Is it still enough?

My basic setup (Xp) include the use of LUA, disabling unnecessary networking service, windows firewall and an antivirus. My pc is running smoothly so I assume I'm safe. But, is this a safe assumption? Or I just can't see what's happening? I mean, there's a lot of talking and writing about unsafe browsing, web site forgeries etc. that you can't but feel unprotected. My point is: is it still enough this basic setup or do we now need a security suite?

Thanks,

-FG

Reply to
userid
Loading thread data ...

Hi,

As long a client is connected to the internet or to an intranet, security software or hardware is critical. You may need protection even when your computer is not connected to any network. Viruses, trojans and malware may access your computer using removable media, such as CDs, DVDs, USB flash drives etc.

Good luck,

Giorgos

Reply to
geoar75

Basic security is disable ALL unnecessary services.

Absolutely not.

Entirely possible.

I can relate with that.

Heheheh, you need security armor. :-(

Just for fun, click Malware Outbreak for latest antivirus malware email detection time at

formatting link
How is your current detection rate for your AV product?

Last review I saw, this year, indicated detection was 98% for best Security suite at that time.

Last stats I saw was 4 to 6 weeks between new malware program to Anti-malware Vendor protection.

Last stats I saw from one security vendor was they get 1500 new malware programs a day.

Click up your calculator

1500 x days_in_year x 2% = Undetected malware with about a month of no protection before AV Suite can save you from the new malware they "can catch" for their product.

My solution, run Linux as my Operating System.

Reply to
Bit Twister

Is there any list to refer to?

Apparently, Comodo offers a whitelisting of about two million programs. If it were a way of checking the integrity of your system, why not? It sounds like a good idea to me.

That was something I have thought to. In fact, I have a dual boot system but I've read that some repositories have recently been compromised so second thought are allowed..

Reply to
userid

The safe way is to run Linux (or *BSD) on the Internet facing box, isolates poor defenceless windows from the big bad Internet ;)

I wouldn't connect windows direct to DSL modem -- only reason people mostly survive it is that most (A)DSL modems block incoming by default.

Trojans and vrus files are 'invited' onto the PC by the user, bypassing the firewall -- but a good firewall can detect and limit damage if you catch a botnet illness.

For the OP, I doubt any software in windows is the answer -- the answer lies in a decent, separate firewall box between windows and the 'net.

Works for me :)

Grant.

Reply to
Grant

No idea. quit using windows years ago. Site listing all the settings to set in winders has disappeared.

Heheh, last number I saw as past 5 million. Guessing half a$$ is better than no a$$

Yours or mine? If yours, I can not understand the hesitation. If cracked repository bothers you how can you stick with windows. Malware is delivered through cracked advertising servers, content servers, infected web sites,... right to your desktop.

Micro$ft gives you patches once a month, for rampant exploits found in the wild. Reported exploits will get fixed when the "schedule" permits. Linux/unix are patched ASAP.

I've lost the URL which tracked how long known exploits went unpached.

I would think that would be big news and I have not heard of any "recently" cracked repositories. Off hand I can only recall 3.

Those were because of leaked/guessed root password or doze malware snagged maintainer's id/pd.

5+ million malware programs against single digit cracked repository seems like a no brainier choice to me.
Reply to
Bit Twister

That helps more ways than one. Criminals are cracking into the router from user's browser. :(

Criminals attacking systems from the Internet side went out with diskettes. You need firewall for protection from worms and script kiddies. Criminals are cracking the system using the apps running on the system.

Isn't that the truth. Poor fools who get an infection, format, install XP cd are infected before they can get the service pack downloaded. :(

Reply to
Bit Twister

You do realize that the Windows Firewall is enabled by default since XP SP2 (and could be switched on manually ever since XP RTM), don't you?

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

And you realize that in almost every residential pc I've seen, that file and printer sharing is enabled on computers connected directly to the internet?

Reply to
Leythos

Ok, but I hope my system can only host some thousands :)

That's exactly my point. I don't mind being script scanned or whatsover, I think my box can bear that, but virtualizing every web session to avoid some unfortunate click is a pita and not always viable to me. That's why I was wondering if the idea of a white list was an effective idea (to avoid injections for example).

Reply to
userid

That's ok, I understand it. But what about when web browsing session in a public wifi spot? It's something that happens ever more often, at least to me

Reply to
userid

If you have a decent laptop consider running a vm for browsing the 'net -- after the session you can revert to the snapshot vm file and the machine will totally forget the session.

You can still download files to the host system via shared folders, and these can have username/password protection on the share.

Also, the browser vm could be a lightweight Linux distro with browsers and whatever you need.

Would give you some isolation between main system and the 'net?

I haven't tried this, just seems an avenue worth thinking about. The vmware site has free vmware-player and a safe web browsing vm available for download -- I've not used it. There's other vm stuff kicking around too you could try.

Grant.

Reply to
Grant

Not so you would notice. Go here and click last (far right under Previous), to see list of recently know cracked sites.

formatting link
Noticed pcworld.com about 3 quarters down the page. Guessing everyone is back is school since the dates are a little old.

Found the zeroday url.

formatting link
out the History starting after the fifth stat.

Nice read here

formatting link

Reply to
Bit Twister

It's also not necessary. At all.

Use a limited user account and something like Firefox with NoScript (i.e. avoid active content in web-pages whenever and wherever possible). Apply some common sense on top of that, and you'll be fine.

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

That would help with the smart malware that checks to see if it is running in a vm. If so, it aborts to foil AV researchers. Since big web farms run a vm, crackers are hunting exploits in the vm server. Have seen patches for exploits gaining host access from the vm guest. :(

Heheheh, run linux and put doze in a vm guest. Delete the snapshot once a week and start another. :-D

formatting link
is real easy to use. Currently I have 16 Linux guests each with about 8 gig drives. They are using 68 gigs of actual disk space so far.

debian50 fedora11 kb409 md101 md2010a md81 md90 md91 md91a mdone91 mdOneKDE pclinux slack12 su111 suse103 ubuntu904

Reply to
Bit Twister

Thank you all for all your good advice. Really. I think I now have again my good roadmap :)

-FG

Reply to
userid

not only that but by default people buy a pc without a login and login as the Administrator account with a null password (win 95 -> windows xp), or some other stupid account like user or admin.

Reply to
goarilla

Do you people even read what you're responding to?

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.