Do you use an anti-virus or firewall program?

[Syringer]

Personally I think anti-virus programs are nothing but resource hogs and are completel overrated. If you're smart and sensible, there's little reason for you to become infected..and sure enough I haven't had any virus problems for as long as I can remember.

I think firewalls are similar, but don't really hog as many resources so I just leave my Windows one open.

 

[esquared]

I use the Kaspersky by AOL and Komodo firewall and neither is a resource hog at all.
Looking at my Task Manager, Komodo has two processes running. One cmdagent uses around 9MB of memory the other, cpfs.exe uses around 22MB. Kaspersky avs idles using around 6MB and I got it up to 13MB when it's opening up a web page.

 

[JonnyBlaze]

I agree but I have a 10 year old son and my girl using my pc so the extra ram being used by my AV doesnt bother me at all. I have 2gb so programs can use it not so it sits there empty.

 

[mechBgon]

If you're smart and sensible, there's little reason for you to become infected..

In today's world, that isn't such a safe bet IMO. Tom's Hardware Guide... you've heard of them, right? A site in the same genre you're viewing right now. 5 million visitors a day. Compromised.

Asus.com. Compromised.

Microstar's site. Compromised. Repeatedly! :frown:

The Register's site. Compromised.


The bad guys sell a $1000 professional toolkit for compromising websites. read more here. Welcome to 2007. :evil:

There are defenses that I consider more potent overall than antivirus software, but not many people want to hear about them around here :evil: Do you use a non-Admin user account for daily-driver stuff, out of curiosity?

 

[Syringer]

a) I'm a much less likely target for such an attack.
b) Would an anti-virus program have prevented the compromises?

And Tom's Hardware doesn't get 5 mm visitors a day, a month maybe.

 

[mechBgon]

Originally posted by: Syringer
a) I'm a much less likely target for such an attack.

I think I'm at less risk than average for an auto collision, but I still wear a seatbelt. If I knew there was a new band of criminals roaming the city with actual intent of causing collisions at intersections I drive through, for their financial gain, then even moreso. http://isc.sans.org/diary.html?storyid=3015

b) Would an anti-virus program have prevented the compromises?

Again, it would depend on which site, what exploits they're using this week, and whether your antivirus software is equipped to detect them. Speaking as a guy who deliberately rams a vulnerable system into exploit-bearing websites to harvest malware samples and network traffic, I can testify that antivirus software is not a complete solution to security, not even close. But if you're going traipsing around with an Admin-class user account, it sure is a good idea to have that as one layer in your defense. IMHO.

And Tom's Hardware doesn't get 5 mm visitors a day, a month maybe.

Perhaps I got the numbers wrong. The point remains: websites like the website you're on right now, or others that you visit, could turn bad. Consider having a "plan B" for those possibilities. I don't know what antivirus software you found was a resource hog, but I use the AOL Kaspersky on a 1GHz Duron with 512MB of RAM and it's not a big deal.

 

[Anubis]

i run the AOl kaspersky on all my comps, i have teh windows firewall in XP turned on on all of them as well, all my comps are behind 1 or 2 routers which help as well

i ran Kerio PFW on thsi comp till like a month ago, i never really needed it so i got rid of it,

 

[HardWarrior]

<div class="FTQUOTE"><begin quote>Originally posted by: Syringer
If you're smart and sensible, there's little reason for you to become infected..
</end quote></div>

Using a AV/FW programs don't reflect on ones intelligence or character. To answer the thread, I use KIS with all SW firewalls turned off and a d-link SPI firewall/router.

 

[WildHorse]

I run Kaspersky Anti-Virus 6.

Firewalls-
The native fw in Windows XP Pro (that only filters the inbound side)
plus there's a firewall in the Westell DSL modem (only filters the outbound side)
plus there's a nat firewall with SPI in the D-Link router between the modem and the computer.
So that's a 3-firewall stack.

But if an infected file is something you requested, by clicking a link or whatever, the infection it carries may slide on through, but only to smash into a solid granite wall called Kaspersky. For me, nothing ever survived it's way past Kaspersky. On occasion I do hear it's hilarious pig squeal alarm.

It also helps to update your Hosts file every 2 weeks, Link, plus daily runs of Ad-Aware and Spybot S&D.

<div class="FTQUOTE"><begin quote>-from Syringer
a) I'm a much less likely target for such an attack. </end quote></div>

You as an individual don't have to be "targeted" for attack.

The infections proliferate mindlessly & automatically through contacts lists, in web sites, embedded in pictures, etc.

Better you turn on your Windows firewall at barest minimum.

 

[secretanchitman]

i use an AV, which is nod32. its small, fast, clean, and doesnt use much memory at all.

 

[alimoalem]

just started using Kaspersky AV6 today...norton before that.
use windows default firewall
use netgear router's firewall.

listen to mechbgon. if there's a top 5 list of people to listen to on AT, he's one of them. come to think of it, i can't think of anyone else to be on the list atm

 

[mechBgon]

Originally posted by: alimoalem
just started using Kaspersky AV6 today...norton before that.
use windows default firewall
use netgear router's firewall.

listen to mechbgon. if there's a top 5 list of people to listen to on AT, he's one of them. come to think of it, i can't think of anyone else to be on the list atm

Hehe, I'm merely scraping at the surface of security with a Popsicle stick, compared to some of the actual security pros around here Workin' on my Reality+ cert every chance I get, though.

 

[WildHorse]

Originally posted by: mechBgon

<cut>
The bad guys sell a $1000 professional toolkit for compromising websites. read more here. Welcome to 2007. :evil:
<cut>

That's a real eye opener! Scary.

 

[Nothinman]

a) I'm a much less likely target for such an attack.

If you're browsing the Internet then you're as much of a target as everyone else. No, they probably don't give a damn about you personally but if you happen on a website that they've compromised or an email that they've trojaned then they're more than willing to add your machine to their botnet.

 

[Rottie]

My PC is protected by AVS By AOL and ZoneAlarm Pro 7.0 I never had any virus since 1999 (I think) HOWEVER I used Norton Anti-Virus that take care of my emails until Jan 2007 I decided to try AVS..you know what happened? I have 4 emails infected sitting on my Outlook Express since 1999 obviously not know I had one so Norton does not do a good job assuming you might have infected hiding on your system. I use Peer to Peer file sharing to download video and you know what? I get attack for about 2 or 3 hours (ZA log shows I had over 5500 attack for last 3 hours) I had to shut down port from Router. Good thing my ZA blocked all attack without my knowslege

My laptop does have Sygate Firewall and Avir AntiVirus but both are not enabled because I surf safe websites only if I am outside of my apartment I will have them enabled

 

[mechBgon]

My laptop does have Sygate Firewall and Avir AntiVirus, but both are not enabled because I surf safe websites only. If I am outside of my apartment I will have them enabled.

Realize that normally-safe websites can be compromised, and the bad guys are making money doing exactly that. Consider having a defensive strategy that accounts for that possibility, because your credit-card info, eBay/PayPal log-in, WoW stuff, game CD keys, and other commonly-targeted stuff does not come back after it gets sent off to the bad guys. You can delete the malware that sent it to them, but that's a pretty hollow victory, isn't it? :evil:

Never been infected yet? . Don't let there be a first time.

edit: thinking about this thread, I also thought about "auto-play" malware that travels using USB drives or burned CDs. It appears to be a growing trend. How many of you have had a friend plug in a flash drive, a memory card, or put a burned music or movie disc into your drive?

 :light:
:shocked:

 

[George P Burdell]

I use Comodo firewall and AVG antivirus

 

[Red Squirrel]

I use AVG, but no firewall (can't find any decent one for windows so I just gave up) but a nat gateway of some sort is a MUST on ANY situation, even if its just 1 pc. A software firewall in a case like this is more used for controlling what goes out. Stop programs from "calling home" and such.

As for AV if you're smart you can get away with one, but it does not hurt to have it just to be extra safe or if other people use your PC or network. I put tons of forein machines on my network due to people constantly calling me to fix their malware infected computers so I use a AV on each machine, though I usually revert to using USB storage devices to transfer stuff around when it comes to those machines.

As for compromised sites, as long as you don't use IE. such site won't do much. Well 99.9% of them. I'm sure Firefox has had/or could have some kind of IE like flaw that allows remote execution of code. But I've yet to hear of any.

Also lot of people confuse firewalls and AVs, but they're different and both needed. A firewall(software or hardware such as nat) will protect from intruders (and possibly worms) while a AV will protect you from malware that got on your machine, wether self inflicted (email attachment, download etc) or auto entry (ex: worm)

A fun experiment to try is to put an xp box directly to the internet with no firewall or AV, apparently it gets infected in a matter of minutes.

 

[dealmaster00]

Originally posted by: RedSquirrel
A fun experiment to try is to put an xp box directly to the internet with no firewall or AV, apparently it gets infected in a matter of minutes.

Meh...I don't think that's true. I've reformatted computers before and have them directly connected to the Internet for a few hours while Windows updates are being downloaded/installed and they never got any malware on them.

 

[Nothinman]

Meh...I don't think that's true. I've reformatted computers before and have them directly connected to the Internet for a few hours while Windows updates are being downloaded/installed and they never got any malware on them.

There are a lot of variables but it definitely can and does happen and putting an unpatched box directly on the Internet is just plain negligence on your part no matter what OS it's running.

 

[dealmaster00]

Originally posted by: Nothinman
<div class="FTQUOTE"><begin quote> Meh...I don't think that's true. I've reformatted computers before and have them directly connected to the Internet for a few hours while Windows updates are being downloaded/installed and they never got any malware on them.
</end quote></div>

There are a lot of variables but it definitely can and does happen and putting an unpatched box directly on the Internet is just plain negligence on your part no matter what OS it's running.

Like I said...I've done it before and never had an issue. YMMV I guess...

 

[Nothinman]

Like I said...I've done it before and never had an issue. YMMV I guess...

None that you know of...

 

[dealmaster00]

Originally posted by: Nothinman
<div class="FTQUOTE"><begin quote> Like I said...I've done it before and never had an issue. YMMV I guess... </end quote></div>

None that you know of...

Most malware has processes that you can see in task manager. Even the more stealthy variants will be noticed after slowing performance or av/anti-malware programs are run or when you notice a $1000 bill on your credit card. So yes, there are none that I know of, because none of these have happened to me.

You know what, I honestly don't even want to continue this discussion with your so-called elitism. Just because you may know a lot about computers doesn't mean that I don't.

 

[Nothinman]

I'm not being elitist, I'm just pointing out that the statistics don't agree with you. Putting an unpatched box on the Internet is like racing without a seatbelt on, sure as long as everything goes you're way you'll be fine but a small case of bad timing could cost you your life or in the case of the former your current installation. And both are considered to be pretty stupid by anyone with a little computer security knowledge and anyone who's driven a car, respectively.

 

[bucwylde23]

I am currently running AOL kapersky on vista with the built-in vista firewall turned on.

I just haven't found a firewall that I like yet and am hoping the built in one is good enough