#1 Personal Firewall
There has been some debate over the need for a personal firewall especially for dial-up Internet connections. After the release of Service Pack 2 for Windows XP in which the Windows Firewall was turned on by default, the epidemic of malware was reduced which also reduced the debate over the usefulness of software firewalls. Cable and DSL connections are always "on" and some sort of isolation is needed. A NAT (network address translator) router makes a great firewall by blocking incoming Internet traffic unless it has been specifically requested. If you follow the layered defense approach, a personal firewall combined with a NAT router gives increased protection by blocking traffic from the Internet to the computer unless it has been specifically allowed. NAT routers can be purchased for about $50.00 USD, however, there are firewall programs available free of charge. The two listed here are well known and highly recommended.
Update 09/19/2007 - Sunbelt-Software (Kerio) and Zonelabs (ZoneAlarm) have altered their free of charge policy. This happens quite often among software companies because they need to make money to stay in business. In the case of Kerio, even the name has been changed, if we haven't been misinformed. Even so, they still remain as highly regarded personal firewalls among the computer user community. On the other hand, the Windows Firewall has become more highly regarded due to the test of time and the debate is now over whether or not there is any advantage to using a third party firewall. In my opinion, the advantages depend on the users level of expertise. The typical computer user will do just fine with the Windows firewall.
There are others available... just google "free firewall". You will have to sort through several pages to find them all, so be patient and remember to check them out before you download them. Whichever firewall you decide to use be sure to test it at grc.com's Shields Up. This link takes you directly to the Shields Up page the top of which is populated with links to some of Steve Gibson's other projects so read the page carefully to get to the port testing procedure. There is also a small application available here called "LeakTest" that tests other firewall qualities. Be warned, there is a lot of interesting stuff on this site including over a years worth of mp3 copies of the Security Now pod cast.
#2 Anti-Virus
Due to the daily creation of new bugs, up to date virus protection is a must. Also, keep in mind that every bug ever created is still out there on the web waiting to infect an unprotected machine. There is much debate over which anti-virus program is the best and no debate over which is worse. The worst by far being an anti-virus program that hasn't ever been updated. The majority of infected computers brought to us had an anti-virus program with a lapsed update subscription. Here's a list of free programs with free updates sandwiched between ads for two that were reviewed on another page on this site.
Before moving on to Anti-Spyware programs, it should be mentioned that running two personal firewalls or two Anti-Virus programs is not recommended. These programs are designed to be "on" for as long as your computer is powered up. This is referred to as "running in the background". They can conflict with each other causing problems rather than improving the security of your computer. Also, the amount of your computers resources they tie up would outweigh any added benefits.
#3 Anti-Spyware
Updated 08/01/2008
Ranging in behavior from blocking your access to the Internet and executables to just keeping
track of what you do online, spyware/malware can cause severe computer problems. It isn't
necessary to have an entire anti-spyware program running in the background like an anti-virus
does but modules of the program that monitor and block changes to the Windows Registry should
be running and scan for spyware/malware regularly. Spyware tactics change rapidly and there
could come a time when you would need an anti-spyware program running in the background.
Caution must be used when searching for spyware removal tools. There are "rouge
programs" available that give false detections of spyware/malware while
hijacking your desk top asking for payment to remove the reported files. Unfortunately
these programs can come bundled with spyware that can be especially nasty. These
programs have a habit of changing names rapidly making it a major task to point
out the ones to avoid. Most recently, these rouge programs have been bundled with codecs (coder
decoders) that are needed to play multimedia files like DivX movies. There is a site that
keeps track of these "rouge" anti-spyware programs and lists them on this page:
This site also maintains a list of recommended anti-spyware programs. The best practice is to use only recommended programs. SpyBot Search & Destroy and Ad-Aware are both well known and highly recommended programs for spyware/malware removal. I recommend using them both, scanning with one then with the other (NOT simultaneous use), as what isn't detected and removed by one will be caught by the other. By all means, drop by sites that have help forums to see what they recommend. Since spyware is always evolving, they might have other recommendations. Like AV programs anti-spyware programs require updating.
Clicking the banners will take you to the download page.
Versions of Ad-Aware have fallen out of favor with us due to its increased size, decreased usability from Windows Safe mode and Lavasoft's program distribution and update methods have become dial up unfreindly.
SpyBot Search & Destroy, on the other hand, is a freeware program produced by
Safer-networking.org. This group provides full support for their program and a
beginners tutorial located on their site
Tutorial for SpyBot usage
You can also find some help with this program on this site. The articles will be listed
here as they become available. Update: SpyBot also has a new version but the changes made
were basically in performance. That being the case, the pages here will still be fairly current.
This program not only works well from Windows Safe Mode but also can be called from a CD boot
Command Line making it much more useful for disinfecting a computer.
- Hosts File Tool
- Immunize With SpyBot
- Internet Explorer Tweaks Tool
- SpyBot's Tea Timer
- System Startup Tool
Recently, we have noticed that some customers have been removing the programs that were installed to clear up the problems they were experiencing. In place of anti-virus and anti-spyware programs were registry scanners/cleaners. Typically these scan the registry and report the problems found. If these make repairs at all a very limited number of problems are fixed unless you buy the full version. Unfortunately, a high number of these registry/system utilities are "rouge" programs. If registry/system repair programs were an acceptable substitute for real security products then why do we have these customers returning their computers for cleaning on a regular basis. On the other hand are customers who continue to use the programs we installed and only return for upgrades or other services but not on a regular basis for malware removal.
Update 09/23/2007 - Recently we have found on customers' computers programs that claim to remove junk files. These drive cleaner programs seem to have joined the list of rouge programs. If you are looking for a drive cleaner program one that is recommended is CCleaner from CCleaner.com. As a reminder before downloading programs check the help forums mentioned on these pages. A few minutes of web searching can save a lot of headaches later.
Update 02/22/2008 - Due to difficulty in downloading AdAware2007, a search was started for additional anti-spyware tools. A very good replacement was found in SuperAntiSpyware. The name and icons, according to some forum posters, are not very catchy. The program, however, gets the job done. Furthermore, we have had no problems downloading the program or getting updates.
+1 Personal Software Inspector
This section was added to the page 05/24/2008.
Since Service Pack 2 for Windows XP was released there has been a change in tactics used by the bad guys to distribute their malware. With Microsoft plugging vulnerability holes in Windows on a regular basis, vulnerabilities in third party software are now being exploited. This situation has been addressed by a few of the security programs available, such as Blink. Recently, a freeware program has become available that specializes in program vulnerabilities. Secunia's PSI (Personal Software Inspector) scans your computer looking for application modules with know vulnerabilities and when found advises of newer versions to acquire that have had the vulnerability fixed. This automates the process of checking for third party software updates and as a result makes it easier to maintain a secure system. Learn more about this relatively new type of security software on our Personal Software Inspector page.
Other security schemes have developed since this page was originally written. Windows Steady State sounds to be a good option for some users. Click the link for more information on this alternative.
Virtualization is being touted as a great means of securing your computer. This requires a lot of memory and an extra copy of Windows but as with Windows Steady State just rebooting the computer will eliminate any nasty stuff that might have been acquired. Not having experimented with Virtualization we can offer no legitimate recommendations. There is another method that has been reported on several occasions during the Security Now! netcast. Recently an episode was devoted to the interview of the author of Sandboxie, Ronen Tzur. Later there was an episode devoted to explaining what the different sandboxing methods can and can not do. We highly recommend listening in on these episodes and links are provided.
Ronen Tzur Interview
an 11 Mb download
Sandboxing Utility Discussion
a 7.2 Mb download
As a quick review, Sandboxie provides safe surfing while allowing retention of user files via program settings.Almost but not quite like other security tools. This extra layer of protection is avaiable for personal use as a free trial. When registered the one time registration fee for a life-time registration key to the current and all future versions of Sandboxie unlocks some very nice features that aren't accessible in the free version and the price is reasonable.
Trial Version
Purchase License/Registration Key
Microsoft, Microsoft Office, Windows, Windows XP and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other names have been included in the above text that are trademarks of the respective companies.
