Security setup - are we being overly paranoid?

Discussion in 'other anti-malware software' started by Smiggy, Aug 4, 2008.

Thread Status:
Not open for further replies.
  1. Smiggy

    Smiggy Registered Member

    Joined:
    May 2, 2007
    Posts:
    209
    Location:
    The Angel Isle
    Hi all,

    Currently running my system behind an SPI router, wireless.
    Have Avira Premium, SandboxIE for web browser and Threatfire.

    Recently played with HIPs, Prosecurity, EQsecure and just wondered if I was being overly paranoid.

    Don't browse irresponsibly, generally if I do my Avira blocks website access if spurious. Usually when looking for keygens etc.

    How many of you will admit to becoming 'fiddlers' and 'totally paranoid' when it comes to their security setups?
    How many people change their setups after reading a 'good' article about another program that they don't posses?
    Just wondered, I used to but I'm currently getting therapy now and think I can see the light at the end of the tunnel at last!

    S.
     
  2. PiCo

    PiCo Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    352
    Location:
    Athens, Greece
    Well I'm personally a software whore, but you do have a point.

    But I think there is a difference between a person that changes protection setups due to curiosity or testing purposes and a person that changes protections setups because he's actually feeling very threatened!

    Of course none of us want to get infected, but it's not sth to get paranoid about. PC is hardware, not a living thing :)

    PS: Actually I do not see a point in my post, but these were some thought I wanted to express.
     
  3. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    As for myself I became overly paranoid just after I joined Wilders Security some 5 years ago.:p
    I admit that I spent too much money on Security Applications after reading some threads here.:oops: I also play with SSM,ProSecurity and EQSecure.

    But now since last year this time is over. I know run my PC with only Kerio 2.5.1 and DefenseWall and I must say that my computer runs much faster than before.

    Once in awhile I scan with Dr.Web CureIt and SuperAntispyware but it's always negative.So my paranoid period is now from the past.
     
    Last edited: Aug 4, 2008
  4. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Me too are a recovering security junkie. I have not yet recovered from my addiction to test security software though.
    I test them but dont buy them anymore, I always fall back to basic: LUA, SRP, AV and FW always looking for way to drop the AV for good.
     
  5. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    I think most of us here at wilders become paranoid after some time. A short time after I joined I read a post (can't remember who wrote it) which described the typical Wilders lifecycle:
    (Don't remember it 100%, but it was something like this)

    -Member joins Wilders due to an infection or a specific support question in one of the official support sections (like eset)
    -Member starts reading about things he never heard before: drive-by downloads, buffer overflow, rootkits, etc...
    -Member learns about layers
    -Member starts to pile layer over layer looking for 100% security. Tries every new program which detects 999999 intead of 999998 threats.
    -At some point computer becomes unstable or very slow.
    -Member start wondering if all those layers are needed.
    -Uninstall some programs and enjoy a fast computer once again.

    I went down that road. I got infected anyways. Layers are not equal to security. They are not a magic thing.
    I now live happy and feel safe with my setup.
    The key is to take the time to learn HOW MALWARE WORKS, HOW MALWARE CAN INFECT YOU and HOW SECURITY APPS WORK. This way you can build a good setup with minimal overlap and minimal open gaps.
     
  6. Doodler

    Doodler Registered Member

    Joined:
    Dec 23, 2007
    Posts:
    219
    Interesting thread by the OP. I can relate.

    I got infected early this year with a trojan. We think the malware was installed when my wife used my XP pc to print instructions about a web game she was playing. (She's been a Mac user for years and has had zero security problems.)

    Prior to the infection I used Windows Firewall and Nod32. That's it. So after spending a week cleaning up the malware, I probably became overly anxious and installed a bunch of security stuff, the worse of which for me was a popular HIPS-based third party firewall. Got tired of that hassle, discovered Sandboxie, and have been happily using that.

    Finding the right balance is a personal matter. For me...I like to keep it as simple as possible and yet reasonably effective. So for now, my primary defense is unobtrusive Sandboxie, along with Nod32, SuperAntiSpyware (free version) and Windows Firewall (edit: I'm also behind a router).
     
    Last edited: Aug 4, 2008
  7. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    :D :D :D Paranoia has always a cause.
    Emphasize tunnel. VPN Tunnel. I suggest for all over-paranoid start analyzing your tcp/udp traffic and look into the ugly tunnel of the internet controlling bot matrix.
     
  8. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I do not think I fall in the paranoid group but a software junkie for testing on a none test machine.I am currently In rehab and only have a Geswall additiction.o_O
     
  9. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    929
    The new Kaspersky Internet Security 2009 has a .chm file that is very thorough in explaining all of the different malwares that can infect a computer. It explains how Trojans, Worms, Rootkits, Viruses, etc act on a computer and what damage each can do.

    A good way to read it is to download the Trial version, just out in the U.S. today, and use the Chm to PDF Converter program to print out the .chm file as a PDF. It is very interesting and educational reading.

    http://www.theta-software.com/

    Silver
     
    Last edited: Aug 4, 2008
  10. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    My personal opinion is that yeah, most are too paranoid about their security setup (even me not long ago). Here's how I see things, and keep in mind this is just an opinion, I think we're worrying about the wrong threats. Now, to keep myself out of trouble, I'm going to refrain from getting into anything outright political, but I believe our privacy is at a huge percentage more threat than our systems are to hacks, data theft, and the other threats we tend to put ahead of other dangers.

    How many of you, without doing any tests or doing something extremely risky (and by extreme I mean actively surfing for keygens and such), have not only come across but have been hit by anything other than a typical, easily removed virus/malware if you've been hit at all? How many have truly gotten hit with the baddest of the bad? My assumption is very few overall, perhaps I'm wrong though.

    I P2P, simple as that, chide me if you wish, it's all good. During the years of P2P, I've been hit with TONS of viruses, almost always within zip/rar files. Less than 1% were able to actually run, the other 99% of the time, my AV caught it, I opened the file with IZArc (meaning just right-clicked and hit open, not actually double-clicking the file), found the offender, deleted it out (most times this works, sometimes it does not and I delete the entire file), and kept the remaining clean files within, no further issue.

    Any actual malware has come from playing on game websites (a lot of ths happens for Shockwave games) and a few porn sites (yep, look at that too). Even then, very few gave me any trouble when up against my SAS. I've yet to see ransomware, MBR killers, diskwipers or big time rootkits. And, all I've been armed with for almost the whole time was Avast Free and Firefox with Noscript and AdBlock Plus. I've added Sandboxie in the last few months and feel even safer than before. I keep Returnil around just in case, but very rarely bother using it.

    We worry about all of these hardcore attacks, yet the vast majority of us show no concern where our data goes and to whom when surfing Google, installing software (who among us diligently reads EULA's?), sign up for websites, or turn over our credit card and other personal info to online stores. In recent weeks we've seen the forums lit up with posts about cameras determining our sex and age so they could fire off the "right" ads at us, national ID cards are about to go out in the UK, we have Phorm and NebuAd trying hard to get to us, I just think we're directing our concerns and the majority of our attention to the wrong threats.

    I am not advocating we drop our security apps and say "the hell with it", that would be dumb. All I'm advocating is not concentrating on one aspect of the threats against us now and the future. Lots of new laws, regulations and ideas are being passed and thought up, and a lot faster than we might want. I'm personally becoming more afraid of what's being deemed legal than what has always been illegal.
     
    Last edited: Aug 4, 2008
  11. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I found Wilders years ago, after being infected the umpteenth time from downloading from Warez. Free software began to appear around that time - or I discovered here that there was a lot of legally free software available. I've been here ever since, and haven't used a warez or similar site in years.

    I went through a time when I had my computer so bogged down with security software that I guarantee it was 100% safe. With all the running programs, I didn't have enough memory left to get online.

    With the advent of Sandboxie, I've pretty much dropped everything and returned to AVAST antivirus and Superantispyware. Firewall is hardware and I've got Windows firewall enabled on my XP box.

    On the Vista laptop, McAfee Security Suite, SAS, and Sandboxie takes care of business. I think the key to it all is Sandboxie rather than the other stuff.
     
  12. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    It seems like SandboxIE is the prescription pill for treating paranoia :D :thumb:
     
  13. Doodler

    Doodler Registered Member

    Joined:
    Dec 23, 2007
    Posts:
    219
    Yep...it keeps me off Lithium.:D
     
  14. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    The only problem I have with Sandboxie is, somewhere in Sandboxie is a setting to let you download large files, and I can't find it no matter what. I downloaded the Norton 2009, for example, minimized the browser and checked the sandbox. It showed empty.

    This isn't a sandboxie problem, it's a me being a dumba** problem.

    But, yes, I think Sandboxie and similar programs are the answer. I haven't had a single thing, that I didn't want, getting onto my computer since I started using Sandboxie. Nobody should be without Sandboxie, Bufferzone, GESwall, or the rest. I'll add SuperAntiSpyware on the list, as well.

    Virtumonde and the rest, no worries here, though I view it and all malware with respectful caution. I'm not dumping my av or SAS.
     
  15. Doodler

    Doodler Registered Member

    Joined:
    Dec 23, 2007
    Posts:
    219
    Not sure, but you might be referring to File Migration. Right click the Sandboxie icon in the system tray -> right click applicable sandbox -> Sandbox Settings -> File Migration. Also: http://www.sandboxie.com/index.php?SandboxSettings#migration
     
  16. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Trite but true: "You're not being paranoid if the bast*rds really ARE out to get you." :argh:
     
  17. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Besides my "normal" tools (very very few) it is only for fun running all kinds of security progs. Most of them deleting very soon which means within a day or so. That implies I am not as paranoid as some others with huge lists of running anti-whatever stuff.
    Also keep in mind the number of visitors/posters here at Wilders are not related to the amount of real world computer users.
    Regarding this you can say we (readers of this) are all very very paranoid, nothing wrong with that if you know you are.

    Gerard
     
  18. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    American Heritage Dictionary
    A rather strong characterization!

    'Overly' + 'paranoid' seems redundant, for a person either is or isn't, it seems to me.

    __________________________________________________________________________​

    Mention 'computer security' in security forums and 'Security setup' eventually monopolizes the discussion. Why is this?
    How often threads become focussed on "which is better!" Mercifully, this forum's administration put a stop to that.

    Someone around here is fond of saying, You have to try hard to get infected.

    The implication seems to be that with a basic understanding of computers and how malware gets onto the computer, one doesn't need an elaborate security setup.

    Instead of reacting with trepidation at each new threat, taking the time to understand what it is and its attack vector might reveal a solution already at hand.

    A good example was the LOVE-LETTER-FOR-YOU.TXT.vbs virus which propagated by email.

    From SecurityPortal.Com, 25 October 2000
    From BBC World News, 8 June 2000
    From ICSA.Net, 23 October 2000,"2000 Computer Virus Prevalence Survey":
    On a number of forums, a "tweak" was recommended: change the default action for the file type .vbs to EDIT so that clicking on a .vbs file would result in it opening in Notepad.

    There was much concern that the multiple variants would result in AV not catching the latest. This and the "tweak" overshadowed discussion about email policies and attachments.

    Because of the success of the recent Storm emails and similar enticements, it's evident that the lesson of that experience has fallen on deaf ears. A recent one. The file is a trojan dropper:

    parishilton.gif
    _____________________________________________

    You can carry this example over to downloading in general, or as some say, What do you choose to download?

    A security setup complements a sound security strategy.
    Taken together, there is no reason for paranoia or any such thing to manifest itself.

    I'm always reminded of Bruce Schneier's remark in his book, Beyond Fear:


    ---
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    Well, I´m not totally paranoid, I know that my current tools can´t protect against a lot of exotic attacks, but I know that it´s not likely I will ever face them in real life. I almost never install/run any new software (which is the most dangerous thing) on my machine anymore, and 99% of all drive by attacks will probably be stopped by HIPS/SRP. But I think it´s fun and assuring to know that malware can´t touch your system, that´s why I keep hoping for better, more powerful security tools, and like I said a while back, at the moment I´m not seeing any true innovation.
     
  20. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    If I lived in Yarmouth I'd be par (tickularly) anoid as well - as I don't run
    any security software I have nothing to worry about
     
    Last edited: Aug 5, 2008
  21. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    Lol, I initially started with Kaspersky 6 + Spyware Doctor + SAS + Ad Aware + spybot + Spyware blaster + Spyware guard + SpyCatcher... a terrible mess that screwed up my pc.

    Then I got KIS 2009 + SAS + Ewido + Windows Defender + Spybot.

    Now I only got KIS 2009 + SAS + Ewido and I'm running fine and extremely light, without being less protected.

    Now, back to topic, your setup seems quite good. Threatfire should usually cover what Avira misses. You should also use SAS and occasional scans with Cure it and/or AVP Tool.
     
  22. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    do you mean you are not even running a windows firewallo_O?
     
  23. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    No - Netgear Firewall router but no software Firewall
     
  24. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    You don´t know how present this is to all of us, start analyzing your little tcp/udp packets but only if your nerves are strong enough to look into this abyss of control and test field. It looks like we are beta testers or guinea pigs of a huge internet matrix. The price you pay for internet and globalization is total surveillance even disclosure of your virtual life. You can be as smart and clever it won´t be enough to protect yourself against this all seeing and all bypassing tunnel. Call me total paranoid but I am rather seen as insane then accepting this beast of surveillance that seems to change nearly all routers into zombies.
     
    Last edited: Aug 9, 2008
  25. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
Loading...
Thread Status:
Not open for further replies.