Windows Security Page
This is a harden-your-boxen guide for Microsoft Windows 2000/XP. Protection from spyware, worms, backdoors, viruses, and other exploits are discussed here.
- ZoneAlarm is NOT the answer. You cannot firewall the same machine the firewall software is on.
- Norton Internet Security is NOT the answer. If you want to be pestered by a bunch of false positives and have your standard Internet programs blocked, then go ahead and purchase a false sense of security.
- Windows Updater and Windows Security Center (including Windows firewall) are not covered here. Windows Firewall is problematic. Use a hardware firewall wired between your PC and your Internet source.
- Although it is important to keep your Windows installation up to date, Auto Update may install useless annoyances like WGA and Microsoft spyware such as that which is built into the new Windows Media Player. It is recommended that you review and install all updates manually.
Now for the REAL tips:
Contents
AntiVirus Software
- Any one of the following products is fine.
- ClamAV for Windows - recommended because it is relatively current with virus definitions, as well as being completely free and open source.
- F-Prot Antivirus - commercial. Works well and is well priced for individuals.
- Symantec AntiVirus Enterprise Edition - Works very well but is very expensive. The Symantec AntiVirus is premium compared to their SOHO Norton AntiVirus.
Avoid: McAfee antivirus products, which detect false positives and block useful Internet applications. Also be sure to avoid Norton Internet Security. Both of these products are annoying, poorly designed, and give the naive user a false sense of security.
Anti Spyware and Spyware Removal
- Spybot Search and Destory - free and despite a few dopey design issues, does an okay job. Don't get too excited about the "tracking cookies" it detects. Cookies are, for the most part, harmless. They just want you to feel like the program is catching stuff.
- Adaware
Windows Registry Backup and Change Tracking
Traffic Monitoring
There's simply so much spyware and backdoor trojans, and so on out there that no tool is going to be able to detect them all. If you download and install software much then you need to be monitoring your computer traffic. Find out who your computer is talking to and what information it is sending by "sniffing the wire."
- windump - covered in the page Winpcap and Windump
- Ethereal