Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
with cable ISP. Use Firefox 85% of the time. Use Outlook as my
email/pim.

I'm wondering whether I really need to run the amount of security
software I'm running or whether it's taking too much overhead.

I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
the shields active.

I used to run Spysweeper only when I actually wanted to scan my machine
every week or so.

I've just switched to Spyware Doctor (was this a good idea?), and I'm
once again wondering whether I should leave it running "on guard" all
the time or whether it's unnecessary use of resources.

Any thoughts about Spyware Doctor and is it bloated - does it use an
inordinate amount of resources? Is it intrusive?

TIA

Louise

Well, it really depends. On one hand you have the phrase "better safe than
sorry" which is applicable in this situation. But it also depends on how
much you use the internet and what kinds of websites you visit.

In my opinion, a good security set up for a computer on a router (and I
assume broadband) should consist of A browser that doesn't use activeX
(Firefox or Netscape), a AntiVirus, a Firewall (Software, on the computer in
addition to the one on the router because the router does not filter
outbound connections), 2-3 AntiSpyware (1 paid and 2 Free I recommend
Ad-Aware and Microsoft AntiSpyware for the free. McAfee, Webroot Spy
Sweeper or Spyware Doctor for the Paid. Using only one of the paid will
work.) Yes Spyware Doctor will work and it will not take up any more space
than any other AntiSpyware. No AntiSpyware is a Magic Bullet so it is
important to use the combo I listed above or something like it. Personally
I use McAfee Internet Security suite and McAfee AntiSpyware along with
AdAware and Microsoft Antispyware and I use Netscape for my browser.

But again, it all depends on your needs. I need the internet for my job and
I can't afford any down time and I have to go on a number of sites where the
security of the site is not clear

Also, if you are have problems with SPAM run a spam filter. SpamKiller by
McAfee works well.

From: "Louise" <none@nospam.com>

| Win XP Pro, SP2 with MS firewall turned off. Heavy home/office user
| with cable ISP. Use Firefox 85% of the time. Use Outlook as my
| email/pim.
|
| I'm wondering whether I really need to run the amount of security
| software I'm running or whether it's taking too much overhead.
|
| I have a Linksys NAT router. I run Sygate Pro. I run Avast with all
| the shields active.
|
| I used to run Spysweeper only when I actually wanted to scan my machine
| every week or so.
|
| I've just switched to Spyware Doctor (was this a good idea?), and I'm
| once again wondering whether I should leave it running "on guard" all
| the time or whether it's unnecessary use of resources.
|
| Any thoughts about Spyware Doctor and is it bloated - does it use an
| inordinate amount of resources? Is it intrusive?
|
| TIA
|
| Louise

The software sounds fine.

However, I do suggest the you block both TCP and UDP ports 135 ~ 139 and 445 on the Router.

Depending on the model and version, the settings are at the following URL...
http://192.168.1.1/Filters.htm

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Louise wrote:

....on windows you can never run too much security software...

On Wed, 13 Jul 2005 10:04:36 -0400, Louise <none@nospam.com> wrote:


I think that you are doing fine,... agree that Spyware Doctor does not
need to run on guard,... free copy is ok. The only thing I mess in
your list is a regular clean-up of temporary & other non functional
bits & pieces. (Be Clean or Crap Cleaner). And a disk cleaning from
time to time,... defrag,... and an additional (other) spyware cleaner
(Ad Aware, Spybot)
not at all overkill imho



--
www.nondisputandum.com - soft reviews:
freeware to Protect & Clean your PC
freeware Office tools & Webbuilding aid
+ the Internet Addiction Test ;-)

On Wed, 13 Jul 2005 10:04:36 -0400, Louise <none@nospam.com> wrote:

It all depends on what sort of internet lifestyle you have.

You say you are a heavy office user, what does that mean? Do you run
web/mail/proxy/mySQL servers for example? Vulnerabilities in server
software could allow an intruder to completely own your box despite
the things you have right now. For this kind of situation you want to
look into things such as hardening your server/OS and using security
apps that monitor processes and prevent hijacking (ProcessGuard is
absolutely the best).

As a heavy home user do you install and experiment with a lot of stuff
from non mainstream sources? If you're not installing stuff regularly,
it tends to go the overkill side.

I would ditch Outlook, but that's more of a precaution than a
necessity. You should be alright but you never know where the next
security flaw is going to be. And be certain there will be.

Rootkit technology is only in its infancy so be on the lookout for new
preventive measures as this evolves. Right now, I think only
ProcessGuard type apps would be effective against it.

In article <kksad1hbih6mmjh43c0vcfhrsr19ogssj0@4ax.com>,
no.spam@invalid.com says...
I don't run a server. I do access webmail on one host server that gets
approximately 100 pieces of spam/day. I also run GoToMyPC and access my
machine from outisde on a somewhat regular basis.
I don't install a lot of non-mainstream stuff as I always try to be
careful. I run Firefox, Trillium, and several small utilities such as a
batch file creator, but nothing really "experimental".

I love Outlook and have used it happily for many years. It syncs with
my Palm Pilot and although I know it's "risky", I don't want to part
with it. I'm running Avast on the high setting for Outlook and I use
SpamBayes. Beyond that, I never open attachments without scanning them
and I hope I stay safe. I do keep a few Ghost image backups about 3
weeks apart from one another.
"overkill side", and that is my suspicion as well. What would you not
run, or not leave running, to reduce the "overkill"?

TIA

Louise

In article <5usad15tt690poul92g7c78s3omevhd2tv@4ax.com>,
freeagent@nondisputandum.com says...

You have a point about cleanup. Here's what I do now:

I run AdAware once in a while in addition to Spy Doctor.

I run a different anti virus program online (free), once in a while.

I defrag on an average of once a week with Diskeeper.

I generally use Firfox and have the preferences set so as to keep
history for only a few days etc. I actually want this history.

Whenever I uninstall a program, I run JV16 to clean the registry. And,
about every month, completely haphazardly, I run JV16 and clean out
whatever has accumulated.

I use Executive Software Undelete. Therefore, I wouldn't want the
recycle bin cleaned completely.

So, a lot of my programs control the data build up, but not all of it.

I looked a Crap Clean and Be Clean and they both looked like they did a
lot of the things I'm already doing one way or the other.

Is there something I could do to just clean out temp files and other
odds and ends that wouldn't want to do more than I need or want?

Louise

On Wed, 13 Jul 2005 17:11:31 -0400, Louise <none@nospam.com> wrote:

Is that host server part of your inner network? The fact that it's
getting spam is not of concern. It can be a problem if it is not
properly secured or the software has known vulnerabilities to which
there is no patch. Then your whole network could be at risk.

GoToMyPC allows remote access to your PC which is a weak link.
www.Secunia.com has no advisory warnings for it which is good. I would
much rather have a VPN based solution but if you've done your research
with it I see no problems.

If your box is stable and you won't be installing anything (specially
freeware/shareware stuff) you could start contemplating the
possibility to eliminate applications that monitor this area.
Anti-spyware, personal firewalls, anti-trojans, etc. But only if you
are not on a local network. Do you have wireless access points? WEP
128-bits is a joke, crackable by script kiddies in 15 minutes.
Security is not that simple.

Those precautions are fine but they apply to any email client. In the
past, vulnerabilities specific to Outlook have allowed infection by
doing nothing! And today the danger is not only in the attachments but
the links. That's how phishing scams have become so widespread.
Anti-virus technology relies heavily on signatures, which means it
must be identified beforehand. I'd say the likelihood of getting a
0day infection from Outllook is higher than for any other email
client. You are taking your chances, but at least you know it.

It could be overkill, but it could be "underkill"! My main objective
was to show you that there are many points of vulnerabilities and some
are not fixed by simply installing applications. You could need more
depending on what you are doing! )

You appear to be a knowledgable user so how about this for an answer.
If you want to cut something out, the software firewall is a potential
candidate. The Linksys router is doing the main part and you are not
installing new stuff. The anti-spyware I also consider optional if you
are not installing programs. The Anti-virus could go for the same
reason but these days they do a lot more than detecting traditional
viruses. For example, they take care of evil Java/Javascript malware
from clicking websites and worms. You must have something for those.

One more tip. Install Process Explorer from www.sysinternals.com and
check how much resources your system is currently using right now.
Vendors are much concerned about this nowadays and you might even be
surprised.

In article <JHaBe.6251$zj4.3048@trndny06>, DLipman~nospam~@Verizon.Net
says...

Could you tell me what these ports are sometimes used for (other than
"bad" things)?

I just want to be sure I'm not blocking something I use and want.

Louise

In article <MPG.1d3f8f3b396f274198978c@news.newsguy.com>, on Thu, 14 Jul 2005 00:08:06 -0400, Louise
wrote:

{}

| Could you tell me what these ports are sometimes used for (other than
| "bad" things)?
|
| I just want to be sure I'm not blocking something I use and want.

<http://www.commodon.com/threat/threat-allports.htm>
<http://ports.tantalo.net/>
<http://www.iss.net/security_center/advice/Exploits/Ports/>
<http://www.sans.org/resources/idfaq/oddports.php>
<http://www.chebucto.ns.ca/~rakerman/port-table.html>
--
DavidPostill

<cut>
You do fine, better than most. You know a lot. Share your knowledge.

Take a look at the configuration of Crap Cleaner or Be Clean. You can
set it up do do exactly and only what you want. You can ad a specific
map to be cleaned. And both offer the possibility to clean up
automatically when you close down your pc.

I've got - since many many years now - a terribly good feeling about
Be Clean, but I have to admit that since it's last upgrades, Crap
Cleaner has become equally good. Be Clean is not updated anymore, so
the advantage is that you will not be surprized. I wrote the author
few times but he does not answer. Crap Cleaner is updated regularly,
it works fine and also known since years but I have no idea who is
behind this brilliant piece of software. So I remain - as always -
prudent after every upgrade... and so should you every time a (free)
program upgrades.





--
www.nondisputandum.com - soft reviews:
freeware to Protect & Clean your PC
freeware Office tools & Webbuilding aid
+ the Internet Addiction Test ;-)

On Wed, 13 Jul 2005 17:11:31 -0400, Louise <none@nospam.com> wrote:

I also use (among other) Outlook. It serves me well. Besides, it is
heavily used in professional context,.. so onece on gets used to it...
Secundo: En aexample, the Mozilla mailclient is certainly safer,.. but
less potent than Outlook. A user of Outlook Express would gain by
switching to another mailclient, not a user of Outlook imho.


--
www.nondisputandum.com - soft reviews:
freeware to Protect & Clean your PC
freeware Office tools & Webbuilding aid
+ the Internet Addiction Test ;-)

In article <da7cd11gksl9kqf3ie4gh5na6oshqsa2le@4ax.com>,
freeagent@nondisputandum.com says...
now you've given me a better reason to choose it.

Louise

From: "Louise" <none@nospam.com>


| Thanks.
|
| Could you tell me what these ports are sometimes used for (other than
| "bad" things)?
|
| I just want to be sure I'm not blocking something I use and want.
|
| Louise

Sure...

Port 135 -- Remote Procedure Call (RPC) and Location Service (loc-srv) -- used by the MS
Networking for various functionalities.

Port 136 -- nothing uses this port and it is easier to exclude the range, inclusive of this
port, than to enter the exact ports.

Ports 137, 138 and 139 -- NetBIOS over IP, the main component of MS Networking to access
File and Print Shares.

Port 445 -- Microsoft-DS, Used for Server Message Blocks and other MS Networking constructs
on Win2K, WinXP and Win2003 Server.

None of these ports are used for normal Internet access. They are used on the Local Area
Network (LAN) to share data between computeers but are not (annd should not be open to) the
Internet or the Wide Area Network (WAN).

By putting those plocks in hackers and Internet worms won't enter the LAN and no MS
Networking can leak out onto the WAN. A simple but effective protection.



--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

In article <zNtBe.3634$WA4.959@trndny04>, DLipman~nospam~@Verizon.Net
says...

Louise

On Wed, 13 Jul 2005 17:11:31 -0400, Louise <none@nospam.com> wrote:

If you need Outlook only for the ability to sync with your PP, then
know you can still use it for that purpose, while using a safer client
for e-mail. I use Outlook to sync my calendar with my Kyocera phone,
but use Pegasus exclusively for e-mail.

Författare Louise 2005-07-13 :
I don.t think is overkill, you could use Thunderbird instead of OE and
use moore than one spywaredetector, I recomend two or three. Use
Antivir instead of Avast, its better.

--
http://w1.853.comhem.se/~u85329080/
http://web.comhem.se/~u85329080/indexB.htm
http://web.comhem.se/~u85329080/Freeware.htm
And I don.t play golf

Författare David H. Lipman 2005-07-13 :
Why not block every port apart from them you use???

--
http://w1.853.comhem.se/~u85329080/
http://web.comhem.se/~u85329080/indexB.htm
http://web.comhem.se/~u85329080/Freeware.htm
And I don.t play golf

From: "Robsten" <finns.pa.hemsidan@min.com>

| Författare David H. Lipman 2005-07-13 :
| Why not block every port apart from them you use???
|
| --
| http://w1.853.comhem.se/~u85329080/
| http://web.comhem.se/~u85329080/indexB.htm
| http://web.comhem.se/~u85329080/Freeware.htm
| And I don.t play golf
|

65K+ ports TCP and 65K+ UDP ports ?

Then there is the fact that I connect to a specific port but the return data will be opened
on another post and each connection will opened in succeeding ports. This would wreak havoc
in connectivity and is contraindicated.

Basically you want to block ports that LAN nodes have open for Daemons/Services and can be
compromised by the right kind of protocol connective.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm