Internet security, can you go too far?

Our "pub" where you can post about things completely Off Topic or about non-silent PC issues.

Moderators: NeilBlanchard, Ralf Hutter, sthayashi, Lawrence Lee

Post Reply
thejamppa
Posts: 3142
Joined: Mon Feb 26, 2007 9:20 am
Location: Missing in Finnish wilderness, howling to moon with wolf brethren and walking with brother bears
Contact:

Internet security, can you go too far?

Post by thejamppa » Sun May 09, 2010 3:40 am

Hello everyone!

I was wondering as Internet security is quite important thing these days and many don't even use most basic security but there's always those who intend to go overboard.

When do you think you go too far in internet security?

I got homenetwrok with router with iron firewall protecting my network and each computer has Virus sscanner and at least windows own firewall active.

My main computer, which I use mostly online surfing and working has malware shield program, non-commercial free firewall and some of my personal folder's have been encycrypted / password protected.

So I am going thru net thru two firewalls and via proxy most time... Made me wonder if I am going overboard. But good news is in past 3 years I've only suffered one virus problem, that caused me re-install everything and that was due my own mistake.

lm
Friend of SPCR
Posts: 1251
Joined: Wed Dec 17, 2003 6:14 am
Location: Finland

Post by lm » Sun May 09, 2010 7:41 am

I only have the built-in firewall enabled in my Windows XP. And that is actually pretty much enough, as long as you know what you are doing. But for the general majority of users, this would not be the case.

AuraAllan
*Lifetime Patron*
Posts: 713
Joined: Wed Mar 07, 2007 7:49 am
Location: Denmark

Post by AuraAllan » Sun May 09, 2010 9:52 am

I have XP built-in firewall up and i'm running Mircosoft Security Essentials.
That should be enough. I know what i'm doing.

Atleast on the internet :P

bonestonne
Posts: 1839
Joined: Mon Feb 05, 2007 2:10 pm
Location: Northern New Jersey
Contact:

Post by bonestonne » Mon May 10, 2010 6:28 am

I use the Windows 7 Firewall Control app to make the Windows 7 firewall a little more effective, and I use it with Avast AV, *knock on wood* and I can't say I've gotten a virus with it. The same combo is on my older sisters new laptop.

I think my D-Link router has a firewall built into it, but I've never used it, and I'm sure viruses have gotten past it onto my other sister's computers, not sure how though.

I think there is overkill, but that's when you're running your own enterprise firewall just for home surfing. just unnecessary unless you're looking for trouble.

stmok
Posts: 26
Joined: Fri Jul 09, 2004 2:35 am
Location: Sydney, Australia

Post by stmok » Mon May 10, 2010 8:47 am

On Windows:

* I pick the Edition with Software Restriction Policy.
ie:
WinXP Professional;
Vista Business or better;
Win7 Professional or better.

* I then create a Limited/Restricted User Account for day-to-day use. (Borrowing the idea from Linux/Unix world.)

* I only use the default Administrator account for system updates, maintenance, troubleshooting, install/update third-party apps.

* I then apply Software Restriction Policy as discussed here.
=> http://www.mechbgon.com/srp/
(This turns the system into "default deny". Only legit/trusted executables are allowed to run. Everything else is denied. Double-clicking on random executables from the web will be met with a pop-up message saying its been blocked.)

* I don't install AV software for three reasons:

(a) Its a reaction mechanism. Not a prevention mechanism.
(Meaning you are always one step behind malware authors!)

(b) A poorly made signature update can kill your system.
(In the last 5yrs; its becoming a common occurrence!)

(c) It creates a potential vulnerability because it needs to access key system components of Windows...
New attack bypasses virtually all AV protection
http://www.theregister.co.uk/2010/05/07 ... av_bypass/

* I pay strict attention to what is allowed to be installed.
ie: If I don't know where it came from (untrustworthy, illegal, etc); It gets deleted.

* I only install what I need and nothing more. As well, I disable/turn off features and services I don't use.

* Windows's Firewall is sufficient when you apply the above. You don't need Zone Alarm, Comodo, Online Armor, etc.

* I use Firefox browser with NoScript extension. (Mainly because I also use the same browser under Linux.)

My home network firewall is a custom FreeBSD based solution on a fanless PC with two NICs.

With the above approach, I've never had issues with malware.

Bradshaw
Posts: 20
Joined: Wed Nov 11, 2009 10:47 am

Post by Bradshaw » Mon May 10, 2010 9:33 am

I use Nod32 and Zone Alarm with a hardware firewall.

Then to top it off i also use Faronics Deep Freeze which always restores the C drive with every restart ("My Documents", "Favorites" etc is on the D partition). This keeps the computer safe and secure. Most of the time I only need to unfreeze it when updating windows or installing new software.

Lately I've also been using Sandboxie to keep my web browser in a Sandbox to keep it extra secure.

Instead of those last two security programs you could only use Google Chrome though. It already has a built in Sandbox and should probably be enough for most people.

lm
Friend of SPCR
Posts: 1251
Joined: Wed Dec 17, 2003 6:14 am
Location: Finland

Post by lm » Mon May 10, 2010 9:59 am

bonestonne wrote: I think my D-Link router has a firewall built into it, but I've never used it, and I'm sure viruses have gotten past it onto my other sister's computers, not sure how though.
She shouldn't click OK to shady popups on the web.

bonestonne
Posts: 1839
Joined: Mon Feb 05, 2007 2:10 pm
Location: Northern New Jersey
Contact:

Post by bonestonne » Mon May 10, 2010 3:40 pm

I don't know what she does, but whatever it is, it's stupid enough to get viruses.

Monkeh16
Posts: 507
Joined: Sun May 04, 2008 2:57 pm
Location: England

Post by Monkeh16 » Mon May 10, 2010 4:57 pm

I use.. Absolutely nothing. A simple NAT router is all I've ever needed. That and some common sense.

new2spcr
Friend of SPCR
Posts: 230
Joined: Wed Apr 22, 2009 9:14 am
Location: Sweden

Post by new2spcr » Sun May 30, 2010 10:23 am

stmok wrote:On Windows:

* I pick the Edition with Software Restriction Policy.
ie:
WinXP Professional;
Vista Business or better;
Win7 Professional or better.

* I then create a Limited/Restricted User Account for day-to-day use. (Borrowing the idea from Linux/Unix world.)

* I only use the default Administrator account for system updates, maintenance, troubleshooting, install/update third-party apps.

* I then apply Software Restriction Policy as discussed here.
=> http://www.mechbgon.com/srp/
(This turns the system into "default deny". Only legit/trusted executables are allowed to run. Everything else is denied. Double-clicking on random executables from the web will be met with a pop-up message saying its been blocked.)

* I don't install AV software for three reasons:

(a) Its a reaction mechanism. Not a prevention mechanism.
(Meaning you are always one step behind malware authors!)

(b) A poorly made signature update can kill your system.
(In the last 5yrs; its becoming a common occurrence!)

(c) It creates a potential vulnerability because it needs to access key system components of Windows...
New attack bypasses virtually all AV protection
http://www.theregister.co.uk/2010/05/07 ... av_bypass/

* I pay strict attention to what is allowed to be installed.
ie: If I don't know where it came from (untrustworthy, illegal, etc); It gets deleted.

* I only install what I need and nothing more. As well, I disable/turn off features and services I don't use.

* Windows's Firewall is sufficient when you apply the above. You don't need Zone Alarm, Comodo, Online Armor, etc.

* I use Firefox browser with NoScript extension. (Mainly because I also use the same browser under Linux.)

My home network firewall is a custom FreeBSD based solution on a fanless PC with two NICs.

With the above approach, I've never had issues with malware.
Very good suggestions.
LUA, Group policy and a good firewall, Firefox w/noscript, no flash, disabling services etc - turns your PC into a very secure system. I've implemented this for years and had no malware problems on the windows boxes I run.
I do run AV-software though, mainly because I want to scan inbound/forwarded emails.

BlackWhizz
Posts: 266
Joined: Wed Mar 31, 2010 8:19 am
Location: OV, The Netherlands

Post by BlackWhizz » Sun May 30, 2010 11:27 am

Hmm, im not that into protection.

Every PC in this house runs AVG Free + Windows Firewall. They also have CCleaner and hitman pro installed. That way i can remove virusses and spyware and clean up temp files/cookies/other crap.

Every PC gets scanned once in a week on a sunday. No virusses for 2 years (i dust out the systems once a year and then i also do a reinstall of windows).

Also every PC is updated automatically (except my PC and laptop/sister and parents pc do).

jackvinsly
Posts: 4
Joined: Wed Jun 02, 2010 9:08 pm
Location: chicago

Post by jackvinsly » Wed Jun 02, 2010 9:31 pm

well I have my own company in my home town had generally used Cyberoam firewall is as the UTM firewall. And also I have been using Microsoft firewall software for the PC Internet.

Post Reply