Security overkill?

Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
with cable ISP. Use Firefox 85% of the time. Use Outlook as my
email/pim.

I'm wondering whether I really need to run the amount of security
software I'm running or whether it's taking too much overhead.

I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
the shields active.

I used to run Spysweeper only when I actually wanted to scan my machine
every week or so.

I've just switched to Spyware Doctor (was this a good idea?), and I'm
once again wondering whether I should leave it running "on guard" all
the time or whether it's unnecessary use of resources.

Any thoughts about Spyware Doctor and is it bloated - does it use an
inordinate amount of resources? Is it intrusive?

TIA

Louise

Louise

Well, it really depends. On one hand you have the phrase "better safe than
sorry" which is applicable in this situation. But it also depends on how
much you use the internet and what kinds of websites you visit.

In my opinion, a good security set up for a computer on a router (and I
assume broadband) should consist of A browser that doesn't use activeX
(Firefox or Netscape), a AntiVirus, a Firewall (Software, on the computer in
addition to the one on the router because the router does not filter
outbound connections), 2-3 AntiSpyware (1 paid and 2 Free I recommend
Ad-Aware and Microsoft AntiSpyware for the free. McAfee, Webroot Spy
Sweeper or Spyware Doctor for the Paid. Using only one of the paid will
work.) Yes Spyware Doctor will work and it will not take up any more space
than any other AntiSpyware. No AntiSpyware is a Magic Bullet so it is
important to use the combo I listed above or something like it. Personally
I use McAfee Internet Security suite and McAfee AntiSpyware along with
AdAware and Microsoft Antispyware and I use Netscape for my browser.

But again, it all depends on your needs. I need the internet for my job and
I can't afford any down time and I have to go on a number of sites where the
security of the site is not clear

Also, if you are have problems with SPAM run a spam filter. SpamKiller by
McAfee works well.

From: "Louise" <>

| Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
| with cable ISP. Use Firefox 85% of the time. Use Outlook as my
| email/pim.
|
| I'm wondering whether I really need to run the amount of security
| software I'm running or whether it's taking too much overhead.
|
| I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
| the shields active.
|
| I used to run Spysweeper only when I actually wanted to scan my machine
| every week or so.
|
| I've just switched to Spyware Doctor (was this a good idea?), and I'm
| once again wondering whether I should leave it running "on guard" all
| the time or whether it's unnecessary use of resources.
|
| Any thoughts about Spyware Doctor and is it bloated - does it use an
| inordinate amount of resources? Is it intrusive?
|
| TIA
|
| Louise

The software sounds fine.

However, I do suggest the you block both TCP and UDP ports 135 ~ 139 and 445 on the Router.

Depending on the model and version, the settings are at the following URL...
http://192.168.1.1/Filters.htm

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Louise wrote:

> Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
> with cable ISP. Use Firefox 85% of the time. Use Outlook as my
> email/pim.
>
> I'm wondering whether I really need to run the amount of security
> software I'm running or whether it's taking too much overhead.
>
> I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
> the shields active.
>
> I used to run Spysweeper only when I actually wanted to scan my machine
> every week or so.
>
> I've just switched to Spyware Doctor (was this a good idea?), and I'm
> once again wondering whether I should leave it running "on guard" all
> the time or whether it's unnecessary use of resources.
>
> Any thoughts about Spyware Doctor and is it bloated - does it use an
> inordinate amount of resources? Is it intrusive?
>
> TIA
>
> Louise

....on windows you can never run too much security software...

On Wed, 13 Jul 2005 10:04:36 -0400, Louise <> wrote:

>Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
>with cable ISP. Use Firefox 85% of the time. Use Outlook as my
>email/pim.
>
>I'm wondering whether I really need to run the amount of security
>software I'm running or whether it's taking too much overhead.
>
>I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
>the shields active.
>
>I used to run Spysweeper only when I actually wanted to scan my machine
>every week or so.
>
>I've just switched to Spyware Doctor (was this a good idea?), and I'm
>once again wondering whether I should leave it running "on guard" all
>the time or whether it's unnecessary use of resources.
>
>Any thoughts about Spyware Doctor and is it bloated - does it use an
>inordinate amount of resources? Is it intrusive?
>
>TIA
>
>Louise


I think that you are doing fine,... agree that Spyware Doctor does not
need to run on guard,... free copy is ok. The only thing I mess in
your list is a regular clean-up of temporary & other non functional
bits & pieces. (Be Clean or Crap Cleaner). And a disk cleaning from
time to time,... defrag,... and an additional (other) spyware cleaner
(Ad Aware, Spybot)
not at all overkill imho



--
www.nondisputandum.com - soft reviews:
freeware to Protect & Clean your PC
freeware Office tools & Webbuilding aid
+ the Internet Addiction Test

On Wed, 13 Jul 2005 10:04:36 -0400, Louise <> wrote:

>Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
>with cable ISP. Use Firefox 85% of the time. Use Outlook as my
>email/pim.
>
>I'm wondering whether I really need to run the amount of security
>software I'm running or whether it's taking too much overhead.
>
>I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
>the shields active.
>
>I used to run Spysweeper only when I actually wanted to scan my machine
>every week or so.

It all depends on what sort of internet lifestyle you have.

You say you are a heavy office user, what does that mean? Do you run
web/mail/proxy/mySQL servers for example? Vulnerabilities in server
software could allow an intruder to completely own your box despite
the things you have right now. For this kind of situation you want to
look into things such as hardening your server/OS and using security
apps that monitor processes and prevent hijacking (ProcessGuard is
absolutely the best).

As a heavy home user do you install and experiment with a lot of stuff
from non mainstream sources? If you're not installing stuff regularly,
it tends to go the overkill side.

I would ditch Outlook, but that's more of a precaution than a
necessity. You should be alright but you never know where the next
security flaw is going to be. And be certain there will be.

Rootkit technology is only in its infancy so be on the lookout for new
preventive measures as this evolves. Right now, I think only
ProcessGuard type apps would be effective against it.

In article <>,
says...
> On Wed, 13 Jul 2005 10:04:36 -0400, Louise <> wrote:
>
> >Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
> >with cable ISP. Use Firefox 85% of the time. Use Outlook as my
> >email/pim.
> >
> >I'm wondering whether I really need to run the amount of security
> >software I'm running or whether it's taking too much overhead.
> >
> >I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
> >the shields active.
> >
> >I used to run Spysweeper only when I actually wanted to scan my machine
> >every week or so.
>
> It all depends on what sort of internet lifestyle you have.
>
> You say you are a heavy office user, what does that mean? Do you run
> web/mail/proxy/mySQL servers for example? Vulnerabilities in server
> software could allow an intruder to completely own your box despite
> the things you have right now. For this kind of situation you want to
> look into things such as hardening your server/OS and using security
> apps that monitor processes and prevent hijacking (ProcessGuard is
> absolutely the best).

I don't run a server. I do access webmail on one host server that gets
approximately 100 pieces of spam/day. I also run GoToMyPC and access my
machine from outisde on a somewhat regular basis.
>
> As a heavy home user do you install and experiment with a lot of stuff
> from non mainstream sources? If you're not installing stuff regularly,
> it tends to go the overkill side.

I don't install a lot of non-mainstream stuff as I always try to be
careful. I run Firefox, Trillium, and several small utilities such as a
batch file creator, but nothing really "experimental".

>
> I would ditch Outlook, but that's more of a precaution than a
> necessity. You should be alright but you never know where the next
> security flaw is going to be. And be certain there will be.

I love Outlook and have used it happily for many years. It syncs with
my Palm Pilot and although I know it's "risky", I don't want to part
with it. I'm running Avast on the high setting for Outlook and I use
SpamBayes. Beyond that, I never open attachments without scanning them
and I hope I stay safe. I do keep a few Ghost image backups about 3
weeks apart from one another.
>
> Rootkit technology is only in its infancy so be on the lookout for new
> preventive measures as this evolves. Right now, I think only
> ProcessGuard type apps would be effective against it.
>
So, with the above clarifications. You suggested I might be on the
"overkill side", and that is my suspicion as well. What would you not
run, or not leave running, to reduce the "overkill"?

TIA

Louise

In article <>,
says...
> On Wed, 13 Jul 2005 10:04:36 -0400, Louise <> wrote:
>
> >Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
> >with cable ISP. Use Firefox 85% of the time. Use Outlook as my
> >email/pim.
> >
> >I'm wondering whether I really need to run the amount of security
> >software I'm running or whether it's taking too much overhead.
> >
> >I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
> >the shields active.
> >
> >I used to run Spysweeper only when I actually wanted to scan my machine
> >every week or so.
> >
> >I've just switched to Spyware Doctor (was this a good idea?), and I'm
> >once again wondering whether I should leave it running "on guard" all
> >the time or whether it's unnecessary use of resources.
> >
> >Any thoughts about Spyware Doctor and is it bloated - does it use an
> >inordinate amount of resources? Is it intrusive?
> >
> >TIA
> >
> >Louise
>
>
> I think that you are doing fine,... agree that Spyware Doctor does not
> need to run on guard,... free copy is ok. The only thing I mess in
> your list is a regular clean-up of temporary & other non functional
> bits & pieces. (Be Clean or Crap Cleaner). And a disk cleaning from
> time to time,... defrag,... and an additional (other) spyware cleaner
> (Ad Aware, Spybot)
> not at all overkill imho
>
>
>
>
Thanks for your thoughts.

You have a point about cleanup. Here's what I do now:

I run AdAware once in a while in addition to Spy Doctor.

I run a different anti virus program online (free), once in a while.

I defrag on an average of once a week with Diskeeper.

I generally use Firfox and have the preferences set so as to keep
history for only a few days etc. I actually want this history.

Whenever I uninstall a program, I run JV16 to clean the registry. And,
about every month, completely haphazardly, I run JV16 and clean out
whatever has accumulated.

I use Executive Software Undelete. Therefore, I wouldn't want the
recycle bin cleaned completely.

So, a lot of my programs control the data build up, but not all of it.

I looked a Crap Clean and Be Clean and they both looked like they did a
lot of the things I'm already doing one way or the other.

Is there something I could do to just clean out temp files and other
odds and ends that wouldn't want to do more than I need or want?

Louise

On Wed, 13 Jul 2005 17:11:31 -0400, Louise <> wrote:

>> You say you are a heavy office user, what does that mean? Do you run
>> web/mail/proxy/mySQL servers for example? Vulnerabilities in server
>> software could allow an intruder to completely own your box despite
>> the things you have right now. For this kind of situation you want to
>> look into things such as hardening your server/OS and using security
>> apps that monitor processes and prevent hijacking (ProcessGuard is
>> absolutely the best).
>
>I don't run a server. I do access webmail on one host server that gets
>approximately 100 pieces of spam/day. I also run GoToMyPC and access my
>machine from outisde on a somewhat regular basis.

Is that host server part of your inner network? The fact that it's
getting spam is not of concern. It can be a problem if it is not
properly secured or the software has known vulnerabilities to which
there is no patch. Then your whole network could be at risk.

GoToMyPC allows remote access to your PC which is a weak link.
www.Secunia.com has no advisory warnings for it which is good. I would
much rather have a VPN based solution but if you've done your research
with it I see no problems.

>> As a heavy home user do you install and experiment with a lot of stuff
>> from non mainstream sources? If you're not installing stuff regularly,
>> it tends to go the overkill side.
>
>I don't install a lot of non-mainstream stuff as I always try to be
>careful. I run Firefox, Trillium, and several small utilities such as a
>batch file creator, but nothing really "experimental".

If your box is stable and you won't be installing anything (specially
freeware/shareware stuff) you could start contemplating the
possibility to eliminate applications that monitor this area.
Anti-spyware, personal firewalls, anti-trojans, etc. But only if you
are not on a local network. Do you have wireless access points? WEP
128-bits is a joke, crackable by script kiddies in 15 minutes.
Security is not that simple.

>> I would ditch Outlook, but that's more of a precaution than a
>> necessity. You should be alright but you never know where the next
>> security flaw is going to be. And be certain there will be.
>
>I love Outlook and have used it happily for many years. It syncs with
>my Palm Pilot and although I know it's "risky", I don't want to part
>with it. I'm running Avast on the high setting for Outlook and I use
>SpamBayes. Beyond that, I never open attachments without scanning them
>and I hope I stay safe. I do keep a few Ghost image backups about 3
>weeks apart from one another.

Those precautions are fine but they apply to any email client. In the
past, vulnerabilities specific to Outlook have allowed infection by
doing nothing! And today the danger is not only in the attachments but
the links. That's how phishing scams have become so widespread.
Anti-virus technology relies heavily on signatures, which means it
must be identified beforehand. I'd say the likelihood of getting a
0day infection from Outllook is higher than for any other email
client. You are taking your chances, but at least you know it.

>So, with the above clarifications. You suggested I might be on the
>"overkill side", and that is my suspicion as well. What would you not
>run, or not leave running, to reduce the "overkill"?

It could be overkill, but it could be "underkill"! My main objective
was to show you that there are many points of vulnerabilities and some
are not fixed by simply installing applications. You could need more
depending on what you are doing! )

You appear to be a knowledgable user so how about this for an answer.
If you want to cut something out, the software firewall is a potential
candidate. The Linksys router is doing the main part and you are not
installing new stuff. The anti-spyware I also consider optional if you
are not installing programs. The Anti-virus could go for the same
reason but these days they do a lot more than detecting traditional
viruses. For example, they take care of evil Java/Javascript malware
from clicking websites and worms. You must have something for those.

One more tip. Install Process Explorer from www.sysinternals.com and
check how much resources your system is currently using right now.
Vendors are much concerned about this nowadays and you might even be
surprised.

In article <JHaBe.6251$zj4.3048@trndny06>, DLipman~nospam~@Verizon.Net
says...
> From: "Louise" <>
>
> | Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
> | with cable ISP. Use Firefox 85% of the time. Use Outlook as my
> | email/pim.
> |
> | I'm wondering whether I really need to run the amount of security
> | software I'm running or whether it's taking too much overhead.
> |
> | I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
> | the shields active.
> |
> | I used to run Spysweeper only when I actually wanted to scan my machine
> | every week or so.
> |
> | I've just switched to Spyware Doctor (was this a good idea?), and I'm
> | once again wondering whether I should leave it running "on guard" all
> | the time or whether it's unnecessary use of resources.
> |
> | Any thoughts about Spyware Doctor and is it bloated - does it use an
> | inordinate amount of resources? Is it intrusive?
> |
> | TIA
> |
> | Louise
>
> The software sounds fine.
>
> However, I do suggest the you block both TCP and UDP ports 135 ~ 139 and 445 on the Router.
>
> Depending on the model and version, the settings are at the following URL...
> http://192.168.1.1/Filters.htm
>
>
Thanks.

Could you tell me what these ports are sometimes used for (other than
"bad" things)?

I just want to be sure I'm not blocking something I use and want.

Louise