say that she could not get onto the internet.
I asked what she had done - and she said she had done nothing. A message had appeared about svchost.exe and not understanding the message she had clicked "No".