Note: this particular page is even more of a work in progress than
the rest of the site. Still got some links to put in, and even more
snapshot reviews and other goodies, so check back frequently. Ta.
In the good old pre-Windows days, when modems were little more than
a telephone handset plonked in a cradle, I had a rather nasty experience
of a guy hacking into my computer and making a real mess of the files
there. At the time I was running my own business, and did all my accounts
and stuff on that single machine. Well, the resulting havoc really
screwed things up for me for quite a few months.
Nowadays (purely for fun) I'm running three desktop PCs and a couple
of laptops, with a mixture of Win98SE, W2K Pro, WinXP, and a bit of
Linux floating around in the background. How things change!
Four or five years ago I was hit by a series of malware attacks, and
a suspected hack attempt. Sorting myself out from that I learned the
importance (and peace of mind!) of having good computer security,
and since then a variety of friends and acquaintances have persuaded
me to help sort out their (mainly adware/spyware-related) computer
problems for them.
So, though far from being a computer-security expert, I've learned
a few things along the way, and tried/tested loads of different programs
with varying degrees of success/satisfaction. (I've also developed
an abiding interest - some would say obsession - in computer security
issues!)
This is the background against which I've compiled the following list
of apps that I rate as being worth the effort of installing (and bear
in mind that this is only the best, imo, of the many that I've tried
and tested).
anti-virus
Forget the big names! There're some excellent alternative AV apps out
there for free, and they do equally as good a job. Check out any of
these (er... the last one isn't a freebie)...
AVG Antivirus
For years (ever since I recovered from my virus infestations)
this was my AV of choice. Its a superb product, and comes free for
home use, or in a Professional version with a nominal price tag. As
is usual with this sort of approach, both versions do exactly the
same job, but the Pro version offers a few more options. Easy to install
and configure, I've yet to encounter conflicts with other security
software that may be running.
Avast! Antivirus
Again, this is another one of those jobbies that comes
in a "free for home use" or "pro" version. Have to confess that I've
had little joy from the pro version - each time I've tried to install
it the installation file seems to generate weird errors or simply
refuses to work. But who cares, cos the free version is problem-free
and does a perfectly good job. In fact, I'd argue that its equally
as good as AVG.
ClamWin Antivirus
Their blurb says: "ClamWin is a Free Antivirus for Microsoft
Windows 98/Me/2000/XP and 2003. It comes with an easy installer and
open source code. Note that ClamWin does not include an on-access
real-time scanner. You need to manually scan a file in order to detect
a virus or spyware. ClamWin Free Antivirus includes Clam AntiVirus
engine and uses the GNU General Public License by the Free Software
Foundation and is free (as in freedom) software."
ClamWin Free Antivirus is also available as a
portable package
able to be run from a USB stick (for example).
My only criticism of ClamWin is that the scanner is considerably slower
when compared to other products.
Frisk
Software International do a comprehensive range of AV apps, of
which the Antivirus for DOS is the basic free (for home use) version.
Frisk say they're no longer supporting it, but will continue to provide
virus def files for it for the forseeable future. Its an incredibly
basic on-demand only scanner-type program, but runs quite happily
from removeable media (floppy disk or USB stick). It has no automatic
update feature, but there's a separate update utility you can install
that's quite nifty - soon as I've got the time I'll dig out the URL
for it.
Although a bit clunky, and despite its name, its still a very useful
tool in the AV arsenal - in fact I used it recently to help clean
up a friend's WinXP machine that had become infested with trojans
and adware (although its a bit temperamental when used on an XP machine
- sometimes it'll work, sometimes it won't).
Kaspersky
Unlike the previous, this one doesn't have a freebie
version. Since the last time I tried it they've made significant changes,
most noticeably in the interface department. So its now a lot more
user-friendly but appears, in the course of achieving this, to have
sacrificed quite a few configuration options. Pity, because that unfortunately
gives less control to the user. That said, its still a good product,
and they now do a version as part of a "Security Suite" that includes,
firewall, anti-spyware, etc.
Although its never recommended to have more than one AV program running
at a time, it is good practise to have a couple installed -
one as the main real-time scanner monitoring everything as it happens,
with a second (ideally from a different vendor) for use as an on-demand
scanner.
The rationale behind this is that whilst no single AV program can
be guaranteed to be 100% effective, by having access to two different
ones (using different scanning techniques etc) whatever nasties slip
by one stand a very good chance of being caught by the other.
Thus, of the above, either AVG, Avast! or Kaspersky could be used
as the real-time scanner, with either ClamWin or F-Prot being called
as the on-demand scanner. Or mix'n'match as you wish; as long as the
backup AV isn't set to be running all the time everything should be
fine.
And do remember to keep your virus definition files up-to-date.
I check mine daily, but if that's too onerous you can, just about,
get by with weekly updates.
For current info on viruses "in the wild" check out the side bar or
take a look at Symantec Security Response.
anti-trojan
A more specialised example of the anti-malware app are the anti-trojan
apps. Although for W2K and WinXP these are gradually being supplanted
by apps with a different approach, they're useful
to have knocking around, particularly if you're still running Win98/Win98SE/WinME.
My all-time favourite, DiamondCS' TDS-3, is unfortunately no longer
supported but these (shareware programs) are worth checking out...
Tauscan
The Cleaner
TrojanHunter
For some excellent trojan-related info and useful links take a look
at anti-trojan.org
and Hackfix.org
anti- adware/spyware
Lavasoft
Ad-Aware SE
Inexplicably I only started using this within the past
few months yet already I can see why its generally so highly-rated.
A really effective program, seemingly capable of scanning the parts
others just can't reach! I've found it to be successful in removing
stubborn adware that've remained resilient to other programmatic (as
opposed to manual) removal attempts and I can't now imagine being
without it.
Another one of those that comes in shareware or freeware flavours,
the latter having slightly less functionality.
Spybot
S&D (Search & Destroy)
Includes the nifty "Tea Timer" utility that can be set
to run on system start-up and monitors changes to critical areas of
the Windows Registry.
Doesn't seem to be quite as efficient as Lavasoft's Ad-Aware but even
so its very good, and even better for being freeware.
Spyware
Blaster
From the makers of
MRU Blaster (a
handy little utility for the privacy-conscious), this one should really
be called "Spyware Blocker" in that its approach is to block adware/spyware
from being inadvertently installed in the first place. Also helps
to prevent browser hijacking attempts and modifications to the Hosts
file - all without needing to be running as a service. Freeware.
Another freebie. Happily runs alongside your AV program
and does pretty much the same sort of job - except specifically targetting
spyware, blocking any spyware detected before it can execute. Other
features include downloads and browser hijacking protection, and also
has a logging facility.
personal firewalls
WinXP users - whatever you do don't rely on the built-in Windows firewall.
Its crap! Switch it off immediately and install a reputable firewall
instead. Any of these are worth a go...
Agnitum
Outpost Professional
My former favourite, abandoned in preference to Kerio
(below) simply because Outpost's a bit pricier and doesn't offer much
in the way of additional features. Nevertheless a very good app, and
I've still got a bit of a soft spot for it. There's also a freeware
version with reduced functionality.
Kerio
Personal Firewall (KPF)
Shareware successor to the excellent Tiny Personal Firewall
(see below), it'll continue to function in basic mode even after the
(very cheap!) license has expired. Highly configurable and with superb
logging features, this is my current favourite.
Tiny Personal Firewall
As fas as I know v2.1 was the very last freeware version
of this truly amazing app, and its still downloadable from various
locations though you'll need to do a websearch for it. Well worth
the effort however.
Once you've familiarised yourself with the fairly basic interface
you'll discover its very configurable, and its incredibly kind to
system resources. I've used one version or another for quite a few
years (having obtained my first copy as a giveaway on the cover CD
of a computer magazine) without a single criticism or complaint.
Admittedly it does have its limitations; for example if its installed
on a computer using WinRoute or Microsoft Internet Connection Sharing
then expect problems. Within those constraints however its very stable.
ZoneAlarm
This currently (and for some time now) seems to be flavour
of the month in personal firewalls. I tried a much earlier version
quite some time ago now and wasn't at all impressed with it. Went
back to it a while later (version 4.x on) and have to admit that it'd
become quite impressive. Its available as either freeware or shareware,
both versions now being very good.
Although I've got no hesitation in recommending any of the above, I
have to say that (with the single exception of Tiny Personal Firewall)
I've experienced occasional system instabilities with all of them.
Both Outpost and ZoneAlarm have sometimes caused a system hang, and
Kerio's displayed the rather unsettling tendency to crash after setting
up new user profiles. Also, updating Kerio to a later version is not
as glitch-free as one could hope for. In fairness these bugs may have
now been ironed out, but the fact remains that the only personal firewall
app I've found to be completely trouble-free has been Tiny.
If you're interested in a slightly more technical appraisal of personal
firewalls, check out the LeakTest
at Gibson
Research Corporation.
Latest Additions...
I've been trying out a couple of other firewalls that have only recently
appeared on my horizon.
Both of them are free, and both look very promising, although its
too soon to say just how good they are.
If anyone's already had experience of them and would like to provide
input please do get in touch.
Comodo
Personal Firewall
Comodo appears to be an American company specialising
in internet security services, and offers both a free firewall and
antivirus program. I've had this installed for quite a few months
now on some machines I maintain for a friend, and it appears to perform
very satisfactorily. Of some slight concern though is the frequency
with which it seems to "check back home" - something not to be expected
from a firewall product!
Filseclab Personal
Firewall
An offering (unusually) from a Chinese company this
time. First impressions of this free firewall product were excellent,
though the interface (whilst "pretty") takes some getting used to.
I said when I first included this in the list that "This could well
get to be one of my favourites if it performs in fact as well as it
appears to". Well, it does! In fact, rather better than most people
would want, almost to the point of being intrusive. If its configured
absolutely correctly its fine but unless you're an old hand at configuring
firewalls I can't really recommend using it. However, if you are
an old hand then you'd have to look long and hard for a better freebie
alternative.
Of course, an alternative approach is to go the hardware route; that
old PC you've got lying around in the attic collecting dust could
be cleaned up and pressed into service as a dedicated firewall box.
If you feel like checking out this option take a look at SmoothWall.
If you've already got a firewall installed, are you sure you've set
it up correctly?
...is an on-line service that'll help you check your firewall configuration
for free.
And when you've done that, download and run the "LeakTest"
utility from the same people (its also free!).
registry protectors & startup monitors
Up to and including WinXP the super-critical set of files known as
the "Registry" are what really makes Windows tick. Casually tinker
with the Registry and you run the very real risk of messing up your
entire OS. Similarly, the Registry is the first target-of-choice for
most malware, and its essential to keep an eye on certain Registry
entries (or "keys") to avoid a lot of the problems caused by malware.
Here's a collection of apps that'll do just that, usually quite quietly
and efficiently.
DiamondCS
RegProt
Boy, do I love those guys at DiamondCS! I've yet to
be critical of any of their apps, and this one's no exception. Its
a bit dated now, but RegProt's a little program that simply notifies
you when changes are detected to critical parts of the registry and
provides you with the option of accepting or rejecting those changes.
Also, its free.
Grr!
Similar in function to RegProt above, but a bit more
snazzy. And it growls! Shareware.
Hijack This!
This ubiquitous little app has become virtually indispensable
to those seriously concerned about malware threats. The heart of the
creature is the facility to do a very comprehensive system scan (very
quickly) and return a report on start-ups, running progs, processes,
BHOs (BHO = Browser Helper Object), autoloading entries, and lots
of other stuff. It includes a few other useful little tools (a process
manager, a hosts file manager, an uninstall manager and a couple of
other useful functions) but the real value of the app lies in the
scan report. There's an option to remove dodgy items (though sometimes
this doesn't seem quite as successful as some other apps) but you
can also save a logfile of the result, and its this logfile that's
so useful - cos its become practically a standard reference on absolutely
loads of anti-malware websites and online help communities. Use Hijack
This! then as a reporting/diagnostic tool and before too long you'll
begin to wonder how you ever managed without it. It'll also run quite
happily from removeable media (i.e., USB stick) so you can carry it
with you as part of a
portable security
toolbox. And its free!
RegRun II is a now-obsolete program from GreatisSoft.
There are more recent versions, but imo none of them match the excellence
of the old II. And, if you're still a Win98/Win98SE user it truly
is an excellent program providing not just registry protection but
a whole lot of other stuff as well. And unlike later versions its
not resource-hungry. Whether or not its still available is anybody's
guess but if you haven't upgraded (?!) to XP yet its well worth the
effort of searching around the web for a copy, or on an old cover
CD from a computer mag (which is where I first grabbed mine). The
above link might work, but I'm not making any promises ;)
S&D
Tea Timer
An efficient registry monitor that comes as part of
Spybot S&D (
see above).
A straightforward little program that'll simply report
on apps that are configured to start up automatically whenever you
fire up your machine, handily separating them into "Necessary", "Useful",
"Useless", "Harmful", and "Unknown" categories. However, it does a
little bit more in providing you with the very easy option of selecting
those you want to disable. The results it returns aren't quite as
comprehensive as one could wish so I wouldn't recommend it to be used
to sort out serious problems, but as a quick-fix for say checking
on and disabling legitimate but undesired start-ups its fine - and
free!
WinPatrol
Umm... can't quite make up my mind about this one. It
provides some really rather good monitoring, blocking, and reporting
functions, and seems efficient enough. Its just that I'd like it a
whole lot more if it weren't so damn twee ("Scotty on patrol"... oh
do give up. And that irritating yapping - not at all a decent growl.
And the stupid SystemTray icon). Available in freeware and shareware
flavours, with the latter offering additional functionality.
And on those occasions when you need to dive into the registry yourself,
here's one of the nicest tools I've found to help with the job...
RegSeeker
blockers
This is a class of programs that'll intercept and block the execution
of specified files...
DiamondCS
WormGuard
This is the real heavyweight. A shareware program from
the Aussie computer security techs DiamondCS, it comes with a number
of file extensions preconfigured (principally script files) to prevent
them from being executed without your permission, but these can be
modified at will, and you can either add your own extensions or even
specific filenames to a customisable blacklist. Has various configuration
options, and a logging feature.
The program is designed to start up with the system and sits very
quietly (and invisibly!) in the background until a blacklisted or
potentially harmful file is about to be executed when it'll instantly
kick in and ask whether you really want to execute the program.
Wherever possible it'll also display a text rendition of the potentially
harmful file to help you in making your decision. Also picks up files
with double extensions.
Script
Defender
A small, basic utility from AnalogX that efficiently
intercepts and blocks the execution of script files. Configurable.
Freeware.
Script
Sentry
Similar to Script Defender above. Also freeware.
anti-rootkit
Ah, rootkits - the worrisome new threat on the block. Actually not
all that new, but a threat to which WinXP seems particularly vulnerable.
Read all about them here,
but meanwhile...
DiamondCS
ProcessGuard
Another offering from our old friends DiamondCS again.
This is the program they introduced as they phased out their brilliant
anti-trojan TDS-3. The objective is similar, the approach completely
different. Monitors the behaviour of all applications and gives the
user complete real-time control over the permissions given to each
app. Shareware, but worth every penny.
IceSword
More of an analysis tool than specifically a rootkit
blocker, but its reporting options will readily detect the presence
of rootkits - if you know what to look for! Intended more for the
techie-inclined. Very powerful, so use with care! Freeware.
web browsing
Most browsers nowadays come with the facility to turn active scripting
off, block pop-ups etc, and any good firewall should deal with the
remaining unwanted ads in webpages etc, so a bit pointless covering
all the little (allbeit excellent) utilities and add-ons that're floating
around.
In terms of the browsers themselves there are still differences in
level of vulnerability, but there are a couple I'd unhesitatingly
recommend...
Firefox
My absolute favourite, from the good folk at Mozilla.
All the usual features come with the program straight out the box,
but then there's literally hundreds of extensions to select from adding
not just to its functionality but also beefing up security and reinforcing
your privacy. Plus, loads an' loads of skins. And of course its free.
But it gets better and better, cos now there's a version that'll run
as a
portable
app (i.e., take it with you, complete with your own settings etc,
on say a USB stick). Wow!
This is currently reckoned to be the most secure browser
around, even when pitted against Firefox (not sure whether that's
with Firefox straight from its packaging, or fully loaded. My guess
is the former). Anyway, its rendering is somewhat different to that
of Ffx, so its really a matter of which approach you prefer. At one
time they used to charge for it, but they've now reverted to offering
it as freeware, so grab 'em both and see which suits you best.
Privoxy
The Privoxy people tell us its "a web proxy with advanced
filtering capabilities for protecting privacy, modifying web page
content, managing cookies, controlling access, and removing ads, banners,
pop-ups and other obnoxious Internet junk. Privoxy has a very flexible
configuration and can be customized to suit individual needs and tastes.
Privoxy has application for both stand-alone systems and multi-user
networks."
Purely subjective impression, but it seemed not to suffer from the
nightmarish delays that frequently accompany proxies. Its also free.
Tor
Umm... "An anonymous Internet communication system".
I stumbled across this through Indymedia, where you can track down
some very
handy
comments about useage etc. Using it in conjunction with Privoxy
(above) helps to provide a much more secure and anonymous browsing
environment.
Well, it had to happen! Some bright spark in Texas has
worked real hard to combine the best of Firefox with Tor, and has
produced an anonymous surfing browser that'll run from a USB stick.
And this one actually works real well. Establishing the initial connection
seems to take a little time (particularly if you're using a dial-up
connection) but once established its absolutely superb. My (albeit
fairly limited) tests so far suggest this is far quicker than any
of the other anonymous browsing services I've tried. Well impressive!
Although its freeware there's an option to make a (worthwhile) voluntary
donation.
encryption
CAcert
Their blurb reads: "CAcert.org is a community driven,
Certificate Authority that issues certificates to the public at large
for free. CAcert's goal is to promote awareness and education on computer
security through the use of encryption, specifically with the X.509
family of standards. We have compiled a document base that has helpful
hints and tips on setting up encryption with common software, and
general information about Public Key Infrastructures (PKI)."
Gnu Privacy Guard
According to their website: "GnuPG is the GNU project's
complete and free implementation of the OpenPGP standard as defined
by RFC2440. GnuPG allows to encrypt and sign your data and communication,
features a versatile key managment system as well as access modules
for all kind of public key directories. GnuPG, also known as GPG,
is a command line tool with features for easy integration with other
applications."
TrueCrypt
Free open-source disk encryption software for Windows
XP/2000/2003 and Linux. Works by creating an encrypted volume (seen
as a virtual drive). There are many other programs available that
work in a similar way - though not as well... and they're mainly shareware!
Also, once installed on a host machine the executable can then be
run from a USB stick. All of which makes TrueCrypt an absolute star.
computer cleanup
Pretty much everything you do on a computer leaves traces somewhere
and if you're a privacy freak, or perhaps share your machine with
others, then "housekeeping" has gotta be a part of your routine. I've
always been a bit iffy about automating this task with apps, being
left with the nagging doubt that perhaps they haven't worked as effectively
as the claims made for them. Consequently, just like the person going
back indoors repeatedly to check they've switched the cooker off,
I've got this irritating (to me) habit of checking all the relevant
"cleaned" areas. (Or maybe that's just my excuse to justify spending
even longer on these pesky machines.) And also, there are few tasks
these cleaners can do that can't be done manually (semi-manually anyway).
So I'm certainly reluctant to pay for such software. That said, time
is often a problem, so there are a few apps I've sort of come to rely
on and, as far as I can tell, they do actually live up to their
authors' claims.
MRU
Blaster
From JavaCool Software (the same people that do Spyware
Blaster and Spyware Guard above) this handy little utility will clean
up your MRU lists (MRU = Most Recently Used). These lists detail the
files you've accessed and can provide an insight to the snooper about
your computer activities. There's also a plug-in available to clean
out the Temporary Internet Files (browser cache) and cookies. Like
all of the apps I've tried from JavaCool, this one does the job it
was designed for efficiently and with minimal fuss. And, again typical
of JavaCool, its freeware.
Also check out Sandboxie below.
miscellaneous apps & utilities
CurrPorts
Here's their description: "CurrPorts displays the list
of all currently opened TCP/IP and UDP ports on your local computer.
For each port in the list, information about the process that opened
the port is also displayed, including the process name, full path
of the process, version information of the process (product name,
file description, and so on), the time that the process was created,
and the user that created it. In addition, CurrPorts allows you to
close unwanted TCP connections, kill the process that opened the ports,
and save the TCP/UDP ports information to HTML file , XML file, or
to tab-delimited text file. CurrPorts also automatically mark with
pink color suspicious TCP/UDP ports owned by unidentified applications
(Applications without version information and icons)."
Of all the various port monitor-type apps that I've tried I rate this
as one of the best freeware ones. Its fairly basic but the detail
it provides is adequate for most purposes, and easy to understand/interpret.
It can be configured to update virtually in real-time so you can monitor
traffic as its happening. And its stand-alone (doesn't have to be
installed).
Sandboxie
Oh, this is a real goodie that I've only just recently
discovered. Especially pleased cos it precisely fulfills a wish I've
had for ages for exactly this sort of app.
A sandbox is in effect a virtual space in which you can test-run various
programs etc in a relatively safe/secure environment, i.e., without
their impacting upon the system as a whole. A sort of "isolation ward"
so to speak. Saves all the hassle of having to install and run a new
prog on a dedicated test machine for fear it'll otherwise scramble
your laboriously created set-up. Once you've finished testing or whatever,
clear the sandbox and hey presto everything's gone, with your system
back to the way it was. Another little bonus is that you can run a
browser from within the sandbox, so that when you've finished your
session clearing the sandbox will actually clean up the traces for
you.
Although apparently Sandboxie has certain limitations with regard
to email clients, I'd guess that you could create docs and txt files
therein and then remove all traces when done. Not too sure how it
handles the swap file (page file in XP) so that'll be a "to do" for
me to investigate when I've got the time.
Anyway, I've been using the program for a coupla weeks now and so
far I'm still well impressed. Btw, its freeware!
And finally, the most important thing to remember with all security/encryption/privacy
progs is to... RTBM ("Read The Bloody Manual!")
