blog.stuco.me

DBA (Database Adventurer)

Friday, October 14, 2005


Vigilant Redux: My Favorite Products

My post about protecting your Windows-based PC from Internet Trash (hey, another 'IT' phrase) was written with a deliberate technical bent, but Chris Marsden's comment brought to my attention that I neither recommended any products nor was my explanation of NAT routers particularly sufficient. I felt that a follow-up post on what products I like and use was in order, so here it is.

NOTE to Brian Glass: Yes, Linux would be best protection, but we all know that the evil Microsoft still has this world by the short hairs. However, as soon as I download the Fedora 4 distro and load it on another LPAR, I'll write a geeked-out post on the penguin, just for you. :)

Firewall: Any NAT Router (aka Broadband Router)
NAT is an acronym for Network Address Translation. The basic concept is that it takes your public IP address issued by your ISP, translates it to a private IP address range so that no casual hacker can directly access your PC. For a really good and in-depth explanation of how a NAT router operates as a firewall, check out Episode 3 of the Security Now! podcast [mp3 or transcript].

Currently, I use the Buffalo Wireless Cable/DSL Router. The one I have is an older 54 Mbps model, but it looks exactly the same. I like this model, because when I bought it 2 years ago, it was the best looking (white and no ugly antennas), it had the best wireless range of the pre-Cisco Linksys and Netgear routers, and for a company who also competed on the Enterprise level, their consumer products were comparably priced.

Antivirus: NOD32 by ESET
Prior to 2003, I used Norton Antivirus because it was decent. Since then, Norton Antivirus and the absolutely horrid Internet Security Suite have earned both of my thumbs down. McAfee's in the same boat. Because they try to do everything in one product, it bogs down the computer and until the built-in outbound firewall is "trained", you spend a lot of time telling it how to treat every little piece of unique traffic and you don't even know if what you're telling it is correct. NOT user-friendly and unnecessarily cumbersome.

NOD32 is a terrific antivirus program, nothing more and nothing less. It's very lightweight, costs $40 per year and downloads new updates daily. Conversely, I've waited up to 4 days for a Norton update.

Spyware: Spybot Search & Destroy
I used to use Lavasoft Ad-Aware and it still is a decent spyware/adware/malware remover, however not my first choice anymore. I prefer Spybot Search & Destroy that can be freely downloaded from www.safer-networking.org (not .com). Both Spybot and Ad-Aware remove annoying and malicious spyware and you have to periodically (weekly) download updates of newly discovered threats. The advantage of Spybot is that it has an immunize feature that places a list of known spyware website addresses into your Internet Explorer so that it will automatically block any attempt from those sites that attempt to infiltrate your system. Still, it's not perfect and it requires diligence in running regular scans and regular updates.

If you're looking for a "set it and forget it" spyware solution, I've heard that Spy Sweeper is good, but it costs $30 per year and I haven't had any experience with it. As for Microsoft's Antispyware program, I've found that it breaks some programs and doesn't come close to catching all spyware objects.

I hope this helps some of you and, as always, feel free to throw in your 2 cents and add to the conversation.



2 Comments:

At 8:28 PM, Anonymous Anonymous said...

Thanks Stuart. Our church finally went online with DSL today and have been in the midst of answering some of those questions. We get three months free of McCaffee, but I haven't heard anything good about it that will make me want to keep it (it's only $2.50 per month per computer) so I was looking for something better/cheaper. We are using a Linksys wireless router (WRT54G). This does the Network Address Translation you were talking about. As it turns out, we didn't get a DSL modem, but a router, so I actually have 2 NAT's. Real world to 192.168.1.1, then that network to another one through DHCP. Not sure if that makes it better, but it is working. I will download SpyBot on Monday and I already use Firefox exclusively on my Windows machines (I use a little of everything on my mac). Thanks again for the particulars.

 
At 8:43 PM, Blogger Stuart Cowen said...

Chris, I'm glad that this is ammo that you can use. This "first line of defense" is great for home users or even a small office with a handful of independent or peer networked computers. Once you get a server in place or start routing mail or web traffic directly to the church, things get more tricky - and wierd. For instance, Symantec, Norton's parent company, actually has a good corporate anti-virus suite that's nothing like Norton and is actually a product I would recommend. Trend Micro is my favorite corporate antivirus suite, but you pay more. Keep my email address (stuartcowen@gmail.com) and let me know if you need to bounce ideas or questions off me. The blog is a awesome launch pad for an offline conversation such as this.

Blessings, Dude!

 

Post a Comment

<< Home