alientrap-forum-archives

[tChr]

As a norwegian cartoonist said a week ago.. Debian for you, Ubunto for you granmother..s o.. ubuntu is a nice choice for beginners.. if you preffer KDE over Gnome (i have no ide why people do that) kubuntu is an option, so is edubuntu who is packaged especially for school end learning use

[Toets]

Personally I believe the crap you get on your computer is a result of the crap you are surfing the net for

Anyway, been using AVG Antivirus for years now. Looks fine to me!

GriSoft website and Free AVG website

[tChr]

Personally i use f-secure AV for the workstations (got adaware bundled), but thats not free. In addition I use a nazi set up linux based external firewall.

[PHREAK]

I don't use antivirus at all, just a nazi setup firewall on my regular machine. The other one is a mac so...no problems there. (It's firewall-ed as well, for shits and giggles)
Just whipe your drive every so often and don't let Mcafee, norton, etc steal your bandwith and CPU.

[kozak6]

[necromancy]

I don't know what happened, but I finally got around to installing Avast.

I have a question about Sygate. If I go and find a copy of the old free version, does it get any updates or anything?

Anyone familiar with Comodo?

Is there anything else I should look into? I've read nasty things about Zone Alarm, is there truth to them?

[/necromancy]

[PHREAK]

I used Sygate up untill a month or so ago and yes I did update, but not often.
You know how seldom firewalls update anyway.
It was the old free version.

[The mysterious Mr. 4m]

I bought a notebook which came with Symantec Norton AntiVirus 2005 (+ firewall) but it's bugging me with weird updates and system scans lately. I have Avast AntiVirus and Sygate Personal Firewall on my other pc and it's been working great. Symantec is getting on my nerves! And it doesn't catch malware while surfing like Avast used to. I even downloaded the malware and Norton gave me no warning, but at least it blocked it when i tried to execute it.

Anyone familiar with Sunbelt Kerio Personal Firewall?

EdIt: So, is Sygate Personal Firewall discontinued?

[divVerent]

Well, the thing is... what do you want the firewall to do?

Filter incoming connections? Even XP's integrated one can do that, and if you want filter rules that it can't do (like banning IPs and not just port-based rules), you can use the IPSec policies which are in Windows since Windows 2000.

Filter outgoing connections, preventing trojans from communicating with the outside world? Forget it. Many trojans know how to circumvent or disable the firewall. If you run malicious software with admin rights, it can do whatever it wants. And if the deinstaller of the firewall can remove the firewall, why should a trojan NOT be able to?

So in other words, you have to stop working and surfing with admin rights and use them only for software installation. Before you do it that way, you don't even need to THINK about personal firewalls - they just won't help you.

And even without admin rights, there are always easy ways to circumvent the firewall. When I want to get data out of the system, I can get it out. Simply by abusing the web browser you surely have set to "don't ask, always allow". Starting it with an URL, editing the bookmark file or the start page are the usual tricks, but changing proxy settings is also a possibility - and personal firewalls don't detect all of them and never will (catching all that stuff would render your system unusable because every few seconds, a personal firewall dialog will pop up).

So the only solution is - don't run malware. If you don't run malware, you don't need a personal firewall. Instead, just use a packet filter for incoming connections (like the one integrated in XP, ipfw or Win2k's IPSec filter rules) and disable unneeded services (http://www.ntsvcfg.de/ntsvcfg_eng.html). The latter will also free up some RAM and in the end make your system faster.

A virus scanner, however, doesn't hurt, so install one and keep it current. Kaspersky for example is supposed to be one of the best when it comes to the signature files. Just remember one thing: it is highly possible that you get a virus before the virus scanner knows it. DO NOT CLICK ON EXE FILES ATTACHED TO EMAILS. EVEN IF YOUR VIRUS SCANNER DOES NOT COMPLAIN, IT DOES NOT MEAN THAT THE FILE IS CLEAN. Use your virus scanner to filter virus mails from the inbox, these are spam anyway and a virus scanner can reduce the spam without doing any damage/false positives. Also, use the virus scanner as "last resort" in case you or someone else accidentally click on an untrusted EXE. There is no guarantee that the scanner will prevent an infection, but it will catch SOME of the cases.

Also note: not just EXE is evil. Also watch out for VBS, JS, COM, PIF, BAT, CMD, SCR and any other extensions that stand for executables. An attachment named "www.foo.com" is most likely NOT an URL but an executable whose name looks like an URL to make you click on it. Note the extension "COM". If you want to look at the URL, enter it manually in such cases.

[Urmel]

Is there any good and free antivirus/firewall stuff out there?

The answer is simple IMHO: no.

[divVerent]

In case of the antivirus: a definite no. However, the only antivirus that COULD be called "good" is Kaspersky. But no antivirus is so good that you can rely on it. Viruses spread faster than virus signatures for scanners.

In case of the firewall: application filtering doesn't work well anyway, and packet filtering can be done by many solutions, including free ones. What's wrong with them?