Free "condoms" for your 'poota.

[Kiwi]

We've had some great feedback to the bulk email to members about protecting your computers while online. Thanks to everyone who took the trouble to reply.

Microsoft also offer Security Essentials for free - download from here:
[url="http://windows.microsoft.com/en-US/windows/products/security-essentials"]http://windows.micro...rity-essentials[/url]

I've personally had issues with AVG not detecting trojans and found Norton to be deeply invasive, so ended up going with Kaspersky in on my laptop, which is a great application. I use Clamwin on the desktop PC but maybe there are other alternatives out there too.

I'd be grateful if the mac owners could post their advice re: sophos and other apps they're aware of for mac as there was some great advice in some of the responses.

[ShergoldSnickers]

Whilst historically, Mac users have been fairly immune - more on this later - from true virus attacks, I still advocate setting up the inbuilt firewall properly, using a non-admin account, and using anti-virus software like ClamXav - similar to Clamwin. It is just basic good practise. In a nutshell(ish), my advice to Mac users would be:

[b]The firewall:[/b]
Take the time to understand what this does. It can block or allow communication in and out of the computer. For a hacker to gain access in the first place, they have to be able to communicate with the machine. You can cut down on the avenues available for entry by setting the firewall to operate on an application by application basis.

For example, you may allow an application that allows you to upload files to a website to have both outgoing and incoming communications open if you use the non-passive upload option rather than passive. In non-passive mode the remote server takes control of the upload process, and requires that it can start the conversation.

A word processor, Pages or Word for example should not need any communications, so the default would be to disallow.

Little Snitch - [url="http://www.obdev.at/products/littlesnitch/index.html"]http://www.obdev.at/...itch/index.html[/url] - offers additional information about applications trying to send data out.

[b]Using a non-administrator account:[/b]
Any significant changes to a machine should be fully authorised. The level of authorisation depends on the type of account you have set up. On a Mac you have three types. A user account, an administrator account and the root account. The user account is the most restrictive and hence the safest - you can't install applications by default for example.

Any significant changes such as an installation, require an administrator to enter a username and a password. An administrator account requires just the password - you are already running as an administrator so a username is not required. It is less restrictive in terms of what can be done. The root account is disabled by default on a Mac, although it can be enabled if you know what you are doing. With this account, you are god on the machine and can do anything. That's why it's disabled.

Running as a simple user will help to make unauthorised access more difficult. Unfortunately, it cannot prevent it entirely. Most software has flaws. Most will probably be benign, but some will allow a determined hacker to trigger processes beyond the original flawed application. This type of vulnerability is all too common on all platforms, and can render antivirus software, firewalls and restricted accounts useless if carefully exploited.

[b]Using an anti-virus application[/b] like ClamXav - [url="http://www.clamxav.com/:"][color=#1324a7][u]http://www.clamxav.com/:[/u][/color][/url]
If you really know what you are doing, and you don't visit any nefarious bits of the web, then running an antivirus application on a Mac may be optional. There are still no true viruses for the Mac out in the wild, although there are a few trojans doing the rounds, and the odd website that triggers some behaviour that may trick a user. I'd probably recommend you run something like ClamXav, as it will also spot malware that works only under Windows, and help prevent you passing it on unwittingly to a Windows user.

Let's get this clear. The Mac is not inherently immune from viruses, trojans and other forms of malware. In some regards it is more difficult to construct something that will work, although a good trojan will work on any platform as it tricks the user into running something that's pretending to be something else. If they think they want to run it, they will. I'd be prepared for the probable rise in Macs being targeted - in fact it has already started, albeit at a low level. Active malware counts are still in the handful area, on Windows it's in the hundreds of thousands. There is absolutely no room for complacency or any false sense of superiority though.

Edited May 11, 2012 by ShergoldSnickers

[paul_5]

[quote name='Kiwi' timestamp='1336744986' post='1650363']
I'd be grateful if the mac owners could post their advice re: sophos and other apps they're aware of for mac as there was some great advice in some of the responses.
[/quote]

So would I, I read the thread about the DoS attack, and ultimately this is our site, and most of us [s]waste[/s] spend inordinate amounts of time on here, so taking the trouble to install a tiny piece of software will benefit all of us. I didn't see anything for Mac though, and even though it's been an ivory tower for a while the increased market share of Mac users has inevitably attracted the attentions of the 'bad sort of nerd'.

Is a Firewall enough for now, or should I be looking for something bit more specific, particularly as I run my machine on an administrator account?

[Dad3353]

[quote]free-condoms-for-your-poota...[/quote]

Sorry, I mis-read this euphemism. I'll leave quietly...

[sprocket123]

Avast Free Edition too , plus SuperAntiSpyware Free Edition for scanning , & Secunia s Personal Software Inspector Free Edition for software Auto Updates & Manual updates too .

Here s a good subject on the matter , hope it helps , plus all the guys that can help also .

[sprocket123]

Oops here s the link ...lol : http://www.maximumpc.com/article/features/protect_and_defend_32_ways_secure_your_digital_life

[Oopsdabassist]

I use Avast too, paid version on the advice of a mate of mine who works in the industry, gotta admit though Kiwi, your email threw me as it addressed me personally with a username not associated with my account on here. I thought it was a phishing type jobbie to start with!

[ShergoldSnickers]

[quote name='paul_5' timestamp='1336749328' post='1650460']
So would I, I read the thread about the DoS attack, and ultimately this is our site, and most of us [s]waste[/s] spend inordinate amounts of time on here, so taking the trouble to install a tiny piece of software will benefit all of us. I didn't see anything for Mac though, and even though it's been an ivory tower for a while the increased market share of Mac users has inevitably attracted the attentions of the 'bad sort of nerd'.

Is a Firewall enough for now, or should I be looking for something bit more specific, particularly as I run my machine on an administrator account?
[/quote]

The post above yours... is there enough detail in there or shall I expand it some more Paul?

[stevie]

I've used other free antivirus software but the Microsoft one is excellent, although it occasionally hogs the system when you open My Documents. Like Ped, I've experienced AVG missing viruses.

I've also tried a number of firewalls including Zonealarm, which in one of its incarnations forced me to reinstall the operating system!. The best one, in my opinion, because it's very easy to use, has virtually no overhead, and is very reliable, is the Ashampoo firewall. Nobody has ever heard of it but it's fantastic. Trust me. Vorsprung and all that. Just my two penn'orth. (I earn a living on my PC).

Edited May 11, 2012 by stevie

[JPAC]

I use the free version of Avast as well and once configured it's almost invisible to the user with updates etc. Avira came out top in a recent survey of free AV.

[Kiwi]

[quote name='stevie' timestamp='1336761162' post='1650777']
I've used other free antivirus software but the Microsoft one is excellent, although it occasionally hogs the system when you open My Documents. Like Ped, I've experienced AVG missing viruses.[/quote]
Ped?! AVG seems to have problems detecting the original infecting file so I had to use [url="http://free.antivirus.com/hijackthis/"]hijack this[/url] to manually identify the file based on other criteria and remove it. Typically it's a file that looks out of place in the system32 or system folder.

[quote name='stevie' timestamp='1336761162' post='1650777']
I've also tried a number of firewalls including Zonealarm, which in one of its incarnations forced me to reinstall the operating system!. The best one, in my opinion, because it's very easy to use, has virtually no overhead, and is very reliable, is the Ashampoo firewall. Nobody has ever heard of it but it's fantastic. Trust me. Vorsprung and all that. Just my two penn'orth. (I earn a living on my PC).
[/quote]
Thanks for that, heard about it but never tried it.

[url="http://www.ashampoo.com/en/usd/pin/0050/Security_Software/Ashampoo-FireWall-FREE"]http://www.ashampoo....o-FireWall-FREE[/url]

[jim_bass]

For PC I am a fan of [url="http://personalfirewall.comodo.com/free-download.html"]Comodo Internet Security[/url], which is also free.

For the mac, +1 for clamxav.

[Bloodaxe]

Another happy user of SuperAntiSpyware here. It's free too.

I'm surprised that no-one's mentioned [url="http://www.safer-networking.org/en/index.html"]Spybot S&D[/url] yet. I've used it for years & it's very good at rooting out little nasties that others may miss. Not had any issues with ZoneAlarm either at home (XP Pro) or on the laptop (W7 Home Premium), so that's still a 'must have' for me.

A site worth poking around is Steve Gibson's [url="http://www.grc.com/intro.htm"]Gibson Research Corporation[/url]. Try the 'Shields Up' test - if you don't get the 'Full Stealth' rating on the first three tests, you're possibly open to attack.

Another thing us Windows sufferers can do is to lock off the 'Hosts' file...

...you'll find it in C:\WINDOWS\system32\drivers\etc. (there really is a folder called "etc"!). Open it in wordpad & check it looks like the attached screengrab.

[sharedmedia=core:attachments:46042]

Delete any entry below the "127.0.0.1 Localhost" line unless you run Spybot S&D, in which case it's OK to leave the Spybot stuff intact. Then save it & change its Properties to Read Only.

There are some nasties that'll write entries to this file - usually in the form of urls - & this'll block access to any website in the list. Ever wonder how viruses (virii?) block access to AVG, Norton, McAfee etc? It's also a cunning way of legitimately blocking websites.

FWIW, the last nasty I got came (I think) from YouTube when there was a security issue with Adobe Flash Player a year or so back. Video files can harbour malware, so if you're 'researching a technique', be careful where you go.

Pete.

[Jean-Luc Pickguard]

I'm OK as I don't have a computer & never go on the internet

[Gust0o]

Remember:[i]bag it, before you HTML tag it.[/i]



Surf safe, people.

[ped]

[quote name='Gust0o' timestamp='1336825569' post='1651596']
Remember:[i]bag it, before you HTML tag it.[/i]



Surf safe, people.
[/quote]

[chrismuzz]

[quote name='Gust0o' timestamp='1336825569' post='1651596']
Remember:[i]bag it, before you HTML tag it.[/i]



Surf safe, people.
[/quote]

This is destined to become a meme. We saw it first!

[Inchgower]

There are indeed a number of good free AV products, Avast being my favourite.

It's important too to guard againt malware generally, but the free versions of anti-malware products only scan on request. IMHO it's worth the £20 one off payment (no annual renewal required) for Malwarebytyes, which runs continuously in the background like an AV does.

Running an AV and an AM program together will not cause any problems, but don't run two AVs together.

[sprocket123]

[quote name='Gust0o' timestamp='1336825569' post='1651596']
Remember:[i]bag it, before you HTML tag it.[/i]



Surf safe, people.
[/quote]

lol big time buddy

[bigjohn]

Good stuff.

I use ESET. [url="http://www.eset.co.uk/"]http://www.eset.co.uk/[/url]

It aint cheap, but it's the best out there.

[Marvin]

[quote name='ShergoldSnickers' timestamp='1336745563' post='1650383']
Whilst historically, Mac users have been fairly immune - more on this later - from true virus attacks, I still advocate setting up the inbuilt firewall properly, using a non-admin account, and using anti-virus software like ClamXav - similar to Clamwin. It is just basic good practise. In a nutshell(ish), my advice to Mac users would be:

[b]The firewall:[/b]
Take the time to understand what this does. It can block or allow communication in and out of the computer. For a hacker to gain access in the first place, they have to be able to communicate with the machine. You can cut down on the avenues available for entry by setting the firewall to operate on an application by application basis.

For example, you may allow an application that allows you to upload files to a website to have both outgoing and incoming communications open if you use the non-passive upload option rather than passive. In non-passive mode the remote server takes control of the upload process, and requires that it can start the conversation.

A word processor, Pages or Word for example should not need any communications, so the default would be to disallow.

Little Snitch - [url="http://www.obdev.at/products/littlesnitch/index.html"]http://www.obdev.at/...itch/index.html[/url] - offers additional information about applications trying to send data out.

[b]Using a non-administrator account:[/b]
Any significant changes to a machine should be fully authorised. The level of authorisation depends on the type of account you have set up. On a Mac you have three types. A user account, an administrator account and the root account. The user account is the most restrictive and hence the safest - you can't install applications by default for example.

Any significant changes such as an installation, require an administrator to enter a username and a password. An administrator account requires just the password - you are already running as an administrator so a username is not required. It is less restrictive in terms of what can be done. The root account is disabled by default on a Mac, although it can be enabled if you know what you are doing. With this account, you are god on the machine and can do anything. That's why it's disabled.

Running as a simple user will help to make unauthorised access more difficult. Unfortunately, it cannot prevent it entirely. Most software has flaws. Most will probably be benign, but some will allow a determined hacker to trigger processes beyond the original flawed application. This type of vulnerability is all too common on all platforms, and can render antivirus software, firewalls and restricted accounts useless if carefully exploited.

[b]Using an anti-virus application[/b] like ClamXav - [url="http://www.clamxav.com/:"][color=#1324a7][u]http://www.clamxav.com/:[/u][/color][/url]
If you really know what you are doing, and you don't visit any nefarious bits of the web, then running an antivirus application on a Mac may be optional. There are still no true viruses for the Mac out in the wild, although there are a few trojans doing the rounds, and the odd website that triggers some behaviour that may trick a user. I'd probably recommend you run something like ClamXav, as it will also spot malware that works only under Windows, and help prevent you passing it on unwittingly to a Windows user.

Let's get this clear. The Mac is not inherently immune from viruses, trojans and other forms of malware. In some regards it is more difficult to construct something that will work, although a good trojan will work on any platform as it tricks the user into running something that's pretending to be something else. If they think they want to run it, they will. I'd be prepared for the probable rise in Macs being targeted - in fact it has already started, albeit at a low level. Active malware counts are still in the handful area, on Windows it's in the hundreds of thousands. There is absolutely no room for complacency or any false sense of superiority though.
[/quote]

Quality post SS. Clamxav is much more user friendly than it used to be. Thank you

[geoffbyrne]

I was a big supporter of Zonealarm Firewall for many years, with its being one of the very, very few that stopped dangerous OUTGOING data as well as incoming. However the latest version has been castrated and it isn't any better or different than most of the others these days.

Looking around I came across Comodo Firewall, which I thought was decent, but I later came across one called 'Private Firewall' - this used to be a commercial product but is now free!!! Good-Oh!.

I've downloaded it and put it on the laptop and find myself reasonably impressed. It seems to give me back all the protection that the early versions of Zonealarm used to give me.

Of course, if you have a decent built-in firewall in your modem/router as I have at home, you shouldn't really need another, but I take my laptop roaming with a dongle and defo need protection outwith the house.

I currently use Private Firewall, Avira AntiVirus, Ad-Aware, Spybot and Malwarebytes on the laptop.

On the PCs behind the hardware firewall, I tend to use the Microsoft Security Essentials with the software firewall turned off and the aforesaid Ad-Aware, Spybot & Malwarebytes.

If others would like to give Private Firewall a good look, I'd be interested in other opinions.

[url="http://download.cnet.com/Privatefirewall/3000-10435_4-10371057.html"]http://download.cnet...4-10371057.html[/url]

G.

Edited June 25, 2012 by geoffbyrne