Quote:
Originally Posted by Xanthe
Interesting. Sometime in the next few months I'm going to do a wipe of my laptop, so maybe I'll try out Linux then.
|
No need to wait till you wipe: Live CDs let you boot from the CD and play, leaving your system untouched, and things like WUBI let your Linux install live within Windows, without requiring a repartition to make a separate Linux slice.
Quote:
|
The layers that I have are the ones that are useful to me. As you said, with the router a software firewall isn't really necessary but I too keep mine to control outbound access by my programs. I have an aversion to programs calling home unnecessarily; I tend not to allow auto-updating of programs. I like to know when changes are being made to my programs.
|
I have an assortment of apps blocked for outgoing in SPF, as there's no real reason for them to go outside.
Some apps I do auto update. I use Microsoft Update instead of Windows Update, for example, and so get patches and updates for MS Office as well as Windows itself. Other apps can be told to check for updates, and inform me when a new version is available. I tell them to, and update as new releases occur. (In general, I prefer to stay current.)
Quote:
|
I like WinPatrol because of the alerts it provides to changes to my start-up list and to various bits and pieces programs try to quietly add to IE and my computer. It also is a good information source for what's going on at the moment. Spyware Blaster is just set-and-forget passive protection, so it's not using resources. Mamutu is a behavior blocker/zeo-day monitor; it tends to provide alerts when programs have changed or when installations are doing suspect things. Zemana is behavior-based too, so it picks up on things that AV's tend not to. So those two programs are only activated when an anomaly occurs. There's actually not that much redundancy; it's more a matter of making sure specific security aspects that I'm concerned with are covered well.
|
I have other ways of monitoring my startup list, so WinPatrol isn't required for that, and I don't use IE save for very occasional compatibility tests, so things that try to update it aren't factors. Not using IE also does for spyware. Every spyware infestation I've seen used IE to get in. I use Firefox because it's a more powerful browser, but the fact that it doesn't support Active-X controls or BHOs is a major secondary reason.
Quote:
|
I tend to try out a lot of downloads from various sites and sometimes the software is dodgey. So NIS does trigger alerts in that instance and they seem to be precise. Some AVs I've used in the past tend to automatically label everything a generic trojan or virus from those sites, when they clearly are not (and when they also test clean on sites like Jotti's).
|
Okay, that's reasonable. By preference, what I run is free and open source, and what isn't is known good, from known good download sites. Dodgey software isn't a concern because I don't run it or try it. If I did, I'd do something like your setup.
Quote:
Well, that's the way mine is set up, because I have had updates screw up my computer. Vista is an odd bird. That's when I've given thanks for System Restore.
|
Oh, right. You run Vista. Yes, that would make me more cautious, too.
______
Dennis