|
Posted by Jason on November 25, 2004, 6:50 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hi all, just got ADSL after many years of dial up. Given that I will
now be connected to the net A LOT more than previously, I am concerned
that I may be leaving myself open to security problems. I currently
rely on the free versions of Zonealarm and AVG Antivirus, which I
update regularly. Do you think I need to purchase commercial firewall
and antivirus software or are my freebies good enough?
I also use Spybot and Adaware to get rid of spyware.
Any suggestions for further protection? Thanks in Advance.
Jason
|
|
Posted by Walter Roberson on November 26, 2004, 3:51 am
If you were Registered and logged in, you could reply and use other advanced thread options
:Hi all, just got ADSL after many years of dial up. Given that I will
:now be connected to the net A LOT more than previously, I am concerned
:that I may be leaving myself open to security problems. I currently
:rely on the free versions of Zonealarm and AVG Antivirus, which I
:update regularly. Do you think I need to purchase commercial firewall
:and antivirus software or are my freebies good enough?
As always, it depends. How valuable is the information on your disk,
and how much trouble would you be put to if it were to be substantially
corrupted right while you're on a tight deadline?
You can get stateful packet inspection varieties of [hardware] firewalls
fairly inexpensively these days, suitable for blocking unsolicited
incoming connections. Separate hardware firewalls usually can't help you
if your credulous spouse/parent/child opens an email attachment, but
they can be extremely useful in protecting your equipment from the
random scans of script kiddies.
--
Take care in opening this message: My grasp on reality may have shaken
loose during transmission!
|
|
Posted by Chuck on November 28, 2004, 11:42 am
If you were Registered and logged in, you could reply and use other advanced thread options
>Hi all, just got ADSL after many years of dial up. Given that I will
>now be connected to the net A LOT more than previously, I am concerned
>that I may be leaving myself open to security problems. I currently
>rely on the free versions of Zonealarm and AVG Antivirus, which I
>update regularly. Do you think I need to purchase commercial firewall
>and antivirus software or are my freebies good enough?
>
>I also use Spybot and Adaware to get rid of spyware.
>
>Any suggestions for further protection? Thanks in Advance.
>
>Jason
Jason,
ZoneAlarm, AVG, AdAware,and Spybot are a good start, but just that. There are
other components in a good layered defense. Each layer is necessary because no
layer produces complete protection.
A NAT router "acts as a firewall" in that it passes only requested traffic back
to the computer that requested it. It won't selectively filter traffic from
hostile addresses, nor selectively filter bad protocols or programs, however.
See <http://www.firewall-software.com/firewall_faqs/what_is_a_firewall.html>
One NAT router protects your entire LAN. And it reduces the load on your
computer caused by having ZoneAlarm.
The second layer is a software firewall like ZoneAlarm.
The third layer is good software, also on each computer. This layer has
multiple components.
AntiVirus protection. Realtime, plus a regularly scheduled virus scan.
Regularly updated. AV protection is not all that's needed today.
Adware / spyware protection. Realtime, plus a regularly run adware / spyware
scan. Regularly updated.
Complete instructions, using Spybot S&D and HijackThis (both free) are here:
<http://forums.spywareinfo.com/index.php?showtopic=227>.
Harden your browser. There are various websites which will check for
vulnerabilities, here are three which I use.
http://www.jasons-toolbox.com/BrowserSecurity/
http://bcheck.scanit.be/bcheck/
https://testzone.secunia.com/browser_checker/
Block Internet Explorer ActiveX scripting from hostile websites (Restricted
Zone).
<https://netfiles.uiuc.edu/ehowes/www/main.htm> (IE-SpyAd)
Block known dangerous scripts from installing.
<http://www.javacoolsoftware.com/spywareblaster.html>
Block known spyware from installing.
<http://www.javacoolsoftware.com/spywareguard.html>
Make sure that the spyware detection / protection products that you use are
reliable:
http://www.spywarewarrior.com/rogue_anti-spyware.htm
Harden your operating system. Check at least monthly for security updates.
http://windowsupdate.microsoft.com/
Block possibly dangerous websites with a Hosts file. Three Hosts file sources I
use:
http://www.accs-net.com/hosts/get_hosts.html
http://www.mvps.org/winhelp2002/hosts.htm
(The third is included, and updated, with Spybot (see above)).
Maintain your Hosts file (merge / eliminate duplicate entries) with:
eDexter <http://www.accs-net.com/hosts/get_hosts.html>
Hostess <http://accs-net.com/hostess/>
Secure your operating system, and applications. Don't use, or leave activated,
any accounts with names or passwords with trivial (guessable) values. Don't use
an account with administrative authority, except when you're intentionally doing
administrative tasks.
The fourth layer is common sense. Yours. Don't install software based upon
advice from unknown sources. Don't install free software, without researching
it carefully. Don't open email unless you know who it's from, and how and why
it was sent.
The fifth layer is education. Know what the risks are. Stay informed. Read
Usenet, and various web pages that discuss security problems. Check the logs
from the other layers regularly, look for things that don't belong, and take
action when necessary.
And Jason, please don't contribute to the spread and success of email address
mining viruses. Posting your email address openly will get you more unwanted
email, than wanted email. Learn to munge your email address properly, to keep
yourself a bit safer when posting to open forums. Protect yourself and the rest
of the internet - read this article.
http://www.mailmsg.com/SPAM_munging.htm
--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
|
|
XML site map