[gerG]

I just picked up a new PC. I was cleaning out some of the trash that Dell and Microsoft had installed on the hard drive, when I got fed up with all of the components trying to find a way to report in to the mother ship. I can firewall incoming pests, but I have never been successful in keeping things from getting out. Firewalls help, as does adaware. Still I have to allow a certain amount of duplex communication for my network to function. That is a sufficient path for resident software to ship out info. For reasons that I do not fully understand, this pisses me off!

Options:

1 - Quit being paranoid and get used to big brother looking out for my best interests.

2 - Set up a second network, internal only. The main machine gets access to the internal net, with the shared drives and music nodes (airport expresses in wds). Laptop can switch between intranet and internet access, but never both at once. Laptop has no critical files.

Something in between?

It would be a shame not having access to the web with the new machine, what with the dual 20" FP displays and all. Hence the dilemma.

Suggestions?


gerG

 

[rx7_fan]

i have a dell 9100 and never had the spyware problems, have you heard of Norton Internet Security? It tells you all incoming and outgoing connections including communication ports. Check it out.

 

[gerG]

Oh, yes, I use the Symantec software on most machines. It lets itself out first. Other programs have figured out how to give themselves permission on occasion. Neat trick. Zonealarm works better, but I have to set every single detail, such a pain.

I am not really worried about spyware per se. It is the OS and the main software that I do not trust. I already found a Microsoft data miner pre-installed. If I want internet access, I have to permit firefox or the like to get out. Even with the hardware firewall it seems impossible to keep stuff from leaking out.

Meh, I will probably get over it. At the very least I will tighten up the settings in the hardware firewall. At least I will learn something.


gerG

 

[Alydon]

If you have a new Dell it should come w/ either Norton or Mcafee Internet Security Suites. Some Dells come with both. Either one can be set up to block outgoing traffic on a program-by-program basis, and to ask you what to do if an app you haven't made an explicit rule for yet tries to access the Internet.

Also, if you have a router you might be able to set it up to block specific outgoing traffic as well, say by port for example.

EDIT: Yeah if you have an external hardware firewall (not just a little dlink router or something) you should be able to deny ALL outgoing traffic except that which you explicitly want to let out. Even Zonealarm should have that capability (I think - it's been awhile since I played w/ ZA)

 

[breadnbutter]

I had the best experiences with Zonealarm and Sygate, both are not as bloated as other similar products. Of course the configuration is a little anoying at first, but "block first, ask questions later" is probably the only secure approach.
With Adobe products and such stuff blocked by default I really don't worry about my personal data. So I see no reason for keeping your internal network disconnected from the Internet.

ZoneAlarm Pro also has a feature where the firewalls on client computers using Internet Connection Sharing communicate with the firewall on the ICS gateway computer (e.g. to forward messages and better identify traffic). I have not used this myself though.
Another Zonealarm feature is that it can automatically allow certain apps. I'm not sure how it works, but it allows some apps you install (e.g. after I installed an Appache server it had direct access). So far I had no problems with apps that where allowed against my intention, but don't take my word for it.

 

[rimmer]

I use (and suggest) software firewall on every machine. I am satisfied with Kerio Personall Firewall, IMHO way better in terms of configurability and effectivity than ZoneAlarm or anything else (I am a geek and I DEMAND exact protocol-port-specific setting for every app) AND a hw device helping in firewalling whole network. At least small router with NAT (like my ZyXEL DSL modem&router) which helps to omit direct connections or better a real hw dedicated firewall. I think ZyXEL makes one nice even portable design.

 

[sgrossklass]

If you have to worry about your apps "phoning home", then you're obviously using the wrong stuff. As for so-called "personal firewalls", these are a double-edged sword. While they can be useful in certain situations, they give a false impression of safety. Besides, real malware that is already on your computer is not unfrequently able to disable the most common such applications. You can certainly find more on this topic in computer security newsgroups.
My home security concept looks like this btw:
* DSL router w/ some firewall functionality - simple NAT works wonders. Risk of outside attacks reduced by several magnitudes.
* Install current security updates once in a while.
* Use a fairly safe web browser, Mozilla Seamonkey in this case, with Flash usually disabled (I don't think I have particularly current versions in use, and there was a security problem fixed not that long ago). IE suxx.
* Use a mail client that is not inherently insecure, which means no Outbreak Excess. I'm mostly using web interfaces, classic Mozilla Mail and, for archiving only, Netscape 4.78.
Security problems in the last, err, 5 years or so? None, except when I had the router config effed up (got lucky though). When I still had a notebook which could be in the university WLAN this got security updates more often, of course. A home network isn't too difficult to get secure IMHO, you typically neither have externally accessible services in there nor do strangers' computers have access. (Mind your WLANs, folks.)

BTW: Computers tend to work better if you keep Symantec bloatware at least several meters away. The last good stuff were the Norton Utilities for DOS.

 

[Hey_Its_Cole]

All of this can be disabled in Windows. I am trying to think of a good tutorial site to link but my memory is failing at this moment. I don't use firewall software either but I am also not an average user and don't recomend that route for most people. From the sound of it, you are secure, and might be being a tad bit paranoid but that never hurts

.

 

[Hey_Its_Cole]

Quote:

Originally Posted by sgrossklass If you have to worry about your apps "phoning home", then you're obviously using the wrong stuff. As for so-called "personal firewalls", these are a double-edged sword. While they can be useful in certain situations, they give a false impression of safety. Besides, real malware that is already on your computer is not unfrequently able to disable the most common such applications. You can certainly find more on this topic in computer security newsgroups. My home security concept looks like this btw: * DSL router w/ some firewall functionality - simple NAT works wonders. Risk of outside attacks reduced by several magnitudes. * Install current security updates once in a while. * Use a fairly safe web browser, Mozilla Seamonkey in this case, with Flash usually disabled (I don't think I have particularly current versions in use, and there was a security problem fixed not that long ago). IE suxx. * Use a mail client that is not inherently insecure, which means no Outbreak Excess. I'm mostly using web interfaces, classic Mozilla Mail and, for archiving only, Netscape 4.78. Security problems in the last, err, 5 years or so? None, except when I had the router config effed up (got lucky though). When I still had a notebook which could be in the university WLAN this got security updates more often, of course. A home network isn't too difficult to get secure IMHO, you typically neither have externally accessible services in there nor do strangers' computers have access. (Mind your WLANs, folks.) BTW: Computers tend to work better if you keep Symantec bloatware at least several meters away. The last good stuff were the Norton Utilities for DOS.

Ah! I should have read your post first. I agree, Symantec stays away from my computer even when it is free. My security setup is like yours a firwall in the router and I just keep malware and spyware off my computer but do to my hobbies, my computer has very little installed other than Games and Benchmarking aplications.

 

[blueworm]

Install Linux

 

[Asmo]

Quote:

Originally Posted by blueworm Install Linux

Yes, on a firewall between your computer and the outside world

Even something like smoothwall express (www.smoothwall.org) would be perfect, you can run it on a very cheap machine.

 

[ScubaSteve87]

Zone alarm works the best for what you want. Also don't be so paranoid. I really don't think Microsoft is going to try and take over the world through your home network

 

[AdamWill]

Right. Microsoft has access to much easier ways

 

[gshan]

How I cleaned my Dell.

Uninstall non-essential programs that Dell plopped onto the drive from the control panel. Ctrl-Alt-Del and Google all .exe's to see what else isn't essential. Kill the unwanted processes, find their locations on the hd and delete everything there. Run some spybot, adaware and antivirus.

If you don't reformat the drive, you can also reinstall Win just to clean out the registry. Boosted startup and shutdown times noticeably (system used to be severely bogged down). [you will lose program settings and registrations, things won't run anymore and will need to be reinstalled, so this could potentially be more of a hassle than reformat]

Spybot/Adaware/Norton/.exe check every month or so and all has been well.

-Oh, and stopped using IE. Changed to FireFox. I don't care if IE is "much improved", it still causes more problems

 

[springtide]

Firewalls, firewalls, firewalls!

Too be honest, Firewalls they are a waste of time (for home) for both viruses and spyware!
Why? If someone is going to attack you, guess which port they are going to use? Yep, port 80 (your web traffic) so it will most probably be open. (If you were an attacker, which port would you use?)

My Advice:

- If you have broadband sit behind a router doing NAT (Network address translation). This gets rid of most attacks.(They will find someone else!) NAT will mask most attacks as you are kind of hidden (Search the we for more info)

- Always keep up-to-date with Microsoft patches

- Buy (yes buy) a good quality (active!) virus tool (Norton etc)

- Buy (yes buy) a good quality Spyware (active!) tool (Spysweeper etc)

- STOP LOOKING AT ****! Well I'm not saying it's ****, but **** and anything illegal attracts spyware and viruses.

- Privicy search engines are pretty bad on privicy (without mentioning any woogling names)


Note: When I say *active* this means that it runs as an application or service acting as a sheild for your computer. The free versions generally don't offer this protection - which is why it's worth paying.