How Are You Protecting Your Computers? 193
b0m8ad1l asks: "I'm wondering what AV, software/hardware firewalls Slashdot readers are using these days. I remember another Ask Slashdot a long time ago, but i'm curious as to how everyone is keeping up with the times. I'm using Kaspersky AV, Sygate Personal Firewall Pro, behind a Netgear RP114 router"
a la carte (Score:4, Informative)
Windows Firewall (XP Pro). (~Free)
Aerielink (Soyo) router. (~$60, incl. USB-WiFi used by other computer)
Before the router I ran Tiny Personal Firewall (now Kerio PF), and loved it (free and better than Zonealarm or BlackICE, for my needs). Also had Norton AV for a while, but it was just 'eh', and isn't free.
-bZj
The setup... (Score:3, Informative)
I don't have a chance to dig up links for these, but diagnostic tools are a must if you really want to lock stuff down. First, generate and read logfiles whenever possible. Check things out with nmap, tcpdump, ActivePorts, Look@Lan, Kiwi syslog Daemon, Portlistener XP, Bazooka Spyware Utility, Spybot Search and Destroy, Socketlock ... the list goes on. Generally try any tool you can and you'll get a feel for what is actually to your tastes and useful.
Re:vmlinuz (Score:4, Informative)
No problem. If you re-read my original post you'll see it's more of how you read it than how I said it (I imagine you read it through slashdot-colored glasses, as it were).
I left out OSX only because he cannot install OSX on a Windows machine.
But presumably it is an option available to him. Cost is an issue he'll have to weigh for himself if he deems it worthwhile. I was just offering two options that work for me.
Buying all of Slashdot's hype that Linux is secure, I built a Linux webserver for my company. 2 weeks later it was rooted.
The guy doesn't sound like he's interested in running a web server. There are plenty of ways to make an apache install insecure. Again, to make a fair comparison, it's easier to crack IIS than it is Apache. That you got 0wn3d doesn't detract from my point. I never said Linux was uncrackable, I said it's more secure (by a large margin).
My only real point is that you have to be vigilant either way.
This is the "what do you mean by that realm". 'Vigilant' is a term that is subjective. Under Debian, 'vigilant' means running apt/aptitude/dselect (whichever is your choice) and telling it to update your system. Under Mac OS X, 'vigilant' means clicking "install" when Software Update pops up. Under Windows, 'vigilant' is far more involved.
Subjectively you can say both require 'vigilance', but they are not equal. You are repeating the confusion of a Windows apologist. When a Linux advocate (yeah, sometimes they are rabid too), claims that Windows is less secure, the Windows apologist will say Linux has security holes too. But when you look closely, you'll see a world of difference. Both a glass of water, and a handfull of rattle snakes can kill you, but one is far safer than the other.
It's far easier to crack a Windows computer than a Linux computer by a wide margin.
It's a question of whether or not it's 'worth the fuss'.
Which is what I said in my original post.
I'll put it another way: I'm a Windows user. I have several machines I have to take care of. I don't have problems with exploits trojans or spyware. Once in a great while something will come along. I take care of it, bfd. I spent more time building the ill-fated Linux/Apache server than I have in a year of maintaining exploit-related Windows problems.
Then Linux isn't for you. I never said it was for everyone. I suggested he consider it (maybe he has, maybe he hasn't, I have no way to know, but both Linux and Mac OS X are viable alternatives and worth considering).
Re:Not much (Score:2, Informative)
People are always asking this question but I have never seen anyone answer... so I will.
If a virus/worm/whatever is going to be doing anything interesting, it MUST use resources. If you are always monitoring your resource usage, you WILL (eventually anyways) notice the new/different/extreme resource usage. Blinking lights (hard drive, router, etc), sounds, resource meters, firewalls that report activity, are all things that can alert you to malicious code. Antivirus software can be useful, but it is not the only way to detect a virus.
strike
Re:K.I.S.S. - always been and always will be best (Score:5, Informative)
The key to proper wireless setup is to associate different levels of trust between the wired and unwired components. Require WPA. Most household wireless routers allow you to specify a physical address list for visiting assets - do not allow unregistered MAC addresses to join your network. Have the wired network use a different subnet than your wireless network, so that the IPSecurity policies on your wired boxes can be set to prohibit access to the wireless agents on your house. Also, some routers let you set firewall rules between your wired and wireless subnets.
Audit everything. Everything. Disk space is cheap.
Also, run a packet sniffer on your wireless network. I once had a Netgear wireless router that would broadcast packets wired computers had sent it to route to the public internet across the wireless network - it had no concept of how to route correctly. If that's happening, throw that PoS away and get a real router.
Can this be compromised? Yes, but it requires breaking through various levels of real, cryptographically enforced security. Remember that only one part of information security is denying access to intruders because at the end of the day, the most locked down boxes plugged into a network can still be hacked. You must be constantly vigilant to detect intruders as they attempt access, you must have a recovery plan if you are compromised (everyone needs AV software and an individual firewall on each computer behind the NAT firewall), and must be sufficiently auditted that you can trace access attempts back to the source. Watch your wireless traffic - with this type of security, in the very very remote chance you are compromised, its going to take a long while. Is someone trying a variety of network attacks on your wireless network? If so, I've got good news - rule out that its not someone in a car outside, and you can pinpoint it pretty quick down to a neighbor. Talk to them if you think its their 16 year old punk teen, call the police, leave a note on their door with a picture of Sauron's eye saying they need to be more sneaky, whatever.
If you're loading up a USB flash drive... (Score:3, Informative)
It's not a lot of drivers and such. More oriented to useful utils that can come in handy in a pinch. It's stuff that I tend to use fairly frequently and don't like to be without.
Re:Home setup (Score:3, Informative)
Using strings ...
... should eliminate this as a concern, though it's been quite a while since I've heard that anyone had a problem with this type of exploit.