Just a couple of questions I'd like to put to everyone;
Do you think the average user can really protect his system for FREE?
How?
The key to your question is in the semantics or the definition of average. Assuming you mean a person who maintains the various updates (Microsoft, A/V and any other security software on the PC), includes a firewall in the free software and doesn't seek out p0rn sites, I think they can.
Considering the wealth of free software available, the "average" user has anti-virus, anti-malware, real time protection such as TeaTimer, WinPatrol, SpywareBlaster, SpywareGuard, hosts file software, firewall and sites like LandzDown and Mikey's Stuff (http://forums.voiceofthepublic.com/mikey) to help them out with information and help with the software and update threads to subscribe to so they won't get behind in maintenance.
Quote from: Corrine on November 26, 2006, 11:05:48 PM
The key to your question is in the semantics or the definition of average.
OK, let me just rephrase the question;
Do you think any user can really
protect his system for FREE?
How?
The prominent word is in bold type and any question of semantics should fall there.
QuoteConsidering the wealth of free software available, the "average" user has anti-virus, anti-malware, real time protection such as TeaTimer, WinPatrol, SpywareBlaster, SpywareGuard, hosts file software, firewall and sites like LandzDown and Mikey's Stuff to help them out with information and help with the software and update threads to subscribe to so they won't get behind in maintenance.
Hmmm, seems a little vague. Do I really need so many applications? How many tools and which ones would really
protect?
Let's say that I know enough to be able to surf around with my browser, work email, and store/install downloads. Perhaps we could pretend that my knowledge of security issues goes only to the extent that anyone who reads or watches the medias has.
I know that mail attatchments and certain websites are dangerous. I know that security products exist but I really don't know where to start looking. There seems to be way too many. I don't have time to study a lot of different technologies that require lots of time learning.
I also need to keep the cost down and not just try to throw money at the problem. But I definitely do want to be 'safe' online as I keep lots of sensitive docs on board. What & how do you advise? What do these products you mention do and how do I use them? Isn't there a simpler method than learning how to use half a dozen different products?...and do these products even really 'protect'?
BTW I think the idea of seeking help at free sites where folk know about this stuff, is a great thing.
TIA
No comments yet?
Well yea, I do tend to bring up and ask questions about subjects that are at least at times aggravating. :)
The reason my questions are aggravating this time is because there are no good answers. The majority of the tools recommended throughout the global pri/sec community DO NOT PROTECT.
In the last half decade, the malware propagators have gotten very clever. Unfortunately, most users are still using and being advised to use the same type of security tools and techniques used five or more years ago.
What is worse is that the tools most recommended are just purely reactionary and more often than not create more damage than the infection itself. These reactionary tools rarely have the signatures developed in time to stop an infection and the false positives and faulty removal routines litterally rip the system and innocent applications apart. A good percentage of users just trust their malware scanners to remove items without any thought given to what the items being removed are. Then users can't understand why their systems and programs don't function well anymore.
I wont even much get into the subject of all the 'rogue' tools. Ref; http://www.spywarewarrior.com/rogue_anti-spyware.htm IMO the majority of anti-malware scanners belong in the 'rogue' category or are at best just outdated and useless endeavors. When folks have an infection, they are much better advised to seek out a tech board like this one where experienced folks are trained to help remove the nasties.
And with some rooters it is impossible for anyone or any tool to find all of the possible policy changes made that can leave the system vulnerable to further exploits. In some cases, even the best audits fail. In these cases nothing short of a reinstall can secure the system again. Can you spell 'downtime'?
For a long time now (more than half a decade) we've had better technologies. I wonder why there hasn't been more development in the past few years. So why now aren't we using and recommending the tools that have been developed that really do protect. Well, I've heard almost every excuse in the world now. Most amount to; 'the users are too stupid or too lazy to learn something new'. My thoughts on this opinion of users is; HOGWASH.
How is it that I've taught dozens of noobs in recent months how to really protect their systems? Most of them take to it almost instantly.
How is it that none of the 600+ appliances and users accross multiple SOHOs in my care have ever had an unwanted ware installed?...not once in the past half decade+. It seems to me that many of the anti-malware product developers are quite happy selling subscriptions for products that aren't real solutions. hmmm
"Do you think any user can really protect his system for FREE?"
I think the answer is YES.
"How?"
By using a better firewall;
Ref; http://www.voiceofthepublic.com/test_tools/firewall.html
Can a user still get infected using a HIPS type firewall?
Yes, but if it happens it will be because the user allowed it to happen.
"Are there any tools that can protect me even from my own doing?"
Yes, to a degree, but those also have weaknesses. Ref; http://www.voiceofthepublic.com/test_tools/twohips.html No tool is or ever will be a 100% secure. However, using a HIPS solution is a 100% increase in security as opposed to depending on tools like resident scanners and end point packet filters that really don't protect much.
For more info you might like to have a look at this series; http://www.techsupportalert.com/security_mess.htm If you are interested in some of the simple to use tests spoken of here, you can find them and a few more here; http://www.voiceofthepublic.com/test_tools/testfiles.html
BTW I'm not really suggesting that users throw their resident scanners and packet filters away. Many folk will still need these tools in order to feel secure. Some users still need things like cookie control and the like too. However, I again suggest that users check with folks in the know before removing anything they don't explicitly recognize in a scanner results log. Just one false positive or faulty removal routine can and many times have caused catastrophic results.
There are plenty of tech boards around...why not use them instead of periodically ripping the guts out of your system? Ref; http://asap.maddoktor2.com/
As always, JMO