General Topic --- Security

[victoria2dc]

Hi all,

Victoria here. I need to ask some questions and generate some dialogue about security.

I'm trying to decide if I should download the FREE McAfee anti-virus program (apparently you get the download + free one year's subscription). The cable company (comcast) also offers the firewall and something else, which I can't remember.

I use Norton and have a subscription, but my compter guy HATES Norton and says it does *stuff* to your system and leaves files all over the place, etc., etc. He really gets crazy when I use it, but that's beside the point. I want to be safe and secure AND have a PC that works smoothly.

What would happen if I use the FREE McAfee firewall and the other security product while keeping Norton? Or should I buy Norton firewall, etc.? I just got off the phone w/comcast guy but he didn't seem too informed or like he was willing to dig into it with me to ensure that I didn't cause any conflicts, etc.

Please give me some input. Which program is better? Also, if anyone has used the free downloads from comcast, is that right that you get the update subscription and you get it FREE? Seems that there is going to be some financial entanglement and I'm trying to discover what it is before I make any commitments. On the site it just says FREE... BUT remember the good ole' days when all stuff on the Net was free? That's a long gone term when talking about the Net!!!

Any adivce, comments would be helpful.

Best,
Victoria

 

[StormBringer]

I'd recommend using something that is neither Norton or Mcaffee. These two brands are so popular that virii and other malicious files usually have instructions implimented which will make them try to shut down or otherwise avoid those two AV utilities.

There are many other options out there that do as good and sometimes much better than either of those. Among the choices I'd recommend looking into AVG(free for personal use) Trendmicro(what we use at work) Panda(we used this till around six months ago at work, trendmicro offered us a better deal)
As for Firewall, internet security and others, there are also many other choices out there, most are much easier to impliment and use, as well as having a lower impact on system resources. Most also don't become total system Nazi's like Norton and Mcaffee do.

 

[zephead]

and you could reasonably acertain that mcafee is absolute crap. malicious softwares go through that like spit through a screen.

 

[Masque]

and you could reasonably acertain that mcafee is absolute crap. malicious softwares go through that like spit through a screen.

....BUT I've used McAfee for the past 5 years or so....without incident. I have had issues with Norton in the past but that's not to say it's a bad set of programs.

Whatever you decide, don't ever use two of the same type of program (eg. 2 anti-virus programs such as McAfee and Norton or Norton and AVG....you get the pic). This is just asking for trouble.

I'd have to say if Norton has worked for you in the past, you keep it updated and it hasn't caused any file corruption on your machine, by all means continue to use it. You'll find that there are countless programs out there and an equivalent number of people percentage-wise who either love them or hate them.

Just my $.02

 

[zephead]

i don't know, NIS always seems to protect machines far better than mcafee. in my experiences, that is. malicious software usually goes through mcafee's firewall/av like spit through a screen, and it generally can't clean anything up once it gets on there. whenever i come a cross a loaded pc running mcafee (which is all too often) i just uninstall mcafee and use avg free.

 

[Spike]

slightly off topic, but while the subject of mcafee being bad has been raised, can anybody explain why they say this...

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=135579

.. blockchecker.exe is a nasty bit of adware that annoys people on msn and harvests email addresses for spamming (by means of the user enetering them into the program intentionally and submitting them - very clever)

However, nobody else, including symantec, call it a trojan, and Mcafee seem to be classifying it as such in one breath, but under the "method of infection" field, they claim it's not a virus or trojan. eh? Is it just me or can they not even make their minds up about what it is?

 

[zephead]

i believe mcafee uses uncommon names for viruses, so if you detect one you can't look it up anywhere else. i know none of the AV softwares use the exact same things, but you can still ID the virus in a useful manner using NAV or AVG, for example. mcafee is in it's own world and class ... crappy

 

[DelJo63]

Victoria:
Security has two aspects; proactive and reactive.
All antivirus(AV) and intrusion detection systems(IDS) are reactive - - the help you get well AFTER the infection.
Proactive solutions, like a firewalls, attempt to keep you well and to avoid the doctor's office visit(DOV).

Some human factor training can be considered proactive, as if you learn to not open
email attachments, you've avoided that DOV, wasted time and $$. We also now contend
with the phishing scam, fraudulent web pages attempting to steal your ID and credit info.

Maximize your efforts at proactive solutions will reduce time and effort being
reactive

 

[PanicX]

Good points brought up by jobeard.
I'd also like to add that a hardware firewall solution is indispensable. In my opinion, even a cheap linksys router/firewall is superior to any software side product. And while software firewalls are good for preventing outgoing connections. Any Trojan/Virus worth its salt will also work around them. Where an external firewall can be configured to deny all by default and have specific rules allowing only the traffic you want through. This helps tremendously with worms and exploits.

 

[SOcRatEs]

Good points brought up by jobeard.
I'd also like to add that a hardware firewall solution is indispensable. In my opinion, even a cheap linksys router/firewall is superior to any software side product. And while software firewalls are good for preventing outgoing connections. Any Trojan/Virus worth its salt will also work around them. Where an external firewall can be configured to deny all by default and have specific rules allowing only the traffic you want through. This helps tremendously with worms and exploits.

Absolutely!!
I've refered to them as black box security.
We used to build them ourselve out of old pc parts with two nic cards
and dhcp/tcpip control things. P II cpu's and bare essentials & NT4.5.
Routers make it so much easier and more reliable. You just need to
configure them properly to work well. I'd especialy recommend routers if you plan
on a wireless network.....

 

[Vigilante]

The "big 3" is my term for system protection.

1) Firewall (hardware firewall VERY much over software)

2) Antispyware (background tool like Spybot Teatimer or MS AntiSpyware Beta)

3) Antipopup (more generically, use Firefox instead of IE. FF auto-blocks popups and doesn't support ActiveX controls. Right there you save yourself from 80% of junk that comes through. Plus negates the need for a 3rd part popup blocking tool.)

After your 3 "anti" tools are working, the rest is as Jobeard said, proactive. Meaning train yourself on avoiding things and running smooth. There are some creepy people that get by with NO antivirus at all, simply by using the right tools to utilize the Internet, along with a hardware firewall, they have nothing to worry about getting a virus.
Learn the signs of a questionable web site. Learn what "free" really means. Learn how to deal with pictures and ads on web pages. Learn what freeware download sites are safe from spyware. If you have a software firewall, learn about each and every thing it asks you to block or allow. As choosing wrong can make or break your system. And the list goes on...

Your own knowledge of the force, aka the Internet, is the best offensive strategy you have. Better knowing how to never get infected, then to know how best to clean it out when it gets in.

 

[DelJo63]

2) Antispyware (background tool like Spybot Teatimer or MS AntiSpyware Beta)

Along this line, I very much like Spywareblaster; it defeats known ActiveX downloads

 

[Vigilante]

Ah yes, Spywareblaster, from Javacool right? I like their stuff too. That's the one similar to Spybot's "Immunize" function. Where it puts hundreds and thousands of "blocks" through your system to keep out the baddies. Good stuff, theirs. I keep it in my arsenal.

 

[SOcRatEs]

a not so Little warning

Ah yes, Spywareblaster, from Javacool right? I like their stuff too. That's the one similar to Spybot's "Immunize" function. Where it puts hundreds and thousands of "blocks" through your system to keep out the baddies. Good stuff, theirs. I keep it in my arsenal.

There is a bad link that comes up when you google spywareblaster,spywareblaster.com
that does not offer spywareblaster, it offers "bullet proof soft spyware remover"
The D/L exe is "sr-bundle.exe" and loads hyperlinker and who knows what else. Symantec shows it as hyperlinker
This is a known "adware.linkmaker"
The correct addy for spywareblaster is: http://www.javacoolsoftware.com/spywareblaster.html

I just added it to my growing arsenal!
I can't even see it running in the back ground,
no setting to load at windows start up or anything!
So I went to a known baddie website that can load all
manner of nastey......nothing got through at all!

 

[Vigilante]

Spywareblaster doesn't run in the background. It just adds like URLs to the blocked URL list and blocks IPs in the hosts file etc... You just run it once and you're done! No resources used.

 

[SOcRatEs]

Thank you

I signed up for the auto updates..

Side question:
At what point does this become a thread hijacking?
Sometimes it seems appropriate to ask questions
in another person thread, with related question,
such as this, and sometimes it seems inappropriate.

 

[Vigilante]

hmm, no idea!

But I'll give my own opinion, whether humble or not.

In this particular thread, I don't think you CAN hijack it, because it was created as "General Topic.." So the point is to simply discuss security related issues and practices. Anything and everything.

As for other threads, if the "new" question is directly related to the original, then any aditional in-thread answers would be relevent and so also helpful. Just as long as the focus of the thread remains to it's author and not to someone else. UNLESS the original author's question has been resolved and the conversation continues elseware.

It can also help keep down near-duplicate threads, if someone posts a thread about a subject, asking some questions; and then someone else has a very similar question and posts a new thread, you then have people giving near-duplicate responses in two different threads. Which could get redundant.

And lastly, if someone's question is the same as another's, BUT goes a step further, I would think that is exceptable to post in someone else's thread. In other words, if he were to say in someone else's thread, "I have all these problems AND these two additional behaviors". Then that might be okay, as the topic still relates, but is then augmented by additional advice and help that may benefit the original author. Or further help someone who stubles across the thread with the same issues.

Anyhoo, I'm just rambling. I'm going for breakfast.

 

[DelJo63]

At what point does this become a thread hijacking?

...
In this particular thread, I don't think you CAN hijack it, because it was created as "General Topic.." So the point is to simply discuss security related issues and practices. Anything and everything. ...

1) very nice to even ask the question!
2) I would hope the General Topic would be considered to be open ended also.

Victoria2dc, care to comment?