Vigilant Redux: My Favorite Products

My post about protecting your Windows-based PC from Internet Trash (hey, another 'IT' phrase) was written with a deliberate technical bent, but Chris Marsden's comment brought to my attention that I neither recommended any products nor was my explanation of NAT routers particularly sufficient. I felt that a follow-up post on what products I like and use was in order, so here it is.

NOTE to Brian Glass: Yes, Linux would be best protection, but we all know that the evil Microsoft still has this world by the short hairs. However, as soon as I download the Fedora 4 distro and load it on another LPAR, I'll write a geeked-out post on the penguin, just for you. :)

Firewall: Any NAT Router (aka Broadband Router)
NAT is an acronym for Network Address Translation. The basic concept is that it takes your public IP address issued by your ISP, translates it to a private IP address range so that no casual hacker can directly access your PC. For a really good and in-depth explanation of how a NAT router operates as a firewall, check out Episode 3 of the Security Now! podcast [mp3 or transcript].

Currently, I use the Buffalo Wireless Cable/DSL Router. The one I have is an older 54 Mbps model, but it looks exactly the same. I like this model, because when I bought it 2 years ago, it was the best looking (white and no ugly antennas), it had the best wireless range of the pre-Cisco Linksys and Netgear routers, and for a company who also competed on the Enterprise level, their consumer products were comparably priced.

Antivirus: NOD32 by ESET
Prior to 2003, I used Norton Antivirus because it was decent. Since then, Norton Antivirus and the absolutely horrid Internet Security Suite have earned both of my thumbs down. McAfee's in the same boat. Because they try to do everything in one product, it bogs down the computer and until the built-in outbound firewall is "trained", you spend a lot of time telling it how to treat every little piece of unique traffic and you don't even know if what you're telling it is correct. NOT user-friendly and unnecessarily cumbersome.

NOD32 is a terrific antivirus program, nothing more and nothing less. It's very lightweight, costs $40 per year and downloads new updates daily. Conversely, I've waited up to 4 days for a Norton update.

Spyware: Spybot Search & Destroy
I used to use Lavasoft Ad-Aware and it still is a decent spyware/adware/malware remover, however not my first choice anymore. I prefer Spybot Search & Destroy that can be freely downloaded from www.safer-networking.org (not .com). Both Spybot and Ad-Aware remove annoying and malicious spyware and you have to periodically (weekly) download updates of newly discovered threats. The advantage of Spybot is that it has an immunize feature that places a list of known spyware website addresses into your Internet Explorer so that it will automatically block any attempt from those sites that attempt to infiltrate your system. Still, it's not perfect and it requires diligence in running regular scans and regular updates.

If you're looking for a "set it and forget it" spyware solution, I've heard that Spy Sweeper is good, but it costs $30 per year and I haven't had any experience with it. As for Microsoft's Antispyware program, I've found that it breaks some programs and doesn't come close to catching all spyware objects.

I hope this helps some of you and, as always, feel free to throw in your 2 cents and add to the conversation.

Comments

Anonymous said…
Thanks Stuart. Our church finally went online with DSL today and have been in the midst of answering some of those questions. We get three months free of McCaffee, but I haven't heard anything good about it that will make me want to keep it (it's only $2.50 per month per computer) so I was looking for something better/cheaper. We are using a Linksys wireless router (WRT54G). This does the Network Address Translation you were talking about. As it turns out, we didn't get a DSL modem, but a router, so I actually have 2 NAT's. Real world to 192.168.1.1, then that network to another one through DHCP. Not sure if that makes it better, but it is working. I will download SpyBot on Monday and I already use Firefox exclusively on my Windows machines (I use a little of everything on my mac). Thanks again for the particulars.
8:28 PM
Stuart Cowen said…
Chris, I'm glad that this is ammo that you can use. This "first line of defense" is great for home users or even a small office with a handful of independent or peer networked computers. Once you get a server in place or start routing mail or web traffic directly to the church, things get more tricky - and wierd. For instance, Symantec, Norton's parent company, actually has a good corporate anti-virus suite that's nothing like Norton and is actually a product I would recommend. Trend Micro is my favorite corporate antivirus suite, but you pay more. Keep my email address (stuartcowen@gmail.com) and let me know if you need to bounce ideas or questions off me. The blog is a awesome launch pad for an offline conversation such as this.

Blessings, Dude!
8:43 PM
Post a Comment

Popular posts from this blog

Google Talk

Image
Google's Instant Message product hit the "shelves" earlier this morning for Windows only. There's no Linux or Mac client yet, but there are guides to connecting to the protocol on iChat, Gaim, and Trillian. Neowin post : Google Talk enables you to call or send instant messages to your friends for free–anytime, anywhere in the world. Google Talk is simple and intuitive to use. There's no clutter, no pop-ups, no unnecessary software to install. Talk also features some interesting VoIP features like Skype. Google Talk uses the Jabber protocol however instant messaging members of other clients doesn'’t appear to be supported. So far, I love it! It's very lightweight and includes a newer GMail Notifier. Looks like you need to have a GMail account to use it, though. If you need a GMail invite to try the IM, I've got plenty - just send me your email address!
Read more

T minus 8 days: No Particular Update

Today was a hodgepodge of ramping up activities for the new SQL Server gig which starts on July 1st now (that's news, right?). I installed Microsoft Assessment and Planning Toolkit 5.5, but didn't get to do anything with it. I also read a few great tutorials on MSSQLTips covering Stored Procedures, SQL Server Reporting Services and SQL Server Integration Services. My last professional exposure was SQL Server 2005, so I have some "refreshing" ahead of me. :) I am also amassing a list of books that I want to purchase (someday), but I'm still going back and forth on the "real bound book vs. eBook on an iPad" debate. eBooks are much less expensive and not as cumbersome, but will I miss the tactile quality of a bound book? Will eInk be as efficient for me as a few dead trees? Seriously though, I should stop moaning about it and just go the eBook route and become a proper member of the 2010 generation. There, debate over... I think. I'm behind on blog rea...
Read more

iPod has become wePod

It's true. Now that I've ripped all of our CDs into iTunes (including the Kids' CDs) and subsequently onto the iPod, I find that my wife uses it almost as much as me. In the morning, she's blasting music from it onto the kitchen radio. If she's going somewhere by herself, "Babe, where's the iPod?". In the family van on the weekends, she's spinning the clickwheel like a veteran DJ flippin' the wax. Don't get me wrong, I am not bitter in the least. Rather, I am totally jazzed that she "gets it". Now, I'm saving my pennies to buy her a "shePod". By the way, I don't think my darling would be using the iPod nearly as much if it weren't for the Griffin iTrip (er, weTrip?). It's a definite must-have accessory.
Read more