How much security is too much?

[wgoldfarb]

I was looking for some free security apps for a couple of old computers at home and I came across Schadenfroh's outstanding sticky on security as well as episodic's (also outstanding) sticky on freeware apps. The latter contains a link to a website where I read this article on 'layering'.

So, I became paranoid and starting downloading everyting in these articles. I ended up with a bunch of supposedly complementary security apps running at the same time. And then I stopped and said "this is probably too much".

I have a Pentium 3 (850Mhz), Win2K laptop that we use for "basic things" such as surfing, Quicken, email and iTunes; I also have an older Pentium 3 (450Mhz), Win98 desktop that is primarily for my kid to play online (6 years old, mostly games at places like Disney, PBS Kids, etc). Atfter reading the articles above I ended up with:

Laptop: Kerio 2.1.5, Antivir, Windows Defender, ewido, and WinPatrol, all running at the same time :Q Performance does not seem to be affected much with everything running.

Desktop: since this is an older Win98 computer I could not install aewido or Windows Defender, so this one 'only' has Kerio 2.1.5, Antivir and WinPatrol. Performance does seem to suffer a little, specially if surfing.

I also have A-squared, Ad-aware and Spybot S&D, but these are for "emergency scanning" if/when needed. Both machines use Firefox as their primary browser (IE is only used on the rare occasion that a website requires it)

I know that Kerio and Antivir are essential, and should always be running in both machines. However, I confess I don't really understand the differences between ewido, Windows Defender and WinPatrol, or how they fit with Antivir. Are all these together overkill? should I just choose one (and which one?) or even none? Does the fact that I use Firefox help at all?

Since these are slower processors with only 256MB RAM I want them as lean as possible (specially the desktop, given its very slow processor).

Any feedback will be greatly appreciated!

 

[MrChad]

In my opinion, you should only have one realtime protection program per category: firewall, antispyware, antivirus. In the case of antispyware, it's acceptable to have other scanning programs such as AdAware, but only one realtime agent.

For me, I use Windows Firewall, Windows Defender, and AOL Active Virus Shield at home (same setup at work except I use Symantec AntiVirus Corporate). I have Automatic Updates enabled as well. If you are truly paranoid, one of things you can do to prevent your system from being compromised is to run your day-to-day activities under a Limited User account rather than Administrator account. Rogue programs inherit the security privileges of the user that unknowingly executes them, so by limiting your own privileges you limit the damage any rogue program can do.

 

[Alex]

i think both ewido and windows defender running might be overkill

on my home rig i run Antivir and Windows Defender at the same time.
i'm behind a router and had a firewall for the longest time but after a year and a half with 0 intrusion attempts i decided to get rid of it...

i have Spybot, AVG Anti rootkit, F-Secure blacklight, AVG Antivirus and a handful of other tools installed but only for manual scans and that seems to take care of it!

 

[duragezic]

Yeah I'd much rather run a limited account and use RunAs privledges as needed then have to deal with all of that stuff on realtime. It doesn't affect your laptop at all? I have no real-time protection, though I scan about once a month or so with antivirus and Ad-aware. Virii I worry about more, but man I have not had a single piece of adware/spyware (that is detected anyway) in 6 months or more. I also don't run a software firewall, which isn't the greatest idea since it can prevent programs, trojans, and spyware from phoning home. But I keep it minimal at just 16 processes at boot, so my CPU and RAM are all available for gaming.

Since you have kids using the computer, it's certainly not a bad idea to have all of that protection, especially if you don't find it slowing down the system. But surely you could remove some of them, there is probably some overlap, but I'm not familar with ewido or WinPatrol. But a limited account for the child may be a good idea to look into, if it doesn't prevent him from playing his games. There's been some tests with computers running essentially no real-time protection of any kind, yet with a limited user account the system would pick up no virii,adware,spyare,etc. It's a stupid idea of MS to give everyone Admin privledges by default, since 90% of the users don't need them. Even a "power" user like myself could probably benefit from lesser privledges.

Also, it's a good idea to have your machine up-to-date with Windows update. There probably hasn't been as many new security updates for 2K and 98 as there is with XP, but it's worth it to make sure you got them all. They fix vulnerabilities in the OS and software, which is what many hackers look for. They look for the machines with these unpatched exploits. Though a firewall can probably reduce this risk regardless.

 

[EagleKeeper]

Ram is cheap - bump those systems up to 512 if you are pushing the 256 limit. That may reduce the disk usage/swapping a little.

 

[spikespiegal]

It's a stupid idea of MS to give everyone Admin privledges by default, since 90% of the users don't need them. Even a "power" user like myself could probably benefit from lesser privledges.

You mean, 90% of users are too stupid to set up an account without admin rights. They'd rather keep the Windows 'crisis-ware' industry going and use Win98 tactics than to actually learn how to secure their machines.

The biggest threat to Windows machines are Trojan's/Malware that come from surfing malicious web-sites and downloading pirated programs with embedded worms. Everything else is so far down the list it shouldn't be worth your time. If you're still getting virus's from E-mail, you need a bib and should replace your computer with a big toy truck.

99% of the software listed in this thread will either not detect, defend, nor clean those exploits I mentioned, so what the hell good is it? Learn to operate your machine and not surf with admin rights, and 99% of the problems go away.

For the nth frakkin time, software firewalls do not defend against malicious activeX components, URL re-directions, and worms inside of pirated software, and nobody cares if you stealth the ports on your machine.

 

[jameswhite1979]

personally I run 1 AV = Norton 1 AS = Adaware

Thats it I have confgured my router firewall very well also. My machine runs 24/7 as a server hosting IIS, FTP etc and never had a problem been over a year now.

 

[wgoldfarb]

Wow, thanks to all for the great (and fast!) replies.

I have already did as you suggested with the win2K machine and created some restricted user accounts, and eliminated everything but Antivir, Kerio and Windows Defender.

On the desktop, it unfortunately has Win98. I will probably follow eaglekeeper's suggestion and get some RAM for that machine, although I think part of the problem is the slow processor. The machine is used exclusively by my kids, so I don't think a processor upgrade is warranted, and may not even be possible (it is an old Dell XPS T450). I may also bite the bullet and upgrade to Win2K or WinXP so I can create restricted accounts on that machine.

Thanks to everyone for your suggestions!