ThredNedul

Hi all,

I have just purchased a brand new PC, after using a Mac for several years. Obviously, security and protection is a major issue with PC's, so I need to install a virus checker and firewall.
Which are the best ones on the market at the moment ?

P.Pilcher

Don't know which is the best, but many use the AVG antivirus system which is one kind of best being totally free for home users! It virtualy automatically updates itself if you wish. Since they changed over to incremental updates, updating didn't take very long with a dialup modem. Now I've gone broadband it takes milliseconds!
It is available here

Best of luck.

P.P.

seacue

I am loosely associated with a large organization which has thousands of PCs. The organization takes the virus threat very seriously. They have standardized on Norton/Symantec. I've bought it and use it at home and it automatically updates very frequently. I must average 2 e-mails w/ virus each day. It catches them all.

While I am using free Zone Alarm firewall, I don't know if it the "best", but it's highly spoken of.
======
You'll probably also want free POPUp Stopper, Which is very effective at killing popup ads.

I find POPFile to be VERY helpful. It classifies your incoming e-mail and can put the spam into a special folder/directory of your choice. Free, but I have donated. After the first couple of weeks of training, it takes 5 minutes of maintenence a couple of times a week to keep the criteria up to date. With that care, it has a misclassification error rate of 1% or 2%.

MailWasher can be used to manually inspect the Subject, From, and To fields of your email and size BEFORE downloading. This way you can delete the large virus-ladden fake messages before downloading. I don't think I'd bother with it if I had high-speed network access. A good AntiVirus program will kill those messages after download.
===========
Your ISP may also do the popup stopping, and try to do the spam mail classification

Welcome to the PC world of virus targets.

SC

volrider

AVG Free Anti Virus and superb www.grisoft.com
Zone Alarm from Zone labs again free with the option of upgrading to a fuller version quite cheap.
I am not keen on Norton stuff but thats a personal view, plus you have to pay for it

BRL

The man in the pub tells me the best FREE firewall is this, Agnitum outpost firewall free version 1.0 You can get it from here.............

At the moment I have Zone Alarm Pro and Norton Anti-Virus. Both missed the recent worm that I got called something like "Welchworm".

Naples Air Center, Inc.

ThredNedul,

If you are running Broadband, I would suggest getting a Hardware Firewall. A good Cable/DSL Router is one of the best ways to, not only protect your computer but, your entire network too.

Another good Antivirus program is Trend Micro's PC-cillin Internet Security

Take Care,

Richard

spekesoftly

Zone Alarm's free firewall is popular with many, but I have read of some XP conflict issues.

Sygate offer an excellent free alternative, which doesn't appear to suffer in the same way.

shuttlebus

Personally, I prefer the Symantec products, which I have been using for about 7 years now. Norton Anti-virus and Personal Firewall integrate nicely and are available (at least in the UK) as a package for about £40 from PC World.

The IT guys at work have specified Macafee, so I guess it comes down to personal choice.

A hardware firewall is nice, but they are quite expensive and only really necessary when you have a large no. of users giving high bandwidth, or so I have been told! (They have their own processor etc, so it doesn't tie up your main machine)

Regards,

Shuttlebus

The Nr Fairy

Shuttlebus:

You're right in that a dedicated hardware firewall can be expensive, especially for the high end enterprise stuff, and does offload the work of a software application.

However, at home I've got a NetGear DG834G which has a firewall built in, and it also has a 4 port 10/100Mb Ethernet switch and 802.11G wireless too. All for about £130. And I forgot it has an ADSL modem too which is so easy to set up it's untrue.

Because I use my laptop for work in all sorts of places, I also have ISS' BlackIce firewall and McAfee too. The home PC has the BlackIce firewall and AVG.

To stop popup ads, I have Meaya's PopUp AdFilter, plus "No! Flash" plus Google toolbar - works a treat.

Links for most of the above:

BlackIce

Netgear DG834G

Meaya PopUp AdFilter

No! Flash

ThredNedul

Many thanks for all the feedback and ideas. They have been most helpful.

I am still deciding, but following the responses above, I am heading towards Norton or McAffee. Any other replies would be greatfully acknowledged, but I will be purchasing over the next couple of days. Thanks again.

WeLieInTheShadows

I just downloaded Agnitum outpost firewall free version 1.0 - and it's brilliant!!!! Also stops ad;s and pop ups as well!

Have tried Zone Alarm and found it annoying and difficult - Outpost is so simple and easy to use so it gets my thumbs up.

AVG anti-virus has to be the best free AVC software I've found too - get it and forget Norton and their high prices - they also stiff you for more money after a time when you need more updates.

Panic Ware pop-up stopper is brilliant for stopping er.... pop - ups so I would also recommend this as it is a must and makes surfing the net a pleasure again.

Hope this helps someone.

Mac the Knife

Regret to disagree about McAfee. I was a long term fan and used McAfee's Viruscan and Internet security suite for ages but just have had too much trouble with it's later incarnations.

And Viruscan 8 seems fraught with "problems" (see http://forums.mcafeehelp.com/ ) - I moved to Norton and a hardware firewall (FreeSCO router) and haven't regretted it.

Norton AV and ZoneAlarm Pro is probably the best combo for a single PC setup.

rotorcraig

My votes go to...

Anti-virus: AVG Free Edition

Firewall: Either the XP SP2 firewall, or Kerio Personal Firewall

And to test that the firewall is doing it's thing, use ShieldsUP! at grc.com and select "All service ports". Should come up as 100% Stealth.

RC

drauk

Clearly this is going against the popular opinion on here, but I've never used a virus checker on any of my Windows machine and I've never had a virus. Actually I have used a checker a couple of times when I wondered if I had a virus (usually a Norton-derived one), but uninstalled it as soon as it had confirmed I was clean.

They are switched on all the time and are permanently connected to the Internet. I do always use a hardware firewall unless I'm traveling and using wireless in which case it is the built-in XP one. A few months ago installed Microsoft's Anti-spyware Beta, though it has yet to find anything sinister.

I do (carefully) download software. These days I don't use Internet Explorer or Outlook but I did for years.

For the last 12 months most of my desktop work is carried out on Macs, but various PCs are still on and used by me and others.

ThredNedul, as an aside, why the move from Mac to Windows? You don't hear of that very often.

Stoney X

I'm another that uses Norton's AntiVirus and Zone Alarm. I also have Norton's AntiSpam running to handle the loads of junk that arrives in my Inbox, and it controls popups as well. I'm very happy with the setup although I wish I had the guts to go skinny-dipping on the web like drauk

Regards
Stoney

IO540

I am with Drauk. This may sound c0cky but the best AV / firewall software is not catching anything in the first place.

A router which does NAT (they practically all do) will protect you from *unsolicited* incoming rubbish.

It won't protect you from infected websites exploiting a back door in your web browser; running the very latest updated IE6, or running something like Mozilla (doesn't work properly with some websites) should take care of that one.

It won't protect you from infected emails, which will either exploit a back door in your email program, or will hope that you double-click on the attachment before thinking about it. Running a non-Microsoft email program generally plugs the former hole (although Eudora has been hit too) but only current AV software will plug the latter hole.

For a home user (not running a web/ftp server etc) a firewall will do no more than a NAT router for incoming stuff, and the only outgoing stuff which you will want it to stop is stuff which you have already caught and then it's too late for *you*.

I use current-patched IE6 for me, Mozilla for my kids, and a fairly rare email/usenet program. Never caught anything.

The real challenge today is stopping kids catching stuff. They click on every link on every website. I found 13 viruses the other day, on a PC dedicated to them (which also runs FS2004 for my instrument practice).

If you really want AV software, have a look at Kaspersky (.co.uk). It is the most compatible I've ever used; much better than Norton 2003/2004 or McAfee. I have built a lot of PCs and found K just works whereas the others cause havoc occassionally.

Toxteth O'Grady

IO540

I beg to differ..............

My home router uses NAT but in addition I have it set up with Stateful Packet Inspection and blocking against all of ICMP ping flooding, IP spoofing, zero length IPs, Land Attacks, UDP Port Loopbacks, Snork Attacks, Smurf Attacks, Pings of Death, TCP Xmas Scans, TCP Null Scans, Win Nuke Attacks, TCP Syn Flooding, Ascend Kills, IMAP SYN/FIN Scans, Net Bus Scans and Back Orifice Scans. I also have it set up to block certain URLs and URL Keywords.



TOG

IO540

TOG

Lovely terminology in this business isn't it Only the other day I was explaining to my girlfriend what Back Orifice is.

None of the stuff you list will get in *unsolicited* through a NAT router, because NAT hides the rest of the system behind the port translation.

If you are already running BO then you are stuffed. You may as well run PC Anywhere with no security and tell everybody...

People can mount DOS attacks against the router - fine if they want to waste time. You aren't microsoft.com so why worry?

What will get in is stuff incoming in response to a request from the inside; e.g. when browsing an infected website. Yes, you could config a firewall to block the obvious attacks there but even micro$oft will have patched the obvious holes like that long ago. What you can't do is config your firewall to inspect every downloaded JPEG to see if it has a malformed header - a fairly recent back door into windoze.

Some routers have known back doors. Drayteks do expose their HTTPS config port to the WAN (even when remote admin is disabled; a known bug which they haven't fixed yet) so if you left the password at "admin" there's a way for an outsider to reconfig your router

To the average punter, firewalls are a waste of time. Every 5 mins the stupid thing pops up saying "application XXX wants to go outside, yes/no?" and if you click NO then you can't even print to a local printer, can't do lots of things. Adobe Acrobat can't scan for updates and hangs for a while before it gives up, etc. It isn't worth the hassle. Half the popups are pretty obscure.

Toxteth O'Grady

IO

I suspect we'll end up violently agreeing with each other at the end of the day.

I was only taking technical exception to your assertion that "a firewall will do no more than a NAT router." Not correct, but having reread your post I can see what you were getting at. The level of protection provided by both is the same due to the nature of the risk the average home user is exposed to

Basic NAT devices are not real firewalls, but they are usually considered ‘good enough’ for most home networks. By not forwarding requests or probes that originate from the internet to your LAN, a NAT device blocks most mischief. A simple NAT device cannot keep hackers from running DOS (Denial Of Service) attacks on you, but individuals rarely get attacked like that. It will keep out people looking for file shares, rogue mail servers and web servers, and most port based exploits. Most also protect against SMURF and WinNuke atatcks. With a NAT device and a good anti-virus program, you should be safe from the most common kinds of internet attacks.

Over and above this an SPI firewall allows the NAT devices to filter out specific kinds of data on your router like SYN flood attacks, IP Spoofing, Teardrop attacks and others. SPI is a general term that can describe a router that filters more kinds of attacks than basic NAT by closely examining packet data structures. Of course, each manufacturer will implement different kinds of SPI so not all SPI routers are equal. Routers with SPI can log attacks.

I do however wholeheartedly agree with you that basic NAT is sufficient protection for most home users and the risk of advanced denial of service attacks is negligible.

I also agree that the risk to home users from spyware/malware that they've inadvertently downloaded is orders of magnitude greater and in this instance a hardware firewall is a chocolate teapot.



TOG

goates

If you have a home network with people who will click on every link they find, a software firewall is probably a good idea. While Microsoft has patched all known holes in its software, that is definitely not all of them. All it takes is one computer to be infected and start scanning for more computers. As all computers on your network are behind the NAT router, it will not prevent the rest from being infected. Windows XP's firewall will at least help stop this from happening. Anti-virus software can really only prevent viruses it knows about, a firewall doesn't care and will just block traffic that shouldn't be there.

NAT routers will prevent most, if not all, attacks from the 'Net, but as more families setup home networks they won't be enough. Instead of one computer in a house to infect, and then clean, there could be several. Wireless networks are more vulnerable here too as some bored kid down the street could hack into your network behind the router. The current wireless encryption protocols used in most home wireless routers is not very difficult to break and there are ready made tools to help with it.

The pop-ups can be annoying at first, but once the computer and firewall have been setup there shouldn't be any more unless a new program has been installed. Of course the ideal case is that we shouldn't have to waste time and money on stuff like this in the first place.

goates