Do I have too much security?

Discussion in 'other security issues & news' started by j2callie, Aug 14, 2005.

Thread Status:
Not open for further replies.
  1. j2callie

    j2callie Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    35
    Location:
    Oregon USA
    I'm pretty paranoid and have installed all sorts of security when it's recommended by the various newsletters I get (Langa etc), but am beginning to think that maybe I have more than I need. I think they're all playing nice together, but it's taking a long time for me to update and scan with all of them. I'm also losing track of which ones do what.

    Here's what I'm doing to be "secure":
    I have a DSL, Win XP SP2 all updates, normally signed on as a Limited User. Also using Firefox (IE only when necessary and with Drop my Rights) with AdBlock, Flashblock. And I thought I had some kind of script blocking, but can't find it right now. (When I'm signed on with an admin acct, I have Fraud Eliminator extension for Firefox. I tightened my IE settings using recommendations from I don't remember where --- this isn't it, but some of the recommendations are the same: 80 Super Security Tips from PC Mag --- and am using IE-SpyAd.) I also did something to protect my Hosts file, but don't remember what.

    Firewall: ZoneAlarm (free) version:5.5.094.000
    AV: Norton SystemWorks 2005, Version: 8.02

    Anti-spyware etc programs:
    Lavasoft Ad-aware
    Spybot S&D
    Spywareblaster
    Spyware Guard
    Trojan Hunter
    A squared
    Ewido
    WinPatrol
    BHODemon
    SSI from Trisnap
    Above are all the free versions, except
    Counterspy (paid)

    I'd also like to support/thank the folks who provide the software I'm using, so would like to upgrade to the paid versions, but not *all* of them unless I need to.
     
  2. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    dang your pretty safe haha you can never be to secure thats my motto. umm also how fast is your computer with all that running??
     
  3. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Looking good, j2callie! ;)
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    In my opinion one of the must have security apps is absent from your list. You might want to try processguard. It is a very good addition to your arsenal
     
  5. tom772

    tom772 Guest

    hi all, other tools i really cant live without are Port Explorer, TCP View, Fport, CWSredder, and auto start viewer from Diamond CS. They are not security tools in the traditional sense but they do help you identify what is running on your computer. to be honesty as long asd you are safe online and dony visit crack and hack sites and download free rubbish from sites that you have never used you will be very safe.

    Take care (dont let the web bugs bite!!!)

    Kind regards T
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    I'd keep Norton ,ZoneAlarm, Winpatrol CounterSpy .
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    You might consider (all freewares) :
    IE-SPYAD
    MVPS Hosts
    Firefox
    Thunderbird
     
  8. j2callie

    j2callie Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    35
    Location:
    Oregon USA
    I do have these --- that MVPS Hosts is probably what I did to protect my Hosts file --- except instead of Thunderbird I use a different email client (Calypso, which isn't even made any more) so I'm immune from Outlook/OE problems.

    Thanks to all who responded. Sounds like most people don't think it's too much AND some even recommend more.... I'll have to take a look at Process Guard.

    I'm worried about getting alerts I don't understand, though I've been directed to some good places to research things.

    Thanks again.
     
  9. j2callie

    j2callie Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    35
    Location:
    Oregon USA
    I don't know how to measure how fast it is. I don't usually have any trouble doing whatever work/browsing I want, so I guess it's okay.

    I have 512 MB of RAM and a 40G HD with 50% free space, in case that's information that helps say anything. (I used to have a monitor somewhere that would show CPU usage but I can't find it to turn it on right now.)

    I think my performance is made slower when I have a lot of tabs open in Firefox rather than because of all the background programs.
     
  10. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If you're losing track of what you have and what they do, then I'd say it's time to either trim down or reorganize. You do have some redundancy that you could trim out without losing any protection...

    Obviously keep your anti-virus and firewall, however if you feel they may not be getting the job done then you may want to consider another.. there are plenty of good ones. If you're happy with them, though, then there's no reason to change.

    Did you already get a paid license for Trojan Hunter, or are you using the trial? If it were me, I would choose the one I liked best, buy it, then keep one of the freebies around for periodic scans.

    Definitely keep CounterSpy, it's a very good one and you've already paid for it. Ad-Aware and SpyBot are good backups to it. SSI, though, seems a little redundant. After doing scans with all of these, have you still been finding things? If you wanted to beef things up in this area, you could add the free version of Spyware Doctor, which could potentially replace Ad-Aware or SpyBot, if you wanted, and definitely SSI. (SSI is a fine program, but I wasn't terribly impressed. It does provide an easy means of getting help if you need it, though.) Anti-spyware scanners aren't like antivirus programs where one is all you really need, it's best to have at least 2 or 3.

    Spyware Blaster is definitely a keeper since it's not a scanner, but keeps things from getting on your machine (through IE) to begin with. Not using IE it will at least keep the number of tracking cookies down.


    Here's where most of your redundancy lies, most of these are doing the same things. Spyware Guard and WinPatrol do approximately the same things, I would say pick the one you like the most. If you're running CounterSpy resident, you really may not need either, as it's "agents" will also be covering most of the same areas. As for BHODemon, the other apps will alert you to new BHOs, a2 and SpyBot will show you a list of ones that are installed (I think WinPatrol will do this also). If you want another app that shows you components installed in IE and Windows, you may want to check out AutoRuns by SysInternals (http://www.sysinternals.com/), it covers a lot more and does not need to install. Even though I have other apps that do the same things, I keep AutoRuns around, and I always use it when working on another computer.

    I agree that something like ProcessGuard would also be a good addition.. Online Armor and the full version of a2 may be worth taking a look at as well (a2 will arguably cover the same things as PG, OA will soon).

    Ultimately my opinion is to go with whatever you are most comfortable with. If you're particularly fond of one or more apps, then there's no particular need to get rid of it, unless you're more fond of another that does the same thing. Some of the paid apps are excellent, and could replace most of the smaller apps you currently run with what they do and more. Apps like a2 and SpyBot can also be scheduled to run automatic scans while you sleep, allowing you to forget about them.

    Personally I go with my antivirus, firewall, anti-trojan (Ewido), Online Armor, and I have some other behavior blockers that I keep because I can't bear to part with them after actively participating in the beta testing :) I also do as much hardening as I can without interfering with my normal computer usage.. I also got PreEmpt (http://www.pivx.com/) for part of that. DropMyRights also affords you quite a bit of security, that and hardening will take care of a lot of "drive-by-downloads".

    After you choose your setup, my suggestion would be to create a folder on your desktop with shortcuts to all your apps. Having them all in one place will probably help a lot.

    Hope that all makes sense, and helps :)
     
    Last edited: Aug 15, 2005
  11. j2callie

    j2callie Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    35
    Location:
    Oregon USA
    Thanks mucho, that's just the sort of advice I was hoping for. I really appreciate it.
    I read through your list of Security Software and the article on Hardening from links you had in your signature. I printed them out to study, and expect it will help a lot because it shows which ones do what.
     
  12. SimpleJohn

    SimpleJohn Registered Member

    Joined:
    Jun 11, 2005
    Posts:
    2
    Hey j2callie

    Sure you are paranoid, no doubt about it.
    What's yout story? do you hold any TOP-SECRET stuff in your computer?

    Good luck in keeping your secrets.

    _________________
    Simple John :rolleyes:
    Everything that is really great and inspiring is created by the individual who
    can labor in freedom.

    SimpleJohn the link in your sig was removed for review.
     
    Last edited by a moderator: Aug 16, 2005
  13. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Nothing usefull to contribute I see.
     
    Last edited by a moderator: Aug 16, 2005
  14. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    :rolleyes: Ditto !! :D
     
  15. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Callie Jordan, the link in my signature has quite a number of setups.

    You have a bit of redundancy in regards to Trojan detection software. I think you could keep Ewido and forgo the other 2, being that Ewido also scans for Spyware. With Counterspy, Adaware and Spybot Search and Destroy, you could lose Webroot, the forementioned trio will keep you well protected.

    Like BigC has said, I would add Process Guard 3 to your arsenal; this will protect all of your security software, and also prevent unintentional installs.

    Hope this helps...

    Cheers :D
     
  16. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651

    I don't think it's appropriate to use a signature that redirects users to casino's and gambling... :doubt:

    ESPECIALLY when you get free software "without browsing the site" :blink:

    Sincerely,

    Inf.
     
    Last edited by a moderator: Aug 16, 2005
  17. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    If you asked me, I would say 'yes'.
    I understand the concern about spyware, trojans etc. but having +10 programs is a bit much.. How many times a month do you scan your pc with all these apps? Takes forever right?

    Of course it depends on what you have on it. I just move any critical data to my USB drive or CD-backups. If something goes wrong, Format C: ;)
     
  18. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    :D Glad my pages could be of some help :)
    Forgot to mention that just running under a limited account can do quite a bit, too, and if you do that you probably aren't getting much out of DropMyRights, unless you're setting it to run the apps as even further restricted.

    I agree with that as well.. my choice is to keep an extra one around for periodic scans, or "just in case", but you could easily do without. If you wanted, you could easily user CounterSpy, Spyware Doctor (MAYBE Ad-Aware) and Ewido, and still be good to go. If you're comfortable with a behavior blocker, that may allow you to take out further full-time scanners, depending on how comfortable you are doing so. Just like anything, shop around before you decide. :)
     
  19. j2callie

    j2callie Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    35
    Location:
    Oregon USA
    Yeah, well it does take time, especially since I have to logon as Admin to do it and then leave the computer alone to do its scan without getting any other work done. I also do a manual update on each of them, just in case. I probably do it all once a week --- or whenever I read another article. !!
    In one way, you could say I don't have anything "critical" --- or rather, it's ALL critical. :doubt:
    I have DropMyRights on IE for when I have to use it. Can you use it on other apps too? Like what? My default browser is Firefox. For when I use IE, I also have IESpyAd and a lot of restrictions on it (in Tools/Internet Options/Advanced) that I got from someone (Fred Langa?). I raised my Security settings to High and have been adding sites to the Trusted Zone one at a time as needed.

    Firefox settings are tightened too, with only trusted sites allowed to download software for instance, and the only Javascript/Advanced that's allowed is Change Images.

    My Firefox has AdBlock (but is that security or just to facilitate loading the pages), Flashblock and Popups Must Die, and when I'm on Admin it has Fraud Eliminator. I've removed MS java and use Sun's. There's also a whole bunch of bad guys on the "accept cookies" exceptions list, so I must have found something that put them there for me.
    Hmm, so you say I could have just those 3 ?? (wow, that would make a BIG difference) and if I was "comfortable with a behavior blocker" which ones would I have? I'm not sure which ones work "full-time" --- and what's "behavior blocking" ?? watching for suspicious actions vs checking against a list of bad guys? (at first I thought you meant my behaviour :oops: )
    Actually, the reason I have so many is because I've been "shopping". I have the free/trial versions and needed help deciding which ones to keep. You guys have been VERY helpful, because I didn't really know what each one was doing, and which were overlapping.

    However, I still don't know which are full-time scanners and which are ones I have to initiate the scan (plus some don't update unless I'm on as Admin --- I've noticed that Trojan Hunter' live update has been giving me messages). Some don't have full functionality until I pay for them, so that's another source of confusion for me.
     
  20. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    Hi Callie, :D

    In terms of AntiSpyware programs .... I myself use AdAware, SpySweeper & CounterSpy.

    I have registered versions of all three & have found from my experience that they all detect different malware on an on going basis. Therefore, I personally would NOT be without any of them. ;)

    HR :cool:
     
  21. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Yup, you can make shortcuts to use DropMyRights with literally anything. Some programs will have problems if you do so, however. I use it with Firefox and Trillian without problems. The settings sound good :) You could also try Moox' Firefox build.. he changes some settings for greater security, I like it because it's faster :)


    Most likely SpywareBlaster set those.

    I guess the question is how much are your existing scanners picking up? and do you know for sure that what they may be detecting aren't false positives? Those three are pretty hard hitters, plus Ewido picks up spyware as well (as mentioned earlier in the thread).

    Behavior blockers, also known as HIPS (Host [based] Intrusion Prevention System), block potentially dangerous actions taken by any software. Online Armor, ProcessGuard, the a2 guard, and Prevx are but a few examples. CounterSpy's "Agents" are another example. These can provide great protection if you're comfortable with the alerts.. if you don't understand the alerts you could end up allowing something to infect your system anyway, though. Some are easier to use than others, Online Armor is probably the easiest, although it doesn't cover the same things as the others, at least not yet, but still a very good program. If you're going to try one, this is what I would say to start with, then go from there.

    For the most part if it's in the tray (next to the time in the corner of your screen) then it's running resident. You can also usually right-click on the icon in tray and it will tell you if resident protection is on. I'm not sure about your specific trials, but normally they will be fully functional for some time. The main one not to get confused with here is Spyware Doctor.. the freeware version will reside in the tray, but provides no resident protection.. you have to get the regular trial and/or buy it for that. If you look in the program it's pretty plain to see that the "On Guard" protection isn't available, most programs have similar unless they're made exclusively to be run that way.

    First and foremost, I would say to get things organized. Clear things out and get to know the apps you do have. You're pretty far ahead of the majority of users anyway. After you've got that down, then look at adding some more if you still want to. Unless you really want to try out some of the others, there's no reason to cut a trial short.
     
    Last edited: Aug 17, 2005
  22. shadowatcher

    shadowatcher Registered Member

    Joined:
    Aug 17, 2005
    Posts:
    8
    What other behavior software do you have? I really like Online Armor, which is behavioral. Any recommendations? Thanks!
     
  23. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I have Process Guard (not currently in use) and RegRun (sort of similar to WinPatrol), and am currently using the betas of Safe'n'Sec and Prevx 1.. since they are beta, I can't really recommend them yet because they will be different by the time they are released to the public for mass consumption. So far I like Online Armor the best for it's ease of use, web filtering, generic keylogger protection, and addition of signatures. Safe'n'Sec and RegRun are a bit techy (not a problem for me, but may be for others), and Prevx 1 can get annoying when you have to type in descriptions when something tries to start and you're in the middle of something. Good product otherwise, though :) I also have CounterSpy, but I don't use it's real-time "agents" because it tends to slow things down some and geared just a little too much toward spyware, and not as generalized as the others. I also use Attack Shield worm supression, which protects a few core components of the system from just about anything. I think this is a reasonable measure of protection if you have the extra memory (takes about 10mb, since I have 1gb of RAM that's not a problem), and is completely transparent (no alerts whatsoever, doesn't interfere with anything either) and free. It kind of fits into the "why not?" catagory for me, although it may provide something more than that for some because no matter what, those processes will remain protected.

    Another thing to consider is something like Firetrust's Benign, which filters out scripts and neutralizes potential malware coming in through your email. I also use PocoMail which does some of this within the email program itself, although it's not as thorough. I also have my firewall set to only allow my email client to communicate with the email servers and nowhere else, so the ONLY thing it can download is the email I have waiting, then NOD32 scans it on the way in :)

    I'd say take things slowly, I'd say you've got a good setup so far. Take your time and familiarize yourself with what the programs you have do. After you know what all they do and what you want, you can make better decisions about what to add next if you want to fill things in more, although you may also decide, at that point, that you don't need any more.
     
    Last edited: Aug 18, 2005
Loading...
Thread Status:
Not open for further replies.