Author Topic: Am I protected enough?  (Read 7227 times)

0 Members and 1 Guest are viewing this topic.

smtb

  • Guest
Am I protected enough?
« on: April 17, 2009, 06:12:41 PM »
Hello,

I have been using Avast Home for a few months now and have been very satisfied with it. When I first installed it, I got some trojans in the avast scan (Was using Norton before that, installed avast after using the removal tool of norton), and posted here. Got some really good advice from people here and since then I keep reading the posts here.

From reading the suggestions of Tech, DavidR, scythe944 and other knowledgeable members in various threads, I now have
MBAM, SAS (both free versions) in my computer along with Avast Home. I dont have any other security software installed. My question is am I protected enough or should I get something else? I dont have any firewall installed other than what comes with vista. But I never tweaked it, so I dont know how effective it is. I have read people saying about sandboxing, drive imaging, but I dont know anything about these. Are these needed? Do I need another firewall?

My machine is Vista SP1 32 bit, 3 GB RAM, 2 GHz AMD TL 60. I use Opera 9.64 for browsing and windows defender is active.

I must say, I never got any infection after I installed Avast. A couple of times Avast cautioned me of some virus when I tried to visit some websites and the connection was aborted. So nothing bad happened. But still I am a bit paranoid about my computer's security.
I scan my laptop weekly using MBAM and SAS after updating them. My Avast settings are default I believe, only the level is set at high for most of the components. I did not set boot time scanning, should I do that? How long does it take? I do not scan my laptop using Avast very often, as it is resident. Should I do weekly scanning using Avast too?

Advices are highly appreciated.
Thanks for reading and thanks to the developers for creating this wonderful antivirus.

« Last Edit: April 17, 2009, 06:15:37 PM by smtb »

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9406
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Am I protected enough?
« Reply #1 on: April 17, 2009, 06:32:46 PM »
To be honest, i think avast! alone is good enough. Never let me down so far and it fared great in tests.
Visit my webpage Angry Sheep Blog

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Am I protected enough?
« Reply #2 on: April 17, 2009, 06:39:55 PM »
I suggest you get a hardware router/firewall.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Am I protected enough?
« Reply #3 on: April 17, 2009, 06:44:04 PM »
One element of your security you don't mention is your firewall ?

WinXP's firewall only provides inbound protection, Vista's firewall has outbound protection but is disabled by default (and not very friendly).

Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.

I do weekly avast Standard sensitivity, without Archives as part of my weekly system maintenance. I also do the MBAM and SAS scans during that same maintenance. The main consideration is that you don't become slave to security applications, the more you have the more you have to keep up to date and run.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9406
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Am I protected enough?
« Reply #4 on: April 17, 2009, 07:15:00 PM »
I suggest you get a hardware router/firewall.

I see no need unless you already have a router. Most of them have firewall integrated.
Buying one just for firewall is not exactly economic and is better to just buy good security suite or use good free firewall.
Visit my webpage Angry Sheep Blog

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Am I protected enough?
« Reply #5 on: April 17, 2009, 08:17:56 PM »
Most hardware routers that have an integrated firewall only provide inbound and not outbound protection unless they specifically say it does.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

YoKenny

  • Guest
Re: Am I protected enough?
« Reply #6 on: April 17, 2009, 09:46:02 PM »
One element of your security you don't mention is your firewall ?

WinXP's firewall only provides inbound protection, Vista's firewall has outbound protection but is disabled by default (and not very friendly).

Vista Firewall Control Free from SphinxSoftware is an interface into the Vista firewall that works well for me:
http://www.sphinx-soft.com/Vista/order.html

Mr.Agent

  • Guest
Re: Am I protected enough?
« Reply #7 on: April 18, 2009, 01:02:59 AM »
I can say a firewall,anti spyware,anti virus is the base but if u want more its your choice :)

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Am I protected enough?
« Reply #8 on: April 18, 2009, 10:52:02 AM »
You should not use a software firewall but a hardware one. See the firewall as a doorman.
Put him outside and in front of the door and he will not let unwanted people in. (hardware firewall)
Put him inside and the unwated people are already in before he sees them. (software firewall)

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3695
  • If at first you don’t succeed; call it version 1.0
Re: Am I protected enough?
« Reply #9 on: April 18, 2009, 11:27:45 AM »
You can only guarantee 100% security if the computer is in a secure room and never connected to the net.
For the rest of us, the 99.?~ % security is most usually adequate. For most the security is based on traditional AV, AS and firewall approach, perhaps mixed with a list of blocked websites or domains. It's not foolproof but it is adequate for most.

A sandbox application prevents any web-facing application that runs inside it from installing anything direct to the computer from the web, unless you choose to move it there. As such it can be a very powerful tool. "Sandboxie" is probably one of the more popular of these, and it is (apparently) fairly easy to learn to set up and use.

"HIPS" is another powerful tool. Some firewalls have it included (Comodo, OnlineArmour...). Basically it will (or should) prompt the user for permission any time an unknown application attempts to make a change to the system that could cause damage. What is called a whitelist approach. (Traditional AV's for example use mainly a blacklist approach; virus definitions.) As such, it can need a bit of learning to answer the prompts correctly, and a fair bit of working knowledge of the operating system, what is normal, what is desirable, and what actually might represent a threat.

While you are looking over tutorials or posts about those sorts of applications (the homesite FAQ's/forums often have a wealth of info) I would recommend using the immunity feature in S&D, this will block quite a lot of the known bad sites. These change and are added to frequently (like viruses), the security companies are always a step behind, intrinsically. (Threat appears> spreads> recognised> reported> analyzed> response released.)
I'd also recommend a software firewall. A correctly operating software firewall will also protect unsolicited inbound threats; that isn't just the domain of a hardware firewall AFAIK, have a look at http://www.sphinx-soft.com/Vista/index.html, a GUI that interacts with the firewall you already have to make it much easier to configure outbound protection. Outbound protection can be thought of as a kind of safety net. If a new malware that isn't detected yet gets onto your system and tries to phone home, the firewall should prompt the user for permission. (Do not blow this opportunity, should that happen.)

Tell the truth, I run all the apps in my sig. The number of warnings or opportunities to block stuff since I installed them, with Avast running, I could count on the fingers of one hand. And most of those were valid alerts - something that could be malicious - but which actually wasn't; I was usually installing or updating software. Avast is really very effective, methinks. I run the others because I know that an AV can not always stop everything. There is some overlap, but no noticeable performance hit, so that's OK by me.
Windows 10,Windows Firewall,Firefox w/Adblock.

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3695
  • If at first you don’t succeed; call it version 1.0
Re: Am I protected enough?
« Reply #10 on: April 18, 2009, 11:31:27 AM »
Oh, big PS.
Have a backup and recovery plan. Make backups of your important files regularly, should you ever need to format and reinstall.

AND
keep all your software up to date, religiously so. The Secunia PSI is good for this. There are others.
Windows 10,Windows Firewall,Firefox w/Adblock.

smtb

  • Guest
Re: Am I protected enough?
« Reply #11 on: April 21, 2009, 01:52:06 AM »
Thanks a lot everyone for replying, especially DavidR and Tarq57 for your detailed suggestions.

From the posts above I gathered the following:
1. Vista's own firewall is not adequate and hence I need something else. Any suggestions here about good firewalls? Anything free like avast?
2. One should run weekly scanning using Avast too. DavidR, what did you mean by default sensitivity?
3. One should have a hardware firewall. Now I do have a wireless router, but I have no idea whether it is having a firewall or not.
4. One should have system restore/backup. I normally make a backup before a major software installation. Otherwise i depend upon vistas automatic recovery point. Is that enough, or I am missing something?

Tarq57, I have no idea about how to use this Secunia thing that you mentioned. What it does? I guess I will check it out.

Questions for which I am still looking for an answer:
1. Should I schedule a boot time scan using Avast?
2. Is sandboxing really needed?

I really appreciate your suggestions,
Thank you.

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3695
  • If at first you don’t succeed; call it version 1.0
Re: Am I protected enough?
« Reply #12 on: April 21, 2009, 02:31:36 AM »
By "backup" I don't mean the OS internal backup, in this case "system restore". What if you have a HD failure? I mean actually copying those files you would not want to loose to an external HD, or disks etc, so that if you ever need to format and reinstall, or install from scratch on a new hard drive, you haven't lost anything important.

The Secunia site offers an online software inspection (limited) or a free application called PSI (personal software inspector) that you can install. Once installed, you can set it to scan for installed programs. It has a large database of applications to refer to, very comprehensive, and if it detects an out of date or vulnerable application on your computer, will alert you, and suggest a course of action. Just going to MS update (or having them install automatically) isn't really enough. MS won't check, for example, that your non-MS media player, or your Adobe, or your Java (to name a few) is out of date, and maybe has an unpatched vulnerability. Secunia will. There are other similar apps available; this is the one I know. Have a look at http://secunia.com/vulnerability_scanning/ and try an online scan (OSI) to get an idea of how this works. Takes a minute or five.
Windows 10,Windows Firewall,Firefox w/Adblock.

smtb

  • Guest
Re: Am I protected enough?
« Reply #13 on: April 21, 2009, 03:09:26 AM »
Oh I see what you mean. I have never backed up my files before, I should start doing it. I guess I am being too lazy for that :D.

I tried opening the secunia link that you gave, but its not opening. I guess the website is down temporarily! I will definitely check it back, as from your explanation it seems to be a very useful tool.

Thanks again for the quick reply.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Am I protected enough?
« Reply #14 on: April 21, 2009, 03:30:33 AM »
Thanks a lot everyone for replying, especially DavidR and Tarq57 for your detailed suggestions.

From the posts above I gathered the following:
1. Vista's own firewall is not adequate and hence I need something else. Any suggestions here about good firewalls? Anything free like avast?
2. One should run weekly scanning using Avast too. DavidR, what did you mean by default sensitivity?
3. One should have a hardware firewall. Now I do have a wireless router, but I have no idea whether it is having a firewall or not.
<snip>


You're welcome.
You could also enable the outbound protection of the Vista firewall, but it isn't very friendly, is rule based and you have to create the rules. - Vista Firewall Control, check out this topic for some user friendly help for the Vista Firewall, Outbound protection, http://forum.avast.com/index.php?topic=30234.0

- There are many freeware firewalls such as, Comodo (care required now it is a suite not to install the anti-virus element), PCTools Firewall Plus, etc. - Zone Alarm free works fine with avast and has a reasonably friendly user interface, however, the free version is becoming bloated with trial ware and is also crippled as far as outbound protection goes In the Program Control, configuration area, the slider will only goes as far as Medium protection, if you want more you have to buy the Pro version.

See A Forum discussion on free firewalls http://forum.avast.com/index.php?topic=30808.0
See http://www.matousec.com/projects/firewall-challenge/results.php.
Many forum users are using all of the above:
PC Tools Firewall seems to have the least user headaches as it doesn't seem to be constantly asking the user questions about this and that.
I think you can see by my comments on Zone Alarm free you have to be careful that you are not using the pro trial version.
Online Armor for the most parts fine but it has caused some users grief after avast program updates and that is something you have to watch out for.
Comodo is now a suite and you have to do a custom install so as not to install the antivirus element, of all the firewalls listed this seems to be the noisiest in asking questions, depending on settings and elements used, so it could be daunting for those not to familiar with firewalls or their systems.

By default sensitivity, it means just that don't tweak any settings when you run an avast on-demand scan, it will then run on Standard sensitivity and without scanning Archive files. This still scans important files and those more prone to infection and reduces the time taken.

Your Router probably has a hardware firewall built in (if not no problem), but hardware firewalls usually don't have outbound protection (unless it specifies it does), so you would still need a software firewall to provide outbound protection.

Questions for which I am still looking for an answer:
1. Should I schedule a boot time scan using Avast?
2. Is sandboxing really needed?

Personally I would only schedule a boot-time scan if avast detects something (and it recommends doing so), which it can't deal with in normal mode.

I don't use sandboxing, but I have a robust back-up and recovery strategy in the very unlikely event that I got infected. I'm using XP Pro and with that I use DropMyRights (not available for Vista which up to a point UAC deals with) on all programs that connect to the internet, browser, email, etc. If you can run from a limited user account in Vista as that would limit the potential for damage should you become infected.
« Last Edit: April 21, 2009, 03:33:36 AM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security