Is my security any good ?

HI !

I use resident : AVG v7.0 Pro
Anti-trojan v5.5 (AT-watch)
SpywareGuard
Zone alarm Pro 4 with web filtering
Script defender (analog X)

I use On demand 1 time in 2 weeks : The cleaner (full)
Ad-aware 6
Spybot
MRU blaster
Spyware blaster
Trend's micro online scan

-I run AVG 7 and Anti trojan v5.5 for a full system check after every update.

-I have my firewall configured good, i guess (gives 100% stealth on all known online checks)

-My browser settings are verry restricted.

-only use hotmail as email client (online).

-never open unkown attachments from mail (hotmail uses MAcafee but i also like to upload the attachments to Kaspersky's online file checker)

I use the "Twofish" encryption method to secure my important data.

Johny

 

And, I assume you run regular checks for security updates?

KAV & NOD32 are probably better choices for Anti Virus as AVG does pretty poorly in tests such as Virus Bulletin.

Your Anti Trojan software could be improved, TDS3, Trojan Hunter & BoClean are generally recommended on these forums - You can see by my profile that I use TDS3, Worm Guard & Port Explorer so I may be somewhat biased

With firewalls, as with many other programmes, what you feel comfortable with is important. ZA, Sygate, Outpost & Look n Stop are all very capable firewalls.

The best and worst security usually sits on your shoulders

 

Try closing down scripting host facilities and the ActiveX capability of you browser. Latest vulnerabilities are related to these design flaws. Or move over to non Microsoft tools for even more security.



I hate ActiveX sites
I'm gonna boycot these security threatening environments

 

I thought that Grisoft did a realy big effort to make Avg 7 better.

They included integrity check and stronger heuristics, and more packer (archives) support.

I know detection of AVG 6 was sometimes bad, but i'm sure they updated there kernel (V7) , so it can be compared to the big boys, so to speak.

Also there support (for payed version) is really fast and good.

btw : meneer, I use script defender (from analog X) to protect me from malicious scripts. (also ZA4 PRO with webfiltering will defend me), i hope....

JOhny

 

Still trying to find the applaud link

 

I would have to say that compared to the average pc user, your system is very secure (keeping in mind, of course, that the average pc user’s security is pathetic). By the way, SpywareBlaster is not an "on demand" program.

Acadia

 

This could not be considered as serious anti trojan protection in my opinion. Read more about the weaknesses of Anti-Trojan in this threat:

http://www.wilderssecurity.com/showthread.php?t=8965

wizard

 

well, after reading in the forums about Anti-trojan V5.5 some say it doesn't unpack or handles archives (I believe Wizard said it)

But according from there features list they DO know alot of archives ? (on demand) :


Port-Scan

Here all port of the computer are checked whether a trojan is active. This port scanner checks in contrast to the online check all ports, not only well-known trojan ports. Note: There will be no trojan removed, only open ports are shown.


Registry-Scan

With this procedure the system is submitted to a high-speed check. There will be checked the system-registry an known filenames of trojans. If a trojan is identified, it will be removed.


Disk-Scan

This is the most important search method. Whole drives (or directories) are searched for trojan files. Each file is checked on the harddisk. With larger harddisks this search can last somewhat longer. As appoximate value we checked 20 GigaBytes in approx. 30 minutes (approx. 170,000 files). Anti-Trojan also checks packed archives of the following formats: ACE, ARC, ARK, ARJ, CAB, DWC, PAK, ?Q?, GZ, LBR, LHA, LZH, RAR, SFX, TAR, TAZ, TGZ, Z, ZIP, ZOO

 

When I am talking about packed malware that refers back to runtime packers or crypters and not to archive packers like zip. This is something completly different.

Archive unpacking is a nice to have feature but it is not necessary from a 'security point of view'. But unpacking of runtime packed files is. Because a runtime packed file changes the binary structure of the file and therefore it is an easy method to hide a file from detection.

Any AT program that has no answer to runtime packed (backdoor-) trojans wether it is unpacking, memory scanning or whatever can be considered as nearly useless.

About the other two scanning options: Port scanning is somewhat unreliable because a each port can be used by each program and also most modern backdoor trojan kits allow the trojan to use each port they want. Best example is port 5000 under WindowsME. Anti-Trojan will identify this as a trojan but in reality it is just a regular Windows service that keeps the port open.

Registry scanning is also not enough. There are other ways to autostart programs than you the registry. So just to check the registry for autostart entries only is not enough...

Hope that explains it,

wizard

 

Hi Johny23,
Question for you..have you ever been infected with a virus. trojan or worm?

If so which ones if you can remember.

 

To pimrose :

I had the luck from never being infected (so far)

Although i got some virusses and trojans from using p2p networks.

But they always got intercepted before executing.

I scan every download with AVG7 and Kaspersky online (if the file is not to big) and also with Anti trojan V5.5 BEFORE double clicking or unpacking the file, music, video etc...

If the file is indeed a malware, i just press the delete button, and it's gone to the recycle bin

Offcourse if i didn't took (take) all these precautions, i can say i could have been infected countless times and a reformat could be daily work.

Mostly with typical Kazaa virusses etc...(nothing really bad)

These days 70% of the stuff found on P2p is malware. especially on Kazaa (lite).
Johny

 

To Accadia :

It's correct that Spywareblaster is no real "on demand" software.

but in a way it is...I mean by this, that you have to run the update yourself (on demand) once in a 1 or 2 weekly period to keep safe and updated.

Sorry for not being so clear in the first place. But for a Dutch speaking person, it's sometimes hard to find the correct words.

regards,

Johny

 

That’s OK. It’s like I told another one of your countrymen in another thread, you can speak English one hell of a lot better than I can speak Dutch. Take care.