cheap, effective firewall/AV new broadband user.
February 17, 2005 9:20 AM   Subscribe

I just lost my broadband virginity and installed windows xp, both in a single day, and I'm reeling from the implications of this brave new world. What do I do about firewalls and antivirus? [mi]

I installed xp with sp2 and am running the updates. Do I need a separate firewall? And should I buy a particular wireless router for this, install something free, or pay the man for a commercial product?

I am running AVG free version for my virus protection, but is this really going to be good enough?

I know this stuff is googleable, and google I have, but there is a lot debate over this so I seek the wisdom of the Green.
posted by mecran01 to Technology (20 answers total) 1 user marked this as a favorite
Firewalls, grab yourself a copy of the free version of ZoneAlarm and then, once that is up and running, disable the Microsoft one since it's not that good. Don't run both at the same time.

A wireless router is nice if you want to use a laptop around the house or you want less cables, but not essential.

AVG is fine as an anti-virus application.

Also download and install Spybot S&D, Adaware 6 and the Microsoft Spyware application and run them reasonably frequently (once a month should be fine).

If you haven't already, replace Outlook Express with Mozilla Thunderbird and Internet Explorer with Firefox (you can import all your settings into the new applications). This will ensure that the most common spam, viruses and spyware won't make it onto your computer.

Finally, turn on Windows Update, keep all the applications listed above updated and you'll be just fine.
posted by ralawrence at 9:41 AM on February 17, 2005

Protect, right away. I got badly stung by spyware, viruses, and adware when I made the transition to cable with XP.

You're going to need:

1. A good virus protection program such as McAfee or Norton. Run scans regularly.

2. A good firewall. Windows XP service pack 2 has one of these, but it's not very good. A more techie type could explain why; it has to do with how info is allowed to enter and exit your machine. Anyway, McAfee and Norton both have firewalls you can add to your virus service.

3. Firefox as your browser. Never use IE; 90% of the bad software is designed to exploit IE. It's free and downloads quickly, and is actually a much better browser than IE anyway.

4. Ad-Aware. This is an adware scanning program that can find and remove problem software. Run it regularly. When it finds stuff, sometimes the program can fix it automatically. The great thing is that when it can't, Ad-Aware has online support forums where volunteers will analyze the problem and tell you exactly how to fix it yourself. This is free and easy to install.

5. SpyBot. This is another free download. It specializes in finding and removing spyware.

6. Spyware Blaster. Another free download. This will help you by immunizing your computer against malware that it knows about.

You have to keep all of these *updated*. Check for updates every time you run these programs. New malware is created daily by vicious slathering fiends; you have to stay current to avoid damaging your system.

Finally, let me say that I am NOT a techie, and I've learned all this easily enough, so don't be intimidated. All this is a necessity, as I learned the hard way.
posted by Miko at 9:41 AM on February 17, 2005

Best answer: One thing that I've found a lot of people who switch to Firefox for security don't do is lock up IE once they've stopped using it. Even though you won't be using it as a primary browser, you will need it from time to time: the internet still isn't wholly Firefox-friendly, and a lot of programs use IE embedded (such as, of all things, AOL Instant Messenger)—there's no avoiding it.

So install a popup blocker on IE anyway. Turn all of its security settings up to maximum (this refers to options available in IE 6.0 under Windows 2000 SP4; I'm pretty sure WinXP will have similar if not identical settings):

1) From the "Tools" menu, select "Internet Options...".
2) Go to the "Security" tab.
3) Make sure the "Internet" icon is selected, and click "Custom Level...".
4) Change every setting that mentions "not signed", "unsigned", "not marked as safe", etc. to "disable" or "prompt", especially ActiveX controls.
5) Select "high safety" wherever it's an option.
6) Set "Launching programs and files in an IFRAME" to "prompt".

When using IE from now on, only give approval to actions you expect coming from sites you trust. (Web banking, Windows Update, whatever's driven you back to IE.)

Also: properly configuring your firewall is critical. If you don't know what traffic should or shouldn't be coming in and going out of your computer, have someone who does set up the firewall for you: when I first set up ZoneAlarm, I had no idea what I was doing, and outright crippled or disabled several benevolent programs I didn't properly grant access rights to (and no doubt left some gaping holes for god-knows-what to get in).
posted by S.C. at 10:08 AM on February 17, 2005 [1 favorite] is a site I've found really helpful.
posted by lucien at 10:18 AM on February 17, 2005

Viruses are pretty much a myth and Anti virus software can be a pain in the ass. I scan once in a while with HouseCall just to make sure I'm not infecting everybody, but I would never run a package 24/7.

There are email viruses, but if you don't use outlook you don't have much to worry about.

If you use Firefox instead of IE the spyware/adware problem is almost elimenated.

You do need a firewall. The built in one is good enough. I have a hardware router for multiple PCs anyway, so I prefer turning off the windows firewall.

Plan on reinstalling every year or two. You are becoming a power user, act like it!

I am going to get flammed... That doesn't mean I'm wrong.
posted by Chuckles at 10:20 AM on February 17, 2005

Viruses are pretty much a myth

What? Tell that to me last spring when I spent a long weekend with the sasser worm. You have to be prepared.

Also, the windows firewall is not very effective against adware and spyware. I say that unequivocally, because I was infected despite running the windows firewall.

You may have been fortunate, Chuckles, but you're wrong to imply that your configuration isn't vulnerable. Sorry to "flamm" you (I think you meant 'flamed'), but I had the same kind of lackadaisical/naive attitude until I got infected. I ran my system trouble-free for many months before I was 'discovered'. When you leave all those avenues open, something will eventually come along that's specifically designed to exploit it.
posted by Miko at 11:04 AM on February 17, 2005

Ok, call me stupid, but what's the difference between Mozilla and Thunderbird/Firefox. I'm running Mozilla at home (though using Outlook as my e-mail client - I keep meaning to change to Mozilla). Is Mozilla the all-in-one package, or should I download Thunderbird and Firefox??

(Sorry, don't mean to hijack someone else's question).
posted by tr33hggr at 11:05 AM on February 17, 2005

One other thing, I was running Norton's firewall, but it turned out to be imcompatible with the broadband service we switched to, so now I've just got the XP firewall. Should I try another? Or are the chances good that it too will kill my broadband connection?
posted by tr33hggr at 11:07 AM on February 17, 2005

I run xp but I don't trust the additions M$ gives and prefer to rely on third party tools and turn the Microsoft stuff off. I run sygate without any problems. AVG is fine, just remember to keep the virus definitions up-to-date and if your unsure if AVG missed something you can always run one of the on line AV scanners (panda scan or house call) as a back up. Both scanners use activeX so you'll need to have activeX on. I've found that most of IE's security breaches can be dealt with by installing spybot search and destroy with the 'tea timer'.

Would also recommend running xp anti spy which will turn off a bunch of unnecessary windows "features" and if you haven't done so already turn off UPnP. If you don't plan on using it turn off "remote assistance". Depending on how computer savvy you are you could also peruse black viper for more information on processes, what they do and how to turn them off.

Last thing, create a strong* password on the admintrator account, create a second user account (with a password) and use the second account. Some things need permission to install and this adds an extra layer of protection.

*strong password is something like $&*FR% instead of "admin" and the more characters the better. XP's default account can be "brute forced" whereas if someone tried cracking another account XP will automatically lock the account after X number of times (forget the exact number).

hope this helps.

on preview: scratching my head over, Viruses are pretty much a myth as well.

tr33hggr you could try sygate, they have a free version available.
posted by squeak at 11:13 AM on February 17, 2005

Also, what SC said. I happened to do all of that before switching to Firefox, but it was not enough to run IE safely as my primary browser. However, in view of the fact that you may occasionally want to open a page in IE, it would be wise to do this.

However, don't uninstall IE. You'll need it now and then, and its absence can screw things up.
posted by Miko at 11:13 AM on February 17, 2005

Viruses are pretty much a myth

Is there a way we can mark something as 'worst possible answer'?
posted by mosch at 11:18 AM on February 17, 2005

Miko, worms are not viruses and for the most part firewalls don't address adware/spyware.

I have not just been lucky, I do a great deal of risky things on the internet, and I have only had a couple of virus infected files in many years.

I should have just linked vmyths, but it won't matter...
posted by Chuckles at 11:19 AM on February 17, 2005

Purchase the software... its well worth it. My Norton (or whatevr it is) fends offs 3 hacks a day...
posted by bamassippi at 11:30 AM on February 17, 2005

I switched from Symantec to Trend and I'm happier - it's got a firewall and antivirus, and seems to work well.
posted by jasper411 at 11:39 AM on February 17, 2005

Chuckles, the page you should have linked on vmyths is here and I think it applies to you.

The fact that many "virus alerts" are hoaxes does not mean that viruses are a myth in general (in fact, vmyth even includes links to databases of real viruses and recommend using an antivirus program). The fact that you want to play semantic games and use a definition of virus that excludes worm, despite the common usage of virus to include worm, is irrelevant when recommending that someone not use antivirus software because decent antivirus software will protect against known worms too.

Don't believe virus hysteria. Don't forward "virus alert" e-mails. But don't believe the anti-virus-hysteria hysteria either. Just run a virus checker, and be sensible.
posted by grouse at 11:58 AM on February 17, 2005

Miko, worms are not viruses and for the most part firewalls don't address adware/spyware.

Actually, a worm is a type of virus that can move about without a 'carrier'. Anti-virus programs can protect against them. Spyware and adware aren't viruses, either, and anti-virus software also helps protect against them. It is confusing, but we should we should probably be calling AV programs 'software security' programs or some such thing.

That's nice that you linked VMyths. In fact, since I study folklore, I'm well aware that myths about viruses abound and many people fall prey to unwarranted fears. That doesn't, however, mean that real viruses do not exist. They certainly do. A decent antivirus program will track hoaxes as well as true viruses, so you check whether that silly e-mail you got is worth worrying about. It's true, too, that many viruses don't do noticeable harm to your computer. But some do, and it can hurt.

To address your second assertion, firewalls most certainly do help prevent the installation spyware and adware, because they can help to prevent programs such as Trojans from downloading more packets of garbage onto your computer without your permission.

So enjoy being risky. But you have been lucky, and your advice is irresponsible.

posted by Miko at 12:02 PM on February 17, 2005

To be fair, where Chuckles says that "antivirus software can be a pain in the ass" he is absolutely right. Norton AntiVirus has caused me more problems than it has solved. I've had better results with AVG.
posted by grouse at 12:14 PM on February 17, 2005

Yeah, some are better/more usable/less instrusive than others. And there are a lot of choices. I've really had to experiment to find the best combination of protections for my situation and type of use.

And in the end, nothing is 100% effective against all types of threats. It's a sad fact that we've got to deal with this stuff. I'm a former Mac user, and then for a long time I had a dial-up connection, and I was all "Virus? Spyware? Wha'?" until I went to cable.

So as I said, you learn the hard way. But it's like driving a car -- a few modifications can make the whole endeavor quite a bit safer. A seatbelt is nothing but annoying until the moment you need it.
posted by Miko at 12:21 PM on February 17, 2005

Some interesting responses here, although depending on your level of computer competency, here are my words of advice. (been broadband for 4 years, never had a virus, never had spyware, been hacked once)
  1. Never run email attachments, not even from your friends. If they want you to see a funny Flash thingamajigger, have them email you a link to it.
  2. Use Firefox, this will save you quite of bit of hassle with adware/spyware. I'm not saying that Firefox is perfect, or IE sucks, because each browser has it's pluses and minuses. But spyware/adware creators are actively targeting IE at the moment, not Firefox.
  3. Turn off Messenger service
  4. NEVER install software from some website that claims to play games. The only games on the web that are safe to play, should be either Flash, Shockwave, or Java Applets.
  5. Never host public sites on your computer, or have your IP listed in any DNS. This will attract hackers like flies to your computer.
  6. Use a web-mail account.
  7. Set Windows Update to automatically download updates/patches, but ask you to install first.
  8. Above all else, use common sense, assume anything you download that's not from a MAJOR company is going to contain spy/adware.
  9. Download Spybot and Ad-aware, run them once a month, or whenever you feel your computer running slow.
Notice I did not suggest using anti-virus software or a firewall, I think they're band-aids covering wounds that you should never have to have. Anti-virus software can slow your machine to a crawl, while configuring firewalls can become at best arcane, if you want to play games.

And unless you have a laptop or multiple computers, why would you need a router? Although if you absolutely must have a firewall, configuring a router is probably the safest route.
posted by patrickje at 1:24 PM on February 17, 2005

McAfee basically flushes your performance down the drain.
Get the Symantec suite ($$), or freeware like the others said, Zone Alarm, MS Antispyware (beta), AVG free, Spybot S&D, and definitely switch to Thunderbird and Mozilla. If you have XP pro you can also enable Windows Firewall (I think it's only with pro, have never used home edition.
Jes' lock that box down.
posted by nj_subgenius at 4:36 PM on February 17, 2005

« Older Do Cats Murder?   |   Software Router Filter Newer »
This thread is closed to new comments.