Every time I install a system, I usually recommend that the user acquire a handful of shareware and freeware to make their Internet experience
more enjoyable and safer. The following five packages are always installed on my systems as part of any new installation or reinstallation. Other
programs are also installed to check the security of the system and follow the essential five.
This page has been created because so many people I come in contact with don't realize how easy it is to protect yourself, your information and
your PC. There are just a handfull things to be aware of:
- Manditory Antivirus Protection
- Firewall Software
- Spam Control Software
- Useful Utilities (optional)
- Adware and Spyware detection and removal
- Bogus Internet tests
The following programs I consider essential for most Windows installations.
Just how secure is your PC?
Test your system here. and see what ports are
open.
- Anti-Virus Software
- I NO LONGER USE NOR RECOMMEND McAfee VirusScan!
An Anti-Virus
Solution MUST have all of the following:
- Daily or hourly updates 7 days a week. Automated installation of updates is essential. If the product will
auto-update as updates become available, this is even better. Two excellent products even have hourly updates if necessary
- Scheduled tasks so that you can do a complete scan of your system when it isn't being used (for example,
while you sleep).
- Download scan of all content entering your computer. E-mail and attachments (even compressed files) should
be fully scanned before they ever get onto your system.
- Scan Every File on your system frequently - daily if possible. Enable scanning of virus, macros, junk
programs, adware and anything that isn't essential.
The new Version 9 (2005) of McAfee Virus Scan and the new Norton Anti virus have some features that I find totally
unacceptable for a serious anti-virus solution. A user should never be required to reduce the level of their system security, change their
desired configuration or be forced to disable pop-up blocking to run any thire-party anti-virus package! The reasons I can no longer
recommend McAfee are:
- The product lies to you. It will state that your anti-virus is up-to-date when, in fact, it hasn't performed an update since it
was installed. It should indicate that it has a problem updating so that the user can address the problem and be protected.
- Requires MS Internet Explorer and ActiveX. If you are like one of the millions of users out there that use Firefox, Opera or
another web browser, McAfee's updates and installation will fail. If you run VirusScan, then you must also run IE with all it’s default
settings, configuration and enable ActiveX - all of which are known security risks. Thus, to use your anti-virus product you must actually
reduce the security level of your computer.
- You must allow pop-up ads to use the product. If you're one of the multitude of users that use pop-up ad blocking software or
browsers settings, then the installation and updates will fail. Again, the product will indicate that is does not have any problems.
- There is no logging capability so the user has no way of knowing if updates occur, viruses were detected or ??? Previous versions
had this but for some reason, it has been removed.
- There is no way to disable the McAfee VirusScan pop-ups. When a user is working on real-time applications, video editing, sound
editing or a similar activity, if VirusScan detects something, rather than clean/delete the offending file and go on it's merry way, VirusScan will
give you TWO pop-ups. One pop-up window that indicates VirusScan detected something and then another pop-up window prompts you to stop what you're
doing and completely scan your system. There is no way to disable this feature. The user is forced to redo their work since the undesired
interruption. Since many firewall products capture and keep packet logs, VirusScan is happy to report on these constantly.
- No way to exclude files from being scanned. Again, firewall logs are one item but there are other instances where the scanning of
resident files is undesirable. Previous versions had this ability but the improved version does not.
- User is required to install McAfee's marketing product Security Center. Security Center's only function seems to be to tell you
what McAfee products you don't have and then to indicate a reduced level of security which, when using other third-party products, does not give the
user a true indication of their system’s security level. Security Center will also tell you that your anti-virus is up-to-date when, in fact, it
is not.
- McAfee Customer Support is basically worthless. Manually hacking the system and its registry, constantly reinstalling the software
are not universal solutions to solving customer problems. The techs who answer the phones or use the on-line chat do not listen to what you have to
say and continue down the path of uninstall, hack the registry, manually remove files, reinstall. If this approach has not worked in at least
three tries, more attempts are not going to fix the situation either.
- Weekly updates only – no more daily updates. Many users today are on cable modems, DSL or other systems that keep their
system connected to the net. Viruses don't wait until Wednesday night to act. They act now! It is necessary for any quality anti-virus product
to insure that the system is fully up-to-date with the very latest definition files. In the rapid paced world of computer hacking, weekly updates are
not an option. Although McAfee does provide daily updates, the only way to implement these is to manually download them and manually install
them.
- Recommended Anti-Virus Products:
-
Back to Top of page.
- Firewall Software
- Firewall software has become a necessity today. Even dial-up users can experience many attacks per hour while they're
connected. The problem with firewalls is that the general user doesn't really understand sockets, ports, protocols, and such. For a package that
offers reasonable protection without being too sophisticated, the Black Ice PC
Protection package is quite good.
- Other types of firewalls are also available. Hardware, software and dedicated system firewalls all have their
advantages and disadvantages. Take some time to learn about these and most of your worries will be addressed.
- Which ever package you use, expect some time to add some protection policies to make your future more pleasant
and secure. The following may or may not apply to your situation but I DENY any external requests to enter my system on the following. There are
others you may want to add or remove. Linux users will probably use an included packet filter system or a real firewall such as Gauntlet or Firewall
1. I like Gauntlet but you need to understand networking to configure it properly.
| Port |
Protocol |
Description |
| 21 |
TCP |
FTP Vulnerabilities |
| 22 |
TCP |
SSH Secure Shell Service |
| 23 |
TCP |
Telnet Service |
| 69 |
UDP |
tftp Trivial FTP Service |
| 98 |
TCP |
Linux Configuration Service |
| 111 |
TCP & UDP |
SUN RPC Services |
| 135-139 |
TCP & UDP |
Microsoft DCOM RPC and Messenger Pop-Up Services |
| 161 |
UDP |
SNMP Services |
| 445 |
TCP & UDP |
Microsoft Server Message Block & Pop-Up Services |
| 1080 |
TCP |
WinGate IP Laundering |
| 1433 |
TCP & UDP |
Microsoft SQL Services |
| 4444 |
TCP & UDP |
MS Blaster Worm Port (krb524) |
| 27374 |
TCP & UDP |
Sub-Seven Trojan Horse Vulnerability |
For added security, BlackIce can have ICMP Ping Echo responses disabled. to do that edit and add enter the following
in your FIREWALL.INI file in the BlackIce program files directory
[MANUAL ICMP REJECT]
REJECT, 8:0, ICMP, 2001-10-15 00:01:00, PERPETUAL, 1000, MANUAL
Back to
Top of page.
- Anti-Spam Software
- Do NOT use one of the Web Based E-mail filters. You don't know what they're doing with your E-mail address or the
addresses of sent and received mail. The goal is privacy and sharing your E-mail address with an unknown entity defeats this all together!
Spam
Assassin has been reported to be a good product however, I have not used it. I am still using an ancient package that is no longer available. The
McAfee SpamKiller package has many of the same problems and issues that their Anti-Virus product (see above) has and thus, I cannot recommend it at
this time.
Back to Top of page.
- Button-Pushing Automation Software (Optional)
- RTVReco is an older package that I have found I generally can't
live without. I don't want to click on confirmation messages for everything I do. RTV Software came out with this package to reconnect you when your
dial up dropped but it is capable of a whole lot more. I must admit I liked the simplicity of the older package better but none-the-less, this is a
Must-Have package if you get annoyed by all the pop-ups asking you to confirm everything you do.
- Browser Aids (Optional)
- Naviscope s an old FREE software application that
can do many wondrous things for your Internet browsing experience. It can block most advertisements. It can block most Pop-Up/Pop-Over/Pop-Under
windows. It can keep your clock accurate (this function currently isn't working and I don't know why) and many other nice things. Its small and very
low overhead for your computer. Since it is still free as of this writing, why not grab yourself a copy. Note that
the advertising check software below may remove some of your default settings in Naviscope. Exclude registry settings for Naviscope if you don't want
this to happen or, just add your custom settings back in later.
NOTE: Naviscope has gone out of business so there is absolutely no
support for this product but the last copy of the software is available at the above link on our site.
Back to Top of
page.
- Ad-Aware
- This program will scan your system registry, cookies and such and will identify items that return advertising
information to others. Some of this information may contain data about you. Get this, install it and update it. Then, run it and be careful what you
ask it to clean up before you have Ad-Aware clean up anything. The current version as of this writing is 6 and is free.
- SpyBot Search & Destroy
- This is another program that will scan your system for dangerous Trojans and ad exploits that return advertising
information about you to others. Like Ad-Aware, this program also scans your registry and cookies. Get this, install it and update it. Then, run it
and be careful what you ask it to clean up before you have SpyBot Search & Destroy clean up anything. The current version as of this writing is
is also free.
Back to Top of page.
- eZula
- Many Internet web sites are running a "test" for the eZula virus/trojan/spyware program. The problem is that the test
actually creates what it is testing for and then tells you you're infected. It then sends you to http://www.whirlywiryweb.com to get instructions on it's removal. Please read their comments from visitors to
their site and you'll soon see that the test, it's removal and methodology are severely broken. Chances are very good that you don't have eZula and
never did have it even though this site indicates you do. The best advice I can give is to run
Ad-Aware AND SpyBot Search & Destroy
to see if you really have it. It is a waste of your time to follow the instructions they give for it's removal as their test site will forever tell
you that you've got it -- even though you do not.
Please inform any web site owners that run this test that it's not a valid test and further that
is gets a lot of people unnecessarily worried and frustrated.
Back to Top of page.
Prices of these products are subject to change as are the links. The top-level domain names should still provide access to current products or
services. I hope you find this useful and helpful. I have no association with any of these companies but I have used most of these packages for years
and have not had any problems as a result of their use. I've used these on Windows-95, Windows-98, Windows NT and Windows 2000 Pro. I'm not sure if
all of these will work with Windows XP as I tried XP and didn't like it that much.
Just how secure is your PC?
Test your system here. and see what ports are
open.
Copyright ©2003-2005 Cybergrass®. All rights reserved.