Culpeper
Oh, I absolutely agree with both of your responses. I love the logging capability of Sygate just to see what is going and coming. It let me know I had a bunch of forgotten RSS feeds in my Firefox bookmarks, which was causing a slow Firefox start up. Without the firewall logs I would have completely forgot about those feeds and never figured it out.
Yes...though I am enough of a geek that with the XP Log Analyzer I got fro 2brightsparks, and some time, I can see what is where and why and how and so on... but eh.. I am also a lazy bum at times, so I like having something else do the legwork for me...but not always...
For the most part though, the average person, not security computer freaks like ourselves, the basic firewall protection I mentioned above should be sufficient for security.
The hands off nature, and automatic features, mean that unlike before, at least there is some protection... computers are sold with AV installed nowadays, mine for example, came with Norton (ahahaha, what a joke, you can bet I removed that in a hurry, and talk about a pain to uninstal...) so with luck, many simple, and even more complicated things, are avoided, if the user pays attention, and does not insist on clicking on every last thing... (attachments, urls, pop ups)
In fact, a cheap router with a hardwire fire is more than sufficient. In my opinion. For the most part when I set up a computer for a friend or relative that just got their stuff from Dell et al, I just add on Avast or AVG and turn on the OS firewall, tell them not to mess with the settings, and then go home.
When I do support, remtelly, I tend to recoment the: The AVG/ZoneAlarm/Ad-Aware/Spybot/Crap Cleaner/Alternate Browser&Email Program, combo, though if it is an XP computer, then I will leave the resident firewall.. it can be very hard to get beyond most peopels fear of computers, and as someone who used computers in the 1980's, I can't say I blame them... of course, once one goes away, it is up to the end user, and I find it is the Windows Updates, that are hardest to get peopel to take seriously... and of course, results vary... I remember once, I had someone who had a sober worm, and despite my entreaty to install and run Spybot, she refused... as I was far away and how could I diagnose it,and when I got her to fun MacAfee (ah, another joke) it showed up, but MAcAfee was unable to remove it, but stil she did not instal Spybot... so she called her local tech person, who brough a flash stick, and installed Spybot and Ad-Aware, and used them to clean the system...
In retrospect perhaps it was better the tech did it, but still it was an example of the intimidated attituude of most users...
When I actually have access to a system, I add all sorts of things, but I hide them away, so the user does not know about it, that way when I come to check the compters out, I dont have to use a flash stick or anything, I just open a folder and go... Rootkit Revealer, Hijack This, Pocket Kill Box, A Really Small App... mainly, and I close some ports, and so on... it is not ideal, but most people cannot or will not, pay attention to software pop ups or anything that forces them to make a decision....