YAPCOMS - Yet Another "Please Comment On My Setup" Thread

Discussion in 'other anti-malware software' started by LuckMan212, Jan 8, 2007.

Thread Status:
Not open for further replies.
  1. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    I am finding that with new security apps coming out by the dozens almost every week, it is now becoming almost impossible for me to do my "normal" duties as well as keep up with the latest developments and test all of these. I have not changed my security software in years and I felt I am long overdue for some new tools in the toolbox and dusting out the cobwebs. I bought DefenseWall but found I am not using it for some reason. Guess I never really quite understood how to use it.

    I am primarily interested in as little overlap as possible; low impact on system resources and stability are important factors. I will have one set of tools that I use at home and another FREE set that I give to clients/friends/family who are sometimes too cheap or lazy to buy and pay for yearly subscriptions.

    Here's *my* proposed setup:
    ......resident:
    ...NOD32 2.7
    ...Comodo
    ...Prevx1
    ......on-demand:
    ...SuperAntiSpyware (paid)
    ...Spybot S&D
    ...TinyWatcher
    ......I am thinking of these possible alternates as well:
    ...CyberHawk (possibly replaces Comodo?)
    ...BoClean (possibly replaces Prevx?)

    And here's a FREE setup that I would give to friends/clients:
    ......resident:
    ...Avira AntiVir PE Free
    ...Comodo (or CyberHawk)
    ......on-demand:
    ...SuperAntiSpyware (free)
    ...Spybot S&D
    ...FireFox

    What do you think of this? Is it strong enough? Do I have all the bases covered? Any recommendations? How about the "BoClean vs. PrevX" or "Comodo vs. CyberHawk" questions?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,

    You do realize that everyone has their favorite software and will try to rationalize their choice. The MOST important things about a security setup are:

    How well do you cope with your tools? Can you use them effectively?
    Do they negatively impact your system (BSOD errors, etc.)?
    Do you feel your setup is friendly to you?

    Strong enough? DEPENDS ON THE USER.

    I know people who are so incompetent they would almost be able of destroying A Linux machine - people who should not be allowed to touch computers.

    I'm off to eat with some colleagues, gonna write another post soon ....

    Mrk
     
  3. btman

    btman Registered Member

    Joined:
    Feb 11, 2006
    Posts:
    576
    Cyberhawk DOES NOT on ANY condition replace Comodo. Cyberhawk is HIPS or something of the like and Comodo is a firewall. Though you can use both with no problems. And BOClean I would take over PrevX... But actually I'd take neither...

    Here's what I propose for both setups...

    NOD32 = A Keeper (Unless you want kaspersky :D. Sorry I like Kaspersky alot more, but NOD32 isn't bad at all)
    Comodo= A Keeper
    SUPER Anti-Spyware (Free) is a keeper. The paid version the only advantage I see is the shield, but I'm a high risk surfer with no spyware shield on... And this computer is alive, but I do regular scans with them too so that can be the cause.
    AVG Anti-Spyware (Free) because it catches some things SUPER misses... And vice versa.
    You can choose either Cyberhawk or Prevx if you want HIPS, but it's not a need unless you are a higher risk surfer like me.... but once again I do take risks... and I do not have hips open over 25% of the time on my system. Both are great programs
    And Spybot if you want, but it finds nothing nowadays. But it's free so who cares.

    For your clients...
    Avira or Avast, I like avast more but I have installed Avira on a few buddies machines who wanted a lighter av, and they have not complained. And it's detection is better and interface... But I <3 Avast because I don't like that umbrella.

    Comodo.

    SUPER Anti-Spyware free
    AVG Anti-Spyware free
    Spybot (once again if you feel like it lol)
    and yes Firefox.

    WHAT I HAVE LEFT OUT
    For you, BOClean. I'm pretty sure it won't find more than AVG and SUPER, and both of those are free so if you choose the AVG and SUPER route you've saved money.
    Super and AVG Paid are not needs, as they have on-demand scans and free version that update. I have both free versions.
    I will once again state that Cyberhawk or Prevx is NOT a need but can come in handy on a rare occation, choose one or the other. Remember do not choose one of these and ditch Comodo.
    TinyWatcher, never heard of it, doesn't seem great, doesn't seem like a need (it might be another hips, i don't no and im too lazy to research it)

    What I have left out for your clients

    Any HIPS application, this will infuriate them or confuse them and they will call you with everything that pops up... Or something just as bad... They will hit allow with everything that pops up.
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,

    Back from lunch. Here I go on:

    Security depends on the user. You can minimize background noise by 99.95% just by running a firewall and a normal browser. You can reduce the remaining threats, like email, P2P, IM and such by running non-MS applications.

    BUT nothing will save you if you decide to do something bad.

    The question I always ask and expect an answer within 10 seconds is:
    Would you allow scvhost.exe to connect to windowsupdates.com?

    Once you understand this sentence, the rest is just cosmetics and laziness. This firewall or that? This AV or that? This AS or that? Simple personal choice. It makes no difference.

    That said, simple setups I would recommend:

    Firewall - ZoneAlarm, Comodo, Sygate.
    Antivirus - AVG, Avast, Antivir.
    Browser - Firefox.

    If you want extra: AVG AS on demand.
    If you really want get spoiled: Dr. Web link checker for FF and Kaspersky Online Scanner for IE.

    Super tools: Linux live CD, UBCD4WIN, solid backup strategy.

    That said, your advice seems rather OK.

    Mrk
     
  5. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Like some others, I don't feel the need to run an Antispyware in RealTime as I use Firefox with NoScript, but do feel using Cyberhawk to ride shotgun with my Firewall seems like a good idea. It tested well in he AV Comparitives testing done for HIPS, and the test done on Gizmos. Maybe using Comodo Firewall and knowing what all it offers as far as protection makes some feel CH isn't needed, but I'm using AVG FW with CH, and feel as protected. By replacing AVG Anti-Malware with CH, using a Wireless Router Firewall, and running AVG 7.5 AV and Firewall I think I'll be fine. I will keep SuperAntiSpyware and AVG Anti-Malware Free for on demand scans, but doubt they will find anything. Being a "former" (time will tell LOL) obsessive user of software however, I like your proposed set up of Nod, Comodo,and Prevx1, and think for free that Antivir PE, Comodo and using Cyberhawk would be good.
     
  6. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I would add Spyware Blaster to both groups.

    In the paid group:
    BOClean instead of Prevx.
    A-Squared instead of Spybot.

    In the free group:
    A-Squared instead of Spybot.
    Consider Opera in addition to Firefox.
     
  7. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    Thanks for all the advice guys. After some hours of playing with Prevx1, Comodo, CyberHawk; I have actually removed all of them and reverted to my lean configuration:

    • NOD32
    • AVG AntiSpyware (on demand)
    • SuperAntiSpyware (on demand)
    • TinyWatcher (on demand)
    • Firefox/IE Immunized by Spybot S&D + SpywareBlaster
    I feel that Prevx1 is an excellent tool in ABC mode, I will definitely be installing this for some of my clients and see how they get on with it. For me, it was a little too much. I may download BoClean and give it a try, although I will probably wait for the new version 5 to be released first.

    I felt that the tradeoff between the perceived extra security layers and the effect on speed and stability of my system was too great. I am now looking for a robust "sandbox" type app that I can use to test untrusted apps without risking infection. Any recommendations there? I am leaning towards SandboxIE since it seems that you can launch/quit it at will and run specific apps "sandboxed" without prior configuration. I tried a very old version of it a long time ago but have not had any experiences with the recent versions.
     
  8. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Luckman212, are you currently using a Router Firewall, or Windows firewall? Or nothing? Just curious.
     
  9. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Right now i think like this:

    Suppose you don't download anything. Then you need a firewall and Opera:D . Firefox w/ Noscript is also great, and i'm using it for some time. A sandbox for some peace of mind, ie, some bug that can open a door:D , is covered.

    If you download, AS on demand to scan the files.
    For this, i still keep Prevx1. It's another ball game. And a personal choice (my own).

    Except Mrk and others, lol, an AV is a must. I have Avast!. Antivir is great also. Again a personal choice. IMO no need to pay here.

    For AS on demand, Spybot, AVG, A-squared (Anti-trojan), SAS and Defender (why not). Use one once in a while, or per download, if you like. All free.

    I change my mind often (not lately though), since i'm only a hobbyist, and listen to who knows better.

    Feel free to criticize, or complement, since that's how i learn from you!
     
  10. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    I have completely disabled the Windows ICS/Firewall service via services.msc.
    I have installed on my Buffalo WHR-G54S the lightweight and truly excellent:

    ..............................http://www.tama.or.jp/~ritsuko/vege/graphics/j2/tomato.gifTomato firmware


    .
     
Loading...
Thread Status:
Not open for further replies.