Re: Internet Security

<snipped>
<replies inline>

Straight Talk wrote:
Shenan Stanley wrote:
For the future - you and your friend may want to print and review
this. It may take some initial time to do - but if your friend
had read and followed it a year ago (or less) - they would likely
not be in the situation they are now. :-(

Seems irrelevant to the thread. Copy/paste has it downsides, hasn't
it? ;-)

No. It is relevant. Notice the original posting...

"I wanted to get other user's opinions about these products and also
recommendations if you think there are better programs or suites."

Hmm... Look at that - receommendations of programs that may be better.

Straight Talk wrote:
Shenan Stanley wrote:
The trouble with the Windows Firewall is that it only keeps things
out. For most people who maintain their system in other ways,
this is
MORE than sufficient. You may feel otherwise. If you want to
know when one of your applications is trying to obtain access to
the outside world so you can stop it, then you will have to
install a third-party application and configure/maintain it. I
have compiled a
list with links of some of the better known/free firewalls you can
choose from:

It always bothers me when MVP's (whom we must assume have a certain
level of understanding) promote 3rd party firewalls because of the
so called outbound "control" feature. Host based outbound control
on a windows platform is one of the greatest myths in computer
security. It gives the user a false sense of being in control -
which is technically impossible for programs like malware that is
not interested in being controlled. And legitimate software by
definition does not need to be controlled. Doing so is mostly
counter-productive. Clueless users will prevent their legitimate
programs from "phoning home". In reality they mostly prevent them
from looking for software updates thereby staying vulnerable
instead of becoming more secure.

This is where I point out you did not comprehend what I wrote (also that you
snipped much of it out...)

If you notice - my words that you left in even state this quite clearly...
(In reference to the Windows XP Firewall...)
"For most people who maintain their system in other ways, this is MORE than
sufficient."

Did you choose to miss that or just miss that?

Straight Talk wrote:
Malware is not something you try to control. It's something you stay
away from. Promoting the idea that malware is somehow controllable
is very dangerous.

Where did I promote that idea?

Tip (9):
What about the dreaded word in the computer world, VIRUS?

Well, there are many products to choose from that will help you
prevent infections from these horrid little applications.

Nonsense. AV has proven to be highly ineffective against modern
malware. AV catches the little fish and let the big ones go
unattended. And worse, AV software even encourage users to act
irresponsible because "my AV will protect me".

You stay away from viruses by not installing them. It's not that
hard.

This is where I point out you did not comprehend what I wrote (also that you
snipped much of it out...)
AGAIN...

Notice - Tip (9) is not about malware. Malware is a term used for
adware/spyware/crapware/crudware. Viruses/trojans and worms are seldom
grouped with these other than by all-in-one suites and people who do not
understand the differences. You mention malware here where it does not
belong.

As far as those 'not installing them' - most times when people get infected
with a virus - they did not intend on it happening - they just didn't know
any better. After all - why would 'Aunt Betty' send them a virus in an
email?

Tip (10):
The most rampant infestation at the current time concerns
SPYWARE/ADWARE.

Spyware and Adware are self-induced problems. Stay away from
inherently broken software like Internet Explorer and Outlook
Express and don't install questionable software from dubious
sources and you will most likely not have any such malware ever.

Possibly true. But I have tested and infested machines with malware by just
VISITING an infested site using Firefox, Opera, etc. There is no 100% safe
anything - if there was - everything else would cease to exist due to
non-use.

There is no one software that cleans and immunizes you against
everything.

Antivirus software - you only needed one.

Functioning as some kind of intrusion prevention, I agree. As
"removal tools" they are close to useless. When you're compromised,
it's game over - and the only sensible thing to do in such
situation is to revert to a known clean state.

Sure - if you want to throw out the baby with the bath water. It really
depends on what you were compromised with and how.

Firewall, you only needed one.

Stick with the build in one - or even better: shut down unnecessary
network services. It's even more secure than having one.

I disagree and since this text is not intended for people who would even
know where to start doing such things - irrelevent.

AntiSpyware - you will need several.

Nonsense.

There is not one AntiSpyware application that can clean all infestations.
This is for cleanup. You not only have started quoting my text randomly and
out of order - but you clearly haved no understanding of what its purpose
is - even though it is stated at the very beginning. This is for cleanup of
a machine - not just prevention.

I have a list and
I recommend you use at least the first five.

Even more nonsense. You have fallen for the flawed idea that
security is a question of installing as much security software as
possible even though installing further code is the exact opposite
of security.

You gain security by fixing what is broken. Not by adding further
code.

Let me just say I read all your comments. I would love to agree with some
of them, but I can see you cannot comprehend it as a whole. It may have
been too much for you to take in at once. It may be you decided to pick out
parts of it - at random it seems - instead of keeping it together as it was
meant to be and posted just to make whatever point you thought you were
making. However - since the document is meant to teach those how to
properly maintain and cleanup their system from some incident (you would
have had to read the beginning and comprehend it to know this) - then the
document is just fine.

It has been fine-tuned over the years and posted and tested over and over
throughout the Internet. It may not be necessary for EVERYONE to do and
some may not do much of it for their entire lifetime and never have a
problem. That's fine - it's no different than any other risky endeavor.
There's always someone who seems to get along fine without the recommended
precautions or another solution to eliminate the risk or speed the cleanup
after an incident.

I appreciate your comments - I would appreciate them more if you did not
cut/paste in a random fashion and took in account who the intended audience
is for this document. Either way - *shrug* - good luck!

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


.

Relevant Pages