Do you need any AV?

Discussion in 'other anti-virus software' started by Diver, Sep 23, 2007.

Thread Status:
Not open for further replies.
  1. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Check this out:

    http://blogs.technet.com/steriley/archive/2007/09/22/antivirus-software-who-needs-it.aspx

    In brief, the author says he can control what he clicks on and what he installs, so he never gets infected.

    He also makes a reference to running Vista with UAC enabled but the prompt turned off so that IE7 will run in the protected mode.

    I often wonder if IE7 protected mode is a better bet than Firefox. I tried running IE7 with IE7 Pro for a while and found its functionality to be good, but IE seems to have more trouble enlarging the type fonts in a usable way on many web pages than Firefox.

    Anyway, several folks around here are running without AV's and relying on other strategies, including rolling back to a clean image or snapshot periodically.

    If anything, I find the possibility of running without an AV to be one of the more tempting aspects of OSX and Linux.
     
  2. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    av's are cheap enough, and even free!

    why take the risk, i say.
     
  3. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    With Windows there are some very good a/v's for free.
    Might as well be protected.;)

    I don't know about that neccessity with Linux etc..
     
  4. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Here we go again. First of all which AV would the experts use. I assume we are talking real experts and not just those who think they are (as to who needs AV anyway), second in the the article they say when is the last time AV found anything (long time).

    O. K. it is confession time...(as to going to the doctor) if you feel healthy and stop going for routine physical at the doctor that will be the one time you get silent killer.

    Most should get some AV and at least have the realtime part running. My postion remains the same as this has come up before. ;)
     
  5. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Perhaps what this is really about is that successful security is about using your head. For sure there are 3 free AV's that get mentioned around here daily. Just as surely the malware writers are changing their products on an almost daily basis to avoid signature based detections. A lot of the stuff gets delivered by compromised websites. Protected mode is supposed to avoid that. However, I cant help wondering that you could pick up a keyloger that would only work in IE7, but that would be enough to steal your banking password.

    I don't know if you have had a chance to notice this, but there are some people who have minimal security precautions in place on their machines (windows firewall and AV from a large vendor) and never have a problem. Others with the exact same setup have completely trashed computers and continue to use them with no interest in a clean up.

    How about phishing? Doesn't anyone have enough sense to not click on a link in an email that states we need your banking details?

    Perhaps the problem is that there are rare instances in which there is no protection. That would be the zero day attack against a known but not patched OS flaw. The rest of the stuff is so obvious.
     
  6. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    I have to say that I use an AV about 50% of the time.
    Even before I deployed Linux around the house this was the case. The kids computer and the fiancee's always had some sort of AV solution and limited accounts, but now they are just running as thin clients so the need is not really there.

    Precautions:
    1. Bookmark all online banking and personal information sites in Firefox and place the file where it is easily accessible, ex. USB drives etc. import on all clients XP or CentOS.
    2. Use Thunderbird as an email client, when not using web based email solutions. Suggest web based email solutions as they have quite adequate email filtering and phishing protection.
    3. Use Tomato Linux on the Router/Gateway(WRT-54GS) with a script to download and run MVP host file on each reboot, actually each WanUp. Thousands of nasty sites are block by default.
    4. Use limited accounts in XP, and they are a default in Linux.

    I am not preaching the Linux bandwagon, to each there own, I used Windows for years and I still do on the notebook(Linux is a little flakey on it) and one of the desktops for use with Photoshop for some classes. But the other machines were starting to age and it became noticeable that the resources were depleted, so they made perfect candidates for a thin clients. This also saved on energy as I can remotely shutdown all thin client's with a cron job.
     
  7. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    If all infection vectors are secured, why would an antivirus be necessary?

    Malware can only infect your system only if it is executed, whether by yourself because you fell for a social engineering trick, or stealthily without user interaction via a software security flaw or from autorun USB drives. As long as you can ensure that these do not occur, then you won't need antivirus software. As a matter of fact, most of us already take such measures (downloading security patches, using non-IE browsers and educating ourselves to not fall for phishing scams, for instance), and in all honesty these measures actually do a better job of protecting us than antivirus software can ever hope to.
     
  8. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater

    Where did you get that script? I almost completely forgot about hosts. Its a really great idea as it is free, uses next to no resources and requires no user interaction, making it foolproof.
     
  9. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    I have done without any resident AV for periods of time without trouble myself, as I know many others have done too. It depends 100% on the user and how the PC is used. If you just do some browsing at regular sites you know on a daily basis, some email with friends, listen to some mp3, burn a few CDs and download a few files occasionally from trusted major sites and not much more, then I think a resident AV isn't necessary. Perhaps an occasional scan or an on-demand scanner is good enough. There are a lot of people who fall into this category.

    The user needs to know enough not to get into trouble as the article says. That's obvious. I feel I know enough to avoid trouble, as do many others. I run a resident AV for only one reason: It's easier that way. I don't so much feel that I really need it, but if I do want to scan a file, a resident scanner is easier than manually scanning something or going to an online site to scan it. And I don't mind the overhead of the resident scanner either, big deal.

    But is it really needed? Speaking for myself, I think not...
     
  10. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Oh yes Diver I do agree it is very important factor in how one uses their machine...where do they go on the internet and what do they do. Oh yes, for sure. :thumb:
     
  11. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    sure, if all you do is surf on genuine websites, there is no need.

    however, with alot of viruses and spam/phishing arriving by emails, surely this needs to be protected.

    but with the prices of some, and even the FREE! ones, i dont understand why a user would take this risk.

    :eek:
     
  12. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    "Do you need any AV?"

    For as long as I run Windows and surf dangerously, I will run an AV.
     
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408

    Totaly agree. :D
     
  14. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    On the contrary. The more dangerously I surf, the less safe I will feel to be relying on an AV.
     
  15. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Yeah, I think if I am surfing in dangerous waters I would be inclined to add a HIPS or behavior blocker in addition to the AV...
     
  16. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    For the record, I will not run a Windows machine without an AV. If I repair a PC for a friend it leaves here with a free AV installed, unless there was a functioning pay AV on board. I clean up friends PC's for free and invariably these machines had an expired AV. But the problem was not the expired AV so much as carelessness. Invariably, there are signs of abuse such as Grokster.

    Usually I will install AVG free. That is not to imply that it is better than Avira or Avast, but it seems to be the most dummy proof of the three.

    Perhaps the moral of the story is the AV is not your primary line of defense, its your brain.
     
  17. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    Here you are, quite easy to setup actually...

    http://www.linksysinfo.org/forums/showthread.php?t=53133
     
  18. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Agreed. I only need scanners to check new files. I have clean images to use in case of trouble.
    The rest of my security/privacy/data protection setup.
     
  19. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    Once again, the natural trend I can see, excepted for the brain line of defense (actually one can imagine a rootkit-like malware totally "invisible" to your smart brain) :rolleyes: , is that antivirus scanners are not to be anymore the first line of defense, especially in company networks. It looks to me as if it is more simple to base your security on policy, and to deal with exceptions thanks to scanners which will eventually eradicate malwares reaching the computers. Antivirus scanners are becoming the last line of defense.

    NB:imaging / restoring softwares hapen to be of great helps... once contamination became true.
     
  20. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    the human brain makes more mistakes than anyone can figure out, in simple terms... USE AN ANTIVIRUS.

    :D
     
  21. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    It seems that even here on Wilders, people place more faith in antivirus programs than is realistic, even thinking it can somehow compensate for the human brain.

    On a few of my test machines, I install AVs solely for the purpose of making sorting malware easier. When you realize the percentages of malware that AV scanners miss on a daily basis, you'll come to appreciate the fact that AV products can offer you an opinion at best ("hmm... I think this file is clean"), not protection.
     
  22. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    I did not say to skip the AV, I said do not rely on it solely. Use your head first, if your head misses, the AV is a second shot.
     
  23. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Hi CSJ

    There are other factors. I've tried a bunch of AV's and have license for most of them. But my machine really runs so much better without them. One can shift the problem in other ways. All my browsing is done thru sandboxie. If I am going a bit risky, then I run ShadowDefender and then go thru sandboxie. And if I am going to the darkside, I but my desktop in Shadowmode, then fire up the VM machine, and use SHadowdefend and Sandboxie on it.

    Same thing with email. Usually I just delete, but if really curious, I will take the above steps and get it from webmail. That way sandboxie and Shadowdefend are on duty.

    I just get tired of the impact of the AV's. Didn't realize it was there, as they had been on the machine since day one.

    Pete
     
  25. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    I have to echo those same sentiments. Stemming all the way back to Windows 98, AV's by the very nature of the way their fashioned, have to be designed to infilitrate if you will EVERY file on the system. How else does one explain that while engaged and you run across lets say a page with even a script virus in text form, your AV (if in database), will immediately pop up or with some disable the page entirely as a precaution, and that IS a very good activity that it should perform. In like manner, should some virus manage to enter a file your AV will at-once alert then try to clean the affected file, whichever it might be.

    But like Peter2150, i always found them very stressful to my systems, even on XP, that is up untill KIS6, which to my surprise, i noticed didn't burden resources like many AV's have done in the past.

    With the onset of HIPS & Virtualization technology though, i've migrated away from "resident" AV's to a more reasonable On-Demand scanning for viruses.
     
Loading...
Thread Status:
Not open for further replies.