- Mar 8, 2003
- 38,416
- 4
- 0
The CST is dead, but fortunately other great resources are available in The Security Resource Thread.
Consolidated Security Thread (dead)
- Thread starter Schadenfroh
- Start date
- Mar 8, 2003
- 38,416
- 4
- 0
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
mech's spot 
CURRENT SECURITY STUFF
Malware that copies itself to CDs, USB drives and memory cards
If a friend wanted to show you pics from a CD, a memory card, or a flash drive, would you think about the security risk involved?
Begin thinking about it. More and more malware adds itself to removable media and drives, along with an Autorun file to auto-launch the malware when the drive is plugged in, or the CD is inserted.
Also, check this out: the bad guys deliberately planted infected flash drives in a UK parking garage! Ahhh, the humanity of it all...
Defenses against this tactic:
CURRENT SECURITY STUFF
Malware that copies itself to CDs, USB drives and memory cards
If a friend wanted to show you pics from a CD, a memory card, or a flash drive, would you think about the security risk involved?
Begin thinking about it. More and more malware adds itself to removable media and drives, along with an Autorun file to auto-launch the malware when the drive is plugged in, or the CD is inserted.
Also, check this out: the bad guys deliberately planted infected flash drives in a UK parking garage! Ahhh, the humanity of it all...
Defenses against this tactic:
- don't let unknown CDs, memory cards or flash drives into your computer.
- consider disabling AutoPlay.
- use a non-Admin user account to handcuff this sort of malware from having unlimited power on your system if it did get launched.
- If your version of Windows lets you use Software Restriction Policy, then use it on top of a non-Admin account.
- use antivirus software and keep the real-time protection enabled. If you're going to insert CDs, memory cards or flash drives from uncertain sources, update your antivirus software before you do so.
ALERT!
For anyone who has malware, do NOT use ComboFix until further notice. It has been targeted by malware programmers and, under certain conditions, will cause irrevocable damage to a computer.
For the time being, the tool has been pulled so you will not be able to download it.
Obviously, since the tool has been pulled, this is for people who have downloaded it earlier with the intent to run it against a particular infection(s). Just delete it.
For anyone who has malware, do NOT use ComboFix until further notice. It has been targeted by malware programmers and, under certain conditions, will cause irrevocable damage to a computer.
For the time being, the tool has been pulled so you will not be able to download it.
Obviously, since the tool has been pulled, this is for people who have downloaded it earlier with the intent to run it against a particular infection(s). Just delete it.
FWIW you should not base your decision exclusively on detection rates. Avira has a problem with FP's (false positives), slow update servers, nag screen, no pop3 detection, and more. Avira is still a respectable AV, but having a few % points higher than other AV's with 95% in the on-demand comparitive does not make it the best. NOD32 & Symantec were the only ones to detect all polymorphics.
What I dislike about the comparitive is the fact IBK included several other AV's that use the Kaspersky engine. Most people don't realize that these "big names" are simply licensing their technology from someone else.
- Mar 8, 2003
- 38,416
- 4
- 0
Originally posted by: OzzieGT
Comodo has been recommended to me as a personal firewall. It's free. Someone who knows a lot about firewalls might want to try it out and see if it deserves to be on the list.
It already is on the list
http://forums.anandtech.com/messageview...atid=40&threadid=2013358&enterthread=y
Leak test:
http://www.matousec.com/projects/window...ak-tests-results.php#firewalls-ratings
could you explain what the deal is with Norton Security Scan? It's part of the Google Pack.
Is it a free version of Norton AV a-la AOL's (Kaspersky) Virus Shield?
Is it a free version of Norton AV a-la AOL's (Kaspersky) Virus Shield?
Here are some more Vista Security Applications I have discovered:
Jetico Personal Firewall (V.2) (Shareware)
-x32 and x64 support
-Can be frustrating to use, but performs well in leak tests
Link
Bitdefender v10
-x32 support
-AV or Integrated Suites
Link
McAfee
-company has indicated that its AV/Suite products are Vista compatible
-Note that some retail products involve some sort of downloadable upgrade
Link
PC Tools Firewall Plus
-x32 Vista support
-Free
Link
Avira (AntiVir)
-x32 Vista support
-AV and suites (including firewall)
Link
Jetico Personal Firewall (V.2) (Shareware)
-x32 and x64 support
-Can be frustrating to use, but performs well in leak tests
Link
Bitdefender v10
-x32 support
-AV or Integrated Suites
Link
McAfee
-company has indicated that its AV/Suite products are Vista compatible
-Note that some retail products involve some sort of downloadable upgrade
Link
PC Tools Firewall Plus
-x32 Vista support
-Free
Link
Avira (AntiVir)
-x32 Vista support
-AV and suites (including firewall)
Link
- Mar 8, 2003
- 38,416
- 4
- 0
Matousec has a nice listing of Personal Firewalls on its site. It seems to be up to date, listing the Windows versions (Vista included) that are available. Link
Matousec also maintains a "Leak Test" table detailing how the various firewalls perform against 26 testing tools. Link
A similar testing site can be found here http://www.firewallleaktester.com/ . This site has download links for the various "Leak Tests" (19 offered currently) for those who would like to test their own systems.
Matousec also maintains a "Leak Test" table detailing how the various firewalls perform against 26 testing tools. Link
A similar testing site can be found here http://www.firewallleaktester.com/ . This site has download links for the various "Leak Tests" (19 offered currently) for those who would like to test their own systems.
i've actually been working in the computer security field for 3-4 years now. Used to work at symantec in the norton group and the virus/malware analysis lab. I was a big fan of the symantec antivirus corporate edition. Its a good engine, without the extra bloat and resource use of the consumer version.
I work at an enterprise security firm now, and have worked extensively with the Tiny firewall engine which was bought by CA called the HIPs firewall. That also is a very low resource use and very featureful firewall. CA software isn't as popular for a big name, so it is often available cheaply (I think there was a deal to get their whole suite on a flash drive for basically free after rebate a while back) though i havent done that much with their actual full consumer product , i can say though that the engine itself is very well written.
that roundup of firewalls is not a very good comparison. it is tested mainly based on default security rules.
some of the bigger name products are auto learning so the defaults arent that great. also a lot of the functionality that they score against mainly depends on if you got intrusion detection with your firewall or not. for many packages it is optional or only on a certain version.
I do agree with the hardware router solution, that alone probably will be good enough as it is. I'd highly recommend a software firewall for laptop users who go on wifi a lot.
I work at an enterprise security firm now, and have worked extensively with the Tiny firewall engine which was bought by CA called the HIPs firewall. That also is a very low resource use and very featureful firewall. CA software isn't as popular for a big name, so it is often available cheaply (I think there was a deal to get their whole suite on a flash drive for basically free after rebate a while back) though i havent done that much with their actual full consumer product , i can say though that the engine itself is very well written.
that roundup of firewalls is not a very good comparison. it is tested mainly based on default security rules.
some of the bigger name products are auto learning so the defaults arent that great. also a lot of the functionality that they score against mainly depends on if you got intrusion detection with your firewall or not. for many packages it is optional or only on a certain version.
I do agree with the hardware router solution, that alone probably will be good enough as it is. I'd highly recommend a software firewall for laptop users who go on wifi a lot.
- Mar 8, 2003
- 38,416
- 4
- 0
ZoneAlarm has Vista 32 versions now. You can find them here: http://download.zonealarm.com/...ions/vista/index5.html
x64 doesn't appear to be a priority for ZA.
x64 doesn't appear to be a priority for ZA.
For Vista users interested in the built in firewall, here is some documentation on enabling and using outbound filtering through the advanced security snap-in:
Using the Windows Firewall with Advanced Security snap-in
Introduction to Windows Firewall with Advanced Security <== downloadable document
I originally posted this over at Wilders Security, but I thought Anandtech members might find it of use as well.
Using the Windows Firewall with Advanced Security snap-in
Introduction to Windows Firewall with Advanced Security <== downloadable document
I originally posted this over at Wilders Security, but I thought Anandtech members might find it of use as well.
Online file scanning:
http://www.kaspersky.com/scanforvirus
http://virusscan.jotti.org/
You upload a suspect file and they scan it.
http://www.kaspersky.com/scanforvirus
http://virusscan.jotti.org/
You upload a suspect file and they scan it.
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
http://www.virustotal.com is another good one, currently using 31 different scanners. But not infallible. If in doubt about a file being "clean" and safe, don't run it.
I think its strange that AOL offers two different virus protection packages. The one that is Mcafee is horrible.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter