What Security do you use?

digital-one

cyberbob: With linux the issue isnt so much viruses. Its more to do with files stored on the machine. But viruses such as Trojan-Downloader.JS.Iframe.auy & Trojan-Mailfinder.Perl.Hnc.a are in the wild and both are LINUX viruses, the myth of linux having no viruses has long since been busted.

anewhope: The main problem with firewalls are everyone has different skill levels, software vendors do need to do more to make there software universally friendly, but i feel its right to tell people to use ALL the available protection, because even if one bit is slightly or even very wrong, theres a good chance the rest of the system will pick it up, i know its a bit like the horse bolting then locking the doors, but right now its the best we have, and with people really not knowing enough because computers are very complicated for some, its best to give them the whole package, once they begin to learn more and more then they can decide whats best for them, although i would always say - more security with todays internet is better.

With routers, many dont update them, so the router is unaware of many types of threat, many routers dont have the ability to detect whats passing through them, although newer routers wont allow port scans etc, but the technology still isnt there to say there safe to use by themselves.

With many windows users, they may be using windows xp home, that operating system would need 3rd party software to secure itself online, as it lacks some required policies, but the same is true it lacks some features that can be exploited.

So i stand by my post that the minimal everyone should have.

adouglasmhor

cyberbob wrote: »

I just use a hardware firewall. My machines are either linux or mac so antivirus is a waste all it does is slow the machines down

There hasnt been a recorded virus for linux and the chances of a mac one are very low

I am more concerned with stopping exploits spreading to others than with the risk of something getting on my system. I am intending to use it to scan any attachments I am sent and warn the senders (some of my GFs former workmates are less than up to speed with computer security), so I can configure it so scan mail etc. My machines even the old Pentium M laptops run more than fast enough anyway.
nice link about linux exploits http://www.geekzone.co.nz/foobar/6229

Jaffa.

adouglasmhor wrote: »

Letter in a Linux magazine this month, writer goes into PC world to get an acer aspire netbook with Linux pre installed. PCW clerk then tries to sell him Norton to go with that on 20% off, talk about not knowing your stock.

:rotfl::rotfl::rotfl:

Jaffa.

anewhope wrote: »

I
Standard user account, all security patches installed, regularly updated anti virus, hardware firewall and common sense are all that is needed. Adding a software package that the user has little understanding of and is poorly configured does more harm than good.

Cant agree more. I used to use Avast and ZoneAlarm on all computers in the house, my brother who has little knowledge of computers goes onto a !!!!!! website and finds himself having to download a small program in order to gain access to the site.

He's too impatient to wait for Avast to update so it's out of date by a few months and it misses the trojan, well, game over ZoneAlarm has the option of allow anyway which i assumed he clicked to anything that popped up.

All I use now in terms of security on the computers is a good antivirus - Bitdefender updates hourly in the background and more options than the free AV's - same with the router, more options with the firewall and network than with the POS one I got from my isp. OpenDNS is great for prevention too

Trespasser

Lol,

Judging by some replies my pc is naked.

I only run Kaspersky anti virus.

I dont believe in firewalls, it seems that hackers are 'so yesterday'. Most crud comes straight down from websites anyway any frightens you into buying scarware programs.

Pixulated

Nod32

It's all I need and all I'll ever need.

Trespasser wrote: »

Lol,

Judging by some replies my pc is naked.

I only run Kaspersky anti virus.

I dont believe in firewalls, it seems that hackers are 'so yesterday'. Most crud comes straight down from websites anyway any frightens you into buying scarware programs.

I would suggest getting a decent firewall, why do you think webservers have them?

Trespasser

Pixulated wrote: »

Nod32

It's all I need and all I'll ever need.



I would suggest getting a decent firewall, why do you think webservers have them?

Nah... can't be bothered. Its only for eductational purposes and does very little apart from serve ftp and web. Its only been compromised 2 times in 5 years and each of those times I learned something new.

aliEnRIK

Pixulated wrote: »

Nod32

It's all I need and all I'll ever need.



I would suggest getting a decent firewall, why do you think webservers have them?

Its interesting that you use NOD32 and then go on to mention firewalls. The firewall in NOD 32 at the last test I saw was full of holes and was WAY worse than the windows inbuilt one.

digital-one

@ Tresspasser, I wish you would reconsider. ill try and use your own words to persuade you. please dont take me the wrong way, I just want people to be adequately protected.

tresspasser wrote:

I dont believe in firewalls, it seems that hackers are 'so yesterday'......Its only been compromised 2 times in 5 years and each of those times I learned something new.

Thats what you wrote, theres a very good chance had the webserver adequate protection and configuration that may never have occurred. When a webserver is compromised it can get you into a whole myriad of trouble, especially if the smtp is used, you could unwittingly have been spamming the world, or even attacking other machines.

The routers isp's send out are not top of the range models, and few have regular updates if any to the firmware, in fact many routers use NAT firewalls, which is NOT even a firewall its a network address translation system where permissions are assigned by port and destination. A rouge application can bypass said system in multiple methods.

If your on a lan (pc connected to router) and have a laptop you can try this from the laptop.

telnet 192.168.0.2 (or sometimes 10.0.0.15) OR whatever the pc's ip is as showing in ipconfig /all
type username as Administrator
and no password

When you see this pop up:
Microsoft Windows ...
(C) 1985 - .....

Type DIR
You should see some files etc. (the main machine hasnt got a firewall, and you havent disabled telnet via services)
If you can see your computer AND files, you have 100% control, and so would an attacker.
If that actually works - goto services and change telnet to either disabled or manual and stop the service.

Your antivirus wont warn you theres a problem, the router will not filter for telnet.

Now i know many of you will tell me telnet is not enabled by default, absolutely true, but what if someone wrote a program that turned it on, sent via "program kept secret" and that allowed them to remote enable it, and not just remote enable it, but to create what is known as a reverse NAT connection. Meaning the firewall is bypassed.

If you had even a badly configured firewall running, you would get "warning program X is trying to access the internet" or no warning - the firewall was configured too high so it didnt allow that anyway.

That is how easy it could be, although i havent really said how and i wont tell how its done and hopefully that will have you all now rethinking about these firewalls.

Some very high end routers do have better protection, but a hardware firewall usually has an os inside it, and works identical to software, smoothwall.org is an example of a hardware firewall. (if you dont want to put a firewall on your pc, then use smoothwall on a p3 etc, thats 10 times better, still not perfect but much better than any NAT firewall) smoothwall is free.

Ps everyone should check if telnet is enabled, if it is disable it, you dont need it for most home uses, and it is one security hole that can easily be fixed, also change the computers administrator name, and give it a password. (xp pro) with home it can be done too but its not as easy.

st

use avg free for few years but people go on about avira is it that good and does it scan incoing e-mails as avg does ?
thanks