Some people, are finally starting to figure it out.

Discussion in 'other anti-malware software' started by trjam, Jul 14, 2008.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    What is different today, against 5 years ago. "You are free to fill in the rest as you see fitting."

    This is a thread to speak your piece about security and how it has or hasnt evolved. No restrictions, except the ones already in place by Wilders. Leave product names out and speak about what works, what doesnt work, and what it will take to meet the future head on.
     
  2. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    I am sure the others will have lots to discuss about your stated topic. As for me, I am essentially using the same security software items that I have been using since 1999 (AV, firewall). I added antispyware in 2006. I've come across malware since going online back in 1996, but so far my computers have never locked me out completely and have never had to reformat or have a HD crash. The only time that I had to replace or remove security programs is due to obsolesence by the software vendor. The main difference from 5 years ago is that a lot of crappy software writers have shown up in the WWW population. :argh:
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    my security aproach today is very different than was 2 to 3 years ago,where i have to wait for a virus signiture to cure a virus,now no more scaning for me
    save me some time from everyday updating the data base to be secure and a weekly scaning.no moreof that.sandboxing/virtualization is my new way of protecting my computer and data.;)
     
  4. AKAJohnDoe

    AKAJohnDoe Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    989
    Location:
    127.0.0.1
    Not much difference for me in 5 years. I still have today, as I did 5 years ago:
    1. A Router/Firewall in place
    2. A Software Firewall that permits easy configuration of outbound connections
    3. No Instant Messaging clients installed

    Consequently, I have had a fairly uneventful 5 years from a viral, malware, spyware, security perspective.
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    are you running any antivirus?
     
  6. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,065
    hmm in five years not much has changed.
    used to have a direct adsl connection to the internet using a suite and antispyware realtime.
    now i have a wireless router/modem with has a firewall.
    only thing realtime is a suite with antimalware firewall and HIPS.
    used to use internet explorer but for a while changed to firefox. now i use opera as my main browser.
    havent got infected around 5 years/6 years.
     
  7. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    337
    My personal view:-

    - less is more. More integration in products.

    - broad spectrum defense. Heuristics + signature based are now common. Starting to see virtualization.

    - Most AV engines include spyware protection as well. Realtime spyware is not really needed these days.

    - I predict more and more protection will start moving to the network edge and not the client pc's - already we depend on a router, soon the ISP will do most of the filtering for us. They can gain from centralized protection.

    - From signature base -> heuristics -> statistical analysis, the ways of identifying malware are changing.
     
  8. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I only will say this. Here is where I think its heading starting now and through out the future.just a small part is in my signature.:D
     
  9. Einsturzende

    Einsturzende Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    390
    Location:
    neubauten
    I can see future already when I look at KIS 2009, almost fully automated HIPS and FW... waiting for other big players and finalization of concept...
     
  10. AKAJohnDoe

    AKAJohnDoe Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    989
    Location:
    127.0.0.1
    I do, but really only because the firewall I wanted to run came with one. My website in my sig has my product lineup. But, truth be told, I haven't seen a virus or malware in years. I do also block scripts in my browser (at least until I trust the site enough to allow them on a site-by-site basis) and I clear all cookies and other private info each time the browser stops. I have not yet gone with a sandbox or the alzheimer's approach where every bootup is a brand new day.
     
  11. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    This should come as no surprise to long enough users of this entity so aptly named Windows.

    2 new innovations have not only completely revolutionized my own computing experience, but also have made it notably more SAFE! and that my friends equates to enjoying this machine as well as it's use as an artistic learning tool or framework, maybe even drawing board if you like.

    The reliance on an AV is been exchanged with a HIPS for me, and i have experienced infinitely better results all the way around from avoiding the pitfalls of false positives, poor performance, and even outright draw downs where AV's used to tax immensely systems resources. HIPS handed over to me, the user, COMMAND & CONTROL of the unknown, and that is better educated me to exactly what is interacting as well as intruding onto my disc. Even better yet, the HIPS is vastly "LITE" in comparison in two ways, smaller disk space useage on install AND resources without sacrificing either performance or safety, but rather enhancing them both!

    The other new innovation is an ISR, and chiefly in my case FirstDefense (Classic or Original Version). As well as offering a variety of individual bootable systems on the same partition or disk, ISR Technology, in my case FD-ISR, has even in some instances replaced total dependency on an Imaging Program although i maintain the wise choice of keeping them anyway for extreme emergencies. It was never designed in the first place to take the place of any imaging app but it definitely has proved it's PERKS in a pinch when i didn't have a ready image to restore a system bugged up by my research with some malware or just simple system corruption. FD-ISR archives, separately stored, are easily returned back to working, bootable snapshots again with all programs, settings, and the like completely intact.

    I might add there was also the introduction of Sandboxes & Virtual Systems like Power Shadow, Returnil for two examples of how things have changed for the better, and the rest of them i'll leave up to other members to bring to attention.

    The single basic UNCHANGED item for me is of course whats already been mentioned, a firewall, and i been stuck on Kerio 2.15 since Windows 98 and been thru the gambit even with todays newer models, but none of them is motivated me to the point of this changing of the guard, at least not yet. Close, but no cigar.

    EASTER
     
  12. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,887
    Location:
    Stockholm Sweden
    About five years ago I started to interest me in computer security. So I tried many of the solutions that were offered, and I learned alot through these software. I learnt mainly that it is quite hard to get infected (for me at least) and that I didnt need all the armor they provided. It wasnt worth the prize (popup fatigue) even though many HIPS and CIPS nowadays have whitlisted alot of software which is good.
    The latest year I have learnt about something I should´ve investigated from the beginning really - Limited user.
    But I was shun away because all self acclaimed experts told me that computing life would be unbearable (but only in windows apparently, often in the next breath they recommended linux o_O )

    But on the other hand if I would´ve gone to LUA directly I wouldnt had learned as much about the inner workings of windows as I have done with HIPS.
     
  13. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,215
    Hi,

    Not much has changed. I suffered a brief spell of computer paranoia in 2004, but it quickly went away. All in all, I started getting really interested into computer security as a hobby ... although I've used security products even before that.

    But in general, it has been pretty much the same.

    The changes are - I got more into imaging software and linux ... :)

    Mrk
     
  14. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    The oldest security axioma still works

    a) A firewall somewhere (at least inbound)
    b) First user identification and authorization
    c) Followed by policy management (or software restriction policy) based on the users right
    d) An antivirus
    e) Community warning/IP blacklisting (to keep you out of the known risky places when browsing)
    f) A decent fall back recovery tool

    Only difference today are the cross over products. This is basically because security mitigation/contingency management has not changed

    1) what is the risk/how to reduce risks (e and a products)
    2) what is the impact/how to reduce the attack surface (b and c products)
    3) how to minimize the effects of an attack/repair damage (d and f products)
     
    Last edited: Jul 15, 2008
  15. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,121
    Location:
    Mountaineer Country
    For me, it's definitely sandbox and light virtualization applications. Not too long ago I was using NIS 2006 :gack: which slowed me to a crawl. I then began slashing services and background processes and tweaking until my system became responsive. I started reading about free alternative AV's and AS then gave them a shot. I then saw a thread here about PowerShadow and it peaked my interest. My first attempt was a disaster :(. I then tried the 2.8.2 version and what do you know, it worked. I then began hearing about a little sandboxing application and decided to give it a try. Wow, for the first time in a long time I felt free to surf where I wanted to. I'm still learning about that little app. and still tweaking it. It has changed the way I view the web. Throw in a light virtualization app and you are golden.

    I should also say that being able to finally get an extra external hard drive for backup and imaging has also given me and probably others peace of mind. Internet "bliss" can be found, it's up to you as to which path you take :p. On a serious note, the knowledge I have gained from the members ans staff of forums such as Wilders has also helped tremendously :thumb:.
     
  16. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I think many users of these forums will have constantly different states of what they run. Peeps who are into this domain of computer workings probably have a higher knowledge, which of itself is the best protection. These peeps cannot resist the new security app, hoping for each one's own 'holy grail'.

    However, for these peeps the last 5 years have been more of delightful learning. Consider how the other 98% of users have changed. Consider the number of botnets that thrive because the market has been saturated with spyBgone's and StopBadGuys's. Consider that a new computer from a big name will have sooo much bloat and processes running as to make it run as in the pII 500mhz daze. I would say the last 5 years has been a steady improvement of differing technologies, especially the HIPS and virtual environments. But for consumers, I would say it has been no different if not worse. Putting your faith in protection in the likes of some products they have installed it is no wonder that supposed rates of infections are very high. This also is why peeps who visit here are often called in to rememdy the friends computer that is 'protected'.

    Myself I look for less usage of my system so that I can use my system again. As if the internet was a youth again, when it was all text from an i386/486 at baud rates.

    Has anyone seen that around here recently ? lol :)

    Ah, well in that case I may continue to use these time-tested tools

    Opera/Kmeleon
    Proxomitron
    antivirus of the month (currently Avira)
    a different firewall this week from the one I try next week
    on some weeks older Cyberhawk
    and most always now SandboxIE
    oh, and too many tweaks/regedits to remember anymore.

    Sul.
     
  17. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    If I recall correctly, the first security program I installed on my system was Avast. Of course, I hesitated at first (due to my lack of knowledge regarding security softwares), but back then there was not much a solution to the ever-growing world of malware. After a supervirus infected my machine, I had no choice but to use an AV. That's when I used Avast. And thankfully, it removed it.
    Since that day, I never removed Avast in my anti-malware arsenal. It became a sort of, shall we say, 'infatuation'. (Dramatic much eh)

    5 years ago, the 3 basic security setup was a firewall, an AV, and 2 or 3 AS programs.
    Now, it has been changed to an image backup, a sandbox, and 2 or 3 virtualization softwares.

    I guess it all depends in the trend. Sandbox, virtualization and imaging software is what's "in" these days.


    Nice thread BTW :thumb:
     
  18. Doodler

    Doodler Registered Member

    Joined:
    Dec 23, 2007
    Posts:
    237
    While I have AV on my system, I am growing my reliant on virtualization (currently, Sandboxie).

    Not too sure how long of a life this thread will have because the title is not very revealing of the topic.
     
  19. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,065
    i forget to add that recently i have started to test linux more.
    my list of reason for not using linux is gettiing smaller and smaller.
    1.certain applications wont work.
    2.no support for creative x-fi
    3. on some distros installing plugins such as flash,java can be hard. its very easy with opensuse.
    4. cant find a media player i like. on windows i use media monkey and hope they will port it over.
    cant think of anymore reasons atm.

    the main plus sides are as follows.
    1. its free.
    1.one updator for everything. aka package management fantastic. in windows you would need to run windows update for microsoft software. then go to apple for quicktime,adobe with flash player etc etc.
    2.can always run as limited user account. for the rare times you need root rights you get a prompt.
    3. at this time no need to worry about secuirty programs. just run as standard user account and keep system and applications up to date.
    4.due to the better file system no need to worry about fragmentation.
    5.with every release it gets better.. unlike windows with every version getting more and more bloated and slow.
    6.only starts with minium services for faster boot time and starts other services only when they are needed.
    i could go on...
     
    Last edited: Jul 16, 2008
  20. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    Everything has changed. No more Antivirus (10 months), no antispyware (3 years), no HIPS (1.5 year).

    Nowadays my approach to security is based mostly on a combination of light virtualization, snapshot technology, and reliable imaging software (see my signature).

    I sporadically check my Vista and XP systems with reputable scanners, but never found anything.
     
  21. Snufke

    Snufke Registered Member

    Joined:
    Jul 24, 2008
    Posts:
    3
    Well, I bought the damn ESET Smart Security plus 2 year subscription, but I find myself half-pleased, half irritated.
    Pleased because the thing appears to be doing a good job protecting me (once I got rid of all the unnecessary popup messages, excluded safe programs it was erroneously picking up on, got it to stop running scans I had not asked for, set all scanners not to clean automatically because I like to know what's going on on my computer and why, etc, etc).
    I am irritated because especially the antivirus module when it is just on standby is a huge drain on the system, slows everything right down, including, I am now certain, having caused my start menu to have a 20-second response lag. I am not even talking about when it is actually running a scan, you can forget about doing anything else then.
    For the longest time I actually did not have any antivirus/antispyware running on my computer at all, because I still believe you can prevent infections with some basic carefulness: don't insert illegal CDs, don't open email attachments unless you KNOW it is safe, don't allow software installs or updates without your say-so, and don't use illegal software. And, get rid of all the unnecessary bloatware, services and other startups, of course. But of course I do do some of these things, by choice, and last year I got my system rendered unusable by a nasty spyware infection together with my misguided attempts to get rid of it. So then I thought, that's it, I want protection.

    I am only now realising more clearly that what I really want is protection when it is needed, and not when I am not doing anything that exposes me - which is most of the time. I want the firewall to be running at all times, because I am always connected, and I want to be able to turn off antivirus/ antispyware permanently unless and until I know I need it for a little while. At present ESET Smart Security is clearly taking the 'foolproof' approach that the idiots need protecting against themselves and don't allow you to turn off antivirus permanently. Which is fine, unless of course you are not an idiot. Then it is very irritating . I want, hidden somewhere deep in their user-unfriendly advanced setup menu, surrounded by warnings for the above idiots, an option that allows me to turn of this gas-guzzling software.

    There, I feel much better after my little rant, hope you enjoyed it too! ;) Let me know what you think.

    Arohanui.
     
  22. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I don't mean to brag as some are so quick to note, only express my opinions and satisfaction.

    The best security apps i feel fortunate to have found that is hard to beat is the free EQSecure (beta 4.0) HIPS w/Alcyon's Rulesets. Of course there are yet others that are top notch and i don't discount them at all.
    For me EQS with it's blacklist is solid to temporaily LOCK OUT folders, files, and registry entries with simplicity as well as alert to intrusions. AV's/AS's are to me gone all but obsolete when it comes to a quality HIPS in my opinion.

    FD-ISR Classic is another favorite that's paid for itself too many times to mention, it was a very quality investment indeed and remains so tothis very day.

    DriveSnapshot is another and the last means of 100% total system recovery that is yet to fail not once.

    And this should have come first, if not for the staff, membership, and expert comparisons and open research reports courtesy Paul Wilder's Forums, none of this could or would be possible.

    I apologize if i left any product developer from specific program and/or name, but i have it on first hand experience that your own tireless efforts and enthusiasm w/generosity in engaging these discussions have literally put virus & malware writers back to cracking software.

    I've long incognito masked usernames and even went thru some initiations just to become members of these highly talented virus writers, and believe me, they have grown very weary seeing that such a flood of NEW superior security apps have saturated the market and made all but aborted their efforts to climb these razor wires of excellent safety products you the developers, and you the membership & staff have taken to task and passed your findings/issues along thru to the proper channels of the makers to improve PC security for windows like never before.

    Yes, there still remains a few encouragements for them but only for the new user who is yet to discover the inventory that await their attention now.

    EASTER
     
  23. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
    In the last five years the main two changes in my security is that I became more knowledgable concerning security and dropped a wad af overlapping security apps and am now going with a security suite. I do run Opera browser and I use windows defender and was useing spywareblaster but SB is not compatable with my current suite. In reality I feel just as secure now as when I had eight or ten security apps. I probably am much better secured now because when you run that many apps they tend to fight for the same type of resources which makes them all weaker. But everyone to ther own.

    safe surfing
    bigc
     
  24. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Yeh i've definitely become a lot more knowledgable in regards to computer safety and security. These days i run 1, maybe 2 security apps at the most as opposed to a few years ago where i would run multiple real time scanners and a host of other security apps. I've also moved away from the one machine does it all approach. These days i run 3 seperate computers for specific purposes.
     
  25. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,175
    Trend Micro Internet Security 2008 and AVG 8 combined with SAS free and PC Tools firewall.almost never had a single problem. of course comon sense
    the only problem i have with trend micro is that when it found some infections it will not heal it just quarantine. but that was sometimes ago
    i found them both a bit heavy
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.