Get our Latest Finds
Subscribe to our RSS feed or enter your email address below to get the feed delivered to you by email:
Follow Gizmo
Using this Site
Top Rated
Gizmo's Freeware is Recruiting
We are currently looking for people with skills and/or interest in the following areas:
- Rootkit Scanner and Remover
- Web Browser for Android
If this sounds like you then click here for more details
Printer-friendly version
Freeware security set-up that works great for me (XP SP3 1GB RAM) is as follows :-
Firewall : Comodo v3
HIPS : Comodo Defense +
Antivirus : Avast
Antispyware : SAS and MBAM (only on demand)
Browser Protection : Sandboxie
I also have installed Spybot Search & Destroy just for the immunisation feature.
I rarely perform any on-demand full system scans - the key program for me is Sandboxie.
I also use Opera Browser which I believe is more secure than IE7 and (possibly) Firefox.
My goal was a combination of good security, ease of use and conservation of system resources. Comodo V3 doesn't necessarily meet the last two requirements but I'm comfortable using it now.
Si.
I also have a similar protection, the difference is that I use Vista 64-bit and that now gives me limited choices. Still not much out there in 64-bit.
Firewall: Comodo
HIPS: Comodo Defense +
Antivirus: Avira Antivir free
AntiSpyware(on-demand): SAS
Browser Protection: SpywareBlaster
The only piece of software that is 64-bit is Comodo Firewall. All others are 32-bit but all work fine on the 64-bit platform.
Is Comodo Internet Security which provides Excellent but intrusive firewall with defense+ and anti-EVERYTHING!!!. Its a WHOLE security suite for FREE from a known good company? Question is should I use this or keep my current avg with comodo firewall pro? Is its virus detection rate better than avg, its virus engine has been recently upgrade to V3?
You can still upgrade to CIS. The installer gives you an option to install/not install the antivirus part.
last results seen on this (in the antivirus section of this site) Comodo is apparently tellin people to use better known AV software for the time being since it's not up to "par" at this point in time so may rank low at this point in time but I also am keeping my eyes on it as I currently use:
Avast & Comodo (without the defense+ installed)but whenever Comodo comes out with a release stating that things are up to "par" in there eyes I'd be very tempted to switch, I'm not sayin nothin bad about Avast or anything like that cause the product has protected me and numerous people who I know for quite sometime now and have done an amazingly good job.
But if Comodo comes out with a better product (also for free which I know 99.9%) of the products they release is, but I'd be tempted in tryin it.
Perhaps even passin it on to friends and family.
I agree with the above post.
Moved from AV forum posted by Anonymous;
Well I am a bit late on scene, but have my two bits to say. I have used the recommended list of 46 freeware, especially its anti-virus for about four years. In my modesty I also stake the claim to be the same person whose recommendation to accept BitDefender was accepted here, and has since than stayed at the fourth / fifth spot.
During one of recent daring dos, I had downloaded a few paid softwares with cracks and keygens, and was helped a lot by ClamAV shield of Spyware Terminator. True, ClamAV is not the best, but it has always been a decent assistant to the the main AV softwares on my comp.
Avira has been on my comp for more than an year, but I have to give credit to ClamAV for ably assisting Avira. Even when I was using AVG, I distinctly recollect that ClamAV would have at least a few that AVG couldn't find. I think Spyware Terminator's ClamAV needs a honourable mention in these august pages.
Isn't most malware self-inflicted?
Depends on what operating system you're using. Windows Me and 9x are structured differently than 2000 and XP. Not that they can't be infected, but not many criminals will bother with them. Windows Vista is the first desktop operating system from Microsoft whose kernel is locked by default, making it difficult to infect Vista without user intervention, as with Mac OS and Linux. But if you use Windows 2000 or XP, drive-by downloads pose your most immediate threat: http://en.wikipedia.org/wiki/Drive-by_download
"Windows Vista is the first desktop operating system from Microsoft whose kernel is locked by default"
Are you talking of Kernel Patch Protection? To my knowledge this feature is only available in 64 bit OS (XP, 2003 and Vista). As Microsoft states, it doesn't prevent malware from attacking your system:
"Patch protection eliminates one way to attack the system, by patching kernel images to manipulate kernel functionality. Protecting the integrity of the kernel is one of the most fundamental steps in protecting the entire system from malicious attacks and from inadvertent reliability problems that result from patching. However, it is not a panacea."
http://www.microsoft.com/whdc/driver/kernel/64bitpatch_FAQ.mspx
Fortunately, no. One thing I should first mention is that I had once thought of a "locked kernel" as being essentially the disabling of all write-access to system directories, but there are new features in Vista that secure the kernel in alternative ways. Rather than completely prohibiting write-access to these regions, which prevents the installation of any software that must make system-wide changes, Microsoft has found ways to prevent remotely initiated infection and also minimize potential damage.
The first (and most annoying) is UAC, which IMO truly is a godsend despite all the criticism. While I've heard the rants about "popup fatigue," UAC is not a HIPS that cries, "Wolf!" every time a program tries to access the Internet, add a new registry key, monitor keystrokes, listen for inbound connections, etc. It only requests permission for processes that require admin privileges. And being a firm opponent to noisy, user-dependent HIPS engines such as those in Comodo, ZoneAlarm, and Jetico personal firewalls, I must say that UAC has not been one of those things that hinders my daily activity and productivity. To get to the point, the most important thing about UAC is that it prevents API calls from just "slipping through."
Besides API calls, another technique used by drive-by downloading malware to gain a foothold is process injection. Thanks to features such as code integrity, integrity levels, and address space layout randomization, process injection is no longer possible. And because Internet-facing system services are unable to interact with other parts of the system, successful workarounds and even buffer overflows are difficult to conjure up.
Besides protection against surreptitious infection, another really nice thing about all this is that even successful infection is easier to recover from when your original services and drivers remain intact. Before, process injection was really something to dread. I can't clean something like that unless one of my scanners has a signature for it (AVGAS is one of the best tools when it comes to extracting the injected code without crashing Windows). Otherwise, my options are Windows repair installation, restoration from a drive image (rarely an owner who knows how to do this will come to me), or fresh installation.
Just for conversation, it is apparently easier to infect a Mac than Windows Vista, and that's saying something: http://dvlabs.tippingpoint.com/blog/2008/03/28/pwn-to-own-final-day-and-...
I have to take some of this back. Apparently, ASLR is limited to the 64-bit versions of Vista, and DEP is software-based in the 32-bit versions. Also, code integrity in the 64-bit versions of Vista strictly prohibits the loading of unsigned drivers, but not in the 32-bit versions. However, this is for the sake of upgradeability from XP, and also for the support of hardware with XP drivers. 32-bit Vista still employs code integrity.
As it were, a lot of security features overlap each other in Windows Vista, which isn't a bad thing as long as it's stable. And just for the record, it was 32-bit Vista that outlasted OS-X in the PWN 2 OWN contest. Also, to give you an idea of just how well 32-bit Vista Home Premium stands up to test exploits executed locally on one of my own machines, here are its scores in PC Security test 2007 (I turned off antivirus, antispyware, system guards, and firewall in McAfee; and activated Windows Firewall for this test). Essentially, the only successful compromisation was of the browser itself. Not too shabby!
This is one of the first time I see constructive criticism on Vista in this forum. I'm certainly no Microsoft guy, but personally I'm having a very good experience with Vista, I'm using it over a year and I have never seen a BSOD or had to troubleshoot any driver related problems like I used to in XP, and the recovery of the system is much easier and effective.
I don't use UAC not because of "popup fatigue" but because I have experienced software compatibility problems with UAC enabled. Instead, I rely on Comodo HIPS, which is yet to fail on me and gives me a granular control not available in Premium edition: like the XP Home, the Basic and Premium editions of Vista don't have a Policy editor. On average, I only see 1-2 Comodo popup/month, with exception of testers, I think most users who complaint about comodo popups are misunderstanding Comodo's predefined and custom policies. I'm very happy with version 3. For file system and registry virtualization - also incorporated in UAC - I prefer to use Sandboxie and SVS, no compatibility or conflicting issues with those.
In the meantime, I've found a Mark Russinovich article which explains those features you refer - code integrity, address space load randomization, protected processes, service improvements - in further detail:
http://technet.microsoft.com/en-us/magazine/cc162458.aspx
Cheers!
My recommendation is VirusScan Plus special edition from AOL. It goes beyond signature and heuristic detection to offer specialized protection against buffer overflows and drive-by downloads. I've been using it on one of my machines since November, 2006. This machine is subjected daily to autosurfs in 12 tabs for several hours a day. In almost two years, not a single parasite has gotten past it. This is set-and-forget software than can keep Granny's machine 100% clean.
If you are a high-risk user (e.g. downloading software/media from dodgy Web sites and file sharing networks, opening attachments to e-mails from unknown senders), then you need some good heuristics and/or HIPS protection. In this case, you might try this:
- Avira AntiVir Classic
- SUPERAntiSpyware
- Sunbelt Personal Firewall
- ThreatFire
Hi
These are the best of the bests for me and I believe that most people will agree with this list...
Firewall.... Online Armor
Antivirus.... Avira
AntiSpyware.... Super Antispyware / MBAM
Browser Protection utiliy.... Sandboxie
HIPS.... Threatfire ( Personally I belive that HIPS part of Online Armor is very user friendly and effective as well, so it's not advisable to use threatfire with OnlineArmor especially to avoid issues of conflict)
So Online Armor, Avira, SAS/MBAM ,Sandboxie is my Best free security setup....
I have a similar defense, the difference is that I use Vista and I don't have OA support:
Firewall: Comodo
HIPS: Comodo Defense +
AV: Avira free
AS (on-demand): SAS/ MBAM
Sandbox: Sandboxie
Hardware Virtualization: Virtual Box
Most commercial security suites also offer backup:
Syncronization: Synctoy
Imaging: ATI 11 (although I'm looking for an alternative)
Hi
I believe there's no one "best" product, but there are usually several products which stand out.
Thanks
Hi
Ya, I agree.. That's why I mentioned "best for me, not for all"....
Thanks
Hi
OK. I see now.
Thanks
Gizmo, don't go down this route, it never ends. This is one of the most dull arguments on the internet ie. which security is best and what works with what?... no one ever agrees.
Just keep to the facts, like you always have, and if it's good post it, if it's no good don't mention it. Let people make up their own minds what works best for them, all you can do is steer them in the right direction and the rest is up to them. Keep up the good work.
Hi
I think if Gizmo and the editors did make a page on this, it will be a general guideline.
Of course there is no one best solution, but there are products that stand out which can be combined to make good security setups.
How about a "best security category" so folks can know what security tools work best together?
Thank you for your question. What you suggest would be a feat indeed! A near impossibility, however, when you consider that security tools designs evolve daily. Before AVG 8 came along, v7.5 worked smoothly with most other security options running. AVG 8 is a bit beefier, but does much more in the way of protection, heuristics, and real time, and does not require as much additional security padding (layers) from other products. Additionally, if I told you to use Anti-Vir and SpywareTerminator together today, tomorrow one version may change and cause conflict with the other. Security is a choice and fit issue, not just "what's the best combo" issue. Some prefer "paid security choices" while others like "going it alone" using freeware, while others prefer to combine both. There are risks going it alone and with paid solutions, however, paid choices come with extras features in addition to full support not available with freewares. Other issues to be concerned about are what's the best security option given the system resources? A PC with 4 GB ram can easily accommodate many security options, while a PC with only 1 GB has restricted choice options. A computer with a faster processor will also not take the resource hit of slower machine. Hope this helps.
Thanks again for your suggestion
I will try and kick this off, and I'm not sure if this will help, but what if we can compare notes on what has worked and not worked for each of us? I'm using Sandboxie, Anti-Vir, and A2 because I have had others like AVG (since it went bloatware), Drive Sentury, and Threatfire conflict and either slow down or lock up my PC. For example when I used Anti-Vir (very very light on resources) and added either Drive Sentury or Threatfire (one or the other only) I either slowed up or locked up. Since I can't run any other memory security tools I use the free A2 as a scanner only along with Anti-Vir. I have 1 GB of ram, Pentium D 2.80 Ghz Dual Core, and Win XP2. If I had 2 GB of ram I'm sure that I could add other security measures. I do have some other things running in the background like Zone Alarm 6.1, Gadwin, Skype 2.0, Process Lasso, Call Wave (at times), and Net Meter and that's it. So the question is:
If I have 1 GB ram with what I mentioned running in the background the best security choice might be?
1. The best AV which is lightest in resources
2. A simple spyware scanner
3. A firewall light on resources (and guys, Comodo is a ram pig on this PC compared with ZA before it went bloatware)
4. A sandbox
This undertaking is a feat indeed! I think I will go debate the "moon landings" with that fella in the other forum.
Hi
Personally, I think:
1. AntiVir is the lightest by far
2. SUPERAntiSpyware/Malwarebytes Anti-Malware
3. Windows Firewall and optionally hardware router
4. Sandboxie from my experience is lighter than GesWall and HauteSecure
Personally I think anyone who recommends Windows firewall must be two cards short of a deck. You automatically disqualify yourself from any PC security debate. Please go away.
Nlightened
Hi
I personally think outbound firewall is not really necessary. I realise some firewalls provide better inbound, but I think it's not essential?
Thanks
Nlightened,
Please tell me what OS is the primary OS on the Internet?? Ok now please tell me what the #1 offending browser (that uses the most Java and other dangerous scripts and is still the #1 target for illicit code) yes I believe it's IE. The #2 offending products Outlook and Outlook Express also run under what OS? I donno but I think a Windows firewall seems pretty important if your gonna run most Microsoft web tools or email clients. You may have to disqualify yourself from any security discussion, however, I will not tell you to go away. :~)
Nthrawled
Excellent comment!... first thing I do when trying out a new firewall is to block and/or disable as many Microsoft apps. as possible - including ie. I know browsers are a personal thing like security progs. but anyone who uses ie must be a branch short of a full tree! I like opera, especially now their security is partnered with Haute Secure, its even safer than it was before, now almost as fast as Safari, restartable downloads, millions of skins, plenty of plugins, yep - I love it!
This is interesting to me. I find no amount of security is enough security without the "common sense filter" added to what you're attempting to do here. All the security in the world is useless against the malware written five minutes ago that's found its way to your PC because you surfed to the wrong place. I agree with Jeffrey that one security tool that's working well today can conflict with another tomorrow. He's also right on about resources and runs that can conflict. But I would be more concerned about relying too heavily on a security suite, and concentrating more on safe surfing Internet skills. No amount of security will work for so many high risk Internet users. I think also Jeffrey's nailed it when he says "Security is a choice and fit issue, not just "what's the best combo" issue." You go Jeffrey!
All the security in the world is useless against the malware written five minutes ago that's found its way to your PC because you surfed to the wrong place.
>>You refer to drive-by downloads. Actually, there are software products that offer 100% protection against these attacks. One of them is McAfee's ScriptScan, which is now included in all their consumer products.
But I would be more concerned about relying too heavily on a security suite, and concentrating more on safe surfing Internet skills.
>>As far as the context "relying too heavily" is concerned, I agree with you. However, I hope you're not insinuating that the "common sense filter" of Web safety practices by itself will prevent all infection, either. As is clear from the other statement I quote you on, you do know what a drive-by download is. But do you know that even legitimate sites can infect your computer? Hackers can compromise other sites either via cross-site scripting attacks, or outright "owning" the site (seizing complete control of the site). Even low-risk users are at risk.
Web safety practices are critically important, but this is not a Linux forum. You do need software/hardware-based protection as well.
Hi
I agree 100%. Common sense is definitely the most important thing. If users do not care whatsoever, they will almost always get infected.
Post new comment