View Full Version : OT: Software Recommendations
deccan
November 28th, 2004, 08:34 AM
Okay, I think I may be one of thr first people getting ADSL in the Solomon Islands, maybe beginning next month. I've never had an always on Internet connection before and I don't even run any antivirus software.
But if I'm going to leave my computer always connected, I supposed I will have to run some new stuff, so what do you guys recommend in terms of antivirus, firewall etc. software?
Zooko
November 28th, 2004, 08:50 AM
Linux
Aiken
November 28th, 2004, 09:19 AM
Linux is a new style of life, and it's sometimes hard to accustomize.
If you stuck with windoze, get a good personal firewall. ZoneAlarm, Agnitum Outpost are quite good. I use Look'n'Stop, because of small size and reliability. But it's quite difficult for begginers. 
If you have some money, you can even buy hardware firewall. They provide much better protection, as well as additional services.
Antiviruses (Kaspersky AV, Norton AV, Bitdefender and a bunch of others) and antispyware (best ones are Ad-Aware and Spybot Search and Destroy) are must have apps in the modern windoze world.
Traffic meter (DUMeter and TMeter): so you always know how much money you have to pay, unless you have unlimited access of course.
Fyron
November 28th, 2004, 03:10 PM
As for firewall, you will want the best (personal firewall), Kerio 2.1.5 (http://www.kerio.com/dwn/kpf2-en-win.exe). It is free for personal use. Do not get the later Versions, as they are not improved any, just bloated.
Stay away from Norton Anti-virus.
kerensky
November 28th, 2004, 04:32 PM
My personal recomendation would be Nortan antivirus and internet security pro, which is what I use. We have never had any problems. It even has a neat little feature that traces a hackers ip adress and, if succesful, will give you the adress of the physicla location of the computer. We've actually done this a few times. Also if you are going to use a dsl conection for multiple computers, get a dsl router. Most half way decent routers come with built in firewalls.
Sivran
November 28th, 2004, 05:20 PM
Beware of Norton. Symantec does NOT provide engine updates as part of their subscription plan, thus forcing you to buy a new Version every year or so to be fully protected. An out of date engine, even with new signatures, will not detect some new threats. Case in point: NAV 2003 does not have unpackers (note: I'm not referring to zip/rar/tar/etc, those are archivers) and cannot detect virii in packed executables, even if it has the defs for them. NAV 2004 has some unpackers, but not as many or as good as 2005. On the other hand, McAfee provides engine updates to anyone with a valid subscription. Theoretically you could still be running Version 4.x and still be fully protected. I think most other vendors also provide engine updates.
Also note, free AVs are worth the money you pay for them. They're ALL pathetic compared to the likes of Norton, McAfee, and Kaspersky. Then again, NOTHING compares to Kaspersky. It has the best detection, hands down. It also updates the most often.
The next and most important thing you'll want is a router. Home routers are cheap, quick, and easy to configure. There is no reason not to have one and I'd rate it the most important layer in your security setup. ANY* soho router, whether it says it includes a firewall or not, will block unsolicited traffic. In other words, it'll protect your network from the worms that rove the internet these days.
Routers only do half the job. They block unsolicited incoming access, but (SOHO routers at least) can't prevent an application on your system from reaching out to the internet. For that you'll need a personal firewall. I recommend Kerio 2.1.5. Learn it, it's worth it. Otherwise, go with ZoneAlarm. No, you don't need the Pro Version, it's kitchensinkware that includes a lot of crap that doesn't belong in a firewall product, IMHO.
If you're running Windows 2000 or XP, it might also be a good idea to consider an anti-trojan application. Anti-virus scanners are all well and good, but many of them simply can't deal with trojans. I would recommend you visit the DSLReports Security forum (http://www.dslreports.com/forum/security) and check out the FAQ, you'll find links to anti-trojan vendors there.
Finally, realize security is very much a risk-assessment exercise. If you're an average user and use IE 6 on XP, you'll want all the protection you can get, and should have a router, firewall, anti-virus, anti-trojan, and Ad-Aware, Spybot S&D, Javacoolsoftware.com's SpywareGuard and SpywarebLaster, and IE-SpyAd. If you don't use IE, you can afford to ditch the anti-spyware apps.
In a nutshell, you need a router (scale 1-10: 10), it would be a very good idea to have a firewall (1-10: 9), and you definitely want good AV protection (varies depending on your habits, really. Generally: 7). AT protection might also be a good idea particularly if you run 2000/XP, as ATs are particularly powerful there. (1-10: 6)
*I say any because you'll be hard-pressed to find one that doesn't at least to NAT, and that in itself provides a lot of protection. 
Interesting trivia: KAV has the best detection and most frequent updates in large part because of a very active userbase. KAV Users regularly submit samples to Kaspersky labs which, if undetected, signatures are quickly developed for. Generally speaking McAfee and NAV Users aren't so vigilant, and I'd venture to say 90+% don't even know about how to submit suspected malware to their vendor. You can learn more about submitting malware at the security forum above.
PvK
November 28th, 2004, 10:10 PM
A hardware NAT firewall, no software firewall, being careful and not running any kind of MS Outlook. Software firewalls are often worse than most viruses. Though if you're not careful or don't know how to be, then a non-obnoxious software firewall and/or anti-virus program might be good. However I would just run virus scans manually every so often, rather than installing something to constantly check, since that tends to interfere with and and slow down your computer. I like Ad Aware and Housecall, the free web virus scanner from Trend Micro.
PvK
Atrocities
November 28th, 2004, 11:42 PM
Free Antivirus Online Scan (http://www.pandasoftware.com/activescan/) By Panda Soft.
BitDefender On Line Virus Scan (http://www.bitdefender.com/scan/licence.php) 
 Broad Band Speed Test (http://specials.zdnet.co.uk/misc/band-test/speedtest50.html)  
DSL Reports (BETTER) (http://www.dslreports.com/) 
 Security Forums (http://www.security-forums.com/forum/index.php)  A great source for information and support.
Captain Kwok
November 29th, 2004, 01:09 AM
Interesting links AT.  It looks like I'm near the upper end for my ISP service. http://forum.shrapnelgames.com/images/smilies/tongue.gif
deccan
November 29th, 2004, 02:32 AM
Hmm, thanks for all the suggestions everyone. A reminder, though, I want to be careful, but I don't need to be paranoid...
And since I'm such a neophyte at this and have never used a router before, how are networks usually set up? Is it:
Phone Line -> Home Server -> Router -> Other Computers
Or:
Phone Line -> Router -> Computers
If I used the first configuration and run a software firewall on the first computer, do I still need to run them on every individual computer? I prefer to spend my CPU power and memory on games rather than security software, so I'd like my programs to have as little a footprint as possible and as PvK suggests, only run antivirus and spyware checking software occasionally when I need them as opposed to having them in memory all the time.
I confess that I'm still using IE and Outlook, but being on dial-up means that it's so much of a pain to download lots of new things. I suppose I should change those too as soon as I can.
For reference, currently the service is expected to be 256 upload / 64 download, 6 Gb data transfer limit for about USD300 per month with a minimum contractual period of 12 months and about USD250 for installation charges. And all these prices are pre-sales tax.
Atrocities
November 29th, 2004, 02:33 AM
I scored 1.233 down and 858 up.  Not bad for a hick. http://forum.shrapnelgames.com/images/smilies/happy.gif
So Nortan does not scan downloads for bad things huh?  Well what program does a good job of scanning everything you download and does it effectively?
Sivran
November 29th, 2004, 03:06 AM
deccan:
You don't want anything directly exposed to the internet, not even in a corporate environment. There's ALWAYS a router in front of a computer. Routers are pretty much MEANT to be border devices, though they do serve a purpose within the network as well you generally won't need to put a router anywhere but directly behind your WAN connection and won't need multiple routers.
My lan consists of five host PCs, a Linky router/switch and an Airlink 5-port switch. It looks like this:
Cable -> Router -> 3 PCs + Switch -> 2 more PCs
If I used the first configuration and run a software firewall on the first computer, do I still need to run them on every individual computer? I prefer to spend my CPU power and memory on games rather than security software, so I'd like my programs to have as little a footprint as possible and as PvK suggests, only run antivirus and spyware checking software occasionally when I need them as opposed to having them in memory all the time.
Software firewalls should be run on each individual PC, as they apply only to the PC they're running on. They can't make sure program X on PC Y doesn't talk out, because they don't know program X on PC Y is TRYING to talk out. Kerio is very light and quite powerful, definitely not bloated like other "user friendly" firewalls out there. Also, most software firewalls have a free Version which is quite sufficient, so it doesn't cost you anything. 
Anti-Virus programs are another matter entirely. Real-Time Monitors vary widely between the vendors, and the detection rate of the RTM is often vastly different from the on-demand scanner. This is because to be effective, an RTM must have signatures loaded in memory. Thus, there's a direct corrolation between the memory footprint of an AV product's RTM, and that RTM's detection rate. Some AVs load a smaller subset of signatures for their RTM (in fact, probably all of them do http://forum.shrapnelgames.com/images/smilies/wink.gif ). If you're looking for a cheap AV for multiple computers, F-Prot by Frisk International is the way to go. For a mere $30 USD, you get to install it on every computer in your home. Compare that to the $80+ price tag of a 3 computer license from Symantec. 
As for spyware protection, just switch to an alternative browser. Anything that is not just an IE front-end will do. Keep Spybot and Ad-Aware around however. You never know what's in that latest download from cnet, after all.
Atro:
Sure Norton scans downloads. If you leave the Real-Time Monitor on it scans everything it's configured to (which could be all files, or executables). Any RTM that scans on file creation, modification, or close will scan downloads real-time.
narf poit chez BOOM
November 29th, 2004, 05:27 AM
Don't know if anyone else said this, but I would recommend pulling the plut on the internet when you're not using it. Cuts down on exposure time. http://forum.shrapnelgames.com/images/smilies/smile.gif
kerensky
November 29th, 2004, 07:40 PM
So Norton does not scan downloads for bad things huh? Well what program does a good job of scanning everything you download and does it effectively? 
Our Norton service scans everything on the computer weather it's going in out or just sitting there like a lazy data file. I'm not quite sure on all the specifics of it, as my dad set it up.
Thermodyne
November 29th, 2004, 09:36 PM
For Antivirus I have been testing AVG 7.0 professional.  Seems a good as norton and costs less.
For the firewall, get a router with firewall and NAT built in.  You can get one that has a few LAN plugs, wirless and a print server for next to nothing these days.  Software firewalls are better than nothing, but they are easy to bypass and a pain to keep locked down.
Atrocities
November 30th, 2004, 02:07 AM
At least there is a lost of selections you can go with. http://forum.shrapnelgames.com/images/smilies/happy.gif
Fyron
November 30th, 2004, 02:09 AM
Yeah, lots of choice. Some, like Norton, are poor choices though...
deccan
November 30th, 2004, 02:43 AM
Okay, another line of inquiry. Is there lots of different types of ADSL, or only one? The reason I'm asking is I have to decide whether I need to rent the modem from the phone company or whether I can buy one cheap elsewhere and get it to work reliably.
Suicide Junkie
November 30th, 2004, 02:57 AM
Renting will cost you something like $10+ a month.  Unless you plan to be moving in the near future, or your home environment is very tough on electronics (violent/hairy cats/kids?), its best to buy one.
Fyron
November 30th, 2004, 03:37 AM
Hairy kids?
Aiken
November 30th, 2004, 03:40 AM
And violent cats  http://forum.shrapnelgames.com/images/smilies/biggrin.gif
Fyron
November 30th, 2004, 03:44 AM
aiken said:
And violent cats  http://forum.shrapnelgames.com/images/smilies/biggrin.gif 
Well that one makes sense... Some cats are insane.
Aiken
November 30th, 2004, 04:38 AM
Indeed, but I've remembered "violent death" expression for some reason http://forum.shrapnelgames.com/images/smilies/rolleyes.gif
Raging Deadstar
November 30th, 2004, 06:26 AM
aiken said:
Indeed, but I've remembered "violent death" expression for some reason http://forum.shrapnelgames.com/images/smilies/rolleyes.gif 
"I'm about to expirience a terminal case of death...."
"As opposed to a Non-Terminal Case of Death?"
 A strange conversation I got involved in once...
tesco samoa
November 30th, 2004, 10:58 AM
you can just disconnect when your not using it
and phone line >> router >> computer is the way to go.
AVG is very good with updates. For virus.
But truefully the most important thing to do is to read an learn. And understand why things happen.
If your going to use a fire wall.  Read about it and learn it.
If your going to use adware software read about it.
I would recommend for browsing problems to update your host file to block out adds.  Look for someone Online who does this and constantly update your host file.  Sites such as this link
http://www.everythingisnt.com/hosts.html
Virus software should be set to update every 6 hours and have it constantly scanning all inbound traffic.
Firewalls are good.  If you use them properly.
Learn to read log files and understand them.
Then read up on how to hack a computer.
Start with a nice easy book like Hacking for Dummies.
Learn how to hack and you will learn how to protect.
and follow the advice that sivran gives .. http://forum.shrapnelgames.com/images/smilies/happy.gif
deccan
December 1st, 2004, 07:19 AM
How about a suggestion for an Outlook replacement? I tried Eudora a while back but I didn't like it. It felt sluggish and unreliable compared to OE.
Raging Deadstar
December 1st, 2004, 09:00 AM
deccan said:
How about a suggestion for an Outlook replacement? I tried Eudora a while back but I didn't like it. It felt sluggish and unreliable compared to OE. 
A lot of people have suggested Mozilla Thunderbird, but it doesn't support certain e-mail services (like hotmail) if memory serves me correctly, i'm sure Fyron will advocate this sooner or later http://forum.shrapnelgames.com/images/smilies/wink.gif
Sivran
December 1st, 2004, 04:40 PM
Pegasus Mail (http://www.pmail.com/) is great. (especially for handling multiple accounts) 
Anything that doesn't use IE's rendering engine is a cut above Outlook.
deccan
December 2nd, 2004, 07:42 AM
Hmm, telco says the package includes a NAT secure capable modem / router whatever that means. Considering the remoteness of the Solomon Islands, and the impossibility of getting any technical support whatsoever from whatever I buy myself here, I guess I'm sticking to that.
Now I wonder if I will get it working in time for Christmas, then I'm junking all these crappy-graphics turn-based strategy games and play those bandwidth eating, super snazzy Online twitch games instead. http://forum.shrapnelgames.com/images/smilies/tongue.gif
Nah, just kidding.
Atrocities
December 2nd, 2004, 08:49 AM
Ever wonder why people don't write viruses for other Operating  Systems?  I believe its because they cannot.
I read an interesting rumor the other day in the paper.  It was an editorial by some guy who claimed that the first virus writer worked for apple computers and was hired by Steve Jobbs to write viruses exclusively for Windows 95 as pay back for what Bill Gates did to Apple.  
I damn near fell out of my chair laughing at his ubsered conspiricy theory.  Hell this guy probably believes that Bill Gates bought DOS for $50,000 after he licensed it to IBM.  What a crack pot.
geoschmo
December 2nd, 2004, 11:07 AM
It's not that other types of operating systems aren't vulnerable to viruses. For a virus to spread it has to be able to go from an infected system to one that is vulnerable and available. Windows is everywhere. It's used on millions and millions of computers, and the majority of the people using it aren't competant or interested in taking the time and effort to secure their systems. Other operating systems are way less common, and for the most part less-idiot friendly. So the majority of people that do use them will have the knowlege and take the time to keep them secure.
Also, the people that write the viruses are doing so in an effort to make an impact. If you want to make an impact you write a virus for an operating system that people actually use.
When other operating systems are used, they do get hacked. This might involved writing trojans or other code that we would classify as a virus. But it ususually doesn't spread like a virus for the reasons above. It's typically part of a direct and isolated attack on a specific network or system.
Could windows be made more secure. Certainly. Would doing so make it less user-friendly to the majority of idiots who use it? Definetly.
Atrocities
December 2nd, 2004, 11:12 AM
I understand what your saying and agree with your assesment 100%.  I often wonder now if it is not the Anti-Virus industry that is now writing the bulk of these viruses in order to justify their existance.  I mean I know they are not 100% behind it, but you just have to wonder what their actual %, if any, is.  I mean they survive by selling anti-virus software and I will be Microsoft has a stake in one or two of the companies making anti-virus software.  Whether they will admit it or not, I am sure that they do at some level.
I mean think about it, its a sweet deal.  You write the virus, release it, and then tell everyone that if they buy your product, it will protect against the virus.. You just elect not to tell them that the viruses it protects against are the ones you wrote.  Just sit back and rake in the doe and laugh all the way to the bank.
geoschmo
December 2nd, 2004, 11:36 AM
What I think is funny is that a lot of people will hear that and think it's a perfectly reasonable theory. But if I tried to say most vandalism was done by people in the house-painting industry, or that most arson was done by firefighters people would say I was a tin-foil crackpot. http://forum.shrapnelgames.com/images/smilies/laugh.gif
rdouglass
December 2nd, 2004, 12:45 PM
deccan said:
Hmm, telco says the package includes a NAT secure capable modem / router whatever that means....
What that means is you'll have to provide a "translation" for the router to pass traffic to your FTP server.
For instance, within our network we have a web server with 3 separate web sites running on it.  So I want to have one of the web sites available to outside folks.  I have a translation config with one line that looks like this:
ip nat inside source static tcp 192.168.1.13 1000 216.195.222.6 80 extendable
Now this line is specific to this Cisco router but the theory is the same.  See, I have our DNS entry for our web site pointing to IP address 216.195.222.3 (port 80 is assumed for WWW protocol).  What this code does is say that any requests to our web server need to be passed inside to the address 192.168.1.13:1000 (that's port 1000 'cause we have multiple instances if IIS running on that box).
What you should be able to do (if the router is NAT compatible) is something similar.  You WILL have to have a static IP address for the CPU inside your network for this to function properly.  Check your router documentation for NAT stuff.
Yeah, those tech support folks probably will not help you with this.  They rarely ever go beyond the basic setup.  In fact, if you ask, they'll probably tell you to hook a PC with DHCP up to it.  If that can surf the web, then their responsibility ends there.
Does that help any?
Fyron
December 2nd, 2004, 12:53 PM
geoschmo said:
What I think is funny is that a lot of people will hear that and think it's a perfectly reasonable theory. But if I tried to say most vandalism was done by people in the house-painting industry, or that most arson was done by firefighters people would say I was a tin-foil crackpot. http://forum.shrapnelgames.com/images/smilies/laugh.gif 
The differences is that it is a lot easier to get away with writing and releasing a virus than it is to commit arson or vandalism. http://forum.shrapnelgames.com/images/smilies/wink.gif 
Also, there are companies out there that write spyware that does nothing other than serve ads to you for their anti-spyware product, telling you that you are infected with spyware and that their program can remove it... Or they will have "ads" that infect you with some spyware and advertise their product. They then provide a free demo that will scan and detect the spyware that they infected you with, but do nothing about it. You then have to buy their program to remove the spyware. This is not crackpot tin-foil hat theory, there have been proven cases of this... It is not that great of a leap to suspect less scrupulous anti-virus companies of doing such a thing. The major companies probably don't, as they have too much to risk. But I bet there are little startup "companies" out there that are just trying to scam you out of money, like 9% of the rest of the internet (where the other 90% is porn, leaving about 1% for legitimate content)...
Gandalf Parker
December 2nd, 2004, 02:26 PM
This is a common subject in hacker Groups (Im a known regular in white-hat Groups and host a site for one)
Certain aspects are automatic in this subject..
A) it gets easier
B) it gets popular
C) it starts getting used by people who dont understand it enough to change defaults
D) it starts getting used by people who want to find a way around it
E) automated methods are created to search for and break the original 
Does any this have to do with how secure something is? Not really. Security is a concern and an ongoing effort of course but doesnt have as much to do with how vulnerable or not vulnerable something is as much as other factors.
Windows makes major efforts to be user friendly, to add fun toys, and to be popular. And it becomes the #1 target for everything. Linux has seen that Red Hats efforts to become user friendly, add fun toys, and become popular made it #2 in both the good and bad points of that.
Mac and Unix are less popular. They have great security scores. Are they more secure or are they less targetted? A computer security tech would answer yes. ("binary true" yes to both). I wont bother to get into discussions about whether or not Windows programs are secure. The unarguable argument for me is that they are too popular for me to use if something less known offers me the same level of functionality.
By the way the same A-E is worthy consideration when thinking about what house security to get, what firewall to use, what car alarm to install, etc etc etc.
geoschmo
December 2nd, 2004, 02:58 PM
Imperator Fyron said:
The major companies probably don't, as they have too much to risk. But I bet there are little startup "companies" out there that are just trying to scam you out of money, 
I don't disagree with this at all. I am quite sure there are some real scumbags out there. I didn't say nobody writes viruses and then tries to sell antivirus to stop it. Just as there have been documented cases of firefighters starting fires in their spare time. What I was disagreeing with was the idea that most (or the bulk of) viruses originate in this manner.
Atrocities
December 2nd, 2004, 03:22 PM
geoschmo said:
What I think is funny is that a lot of people will hear that and think it's a perfectly reasonable theory. But if I tried to say most vandalism was done by people in the house-painting industry, or that most arson was done by firefighters people would say I was a tin-foil crackpot. http://forum.shrapnelgames.com/images/smilies/laugh.gif 
You make an excellent point here Geo, but in the reality, fire fighters fight fires to save lives, vandels vandalize to make a statement, virus writes working for AV company do it for money. http://forum.shrapnelgames.com/images/smilies/laugh.gif  Wait... ok, your point is even more valid now. http://forum.shrapnelgames.com/images/smilies/happy.gif
I just hope that one day we a can look back on these virus writers and know that a great many of them did not work for the companies that we entrusted to kill the viruses they wrote.
Phoenix-D
December 3rd, 2004, 12:33 AM
Atrocities said:
You make an excellent point here Geo, but in the reality, fire fighters fight fires to save lives, vandels vandalize to make a statement, virus writes working for AV company do it for money. http://forum.shrapnelgames.com/images/smilies/laugh.gif  Wait... ok, your point is even more valid now. http://forum.shrapnelgames.com/images/smilies/happy.gif
I really do hate to tell you AT, but Geo is right. There ARE firefighters who start fires so they will have work to do and thus earn more money..
As for the Windows being infected more because its out more: may be true for viruses, but despite Windows servers not being the majority of web servers they ARE the majority of hacked and otherwise compromised web servers..
vBulletin® v3.8.1, Copyright ©2000-2025, Jelsoft Enterprises Ltd.