Considering purchase......

Discussion in 'Ghost Security Suite (GSS)' started by Kegel, Mar 7, 2005.

Thread Status:
Not open for further replies.
  1. Kegel

    Kegel Registered Member

    Joined:
    Oct 28, 2003
    Posts:
    159
    I am currently running the following:

    BoClean
    McAfee AV
    Process Guard
    Microsoft AntiSpyware with real time protection enabled.

    I do not want to just keep piling up these security apps but like what I see in RegDefend so my question is:

    If I add RegDefend, can I safetly ditch one or more of the other apps and be better protected than I am now? Will RegDefend add anything significant to what I already have? In a nutshell...will RegDefend replace or make redundant any of my other apps?
     
  2. gottadoit

    gottadoit Security Expert

    Joined:
    Jul 12, 2004
    Posts:
    601
    Location:
    Australia
    Kegel,
    Sorry to say you probably can't ditch any of the Apps because RegDefend does something that none of them do, it intercepts registry changes *before* they have been made

    There is nothing to say that Microsoft won't innovate in future versions of the Anti-Spyware product and add kernel level registry change blocking....

    I am of the opinion that you might as well pay the relatively small fee for RegDefend to reward innovative work and have the features now rather than waiting for an event that may never happen

    I'm not sure how granular the control is in Anti-Spyware, you might be able to turn off the registry polling but as long as it doesn't interfere too much you could just leave it there as another line of defense

    Which personal firewall are you using, that seems like an omission from the list ?

    Also if you are still using Internet Exploder for general browsing, then it might be prudent to take some other precautions

    Have a read of the thread Security that you use and its purpose to see what some of the better known indivuals at wilders are using (and why)

    IMO the perceived need for Security applications tends to increase the more you learn, you need to keep it in perspective because no piece of technology will ever compensate for well thought out decisions on your part
    Sandboxing and/or virtual machines are probably the way forwards for the future, they need to continue maturing (with features and usability) and the price needs to come down for it to be affordable (VMware, Tiny and other new players)

    In the mean time, tools that intercept changes before anything happens are offering more protection than ones that try to alert after the fact, both RegDefend and ProcessGuard fit into that category and are excellent choices for the cost (I own both myself)
     
  3. Kegel

    Kegel Registered Member

    Joined:
    Oct 28, 2003
    Posts:
    159
    Linksys Firewall Router. ;) and SP2's built in firewll (probably not needed)

    I have Port Explorer as well so am fully aware if anything is trying to "phone home" on me.

    The hardware router is the best single piece of security you can purchase imho.

    Thanks for your response. Think I'll give RegDefend a try.
     
  4. gottadoit

    gottadoit Security Expert

    Joined:
    Jul 12, 2004
    Posts:
    601
    Location:
    Australia
    Kegel,
    I like DCS as a company, but don't you find PortExplorer rather heavy in resource consumption for what it does and the interface to view packets is somewhat primitive....

    I would have thought that a simple personal firewall with app support would do the job and use less resources, if you really want to view the packets then fire up Port Explorer or Ethereal

    NB: Don't get me wrong, I own a copy of Port Explorer and I would not be without it (at times) to focus on a particular application and make sure I get a complete picture of what the app is doing
     
  5. Kegel

    Kegel Registered Member

    Joined:
    Oct 28, 2003
    Posts:
    159

    I don't run it all the time. It only uses 5-6 megs in task manager though...MUCH less than a firewall. Tells me what I need to know with little to no fluff.
     
Thread Status:
Not open for further replies.