My thoughts on a security setup

There are 2 kinds of users -

1. those who get work done
2. those who read these forums

Ok, that's obviously an exaggeration, don't get the pitchforks out just yet. And I'm firmly in group #2. My point is that after obsessing over this stuff, getting lost in jargon, researching and trying out every new app, and spending way too much time browsing security forums, at the end of the day we shouldn't forget that the point of a security solution is to let you have more time and be able to work without disruption.

I've come to the conclusion that the needs of the expert and newbie user are not as far apart as we like to think. Experts and power users generally want more control, as well as more visibility. e.g. if an app is blocked, I want to know the exact port, and be able to make a rule based on that. I want to see the exact list of modules loaded when a HIPS tells me something can't run. I want to be able to specify exactly what is scanned and when and how. But I shouldn't have to.

A newbie (i.e. my parents, girlfriend and probably 95% of humanity) doesn't care about any of this. Not only do they not know this stuff, they don't WANT to know, and shouldn't have to. What we do here is akin to tweaking the valve timing of our engine every time we want to go for a drive. This is why Macs and Linux are at the opposite ends of usability.

The problem of course is that on Windows, there is just so much variety in software and people trying to crack in, that its impossible not to have conflicts and weaknesses. I think there are some general trends though that are emerging - , such as less dependence on signatures, behavior analysis, and broad spectrum coverage instead of isolated apps.

So right now, I'm confused. Its hard to find out whats good and whats not, because on the Internet, search long enough and you'll find -ve reviews for anything. Magazine reviews such as pcmag are worthless. On forums, there will always be a heated debate between X and Y. So is a user to make decisions based solely on personal experience? I don't want to have to decide on a AV, anti-spyware, firewall, HIPS and god knows what else separately and manage their conflicts.

I mean, inherently security is a social problem. Its very hard to prevent a user from installing bad software while not becoming making a nuisance. Vista's UAC is a perfect example. And unless Windows makes a complete fresh start and ditches compatibility (i.e. never) there will be enough backdoors and exploits to keep everyone busy and rich.

 

I have to agree. My wife doesn't care what is on her PC as far as security, and only has Avast Home and Windows XP Firewall for protection. She also uses her PC much more than I do for different things, and is on the internet more me. The point is that she has yet to be infected and probably wouldn't care if she was as long as it could be fixed. Now as for me, well let's just say I love using all the different free security programs out there for Virus and Spyware protection. I have only used the ones that I see posted about in this forum that are safe to install and use, but in there lies the rub. Almost all my time is spent in here reading or posting about whatever, or trying yet another Antispyware or HIPS I just had installed a week or two ago. Even after I finally thought I had settled on simply using my AVG ISS, I still ended up uninstalling the Antispyware and Firewall Components today. Why? To try out the new version of PC Tools Firewall, and a new one of Ashampoo Antispyware that I still have a free 6 month trial to. Oh sure I checked my E-Mail and a few other websites, but still spent more time in here and playing around with my two new toys. I can honestly remember when all I was using for protection was Antivir 6 and didn't even have Windows XP Firewall enabled because I was behind a Wireless Router Firewall. Oh well, back then I was probably obsessed with something else anyway. I guess I'll go now and maybe reinstall Cyberhawk.LOL.

 

That 95% needs the 5% of us to fix their problems when things break

Personally, I frequent these forums to learn, get into some healthy debates, and it's just plain fun. I get my work done at, well, work. This is kind of a hobby, I guess, and one that I enjoy.

 

We're hooked. It's like drugs or something. But i'm trying to quit!

I don't want to spam, so...
There are programs that fill in your gaps Defcon. Usable by anyone. That allow you to keep using the pc without worries.

Of course, i'm not saying i've found the fontain of youth or anything, nothing's perfect, and it's bound to have flaws.

Nor that i'll stop trying out programs...it really is a hobby. For how long, i don't know. But if you're hooked, deal with it

 

Speaking of overkill, I just found out a couple of days ago that I've got 3 firewalls running. One hardware firewall on our modem, another hardware firewall on our router, and I'm running a software firewall for outbound. I knew the router had a hardware firewall, but not the modem.

Then, I'm running snoopfree, which I like. Then I've been messing the last couple of days with Winpooch which is about to go. It's slowing things down and I've got a Gig of RAM on this thing. Lord knows what'll come to replace it. Two on demand antispyware programs and my antivirus, and Sandboxie.

And I thought PowerShadow would cure me of this nonsense.

 

Damn computer,the Devil's T.V. lol.

 

Just remember, that when it comes to security software:

"You are not paranoid if everyone really is out to get you."

 

Then I'm paranoid, because there are a lot of them out there who just want to get somebody. Doesn't matter who. They aren't making viruses, trojans, etc for the fun of it. They want to hurt people.

"You are not paranoid, etc........."

Reminds me of another saying,

"I used to be schizophrenic, but we got better."

 

I don't know how to protect my computer either, just like all these housewives and housemen.
I hate security, I don't even like to lock the door of my apartment.
Security is a waste of time, energy and money world-wide.

My healthy computer gets infected, I spend my time on removing the infection and I have my healthy computer back.
NOTHING changed, but I wasted alot of time to get back what I had in the first place.
I've read posts at forums, where users lost many hours and even days to get rid of an infection.
If you want to see the real world, visit the Malware Forums, where the average users are begging for help to remove malware on their computers and this is just a fraction of the real world, because the rest doesn't even know these forums exist, including me three years back.
Wilders isn't the real world, it's a minority of users, who are interested in security.

My approach is certainly not based on knowledge.
I created two computers in my computer : an off-line computer and an on-line computer.

The off-line computer was easy, because I had one many years back.
It doesn't need any protection, because there is no internet and it allows me to work quietly without any disturbance and infection.
It contains all the softwares that don't really need internet to work properly.
That's my oasis of peace and rest and I'm glad I did it, because I don't like to lose my concentration, due to some noisy security software, that can't keep its mouth shut OR I don't have to waste my time on removing malware.

The on-line computer wasn't so easy and I'm still working on it.
I'm not planning to overload it with many security softwares.
My intention is to replace my on-line computer daily with a clean on-line computer to get rid of ALL possible infections of yesterday.
I will use a few security softwares to prevent installation/execution of most malware to save the day.
Malware that bypasses my security, will be killed anyway when I replace my on-line computer with a clean one.

 

That on-line computer replacement is called FD ISR.:

 

Re: My thoughts on a security setup to lesser paranoids

In some forum after reading my security programs a couple of years ago, one observer suggested that I encase my computer in concrete and drop it in the ocean if I truly wanted it secure. To sum my problem, I had several conflicts which visibly affected my computer's performance. To be precise, I had three. One conflict is too many, and two serious, but three is downright bad. I took a new approach. I decided to include a program which did not rely mainly on signatures; therefore I downgraded from a suite with an antivirus to one of the same company's products without one. I installed an antivirus without real-time or email scanning. I had four real-time scanners working. I tried after that various mixtures of HIPS, CIPS, sandboxing, IDS, real-time AVs plus ondemand as backup, anti-Trojans, anti-spyware, and immunizers.

I came to my senses. I allowed my reason to shape my paranoia. I read through this and other forums for the opinions of the participants, their arguments, and facts. I augmented this with reviews and comparative tests. I talked to my geek friends. I talked to my hacker friends. I talked to my neighbors seventeen year old daughter who has been a big influence on me and her parents. I read the technical details of security programs. I looked at the favorites of home-users and corporations. I know that the latter may not use the same models, but I wanted to see which vendors they chose. Here are the results of my quest and experiments with programs; here are my choices. In the end though filled with facts, figures, and opining educated and uneducated I chose (Linksys router)

ClamWin (on usb)
CureIt (on usb)
ewido micro (on usb)
IceSword (on usb)
Backup security apps and I travel with this usb. It has Portable Apps.

JAP
NOD32
Prevx1
Sandboxie
ZoneAlarm Pro

SpywareBlaster
Trojan Remover
Wormguard

Ad-Aware SE Personal
CWShredder
DarkSpy
RootkitRevealer

PGP
Password Safe

Autoruns
Port Explorer
ProcessExplorerNT
ERUNT

I have a license for AVG Anti-Spyware, but didn't want to run two real-time anti-spyware programs; besides NOD32 works that side a bit too-and Prevx1. ZAPro has an anti-spyware
Mozilla Thunderbird is mail client. Default first, then order of use, these are my browsers: Mozilla Firefox, Opera, K-Meleon, K-Ninja, and IE 7. I run all sandboxed, except when just opening home page. Each has different web mail for home.

Prevx1 consumes less RAM and VM now.

MB except noted RAM VM

pxagent.exe 27.66 39.84
pxconsole.exe 12.31 16.04

02.14.07

pxagent.exe 968KB 45.37
pxconsole.exe 16.10 18.51

01.20.07

pxagent.exe 976KB 43.94
pxconsole.exe 14.73 18.16

Normally the security apps use less than 50 MB RAM and I include PGP Desktop in this
I decided that Sandboxie better browser protection, along with SpywareBlaster to an extent, than my old sentimental Spybot S&D.

NOD32 may be the best AV in the world

If this is not a good security array, then y'all are partially to blame. You know who you are.

 

Hello,

Indeed, security is a social problem - a state of mind, if you will. It's not something worth losing sleep over. People need to take computers into perspective, and if possible, go back to 1986 and watch Miami Vice with Jan Hammer's Crockett's Theme playing in the background. Wasn't life so much simpler then?

Computers are machines. Replaceable. But we see it as a tragedy when a hard disk dies. Even myself, I will go berserk if this happens, even though I have data backed up. We have become hooked and we crave control.

The goal is to minimize friction with dumb, stupid machines. This means that important stuff requires backup. Everything else should be fun. Computer life becomes so much easier once this is understood. Hard disk dies? Tough luck. Better that than colon cancer, eh? Perspective.

But some people must have the thrill. It's disappointing for HIPS fans to realize that their fun is ... useless. Kind of a bummer to realize that your uber skills with registry mean little when you switch to a nice OS called Linux and that 743 pages of security for Windows can be replaced with 5 lines of smart advice. Makes computers and security feel a-religious. Kind of without hope. Simple. Down to earth.

Some people like to bungee jump. Some like to hit Allow or Deny. As long as they realize it's fun. Otherwise, things will be very disappointing once the sobering happens. But sometimes it's sad hearing the same old mantras all over. Really. Words like popup blocker or adblocker for IE make me go gray-haired inside. Like people who still think Rock 'n' Roll is evil.

Mrk

 

Definitely agree with you, everything depends on the perspective you look at things.Life can be so short, why bother for small things, enjoy your day.

 

Numerous way off topic posts removed and ask that We confine our posts to the subject matter at hand Please.

Thanks,
Bubba

 

Hi, folks: If you have nothing to lose OR do not care what you will lose, in terms of security breach, then you very likely do not care about those hign talks of security, security and security. I have seen many pc users with bare to bone security setup never get infected, and at the same time, I have witnessed many of my firends get into deep troubles even equipped with heavy fortress like protections. So what does this tell you? A little plan sometimes is a good plan, while a seemed- good plan may not be the one at all. If your any plan works for you, then you should be a happy person regardless of what you have or what you should have had. Remember, a bird in your hand is worth much much more than a whole bunch in the woods. Stick to the one that works for you. This is my view of so-called SECURITY.