I’m interested in finding out what is the best way to secure a PC (XP and/or WIN 7) from being compromised or broken in to from without where someone would attempt to use the internet connection to get in.
I know everyone always recommends a good firewall and anti-virus…but with so many options these days…which firewall and anti-virus is considered best without being a resource hawg?
And, does anybody still use Spybot - Search & Destroy anymore? I heard it was pretty good at stopping malware.
And, what about closing ports? I heard something about that a while back. Is there a program that checks entry points and allows you to close them?
Any thoughts on what the best products to use to secure a PC that is going to be connected to the internet would be appreciated.
There is no one firewall/antivirus that will stop 100% of viral attacks, unfortunately. That said there are some that do a very good job of stopping a good majority of them, such as the Comodo firewall and Malwarebytes antivirus. I was running a PC for three years before I bought my Mac and Comodo did a very good job of keeping it clean. Not 100% though, and I did get a virus that brought my PC literally to its knees and it took me forever to get it off but it does seem to do the best job of all the firewalls I’ve seen/used (and I’ve used a ton).
Now running a linux based system, I sleep much better at night.
I’ve not used Windows in a while, I agree with others about Linux. I like Linux’s user pathways a bit better. As long as you don’t login and run X and Firefox, etc as root, this limits the amount of damage that can be done, since a regular user on Linux won’t have privileges to write to root owned areas.
That said, I’ve heard that Microsoft Security Essentials is really all you need. It does anti-virus and malware detection and does not consume all that much resources. As with anything, it’s important that you keep the definitions and program up-to-date.
Other recommendations I would have, use Firefox as your only web browser and install the NoScript addon. The NoScript addon prevents websites from executing javascript in your browser. You will have to apply exemptions. It can be a little annoying when you first start, but you can exempt certain websites that you trust, but leave potentially shady website protected under NoScript.
Also, I would recommend making it a point to check the Mozilla plugin checker page:
often. This will check to make sure that your plugins are up-to-date. This is especially true for Adobe Flash, you need to keep it updated (better yet, remove Adobe Flash, it’ll speed up your web browsing and remove it as a potential hacking point, but you may lose a lot of functionality with some websites that depend on Flash).
This plugincheck url will work for any browser, Firefox, Chrome, Internet Explorer. So if you decide to use a browser other than Firefox, you can still check your plugin versions.
I cannot use Linux as I run a business and I have to have all the applications that Windows can run. I am aware that many business applications are being built for Linux, but it’s going to be a while since there doesn’t seem to be alot of money to go around to develop stuff for Linux…and there is for Windows.
Anywho…I use Acronis so removing a virus is no problem. Takes just moments.
Just wanting to do due diligence to see what the latest is for Windows these days as I know security is an evolving thing, even for Mac and Linux that are being broken in to more often these days.
Thanks for the Firefox recommend. And, how can you browse without Adobe flash? Aren’t there a bunch of things that require flash?
I know I heard a while back that since AVG is so widely used now…it’s in the hacker’s crosshairs making it not so secure anymore, which makes it as useless as Microsoft’s security products.
It was something about hackers targeting the most commonly used products cause when one of them is successful hacking in to a popular product, apparently they share what they’ve learned with all their hacker buddies across the greater “hacker community” as if these folks have nothing better to do in life but steal…
Security Essentials was designed to fully integrate into the Windows 7 operating system. In XP, it’s just a tacked-on addition. As such, it doesn’t do as nearly a good of a job in XP.
AVG, or other freeware AV solutions such as Avira, or avast, were built to integrate into XP as well as Win7.
Those who are saying to switch to Linux. Don’t be stupid. Insecurities of an OS comes from the user configuring and running the system. Make bad choices and bad things can happen to every OS. Switching to Linux is not a cure all. Or some magic bullet. Linux has no magical powers.
Now, are you behind a router? If so make sure the firewall is on, be default most consumer routers will block all outside connections that you from the inside of the network has not initiated. I.e., connected to a web site with your browser of choice. So having a full-blown firewall software package on your computer would be overkill, the one built into Windows is more then enough.
Second and formost, never run with full administrative power on Windows. On Windows XP this is more of a pain because it does not have UAC like Windows 7. You should never run any internet connected application as administrator. That alone can open you up.
I couldn’t agree more. I’m sick of this “switch to linux” solution - we heard it for almost 20 yrs now - I couldn’t even understand this attitude those years I was running slackware
know your system is my best advice
malwarebytes is a good tool , I use it myself on the kids computers.
On the kids computers, and my 3 office computers I am also using Eset Smart Security. I like the app as it is lightweight and does a pretty good job.
On my main computer I use NIS, as this suits my need best - choosing your system depends on your needs.
I don’t like AVG, most of the compromised personal computers i see is running AVG free - of course its the owners fault, as they surf all kind of dubious sites, but anyway…
I always avoided this because I’ve seen people get locked out of their own computer and it starts asking for admin permission that may never have setup in the first place.
I guess I could set up an Acronis back before doing a username and password…
I use ZoneAlarm firewall because it filters inbound AND outbound traffic. I have to give an application permission to contact the world outside. That’s an extra layer of protection.
I agree with the ESET anti-virus. I run NOD32 for my anti-virus. It’s not free, but its worth it. It uses very low memory and updates itself several times per day in some cases.
If you don’t need to use Remote Desktop, make sure it is disabled. If you do need it, change the listening port to mix things up. Most people fishing around are going to look on port 3389. Change it to a different port to throw the lazy hackers off the trail.
Yessir, I really like Acronis…used it just the other day when a virus hit my computer as I was doing some research on something and landed on a website that was infected.
Took less than 10 minutes to restore my computer to exactly the way it was before the event …best $50 I ever spent was on the Acronis program.
I would suggest backing up all your files on a regular basis (external drives, cloud etc.) aside from installing antivirus freeware available for complete protection of your PC/unit.
Yes, my data is never kept on my C drive…always on the next drive down so I can use Acronis and keep on rockin.
My data is backed up daily to two other internal drives (got a total of 4 internal drives), and weekly, I back up to external drives that are always powered off unless I’m backing up to them.
…best $50 I ever spent was on the Acronis program.