Ran server (Win10Pro) for year now without AV

Discussion in 'other anti-virus software' started by Smiggy, Mar 13, 2018.

  1. Smiggy

    Smiggy Registered Member

    Joined:
    May 2, 2007
    Posts:
    237
    Location:
    The Angel Isle
    I've now completed a year of running my Windows 10 Pro box without any real time AV.

    Disabled defender and use ReHIPS and run monthly on demand scans of MBAM and ESET.
    It operates as my NAS/KODI box and front room browser (TV as monitor) and makes me wonder if we're all subject to scaremongering after all.

    I do stray from the clearly marked 'internet' paths from time to time with a Avast's protected safezone browser, with ReHIPS just in case but clean as a whistle, food for thought maybe?!

    Are we really in as much danger as AV companies want to us think, is it from viruses or more drive-bys and malware? Are signature based AV's days now numbered cos the offerings are getting larger, more bloated with more and more add-ons we're told/sold we need, do we, REALLYo_O
     
  2. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    7,929
    My experience over many years is that if you keep Windows and vulnerable software (e.g. browsers) updated and are not click happy, it is extremely hard to get infected. I believe that the only times I've got infected when using an updated computer are when I've manually opened an infected file.
     
  3. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,386
    Location:
    Member state of European Union
    AV are for people downloading a lot of files - especially binary programs, but malware can be also written in scripting languages and macros. Especially those who don't have much knowledge about computers and malware or those whose work requirements exposes them to malware - for example work requires them to open a lot of files from strangers every day.
    Drive-by attack nowadays are greatly mitigated by keeping browser up-to-date and browser built-in sandboxes. Conscious users can use extensions such as NoScript or uMatrix to further secure their browser.

    Server are significantly different use case. For servers greatest risk is misconfiguration, vulnerabilities in programs listening on TCP, UDP ports or in the OS itself. On servers use programs (servers) with support in case of discovery of vulnerabilities (security updates) with proven record of low number of vulnerabilities, sandbox those programs (i.e. Linux's Apparmor os SELinux), use firewall for logging network connections and block port scanning and tiny DDoS attacks, use logging and alerting by mail to catch unexpected file operations.

    You use case is actually some hybrid of desktop and server.
     
  4. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
    ... and you have a good ad-on to block both ads and questionable/malicious websites :)
     
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    7,929
    That's a good idea. But even without any kind of blocking, I believe the chance of getting infected is very slim. At least, that has been my experience.

    I don't recommend that others do it, but I do not feel particularly vulnerable, even when using no security software.
     
  6. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,142
    Location:
    Slovakia
    Exactly, I would not advice it to anyone, but if asked, then, yes it is possible, but it heavily depends on the user (setup and common sense). I can not even imagine running AV, I just do not see any reason to, I have not used one since XP. I was running XP customized with nlite with no AV, no firewall and no updates for a year, using just IE7 and not a single infection. :cool:
     
  7. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,386
    Location:
    Member state of European Union
    I don't think disabling firewall is good thing, especially on Windows.
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,324
    Location:
    Slovenia
    I have similar experience. Safe computing habits can prevent most infections.
     
  9. twins4384

    twins4384 Registered Member

    Joined:
    Jun 8, 2014
    Posts:
    12
    Running only with free Voodooshield but always use Acronis backup just in case. Everything seems to run smoother and faster with no AV. Having said that, safe browsing is the motto here.
     
  10. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    it's not only malware that you want to be wary of - one of our hosting customers was successfully spear-phished - I've been trying to advise him for years on anti-malware and he's been happy with freebies based on his "tech guy" - guess what - that URL was already blocked both by ESET and by Google DNS, on first click he would have been blocked. Yes, this is a very smart owner of a multi-million dollar pharmaceuticals company and he gave his email + password up in a spear-phishing scam. You seriously cannot believe that people fall for this, but now I actually know someone who did. :(

    https://i.imgur.com/KtabVza.png
     
  11. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    I would ask those who say they run their systems without security software and have been free of infection, how do you know your system is malware free when obviously, well designed malware should operate without the user noticing it?
     
  12. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    7,929
    @RockLobster When I have not used any realtime protection, I have used scanners such as Malwarebytes for occasional on demand scans.
     
  13. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    Thats what I do, I just wondered if you all did that too.
     
  14. Smiggy

    Smiggy Registered Member

    Joined:
    May 2, 2007
    Posts:
    237
    Location:
    The Angel Isle
    exactly what I do monthly, MBAM on demand and ESET's online scanner
     
  15. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,142
    Location:
    Slovakia
    I do not even bother scanning, because I know, that it is impossible to get infected, unless I would run exe myself. Malware has a pretty basic design: 1. download - 2. run scripts to create a startup entry ot a scheduler task to get admin rights - 3. run as admin and then all the hell breaks loose. Step 1 is harmless, my browser/firewall blocks some at 1 and my tweaks block it at 2.

    Still it is pretty hard get infected even with normal settings, 10 is pretty secure. 99% malware gets into the computer via a browser or via HTML emails, so securing the browser is the key. I have installed AV on mom's computer just in case, she would run something. Most malware has way of manifesting itself. There are not that many well hidden, like fileless malware or rootkits.
     
  16. ance

    ance formerly: fmon

    Joined:
    May 5, 2013
    Posts:
    1,359
    I second that, Antivirus is just important for average Joe. :thumb:
     
  17. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,386
    Location:
    Member state of European Union
    Tech guy does not used 2FA for email? It's scary.

    I am doing it too and in most cases I would probably be alerted by ReHIPS something is going on.
    In Gnu/Linux or OpenBSD case manual inspection.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.