Norton is pissing me off with its insistence on reminding me every couple of hours to update my subscription.

Is there any good and free antivirus/firewall stuff out there?

kozak6 wrote:Norton is pissing me off with its insistence on reminding me every couple of hours to update my subscription.

Is there any good and free antivirus/firewall stuff out there?

Good, sure. Free, sure. Both.. never seen it

Good free firewall for personal use: I use Sygate firewall. Now bought by.. Symantech (?) but I think the previous version or last one is still free. If you cant find it (search for "sygate personal firewall") let me know. I have the free version somewhere.

http://www.avast.com/

its free as in free beer. for home use.

look for avast home edition. a simple registartion in needed, you get the licence key in yer mailbox.

iptables

I recommend using the following programs to prevent bad things to infect windows based OS's

Nlite - Strip out the crap , remake youre own custom windows iso

XPY - Removes a lot of unwanted stuff to a existing copy of Windows


Use Firefox instead of IE - http://portableapps.com/apps/internet/b ... le_firefox

Use Thunderbird instead of Outlook/Outlook Express -
http://portableapps.com/apps/internet/e ... hunderbird

Use Media Player Classic instead of MS WMP & Powerdvd -
http://www.free-codecs.com/download/Med ... lassic.htm

Use Miranda IM instead of MSN Messager & Yahoo Messager -
http://portableapps.com/apps/internet/c ... le_miranda

Use Abiword or Openoffice instead of MS Office
http://portableapps.com/apps/office/wor ... le_abiword
http://portableapps.com/apps/office/sui ... openoffice

Use Netmeter instead of DU Meter -
http://readerror.gmxhome.de/


For Antispyware and Antimalware use :
Adware SE Personal - http://www.lavasoft.de/support/download/
Hijhackthis - http://www.merijn.org/downloads.html

For Free antivirus use:
http://portableapps.com/apps/utilities/ ... le_clamwin
or
http://www.avast.com/eng/avast_4_home.html

For Pay Antivirus use:
Kaspersky Anti-Virus - http://fileforum.betanews.com/detail/Ka ... 08918303/2


* Never install toolbars
* I recommend never downloading keygens or cracks from http sites
* I recommend sending and reciving plain text emails only

a thing gave a hint at it.. http://www.debian.org is very free and also very free of viruses That is if you want your computer and software to respect your freedom, its not really a 1for1 replacement for windows: http://linux.oneandoneis2.org/LNW.htm

Other then this i used this virus scanner as long as i used windows at home: http://www.free-av.com/
I also had Zonealarm as a firewall for a short time.. http://www.zonelabs.com/store/content/c ... ticcomp_za

I've been waiting for the first linux user's comment

At least i was not the first, also gave other (more thread like) tips and did not tell him to switch right now

Well, I'd like to switch and all, but then none of my other games or programs would work. Plus, honestly, I would never be able to figure it out. Even a lot of the Windows stuff is beyond my grasp.

And then I still have to share the damn thing with the rest of my family.

Thanks for the help, though. I do appreciate it.

I don't have any anti-virus or firewall software running at all. I don't care because I'm behind a hardware firewall and all of the ports are stealthed so no-one can even see my existence unless they hack the firewall (by brute forcing the password).

Under Windows I might run Stinger periodically but have never found anything with it. The main anti-virus thing in the system is me. Other than that, I use Firefox, Thunderbird, OOo etc.

I wouldn't suggest Debian as a Linux distro for beginners. It's not well suited for desktop use. I wouldn't suggest Ubuntu either, I know of people who've had lots of trouble with it, it has ruined the point of repositories, it only comes with Gnome (try Kubuntu instead if you must) and it's brown .

I run Mandriva but am considering a move to SuSE, that's the distro I would recommend at the moment.

As a norwegian cartoonist said a week ago.. Debian for you, Ubunto for you granmother..s o.. ubuntu is a nice choice for beginners.. if you preffer KDE over Gnome (i have no ide why people do that) kubuntu is an option, so is edubuntu who is packaged especially for school end learning use

Personally I believe the crap you get on your computer is a result of the crap you are surfing the net for

Anyway, been using AVG Antivirus for years now. Looks fine to me!

GriSoft website and Free AVG website

Personally i use f-secure AV for the workstations (got adaware bundled), but thats not free. In addition I use a nazi set up linux based external firewall.

I don't use antivirus at all, just a nazi setup firewall on my regular machine. The other one is a mac so...no problems there. (It's firewall-ed as well, for shits and giggles)
Just whipe your drive every so often and don't let Mcafee, norton, etc steal your bandwith and CPU.

[necromancy]

I don't know what happened, but I finally got around to installing Avast.

I have a question about Sygate. If I go and find a copy of the old free version, does it get any updates or anything?

Anyone familiar with Comodo?

Is there anything else I should look into? I've read nasty things about Zone Alarm, is there truth to them?

[/necromancy]

I used Sygate up untill a month or so ago and yes I did update, but not often.
You know how seldom firewalls update anyway.
It was the old free version.

I bought a notebook which came with Symantec Norton AntiVirus 2005 (+ firewall) but it's bugging me with weird updates and system scans lately. I have Avast AntiVirus and Sygate Personal Firewall on my other pc and it's been working great. Symantec is getting on my nerves! And it doesn't catch malware while surfing like Avast used to. I even downloaded the malware and Norton gave me no warning, but at least it blocked it when i tried to execute it.

Anyone familiar with Sunbelt Kerio Personal Firewall?

EdIt: So, is Sygate Personal Firewall discontinued?

Well, the thing is... what do you want the firewall to do?

Filter incoming connections? Even XP's integrated one can do that, and if you want filter rules that it can't do (like banning IPs and not just port-based rules), you can use the IPSec policies which are in Windows since Windows 2000.

Filter outgoing connections, preventing trojans from communicating with the outside world? Forget it. Many trojans know how to circumvent or disable the firewall. If you run malicious software with admin rights, it can do whatever it wants. And if the deinstaller of the firewall can remove the firewall, why should a trojan NOT be able to?

So in other words, you have to stop working and surfing with admin rights and use them only for software installation. Before you do it that way, you don't even need to THINK about personal firewalls - they just won't help you.

And even without admin rights, there are always easy ways to circumvent the firewall. When I want to get data out of the system, I can get it out. Simply by abusing the web browser you surely have set to "don't ask, always allow". Starting it with an URL, editing the bookmark file or the start page are the usual tricks, but changing proxy settings is also a possibility - and personal firewalls don't detect all of them and never will (catching all that stuff would render your system unusable because every few seconds, a personal firewall dialog will pop up).

So the only solution is - don't run malware. If you don't run malware, you don't need a personal firewall. Instead, just use a packet filter for incoming connections (like the one integrated in XP, ipfw or Win2k's IPSec filter rules) and disable unneeded services (http://www.ntsvcfg.de/ntsvcfg_eng.html). The latter will also free up some RAM and in the end make your system faster.

A virus scanner, however, doesn't hurt, so install one and keep it current. Kaspersky for example is supposed to be one of the best when it comes to the signature files. Just remember one thing: it is highly possible that you get a virus before the virus scanner knows it. DO NOT CLICK ON EXE FILES ATTACHED TO EMAILS. EVEN IF YOUR VIRUS SCANNER DOES NOT COMPLAIN, IT DOES NOT MEAN THAT THE FILE IS CLEAN. Use your virus scanner to filter virus mails from the inbox, these are spam anyway and a virus scanner can reduce the spam without doing any damage/false positives. Also, use the virus scanner as "last resort" in case you or someone else accidentally click on an untrusted EXE. There is no guarantee that the scanner will prevent an infection, but it will catch SOME of the cases.

Also note: not just EXE is evil. Also watch out for VBS, JS, COM, PIF, BAT, CMD, SCR and any other extensions that stand for executables. An attachment named "www.foo.com" is most likely NOT an URL but an executable whose name looks like an URL to make you click on it. Note the extension "COM". If you want to look at the URL, enter it manually in such cases.

kozak6 wrote:Is there any good and free antivirus/firewall stuff out there?

The answer is simple IMHO: no.

In case of the antivirus: a definite no. However, the only antivirus that COULD be called "good" is Kaspersky. But no antivirus is so good that you can rely on it. Viruses spread faster than virus signatures for scanners.

In case of the firewall: application filtering doesn't work well anyway, and packet filtering can be done by many solutions, including free ones. What's wrong with them?

divVerent wrote:What's wrong with them?

I'd like to quote a post I've read in another forum where the author got the point in an easy and understandable way. Everybody who's engaged with stuff like that knows what he's talking about:

If you see a little can with a label "mortal contact poison!", you usually dont get the idea to test if this is correct and dont touch it (except 4m ofcourze ).

A personal software firewall usually is acting completely otherwise: It would open the can, touch the content and then wonder why getting so dizzy.

That's why the whole concept of software firewalls is kinda stupid isnt it?

I think you don't understand me.

Your statement certainly holds for these personal firewalls like ZoneAlarm or *shudder* Norton Internet Security. But what is wrong with stuff like Win2k's IPSec policies (apart from the naming, since they can be used quite well for packet filtering WITHOUT IPSec), or pf, ipf, ipfw, iptables?

The thing is - these do what you tell them and not more. They don't pop up alarming dialog boxes for PR reasons (WOAH! Someone ATTEMPTED TO PING YOU! Me, the glorious firewall, blocked him. Man, I'm good.) or that you can accidentally answer wrong (192.66.2.15 attempted to access port 445. Do you want to allow it?), but just execute their fixed ruleset. They can of course log denied packets or just LOG rules. But once set up, they do what you told them and nothing else.

However, to use them, you have to understand the basics. Otherwise, you won't even get them set up or disable your own internet access too easily... but if you know what you are doing, these sort of packet filters work quite well - no matter if they are in software or in dedicated hardware.

Don't forget, you kinda represent a minority. For me, I don't really understand what I'm doing when configuring my Internet access. The majority puts loads of crap on their system to feel secure, all they get is a lack of performance and the annoying popups you were talking about.

Well, the main danger about such "security tools" is the "secure feeling", leading to overcompensation.

Some people think that just because they have an antivirus and a firewall, they can click on every EXE they find, even the ones they receive via email. That is WRONG. The problem is that this happens subconsciously - some people just feel much more secure and stop thinking about the ever present danger because that Norton face pops up every time they boot their computer.

If that effect weren't there, a personal firewall maybe still wouldn't help - but it wouldn't do any harm either. But this effect of overcompensation is just too real...

Oh, and another problem with personal firewalls... people tend to COMPLETELY DISABLE THEM when there is any kind of problem. If you can afford to disable your firewall, that means you obviously don't need it at all. OTOH, more than once a minute, everyone receives a data packet that tries to infect unpatched Windows systems. So if the firewall is all you do for security, you are screwed when you disable it for just one minute.

SPEAKING OF PATCHES. Windows users, keep your Windows current with Windows Update -> http://windowsupdate.microsoft.com. Same goes for Mac and Linux users - use the online update feature you have. Even Microsoft sometimes fixes a severe security hole (the one Blaster used was for example fixed a month before Blaster started spreading, so Blaster's "popularity" was a proof of how few people use the update feature), and the online update is the only way to get these fixes early enough.

Do not be afraid of Microsoft detecting that you are using a warez copy of Windows. They don't care. They won't give you service pack 2 and additional features, though, but you can still access the most important updates. Don't be afraid - they won't track you down and take your computer. Actually, warez is the main reason of WIndows' quasi monopoly position, and Microsoft knows that. If you aren't a company, MS doesn't care if you use warez or not, they just don't want you to use a competing OS...

Blablabla... Just to let you know: I just installed _Comodo Personal Firewall_ and it looks okay.

Alternatives if you don't like Comodo:
http://www.iopus.com/guides/free-firewall.htm

To all who don't know the difference between a good and a bad firewall:
A GOOD firewall will at least TRY to control access TO and FROM your system. A firewall is like a boat: Even if it's leaking - you can still float for a while. It's much harder without one.

4m wrote:To all who don't know the difference between a good and a bad firewall:
A GOOD firewall will at least TRY to control access TO and FROM your system. A firewall is like a boat: Even if it's leaking - you can still float for a while. It's much harder without one.

Sorry, reality isn't like that. You can do that for yourself and that's okay. But tell Joe User that he has a new firewall, and he WILL click on one EXE after the other. Why should he care about security, he has a firewall to do that.

If you KNOW that the firewall doesn't make you secure by itself, you can very well use one and MAYBE even gain more control using it.

BTW, tell me a firewall that does NOT try to control access to/from the system. You can even use iptables to only allow Firefox to make network requests. It even works. However, malware could just go outside using the web browser...

People need to realize that software firewalls are so easy to circumvent, thet using one is simply a waste of CPU/ram, etc.
Get a decent hardware option and watch what you do with your comp.
It's quite simple.
I'm not saying that hardware FW is PERFECT. But the shitties one beats the best foftware version out there.
Correct me if I'm wrong, but this has been my standard practice when it comes to PC use for years and I've yet to get a virus/troyan or have my sys hacked.

I dont use any koind ofSoftware firewall, I use external hardware firewalls (or more precisely, IP table controlns on the external linux riuter). HOwever I do Use anti-virus software

PHREAK wrote:People need to realize that software firewalls are so easy to circumvent, thet using one is simply a waste of CPU/ram, etc.
Get a decent hardware option and watch what you do with your comp.
It's quite simple.
I'm not saying that hardware FW is PERFECT. But the shitties one beats the best foftware version out there.
Correct me if I'm wrong, but this has been my standard practice when it comes to PC use for years and I've yet to get a virus/troyan or have my sys hacked.

You are partially wrong with that. A software packet filter like iptables, pf, ipf, ipfw or maybe even Win2k's IPSec polciies is just as hard to circumvent as a hardware firewall - namely, only if the OS has a serious security hole that can be used for that. Actually, many "hardware firewalls" are in fact Linux or BSD boxes in a small case, although the majority probably uses Cisco's own OS. All of them are basically software solutions, but run on dedicated hardware. Not that it would really matter, but see below.

Plus, hardware firewalls don't protect you from malware you start by cutting off their internet access. No, software firewalls can't do that either - it's just that they CLAIM to be able to do that, but it is known for a fact that these restrictions are easy to circumvent.

The reason why people prefer hardware firewalls over software solutions is another one. If the firewall gets hacked, you don't want the hacker to have full access to your important servers. This means two things:

• the firewall should run on dedicated hardware, so an attacker who successfully exploits the firewall doesn't have immediate access to your data. When you can't do that, run it on an UNIMPORTANT server. That is, if you have one - neither file, mail, print nor web servers are "unimportant enough" for that...
• if the firewall runs on another OS than your servers, an attacker who successfully exploited a flaw in the firewall OS can't use the same exploit to get access to your servers. This is the main advantage of "hardware firewalls", as you call them (although they DO run in software...). A dedicated Linux router firewalling a Windows network has the same advantage, but firewalling a Linux network with another Linux box won't protect you from attackers exploiting kernel flaws from the outside if there are any. But since nobody runs servers on Cisco's IOS...

I use a router that runs BSD and that provides a firewall. One advantage I see is that it protects every machine in our house at once. I don't think I'd ever buy a software firewall, I bought Norton Systemworks 2004 and it was the biggest waste of money I've aver spent on computers.