Is my security any good ?

Discussion in 'other anti-virus software' started by Johny23, Sep 6, 2003.

Thread Status:
Not open for further replies.
  1. Johny23

    Johny23 Guest

    HI !

    I use resident : AVG v7.0 Pro
    Anti-trojan v5.5 (AT-watch)
    SpywareGuard
    Zone alarm Pro 4 with web filtering
    Script defender (analog X)

    I use On demand 1 time in 2 weeks : The cleaner (full)
    Ad-aware 6
    Spybot
    MRU blaster
    Spyware blaster
    Trend's micro online scan

    -I run AVG 7 and Anti trojan v5.5 for a full system check after every update.

    -I have my firewall configured good, i guess (gives 100% stealth on all known online checks)

    -My browser settings are verry restricted.

    -only use hotmail as email client (online).

    -never open unkown attachments from mail (hotmail uses MAcafee but i also like to upload the attachments to Kaspersky's online file checker)

    I use the "Twofish" encryption method to secure my important data.

    Johny
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    And, I assume you run regular checks for security updates?

    KAV & NOD32 are probably better choices for Anti Virus as AVG does pretty poorly in tests such as Virus Bulletin.

    Your Anti Trojan software could be improved, TDS3, Trojan Hunter & BoClean are generally recommended on these forums - You can see by my profile that I use TDS3, Worm Guard & Port Explorer so I may be somewhat biased :D

    With firewalls, as with many other programmes, what you feel comfortable with is important. ZA, Sygate, Outpost & Look n Stop are all very capable firewalls.

    The best and worst security usually sits on your shoulders ;)
     
  3. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Try closing down scripting host facilities and the ActiveX capability of you browser. Latest vulnerabilities are related to these design flaws. Or move over to non Microsoft tools for even more security.



    I hate ActiveX sites :eek:
    I'm gonna boycot these security threatening environments :cool:
     
  4. johny23

    johny23 Guest

    I thought that Grisoft did a realy big effort to make Avg 7 better.

    They included integrity check and stronger heuristics, and more packer (archives) support.

    I know detection of AVG 6 was sometimes bad, but i'm sure they updated there kernel (V7) , so it can be compared to the big boys, so to speak.

    Also there support (for payed version) is really fast and good.

    btw : meneer, I use script defender (from analog X) to protect me from malicious scripts. (also ZA4 PRO with webfiltering will defend me), i hope....

    JOhny
     
  5. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Still trying to find the applaud link :D :D
     
  6. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    I would have to say that compared to the average pc user, your system is very secure (keeping in mind, of course, that the average pc user’s security is pathetic). By the way, SpywareBlaster is not an "on demand" program.

    Acadia
     
  7. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    This could not be considered as serious anti trojan protection in my opinion. Read more about the weaknesses of Anti-Trojan in this threat:

    http://www.wilderssecurity.com/showthread.php?t=8965

    wizard
     
  8. johny23

    johny23 Guest

    well, after reading in the forums about Anti-trojan V5.5 some say it doesn't unpack or handles archives (I believe Wizard said it)

    But according from there features list they DO know alot of archives ? (on demand) :


    Port-Scan

    Here all port of the computer are checked whether a trojan is active. This port scanner checks in contrast to the online check all ports, not only well-known trojan ports. Note: There will be no trojan removed, only open ports are shown.


    Registry-Scan

    With this procedure the system is submitted to a high-speed check. There will be checked the system-registry an known filenames of trojans. If a trojan is identified, it will be removed.


    Disk-Scan

    This is the most important search method. Whole drives (or directories) are searched for trojan files. Each file is checked on the harddisk. With larger harddisks this search can last somewhat longer. As appoximate value we checked 20 GigaBytes in approx. 30 minutes (approx. 170,000 files). Anti-Trojan also checks packed archives of the following formats: ACE, ARC, ARK, ARJ, CAB, DWC, PAK, ?Q?, GZ, LBR, LHA, LZH, RAR, SFX, TAR, TAZ, TGZ, Z, ZIP, ZOO
     
  9. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    When I am talking about packed malware that refers back to runtime packers or crypters and not to archive packers like zip. This is something completly different.

    Archive unpacking is a nice to have feature but it is not necessary from a 'security point of view'. But unpacking of runtime packed files is. Because a runtime packed file changes the binary structure of the file and therefore it is an easy method to hide a file from detection.

    Any AT program that has no answer to runtime packed (backdoor-) trojans wether it is unpacking, memory scanning or whatever can be considered as nearly useless.

    About the other two scanning options: Port scanning is somewhat unreliable because a each port can be used by each program and also most modern backdoor trojan kits allow the trojan to use each port they want. Best example is port 5000 under WindowsME. Anti-Trojan will identify this as a trojan but in reality it is just a regular Windows service that keeps the port open.

    Registry scanning is also not enough. There are other ways to autostart programs than you the registry. So just to check the registry for autostart entries only is not enough...

    Hope that explains it,

    wizard
     
  10. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Hi Johny23,
    Question for you..have you ever been infected with a virus. trojan or worm?

    If so which ones if you can remember.
     
  11. johny23

    johny23 Guest

    To pimrose :

    I had the luck from never being infected (so far)

    Although i got some virusses and trojans from using p2p networks.

    But they always got intercepted before executing.

    I scan every download with AVG7 and Kaspersky online (if the file is not to big) and also with Anti trojan V5.5 BEFORE double clicking or unpacking the file, music, video etc...

    If the file is indeed a malware, i just press the delete button, and it's gone to the recycle bin :)

    Offcourse if i didn't took (take) all these precautions, i can say i could have been infected countless times and a reformat could be daily work.

    Mostly with typical Kazaa virusses etc...(nothing really bad)

    These days 70% of the stuff found on P2p is malware. especially on Kazaa (lite).
    Johny
     
  12. johny23

    johny23 Guest

    To Accadia :

    It's correct that Spywareblaster is no real "on demand" software.

    but in a way it is...I mean by this, that you have to run the update yourself (on demand) once in a 1 or 2 weekly period to keep safe and updated.

    Sorry for not being so clear in the first place. But for a Dutch speaking person, it's sometimes hard to find the correct words.

    regards,

    Johny
     
  13. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    That’s OK. It’s like I told another one of your countrymen in another thread, you can speak English one hell of a lot better than I can speak Dutch. Take care.
     
Loading...
Thread Status:
Not open for further replies.