Simple security solution

Discussion in 'other firewalls' started by cleanPC, Oct 29, 2006.

Thread Status:
Not open for further replies.
  1. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    I have 2 machines both on XP Pro SP2. The one I use for internet is guarded by Outpost 3.5, KIS 6, Webroot spysweeper 4.5 and Spybost and Spywareblaster for more protection. That is fine as it's been long time I had no infection and it takes resources of the computer as a price for security.

    The other machine I use mainly for CAD projects and I just connect to the internet for getting windows and few programs updates. I just recently reinstall the windows on a fully formated fresh HD and IE 7 and ZoneAlarm 6.5 and I just used the windows update site to get all the updates. No more internet use and no other programs other than Windows and zonealarm and IE7. After I checked with ZA and I got two low risk rate detections by ZA as spyware treats.

    Is it a known case with other experienced users as the ZA is not much reliable tool as for a total security solution and should I stick to outpost and an anti-virus like Avira to say and probably a full feature anti-spyware even for those rare occasions to be online on my second machine? I just reinstalled Windows and no ZA yet.

    Any helpful technical comment is highly appreciated in advance.
     
  2. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Welcome to Wilders cleanPC.

    I think it would be good if you can confirm if those two detections were false positives or not with some other antispyware programs. Maybe they are still in the ZA quarantine?

    If they are false positives and you really don't use the second computer for other than what you mentioned, then I think it is fine.

    But if they are not false positives, then you need to find out where and how they got onto the computer and prevent it in the future.
    Maybe one of the apps you trust has something extra bundled with it?
    In this case, some antispyware might be a good idea.
     
  3. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    They may be IE tracking cookies. Thats why ZA flags them as low risk. ZA can only scan IE tracking cookies and well since you are using IE, that increases the probability that this is the scenario you are facing. If you use Firefox or Opera and visit the same sites, ZA is most likely not going to find any tracking cookie.

    Since ZA's antispyware scanner is relatively new, it won't have as big of a database as some of the more established antispyware apps. However ZA also has fewer percentages of false positives.
     
  4. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    I didn't want to mess up with another anti-spyware solution and as I checked the ZA there was no trace of those treats as they where deleted and not quarantined.

    I think there are many like me that reserve a machine for primary jobs like CAD or Graphics and don't want all those security stuff and a crowd registry entries.

    I just reinstalled a fresh Windows, it's been a matter of 45 min. but I have not yet updated it till I find a secure solution to be assured there would not be any risk while I am getting updates. Can I rely on Windows own firewall (XP SP2)?

    So far I've not been convinced.

    Still I rate Outpost 3.5 as my best firewall I have ever used but simply as for anti-spyware I have to depend on one or two more protective solutions and I want to keep it all as simple and effective as possible.

    Thanks
     
  5. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    As for tracking cookie I am more than happy with Spyware sweeper 4.5. I didn't try the new versions 5.x but is there any other solution to block tracking cookies without using anything similar as for example by not accepting cookies in IE settings. I have updated IE to the version 7 now.
     
  6. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    its just easier to clear them out or stop them with IE than having a perminat shield on waste resource.
     
  7. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    You could try something like Arovax shield which has tracking cookie blocking,
     
  8. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    The windows xp firewall is excellent for inbound protection, it gets a full stealth rating from the shieldsup test.
    On my work computer all i use is a light AV and the windows xp firewall. I update windows regularly and do the occasional browsing on sites i consider safe and have never had a problem. I'm considering doing away with the AV and just using something like system safety monitor to lock down the computer.
     
  9. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    I've installed the latest Windows Defender on the other machine. I just want to know it more and be comfortable with its controls and its effects on the PC's security and performance.

    Any one with more experience with Windows on Defender?
    I am on XP Pro SP2.
     
  10. jasonago

    jasonago Registered Member

    Joined:
    Oct 28, 2006
    Posts:
    31
    Location:
    Philippines
    Avira Free is really good...
    Supplement it with Ghostwall for firewall...

    Notice that there is no application control here and a leaktest will succeed in this setting...But since Avira has a good detection rate, this may augm,ent the situation especially if you need a fast and lightweight protection...

    Or better yet buy Avira Security Suite...if you want to spend some bucks...anyways 5 euros I think will go to charity...
     
  11. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I'd suggest using appdefend combined with ghostwall. Gives you inbound and outbound protection and both are freeware although appdefend is a limited free version.
     
  12. jasonago

    jasonago Registered Member

    Joined:
    Oct 28, 2006
    Posts:
    31
    Location:
    Philippines
    And besides being a limited freeware, appdefend failed in some leaktest and termination tests...BUT for lightweight and general protection, appdefend will do...
     
  13. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    Hi all,
    Thanks for all comment. I appreciate well the security and safety of my PC I don't mind if it cost a few bucks if it can do the job cleanly. I encountered another problem with ZonaAlarm security suite 6.5 (build 737). As I said I installed a fresh Windows (XP PRO SP2) and ZA and got all the Windows updates except the IE7 (The old one didn't bite me at least and I hate the ClearType effects) and the Media Player 11 (I don't like its look). And the PROBLEM!
    I use to set the size of paging files on C at the maximum (4096 MIN and MAX) immediately after installing Windows and defragging the drive. After installing ZA I noticed the paging file is missing (as I defrag regularly after each installations of drivers and programs) the green band in middle is just disappeared in each analysis! I set it again and after the reboot it's same if ZA is running. I uninstalled it and the paging file was there again after I sat it again and after several reboots. So I should have rights to blame ZA for such problem. I had no such problem with ZA 6 and my other machines (Outpost + Kaspersky).
    I simply concluded to leave ZA and go back to a more reliable one. I am using the Outpost 4 on the othe machine now and I am wondering rely on the Windows own FireWall and a good anti virus program (Kaspersky is too extreme for the purpose of just getting Windows updates.
    I like Avira it likes to catch everything. But I should make sure if it would be reliable on long run.
     
    Last edited: Nov 12, 2006
  14. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    I heard good things about Jetico. Is there anyone having some experience with this firewall?
     
    Last edited: Nov 12, 2006
  15. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    Read this - everything you wanted to know and more
     
  16. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    thanks. I'd read it.
     
  17. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    A simple question? Using Windows own firewall (XP SP2 ) and getting updates through IE and Windows updates site can pose any risks for getting any infections or an intrusion attack?
     
  18. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Possible, but very unlikely.
    If another computer on the LAN gets hacked and that computer poses as your router, they may be able to redirect you to a fake Windows update site.

    If your ISP DNS server uses a vulnerable version of BIND, then the DNS server's cache could be poisoned and you could be redirected to a fake Windows Update Site. This is called Pharming and most if not all ISP DNS servers should be using safe versions of BIND by now.

    If your computer gets its hosts file altered, then you could be redirected to a fake Windows Update site. But if they can alter your hosts file, you can be already infected directly.

    Will you be using IE for all your web browsing?
    If so, you should harden the settings.
     
  19. cleanPC

    cleanPC Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    9
    I don't use IE for online activities and just for getting custom updates from the Windows updates site as I don't want all those junk stuff (WMP 11 or IE7 or someday a .NET runtime) on my primary PC. I use Firefox and Opera with all those anti-spy and security stuff for my other PC for browsing. e-mail checking, etc. I disable accepting cookies in IE for third parties and prompt for first party and I don't visit any other site.
    There was a good thing about ZA Security Suites, after installing it you could shut it down and there was no background activity and no warnings as for there is no virus protection on your PC from Windows. But the problem with the latest version of ZA as I wrote in my earlier forced me to stop using it.
     
Loading...
Thread Status:
Not open for further replies.