Security Help

Discussion in 'other security issues & news' started by mollyman, Jun 24, 2005.

Thread Status:
Not open for further replies.
  1. mollyman

    mollyman Registered Member

    Joined:
    Oct 12, 2004
    Posts:
    28
    Hi,l have Avast(free version) installed and Kerio Firewall.
    1.ls it worth the money to get a antivirus program and which one,l was deciding on NOD32 or Kapersky.
    2.Should l also get a anti-trojan program like TDS-3.
    3.Thirdly should l get the paid version of Process Guard.
    The reason l'm asking all these questions is l have a bit of money now and l do my banking on the internet.Thanks in advance for any help.
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Mollyman, welcome to Wilders.

    As your questions relate to more than Nod32, I have shifted your thread here.

    You may want to take a look here. As well there are discussions on security software here and even more here.

    Hope this helps...

    Let us know how you go.

    Cheers :D
     
  3. Meltdown

    Meltdown Registered Member

    Joined:
    Sep 17, 2004
    Posts:
    299
    Location:
    Babylon
    Depends what you use your PC for. Nice post by Paranoid2000 in a recent thread:
     
  4. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    Or looking at the above post a different way...if you do P2P networking, surf pornsites (or any unknown site really, but porn mostly), download unknown programs, and do internet banking/purchases and/or have business/financial data on your computer ...then you want rather tight security. The less you do of any of the above, the less you need in terms of real security (ie. If you only visit trusted sites, and don't download anything untrusted, then you are fairly safe with minimal security).

    I'm presuming you have a good firewall. if you don't it's absolutely essential (plenty of good free ones out there. I use ZoneAlarm).

    The other posts in the above links cover most of your other questions. If you use IE, most recommend switching to mozilla firefox, but you you choose to stay with IE, then IE-SPYAD (free), Spywareblaster (free), a HOSTS file (free) and enhancing your IE security settings (see http://www.spywarewarrior.com/uiuc/main-nf.htm half way down the left column for a IE/Firefox security guide)

    The PG forums here in wilders have lots of useful discussions about PG (seeing as many new people ask if PG is for them).
     
    Last edited: Jun 24, 2005
  5. Meltdown

    Meltdown Registered Member

    Joined:
    Sep 17, 2004
    Posts:
    299
    Location:
    Babylon
    As long as you're not downloading and running executables, P2P presents no great risks (AFAIK - I started a thread on P2P and security and it hasn't produced any devastating revelations).
    Equally I've never understood the safe surfing recommendation for people who have made the switch from IE. If you go unsafe surfing you'll come across a few trojans, which an AV with http monitoring should pick up. If not, you'll get a dialogue asking if you want to download the trojan. There's no harm in downloading a trojan, or having one in the browser's cache. As with P2P, to get infected you have to execute the malware.

    Of course, I can see the sense of those recommendations as general maxims for new users who may be unaware of potential pitfalls. User awareness is the key.
     
  6. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    You're quite right that executables are the biggest threat in P2P downloads (one test found about 30% of them contain either a virus/trojan/worm, or a combination of them). Virii are probably the only main danger in mp3's etc.

    "If you go unsafe surfing you'll come across a few trojans, which an AV with http monitoring should pick up".... many AV's have a poor trojan detection rate. Then there is spyware.

    Some spyware/trojans like CWS download/install automatically through ActiveX, normally from porn sites, and are very difficult to remove.

    Other worms/virii use Java vulnerabilities to auto download.

    Simply, the more combinations of risky habits you have, and the more info on your computer you need to protect, the better your security needs to be.
     
  7. Meltdown

    Meltdown Registered Member

    Joined:
    Sep 17, 2004
    Posts:
    299
    Location:
    Babylon
    Interesting statistic, confirms my fears.

    I don't think anyone's embedded malware into mp3s yet. There is an issue with WMV and WMA files, detailed e.g. here. It's worth noting that the mechanism described still requires user confirmation to get infected. User awareness would instantly flag that as suspect.

    Okay, but the user would still have to execute the trojan.

    - if you're using IE with lax security settings.

    Zero-day exploits? I can't decide how much I should be concerned about those.

    I hope this doesn't come over as too argumentative; really I'm still trying to work out my security needs. I do feel that well before a user has accumulated sufficient knowledge to make effective use of behaviour-blocking security software (too sophisticated for me, I'm afraid), they know enough to avoid infection anyway. I can see that some people will have a legitimate and valid need for behaviour blockers, e.g if they're in the business of testing software from unverified sources. And security concerns aside, they're useful tools for analysing how software and Windows work.
     
  8. wolfpack

    wolfpack Guest


    1. I would get KAV if I was doing online banking. It's about the best AV out there that detects not only viruses but much riskware that other AVs would have a hard time finding.

    2. I would definitely have an anti-trojan (actually more than one) if I was doing online banking. Some good one's I would recommend are Ewido & A2. As for payware I like BoClean. But remember, if you do go with KAV over NOD32 you will have better trojan detection. If you choose NOD32, I would have two or three anti-trojans to better cover NOD32s somewhat poor trojan detection. But regardless it's a good idea to have at least one anti-trojan if your doing online banking.

    3. Yes, get Process Guard. It will provide you with the kind of protection you need. You may also want to consider Prevx along with PG, I would.

    I would also get an anti-keylogger of some kind. Realtime would be preferred. Snoopfree is a good free anti-keylogger. Again more than one anti-keylogger would be the best. Perhaps one realtime and one for backup manual scans. This is VERY important if your doing online banking.
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Where exactly are you referencing this from?

    Cheers :D
     
Loading...
Thread Status:
Not open for further replies.