[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: OT: Going without Norton



flash wrote:
Network security primer for private LANs:
snip<

Thanks, Flash, that was very helpful.

I notice that those who are happy with Norton are using the
Corporate Ed. I'll bet. But the ordinary versions for the average
J. Random User are, in my experience and the horror stories I've
heard, another story entirely.
The disadvantages of AV software are: 1) You must keep it current. That means: 1a) you have to keep paying for it, and 1b) you have tolerate it locking up the network whenever it updates itself.

This is very much an issue if, like me, you only have a dialup
connection. The free programs (ZoneAlarm free, AVG and Avast
free) are, I have found, much leaner than their paid
counterparts. So much so that at the office, where we shouldn't
use the free versions, which are offerred for noncommercial use,
we've paid for the commercial version, then downgraded to the
free. (In the case of AVG, the paid version would NOT believe
that there was only a dialup connection, and kept trying to
access the Internet every minute. Intolerable.)
2) Scanning files
slows down the CPU.
Hence I turn off continuous online scanning. Scan drive C: every
so often, and it's clean. Or if I notice anything suspicious
going on. But otherwise just let it monitor e-mail and Net activity.
There is no
such thing as a vaccine against all possible and future viruses. AV
software is just like flu vaccines: we have to wait for the first cases
to turn up before we can devise a specific measure against it. That
means that no matter how current your AV software is, there will always
be a window of vulnerability between the first outbreak of the next
generation of viruses and the availability of the next batch of AV
updates against them.
I have read that some AV products make use of heuristic
algorithms to catch brand new, not-yet-reported viruses simply by
their patterns or behavior. I believe Kaspersky is especially
good at this.
You can prevent the
second sort of invasion by not clicking on these so-called web enhancements.

As I was just telling someone offlist, I NEVER download
plug-ins--not even from the Vatican site! I don't care how
innocent its initial use may be, once you download it, it's on
your system and who knows what some other site will do with it. I
also turn off animations and video and all that sort of thing.
Partly because it would be too unbearably slow over dialup, but
also for security reasons.
As Wolfgang noted, a router with a good firewall should make ZoneAlarm software on the pc behind the router superfluous. Bear two things in mind, however. First, a router firewall blocks ports coming into the LAN, but may not block traffic going out--unless you know this to be otherwise, assume that the router firewall blocks only inbound traffic. (ZoneAlarm checks both directions.)

Yes. And I don't think you can use a router if you're accessing
the Net over dialup. Then, ZA or some other SW firewall is essential.

--
Patricia M. Godfrey
priscamg@xxxxxxxx