Reply to Message
Start out with these two...
A good start is to do more than just an anti-virus. I used to recommend either/or Comodo Personal Firewall or On-Line Armor - but they both seem so bloated I can barely get either one to operated now. So I've been evaluating PC-Tools free firewall from Major Geeks, and am pretty impressed so far.
As far as anti-virus, you can't go wrong with the free Avast solution; but when it comes to anti-malware, you better just pay up; because that is where the real threats are now. MBAM has a cheap $24 lifetime license that is well worth it! On XP machines Avast will report it as a root-kit, but not to worry - that is because MBAM has become more resistant to malware and exhibits root kit like behavior for its kernel level activities.
With those three to start you out on the road to a truly blended defense you can't lose. It wouldn't hurt to put WinPatrol on there as well, because it watches the start up folder pretty well, and it is free too.
The new thing I'm playing with is EMET, because java exploits have become such a bad problem now(thanks to Oracle) that I have two configurations for that now. Enter into the EMET console the exe files that java uses - there are three of them - and use parental controls for Vista/Win7 to lock down the programs you have already installed on restricted accounts. I don't enable the site filter, just the applications. For starters it is better to accept the recommended system settings for your operating system on EMET.
So a lot of what you do in INFOSEC is hardening of the operating system, but using tools like Secunia PSI and File Hippo Update Checker will get you even farther. I assume you already know NOT to operate as an administrator account in your daily work.
This advice is just the tip of the iceberg in computing security - so keep that in mind. Reading up on Michael Kassner's articles will help you a lot!
As far as anti-virus, you can't go wrong with the free Avast solution; but when it comes to anti-malware, you better just pay up; because that is where the real threats are now. MBAM has a cheap $24 lifetime license that is well worth it! On XP machines Avast will report it as a root-kit, but not to worry - that is because MBAM has become more resistant to malware and exhibits root kit like behavior for its kernel level activities.
With those three to start you out on the road to a truly blended defense you can't lose. It wouldn't hurt to put WinPatrol on there as well, because it watches the start up folder pretty well, and it is free too.
The new thing I'm playing with is EMET, because java exploits have become such a bad problem now(thanks to Oracle) that I have two configurations for that now. Enter into the EMET console the exe files that java uses - there are three of them - and use parental controls for Vista/Win7 to lock down the programs you have already installed on restricted accounts. I don't enable the site filter, just the applications. For starters it is better to accept the recommended system settings for your operating system on EMET.
So a lot of what you do in INFOSEC is hardening of the operating system, but using tools like Secunia PSI and File Hippo Update Checker will get you even farther. I assume you already know NOT to operate as an administrator account in your daily work.
This advice is just the tip of the iceberg in computing security - so keep that in mind. Reading up on Michael Kassner's articles will help you a lot!
Posted by JCitizen
Updated - 7th Feb
