What is the best minimal security set up?

Discussion in 'other software & services' started by rockon, Jul 12, 2005.

Thread Status:
Not open for further replies.
  1. rockon

    rockon Guest

    What would you all say is the best security set up (for XP) using as few programs as necessary? Talking about realtime protection for the most part not programs that don't use any resources/mem (except when their being run) like Ad-aware free, A2 free, Ewido free or similar back up scanners.

    Looking for a good set up using as few programs as possible, but still with a good solid (the best possible) defense against trojans, viruses, rootkits etc...and low mem usage would be a plus. But I want to still be able to download updates and needed programs if necessary.

    Right now I think I'm using too many programs and would like to cut it back to just the necessary ones. Of course free programs would be best but some payware would be ok as long as their worth it.

    Thanks for your time and help.
     
  2. Ailric

    Ailric Guest

    KAV 5.0
    Outpost Pro (or other good firewall)
    and if you like...
    Microsoft Anti-spyware
     
  3. Apart from leaving XP and going to a tiny linux distro like Slax which can fit onto one CD I use KAV 5 personal, MS antispyware, hardware firewall and xp firewall and K-Meleon browser thats it.
     
  4. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    What are your internet habits like, and what do you have currently?

    Hardening your system can go a very long way, see my sig.
     
  5. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    I think that a good firewall (I use ZoneAlarm) + KAV 5.0 provides very broad (viruses, trojans, spyware, worms, etc.) and excellent (real-time and on-demand) protection. After that, it all depends upon your own surfing habits as well as how much "risk insurance" you want to have. I personally would favor installing a product such as ProcessGuard licensed (prevents unauthorized rootkit, keylogger, services/device installation) before installing anti-spyware, but MS AS is free.

    Rich
     
  6. rockon

    rockon Guest

    Thanks for the recommendations so far guys.

    Notok,
    I'm using the following for realtime protection ZA, AV, MSAS, WinPatrol, TeaTimer, Prevx free, Pest Patrol, Spywareblaster, Iespyad, Spywareguard and looking into Antihook.

    Use Firefox and Opera to browse (no porn or p2p) and never use IE or OE.

    Also use all kinds of Antitrojan and Antispyware scanners (probably too many) for manual scans, which I recently cut some out of the realtime protection area like SpywareDoctor for example.

    I would like to cut out all unnecessary bloat, and run only necessary, but solid realtime protection. I'm willing to get rid of some programs, and try some new ones, if they will replace what I'm currently using and allow me to get down to only the basics. Thanks.
     
  7. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If your habits are pretty conservative then I'd say your greatest danger is unknown threats, for which I would recommend NOD32 (if you had said you were a high risk user I would either say add a resident AT and/or use KAV. Keep a resident AT if you encounter a lot of trojans anyway). After that a good firewall, whether that's ZA or another (my personal fav is Look n Stop unbeatable outbound protection, lightest on resources, and greatest control with ease of use). Definitely do some hardening of your system and consider using DropMyRights (also in the hardening page in my sig). If you want to cut everything else down to just one additional app, I would consider either ProcessGuard (http://www.diamondcs.com.au/) or OnlineArmor (http://www.tallemu.com/). I would also keep SpywareBlaster if for no other reason than to keep the tracking cookies out, and at least a few on-demand scanners, including Ewido, a couple of the top anti-spyware scanners, and perhaps the eScan toolkit. If you want to keep the apps off your harddrive, you can always bookmark some online scans (there's plenty in the second page in my sig).
     
  8. rockon

    rockon Guest

    Thanks Notok,

    After reading the link in your sig about Dropmyrights, I'm considering running as non admin. But if I do can I still add bookmarks to my browser, download new programs and update programs? Because I do a lot of that. Dropmyrights looks good but running as non admin does look to be a better very safe low resource usage way to protect yourself. If I can't download while in non admin is it easy to switch back to admin so I can download when I need to? I'll look into those other programs too. Thanks again for your expert help. :)
     
  9. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    It just runs the specified program with restricted rights, not your whole Windows account. You can still add bookmarks and do everything normally, the only thing you won't be able to do is install directly from the browser. When you download things to install, you will need to save the file to disk and then run the file, rather than just selecting "Open" from the download dialog. You will also have to save pictures to disk to make them your desktop wallpaper (save to disk, then open it with your default image viewer and set it from there. If you don't have any image viewer installed then Windows will just use the built-in image viewer, which you can right-click on and 'set as wallpaper').

    With DropMyRights you create a specific shortcut to run the browser, email, etc, with reduced privileges. To run normally, just use the existing shortcut in your start menu. It's really very easy, but if you run into any troubles just ask. :)

    For the record, I've set up some high risk users' machines with nothing but NOD32, a firewall, and system hardening, and they have not had a single problem since, where they previously had machines completely riddled with malware. If you're not comfortable doing the configuration yourself, I would recommend using a commercial hardening tool like Qwik-Fix (http://www.pivx.com/), which is soon to be PreEmpt and include more fixes, or Computer Security Tool (http://www.computersecuritytool.com/). Qwik-Fix has the advantage of automatic updates and a 'suspend protection' option, and has plans to add fixes for various applications that are commonly used but not covered by any other hardening tool.
     
  10. hadi

    hadi Guest

    It can be as minimum as: (SP2 + spywareblaster + spywareguard + ccleaner) only.
    This test machine is subjected to all kind of kids and teenagers surfing. I scan it (through USB flash) with spybot S&d, Ad-Aware and Ewido on daily basis. The scans come clean apart from cookies which can be deleted with ccleaner in the first place.
     
  11. VIPER99

    VIPER99 Registered Member

    Joined:
    Jul 4, 2005
    Posts:
    78
    I've just skimmed through the posts so I am unsure if anyone else has mentioned what I've got. Anyways I had the privelege of doing a report on spyware a few months ago and it is recommended that you run 2-3 anti-spyware protectors. My preferences are: (also considered top choices in my report)
    Ad-Aware
    SpyBot Search and Destroy
    These two programs are offered for free or if desired you can purchase the full versions. I am unsure of the prices though.

    The third choice for anti-spyware would be SpyBlaster this sucker is appreantly capable of screening out spyware as it enters your system. You apparently don't need to do any scanning just keep it updated. As you can tell I haven't actually taken the time to try it myself but it did have high ratings through my research.

    For antivirus I just use AVG from Grisoft. Once again it can be downloaded for free or purchased to allow full functionallity but the free version works pretty slick. I personally keep away from high end pay virus checkers because some really lag down the system (Norton) and others can be effected by viruses which target the software.

    For a backup scanner you could probably go with an online scanner like pandasoft. I tried this out the other day and it worked pretty good. I wouldn't use it as your first scanner but it allows for a second opinion when it comes to virus checking.

    Hope this help you out.
     
  12. JT3

    JT3 Guest

    In my view Spywareblaster is over-rated.

    Particularly if you don't use IE too much. I wouldn't consider it as one of the 3 antispyware scanners most expert recommend you use, because it doesn't really do that.
     
  13. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    Just use what I use. (See signature)

    I used to believe in running lots of security applications, until I relized it was useless to do so as they hardly ever do or detect anything. :)

    My minimal security setup has never failed me, is very very reliable 100% never crashes, fast, easy to maintain and still giving me the very basic protection.

    I don't even need SpywareBlaster, since a Firefox called "Permit Cookies" prevents all cookies (and this tracking cookies) only for the ones/sites that I trust.

    I can just run without a firewall (ports are closed anyway), antivirus (I'm not stupid to download new malicious ware, processguard (Ditto to previous, antispyware (Tritto and I use Firefox) and still not get a virus, trojan... but thats just me, because I know what I'm doing but want peace of mind.
     
  14. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    I wouldn't consider it as any sort of scanner whatsoever since it isn't.... any kind of scanner that is... lol :D
     
Loading...
Thread Status:
Not open for further replies.