After installing Nod32 what else do we truly need?

Discussion in 'NOD32 version 2 Forum' started by Palombaro, Jul 30, 2005.

Thread Status:
Not open for further replies.
  1. Palombaro

    Palombaro Registered Member

    Joined:
    May 13, 2005
    Posts:
    77
    Location:
    UK
    With the demise of TDS-3 and in the light of the comments of other anti-trojan software producers about the continued viability of their products plus the fast developing ability of NOD to detect trojans and other malware, I wonder what else do we truly need to burden our computers with. Does the average computer user really need much more than say a good anti-virus prog + a good firewall + say something like Spybot? Are the days of specific AT software over ? Can we go to a much lighter defensive shield given the sophistication of products like NOD32?
    I know security professionals will hold their hands up in horror , but I am not talking about huge complicated networks, I am talking about the average consumer with 1 or 2 computers connected to the net. Security experts do also have a vested interests in talking up the threat? How many layers of protection do we truly need?
     
    Last edited: Jul 30, 2005
  2. Whissi

    Whissi Registered Member

    Joined:
    May 11, 2005
    Posts:
    51
    Location:
    Germany
  3. Palombaro

    Palombaro Registered Member

    Joined:
    May 13, 2005
    Posts:
    77
    Location:
    UK
    My point is not really which particular piece of software do we need, but rather the number of layers. If you read this and other security-related forums the conventional advice appears to be that we should adopt a multi-layered approach to the defence of our computers.
    It usually goes something like this:-
    Good AV + Good AT + Good firewall ( preferably hardware) + 1 or even 2 malware detectors (Spybot + Adaware are often recommended) . Now that can be a hefty burden on resources , both financial and computer. My point is that with their being so much overlap of function betweeen these layers , does the average user really need all those layers. Can we not reduce it to 3 or even 2?
    Opinions please.
     
  4. hadi

    hadi Guest

  5. Palombaro

    Palombaro Registered Member

    Joined:
    May 13, 2005
    Posts:
    77
    Location:
    UK
    Very useful link Hadi , thanks, which also in fact raises other issues relating to whether we really need to purchase any security software at all.
    The article sums up thus :-
    . No computer security product is perfect; all products have less than 100% detection. The choice between products commercial and free products is thus not a choice between perfection and something less rather it is a choice between differing levels of imperfection.

    2. In absolute terms the best commercial AV products such as NOD32 do have higher detection rates than the best freeware versions. However the difference between the rates is relatively small.

    3. By combining two or more freeware products it is possible to get better detection rates than the best commercial AV programs used alone.

    4. Layering is an attractive option for improving malware detection rates and may well offer greater opportunities than concentrating on looking for a near-perfect single product.

    But if you look at the gains made by installing a good AT on top of a good and fast developing AV I am not so convinced the AT is necessary.
     
  6. Whissi

    Whissi Registered Member

    Joined:
    May 11, 2005
    Posts:
    51
    Location:
    Germany
    Well, NOD32 has got a protection against "malware", but it doesn't find programs like Spybot or Adaware do! The definition of "malware" isn't easy ;)

    My recommendation would be:
    Running NOD32 everytime with Blackspear's Extra Settings.
    Every weekend you have to start a Spybot/Adaware test and you should be protected against virus/malware.

    If you want a live-protection against this threads, you need a autoprotection. Autoprotection needs resources... :)

    NOD32 without other programs won't be enough. If you really need it - whoo! I think you would buy an assurance against fire... but if you pay enough attention, you aren't in danger - so why did you buy one?
    Note: You can surf the web - wrong page - you may get infected with an "xxx"-toolbar, unwanted cookies e.g.! I don't now what sites you visit each day, but If it might be possible and you don't want to be infected, you should protect your computer.
     
  7. hadi

    hadi Guest

    Thanks. for AT you can download ewido its very good disable all its services and leave it as on demand scanner.
     
  8. Palombaro

    Palombaro Registered Member

    Joined:
    May 13, 2005
    Posts:
    77
    Location:
    UK
    How many condoms do you really need to wear at once

    Of course, it is necessary to build the user's behaviour into the equation.
    If a user visits dodgy sites, downloads/ installs pirated software and indulges in all sorts of high risk behaviour, sure he/she needs a highly defensive five-layered approach. i.e. AV+AT+Firewall+ Anti -Malware +Intrusion detection.
    BUT
    There are many users who don't live so dangerously, who don't visit XXX or Warez sites, who only download from kosher sites etc. Of course they are not without risk but isn't a AV+Firewall +AMalware perfectly adequate.

    My AT software , I have used TDS , A-squared and Ewido at various times , has never , never , found a trojan that NOD had missed, Never !
    Spybot has found cookies of course , none of which actually represented a danger to my system, though it was good to avoid being tracked of course.
    In the end, if you only ever indulge in safe sex, how many condoms do you really need to wear at once?
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    You can see quite a number of setups by clicking on the link in my signature.

    Hope this helps...

    Cheers :D
     
  10. Palombaro

    Palombaro Registered Member

    Joined:
    May 13, 2005
    Posts:
    77
    Location:
    UK
    https://www.wilderssecurity.com/showthread.php?p=351107

    is very useful Blackspear, thanks.
    I guess my idea of minimum security is even lower but probably flawed though I notethe absence of specific AT software in your minimum config.
    One of the leading , probably the leading , AT software producers, TDS has recently decided to put a stop to the product. Part of their rationale went like this:-
    'Existing anti-virus scanners improved anti-trojan performance
    For a long time anti-virus scanners lagged behind when it came to trojans, but today the leading anti-virus scanners are generally doing as well as, if not better than the anti-trojan scanners, and in many ways even have the upper hand over existing anti-trojan scanners (for example some anti-virus scanners have comprehensive unpacking engines). TDS was initially created because of the poor performance of anti-virus scanners when it came to trojans (in particular remote access trojans), but as they've since 'caught up' the need for anti-trojan scanners is declining.'

    One down ........ when can we look forward to one piece of software(Please God nothing to do with Norton) that provides the security needs for the average low-risk user I wonder. Nod32 manages to maintain a small footprint and yet do an excellent job.

    I guess though, that the link to Blackspears range of configs is probably the last word on this subject for the moment.
     
    Last edited: Jul 30, 2005
  11. Ryan Hayward

    Ryan Hayward Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    57
    I personally use Nod32, Adaware Plus ( Realtime Ad Watch Monitoring ) & Zone Alarm Pro.
    My computer is a Sempron 3000 with 512 Ram.
    These 3 programs don' use up a great deal of resource and the annual fees of Nod32 and Adaware Plus are not hefty. Every now again I manually run Adaware's scanner but never find any spyware so the combination of Nod32 & Adwatch are doing a fantastic job.
    I had some problems with Adwatch's Block-Browsing hijack, had to disable it as an old webpage keeps being made the default home-page otherwise. ( weird )
    Is it really necessary to update Zone Alarm Pro often as the current version is really stable ?
    If I keep with the current version for years, should my 'puter be fairly sagfe against hackers ?
     
  12. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    My pleasure, it was something that I wished someone had when I was first learning, a place that would give me a guide in which direction to head instead of grasping at straws…


    Nope it is there; Nod32 ;) :D


    I think you will find this was definitely part of the rationale. The public do not differentiate between Viruses, Trojans and Worms, they just want to be protected without any excuses, add to this Spyware, Malware etc, and this to is being added to Anti-virus companies.

    The other major thing is prevention is now far better than cure, thus you will be seeing more blocking and prevention software entering the market place in years to come, things like SpywareBlaster and Process Guard 3 come to mind as a direction in which companies will need to head.


    It is all well and good to have a single suite, but what happens when that is killed by a nasty, you are then left defenceless, I still advocate a layered defence remains the very best strategy for security of a computer.


    I’m afraid it will have to be, as this forum is the “Nod32 Support Forum”. You can continue this subject in the link that I gave you, you will find a discussion thread.

    Cheers :D
     
  13. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Not really, though I do advise my clients to do so, or you could tick advise me in 60 days (or whatever the longest reminder period is now), this will then keep you just behind the eight ball should there be an issue with a particular update.


    Within reason, though again, I wouldn’t like an old engine of Nod32, even if it was using the latest updates, the heuristics wouldn’t be as strong for the latest threats.

    I will also advise you the same, that should you want to continue discussing this subject there are other Forums were this is more appropriate to do so.

    Cheers :D
     
Thread Status:
Not open for further replies.