[grinnard]

I'd like to know whether what I'm currently using is sufficient protection against, well, everything. The problem I'm having is that most AV products come with anti-spam, safe browsing, anti-rootkit, firewall, anti-spyware, anti-virus etc if you pay for the full version, or ineffective signtaure-based anti-virus only if you opt for the free version (eg avast, AVG).

Currently I'm using Comodo Firewall Pro 3 with defense+ together with avast antivirus, on Vista with UAC on. The avast real time scanning seems a bit superfluous to me since signature-based detection is so ineffective (I'd keep an AV program and run a weekly scan). Can defense+ guard against spyware, rootkit and viruses/trojans or will I need separate applications (eg spybot S&D) for this?

If I were to replace avast, a whitelist-based antivirus program would be best, since I've heard these are less demanding of resources than ones with huge blacklists.

[Nesjemannen]

For more protection, I would as you mention use the Immunization feature on Spybot S&D too. ( And why not Spywareblaster )

"or ineffective signtaure-based anti-virus only if you opt for the free version"

- I wouldn't say this counts. At least not with AVG.
If you want an alternative AV, I would advice you to try Avira Antivir.


About Comodo: It's the best Firewall out there...so yeah.

You -should- also run some AntiSpyware scans every once in a while. Remember, it's recommended to have 2-3 antispyware programs at once, cause they all detect something the other don't.

My top 4 AS (all free) list:

- SUPERAntispyware
- AVG anti-spyware
- Spybot S&D
- Ad-Aware 2008

[lunarlander]

If you have Windows XP Professional, MS published an XP Security Guide v2 and tells you how to harden XP Pro. It is available here:

http://www.microsoft.com/technet/sec...fault.mspx#ETE

Hardening an OS gives the attacker a smaller attack surface by disabling unnecessary features. XP after a fresh install is quite bloated and has a lot of places for an attacker to poke at.

Also you should consider running it daily using a limited user account, as that prevents some malware from working and prevents malware from making system wide changes. In the Unix world, nobody runs a machine daily using the admin account. MS acknowledges that and has made UAC for Vista to achieve the same end.

Here's more details about that:
http://www.mechbgon.com/build/security2.html

Also along the lines of protection and prevention, use Mcafee's Site Advisor, available here:

http://www.siteadvisor.com/

It places a site rating besides every google result and tells you about malware infested sites before you go clicking on them and instantly infecting your machine.

[Gizzy]

non-signature based protection works well to protect you from malware, I would suggest adding a sandbox program I use and would suggest sandboxie the free version has a nag screen before it starts but it's not that bad,

sandboxing strengthens your security because it isolates whatever program you choose to sandbox (like your browser) from the rest of your system so that any malware that gets piked up wile browsing can't do any harm to your os ad you just delete the contents of your sandbox when you're done browsing,

also you could read up and learn about HIPS which is what the defense+ module in comodo is, learn how to answer the prompts to the best of your knowledge and how to harden things down in the settings,

also in the comodo settings click the link "What do these settings do?" (it's on the bottom left of some of the comodo screens) to learn about the different settings in comodo,

another way to go is Virtualization I like the program returnil with this type of program every time you restart your computer it resets everything back to when you first turned the program on so you'll be using your computer in a virtual environment, this can be troublesome because to install new programs or save new files you have to turn the program off restart your computer then install or save things then turn the rogram it back on, but if you don't change thins in your computer too often then this could work,

there's some ideas to think about from me and from Nesjemannen, and lunarlander.

[Gizzy]

I gave the wrong link to the hips and it's been to long to edit my earlier post so here's the right link. HIPS