Am I "fully layered"?

Discussion in 'other software & services' started by tepi, Dec 5, 2003.

Thread Status:
Not open for further replies.
  1. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hi All:

    What does "fully layered" mean? Currently I'm running Win2K Pro with Netscape 7.1 as my default browser and
    have the following programs installed to:

    (1) help me monitor and/or control what's going on;

    Active Ports
    AnalogX - DHCP Fix
    AnalogX - Port Blocker
    Attacker v.3.0 TCP/UDP Port Listening Program
    CodeStuff Starter v.5.6.1.23
    DCOMbobulator v.2.00
    DiamondCS - Advanced Process Manipulation
    DiamondCS - AutoStart Vewer v.1.00.0001
    DiamondCS - Port Explorer v.1.800
    Disk Tray drive r/w activity LED
    HiJack This - v.1.97.7
    Hosts File Viewer
    ShootTheMessenger
    SocketLock v.0.92
    SocketToMe v.0.92
    SysInternals Autoruns v.3.02
    SysInternals Diskmon v.1.1
    Sysinternals Filemon v.6.07
    SysInternals Process Explorer v.8.0
    SysInternals RegMon v.6.06
    TaskInfo 2000
    UnPlug n' Pray v.1.2
    Vision v.1.0 TCP/UDP Port & Service Mapper
    Visual Zone 5.7

    (2) help keep things clean and tidy:

    AnalogX DLL Archive v.1.00
    Diskeeper Pro Disk Defragmenter
    ERUNT Ntregopt Registry Optimizer
    SysInternals PageDefrag v.2.21
    Registry Medic v.2.90
    RegCleaner v.4.3
    Washer v.4.8

    (3) make backups:

    Acronis True Image v.6.0
    ERUNT Registry Backup/Restore v1.1a
    WinDriversBackup v.1.0.8
    WinRescue 2000

    (4) block or beat up any nasties that try to venture in:

    DiamondCS - TDS-3 v.3.20
    DiamondCS - WormGuard Scan Module v.1.00
    Eraser v.5.6
    Norton AV v.9.05.1015
    SpyBot-S&D v.1.2
    SpywareBlaster v.2.6.1

    Am I "fully layered"? Or am I just paranoid? :) If there's anything I've overlooked your comments and/or suggestions would be appreciated.

    Cheers,

    tepi.
     
  2. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Hi Tepi,

    The greatest defense is based not in a wall of software, but in safe behavior. Common sense (e.g. "safe hex") is the most important security feature. If you're careful and knowledgeable (unlike perhaps 98% of PC users I know), then you are very well protected.

    Appears you are both. ;)

    Regards,
    Optigrab
     
  3. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hi Optigrab:

    Thank you. It's just that it seems that almost daily I hear of yet another program that is more or less required for a reasonable security setup. The latest was Spyware Blaster. And as a relative newcomer to security matters I've naturally been wondering if there's some important area I've overlooked, as other than a hardware firewall I can't really think of any other "layers" to add.

    Cheers,

    tepi.
     
  4. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    I thought AnalogX's DHCP fix was only for Win98, if it is you can remove it.

    You should also be fine with one port to process mapper. See if you can choose between Active Ports, Attacker, and Vision. Vision I believe also shows running processes, so if you do choose Vision you could probably also get rid of Process Explorer. Port Explorer by DiamondCS also makes for a good investment in the area of port to process mappers.

    AnalogX Portblocker is probably not needed if you have a good firewall (which I do not see listed). Some firewalls also have backtracing features so you may not need VisualZone as well. It might actually be better to go here http://www.visualware.com/personal/products/visualroute/index.html or here http://www.all-nettools.com/ if you want to do backtracing or a whois.

    You seem to also have a lot of registry tools which you may want to cut down on. The registry is confusing enough by itself, so having so many different programs to handle cleaning the registry may add to the confusion, and may even cause instability on your system.

    SpywareGuard may be a nice addition to your spyware protection as well.

    RegRun Security Suite is also a program that I enjoy very much. It includes a lot of utilities that may even reduce the need for even more of the programs you listed.

    Some of the other programs I am not that familiar with, so it is probably not a good idea if I commented on them. I ask you to cut down some of the programs because very rarely can I see one using so many programs to do the same task on a daily basis. They will be taking up resources that could be better used in other aspects of your computing world :) .

    The idea of being layered is to have a specific app or policy or hardware etc to handle a specific threat. Thus having an intruder to break each layer to do "damage." Also keep in mind that some apps have certain features within itself that will make it even harder to bypass (which Nancy reminded me of today). Thus you have a layered approach within the app itself. Depending on one app and one policy to do everything will allow the intruder to only break one layer to do "damage." Im sorry this is a dumbed down version and Im sure someone else can explain it much better. For Home users it is basically finding the best app to handle each threat that they will likely encounter.
     
  5. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Greetings tepi and welcome to Wilders Forums

    SpywareBlaster and SpywareGuard are good to have and use almost no system resources. It is good to see your desire for layered security and it would be so good of you to "spread the word" as computer security is so important for defence against cyber criminals who want to invade your privacy, hijack your computer and attempt cyber terrorism.

    These defences are necessary not only for you and your computer(s) but for the defence of your nation and every freedom loving individual. As a citizen of your country your computers' defences will help to strengthen your entire country and add one more part of the necessary wall of defence against those whose only desire is to wreak havoc and destruction wherever they can.

    Best wishes and we hope to see you here in Wilders often.
     
  6. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Tepi

    Please don't "believe the hype" associated with every new security app that is released. It is better to study, learn, and decide what you need to address, then find the appropriate SW to meet those needs.

    Rerun2 mentions the apparent omission of a SW firewall. I don't see one on your lengthy list, but recommend one as important to both your security and your journey of learning. I have learned much from selecting and configuring a SW firewall.

    The basics, IMO, are: Firewall, AV, AT (or perhaps KAV as an AV that is also an exceptionally competent AT). Then comes the backup regimen, which you seem to be prepared for. Of course having the backup tools but failing to use them regularly will do you no good. My next concern would be a NAT/SPI router (even in conjunction with a SW firewall).

    Beyond the basics come all of the additional programs you have collected. I largely agree with Rerun2 and QSection on what's worthwhile and what is probably superfluous. Again, it is better to take your time to learn about security and decide for yourself what you need than to simply accept at face value what every SW author says about his/her product. Oh, and refer back to my earlier post about "safe hex" behavior.

    Best regards,
    Optigrab
     
  7. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hi rerun2:

    Thanks for this very full and interesting reply.

    Hmm... I see.... Yes.... Well, it's clear that I'm going to have to learn more. Many thanks again for your comments, and my apologies in advance in case this reply ends up with a faulty layout. I'm not getting a chance to make corrections because when I hit the PREVIEW button it just goes ahead and posts.

    Cheers,

    tepi.
     
  8. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Oops. Sorry, folks. As I feared I seem to have made a mess of my last posting. In case anyone is confused, the 'quote' from rerun2 above, besides quoting his post, also contains my interspersed comments. As I mentioned at the end though, for some reason I can't seem to get the PREVIEW button to work.

    With apologies,

    tepi.
     
  9. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Hi tepi,

    No worries... Multiple quote / reply posts are rather difficult at times.

    Here's a couple threads to help you. We had a couple people with the "preview" button does posting problem in the past. Take a look at this thread and the one linked inside it:

    Help!! Posting Gone Awry!!!

    Also, we have an FAQ that explains quoting here in the forum. It's here:

    FAQ: The Art of Quoting in Posts

    I hope these help. :)
     
  10. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    My sincere thanks, QSection, for your very warm welcome. This is a terrific forum and I very much appreciate being in touch with such a friendly and helpful bunch of people.

    As for what you say, although It had never occurred to me to see things in that light, you are of course quite right. Security isn't merely a private concern; it becomes one's duty to the entire community, and now that I've seen the light I'll certainly be spreading the word.

    One word in your post that resonates very powerfully here is the word "terrorism" since the vermin who infest the internet, and who are involving us all in such a wasteful expenditure of time and money and effort, have always seemed to me to be a very real species of terrorist.

    It's wonderful to have found, here at Wilders, a group of iinformed and concerned people who are doing their best to ensure that the thugs don't have too easy a time of things.

    Regards,

    tepi.
     
  11. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Many many thanks. I've done as you suggested, read the threads, now understand how to quote, have enable java and scripting, and am about to test the PREVIEW button.

    Cheers, and here goes -

    tepi.
     
  12. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hmm... No luck. The PREVIEW button just went ahead and posted as before. Maybe I should restart my browser (Netscape 7.1) and give it another try later. But thanks anyway.

    Cheers,

    tepi.
     
  13. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hi Optigrab, and thanks again:

    Yes, you're right. I forgot to mention that I was also using ZoneAlarm. Also, of course, one doesn't believe the hype. That's why I had to test so many programs - to find out which of them actually did what they were supposed to do.
    And since most of them don't, or not on my setup, when I find one that does work well, whether I have an everyday use for it or not, I usually keep it. Hence the 'superfluity.'

    Forgive my ignorance, but what is KAV? I thought that DiamondCS TDS-3 was the best Anti-Trojan, but a good AV/AT sounds worth looking into. And what is a a NAT/SPI router. That one has me completely stumped.

    Cheers,

    tepi.
     
  14. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hi again:

    I just had a look at SpywareGuard and it seems that it has to be constantly running in memory. May I ask how much memory it uses? When I ran SpyBot last week it quarantined just 8 items (4 Windows Media player; Doubleclick; eAcceleration setup info; and 2 Microsoft DSO Exploit), none of which seem to me especially dangerous, thugh I could be wrong here. And since then SpywareBlaster has immunized my setup against 952 other nasties. But just how easy is it to pick up these nasties? Since I don't go out of my way to visit 'dangerous' sites, I'm wondering if I really need a spyware program constantly running in memory, although to be on the safe side I probably will take your advice and add it.

    Cheers,

    tepi.
     
  15. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
  16. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    It uses about 6% system resources on this machine.

    Even the most "innocent" sites can give one malware. The possibilities are almost endless as to your privacy being compromised, malware running and slowing down your computer, an attacker using your computer for a Distributed Denial of Service Attack etc.

    Best wishes
     
  17. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hi!

    And thank you. I'll check it out.

    Cheers
     
  18. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Is that so...? Thank you. I thought it was just the more 'popular' sites that one had to be wary of. Alright. I'm convinced. I've downloaded SpywareGuard and will do a clean install right away.

    Regards
     
  19. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Thanks guys. SpywareGuard installed without a hitch and is now running. It takes up a fairly hefty 7.26 MB of memory, but since, with all utilities running, I currently have 173 MB to spare, that's no great sacrifice. Glad I finally got the point.

    Cheers
     
  20. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    And while on the topic of Spyware, there's a wonderful letter signed by, among others, Paul Wilders, that tears apart the policy at Dell's which:

    "forbids Dell technical support persons from providing assistance to customers in removing infections of unwanted commercial parasites. This policy forbids providing removal instructions or recommending a spyware removal program. The policy even forbids mentioning informational web sites that can provide information about the spyware and how to remove it."

    The entire letter deserves to be read as it makes some of the same points that were made at this forum a little earlier. It can be found at:

    http://www.spywareinfoforum.com/articles/dell/support_letter.php

    Cheers
     
  21. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Hi Tepi

    Forgive my laziness, but rather than compose my own lengthy answer, here's a link that IMO explains NAT routers and firewalls in nice simple terms. Plus I do not want to misrepresent myself as an expert - the clever members here at Wilders would spot my errors in a flash. ;)

    To the above explanation, I'd add that a NAT router can protect you from most INCOMING attacks. So like a SW firewall, a NAT router by iteslf should close/hide all your ports from online scan tests like Shields Up!!!

    A software firewall behind a router is useful in that it monitors both inbound and OUTBOUND traffic, useful in catching trojans, adware, and other programs that may try to "phone home" from your PC without your knowledge. Also, it provides added security if you find you must "forward" any ports through the router (no need to worry about this yet).

    Regards,
    Optigrab
     
  22. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hi Optigrab:

    Many thanks for the NAT link. I'm reading it now.

    Cheers
     
  23. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Hi rerun2:

    Thanks again for a great post. After thinking it over I've realized that you were quite right about the superfluity and have now trimmed things down considerably. Many thanks also for pointing out that glaring hole in my setup - no SpywareGuard. Since adding it I'm feeling much better.

    Regards.
     
  24. tepi

    tepi Registered Member

    Joined:
    Nov 12, 2003
    Posts:
    81
    Thank you. I read the threads and finally figured it out. After enabling java in Netscape I needed to REBOOT to activate it. Now PREVIEW is working fine.

    Regards
     
Loading...
Thread Status:
Not open for further replies.