Yes.
Do this:
1.The Norton Removal Tool uninstalls all Norton
2008/2007/2006/2005/2004/2003 products and
Norton 360
from your computer.
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039
True. Caveat: It removes ALL Symantec programs on
any given computer. So if you have Ghost for
instance, it's going to uninstall that too and
you'll have to reinstall it.
2.For the average homeuser, the Windows Firewall
in XP
does a fantastic job at its core mission and is
really
all you need if you have an 'real-time'
anti-virus
program, [another firewall on your router or]
other edge
protection like SeconfigXP and practise
Safe-Hex.
The windows firewall deals with inbound
protection and
therefore does not give you a false sense of
security.
Best of all, it doesn't implement lots of
nonsense like
pretending that outbound traffic needs to be
monitored.
MS's firewall was provided to assiste people in
getting online to get updated and install various
protection programs until it could be refit with a
better firewall. It's a minimal firewall and
nowhere does it pretend to be a turn-key solution.
Outbound traffic should be monitored because of
the several sources of malware possible that can
bypass detectors:
-- Such as, the use of inadvertantly downloaded
and installed app containing a virus/trojan/worm
came with it, unbeknownst to the user, and then
said program goes ahead and tries to send out your
address book, financial info, etc. etc. etc..
There is a lot of malicious stuff that AV and
spyware stuff won't catch, spyware isn't detected
by AV very well, and most often until it activates
nothing on your machine will recognize it.
Especially the 'droppers'.
-- -- Other sources of outgoing malware that may
come from:
-- ANY floppy/CD/DVD provided by anyone that
isn't fully security aware, and which software
will seek the internet connection.
-- No way to prevent all or any executable from
"calling home" since there is no outgoing
monitoring.
-- Anything from any unsafe source in the list
above and via any other method.
-- No stealth; drive-bys will see lots of your
ports as being there, listening, AND responsive.
Maybe drive-bys, knowing the pitfalls of the IE
firewall will even shoot probes at a machine
blindly, just to see if it responds, and the MS
firewall WILL let them respond. All that's needed
is your IP, which is available in so many places
it's almost pitiful; besides, drive-bys target
entire IP ranges, and IP at a time, looking for
any response and if they get one, guess what?
Everything on your machine becomes an open book to
them. You licensed software, financial/bank
information, ss no., etc..
Note the age of some of the provided links; things
have changed a lot over the last few years.
HTH
Twayne
Activate and utilize the Win XP built-in
Firewall;
Uncheck *all* Programs and Services under the
Exception
tab.
Windows XP: How to turn on your firewall.
http://www.microsoft.com/protect/computer/firewall/xp.mspx
Deconstructing Common Security Myths.
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
Scroll down to:
"Myth: Host-Based Firewalls Must Filter Outbound
Traffic
to be Safe."
This one is insterstingly stupid: It suggests
having to OK a connection every time, a la VISTA's
security! Fact is, a firewall "learns" your
surfing/mailing habits: You tell it OK, Allow
This once, and you'll never see it again. Takes
maybe a week of a few such interruptions, and then
anything it asks about will be foreign. MS should
know better!
It also says most users ignore the outgoing
anyway. Well, aside from it being untrue, it's
not true. If it's asking to go somewhere, you
didn't ask to go anywhere, and don't recognize the
name, say NO a couple times and see what happens,
before you tell it to Always do that. No big deal
when you consider what you're going to get out of
it, as mentioned above.
It also says it's only effective on already
infected computers and then the damage is already
done. So, I guess it wouldn't do anyone any good
to prevent it from happening again, huh? Outgoing
firewall will catch it, and that spam some hacker
is sending out using your machine as a bot could
be stopped again with the firewall. It's an
inane comment.
If it's good for an already infected machine,
then, once a machine should become infected with
something new, wouldn't it be effective then too?
And the damage not even be done in the first place
hopefully? That's a lot better than ignoring it!
Exploring the windows Firewall.
http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
"Outbound protection is security theater-it's a
gimmick
that only gives the impression of improving your
security
without doing anything that actually does
improve your
security."
Vista, well, what can I say? Firewalls are the
least of the problem with a default setup Vista
machine.
3.Seconfig XP 1.0
http://seconfig.sytes.net/
(
http://www.softpedia.com/progDownload/Seconfig-XP-Download-39707.html)
Seconfig XP is able configure Windows not to use
TCP/IP
as transport protocol for NetBIOS, SMB and RPC,
thus
leaving TCP/UDP ports 135, 137-139 and 445 (the
most
exploited Windows networking weak point) closed.
Sounds good. Until you want some of the free tech
support offered to you from various sites.
4.Avira AntiVir® Personal - FREE Antivirus
http://www.free-av.com/
(The free version won't scan your emails.)
Why You Don't Need Your Anti-Virus Program to
Scan Your
E-Mail
http://thundercloud.net/infoave/tutorials/email-scanning/index.htm
Ensure your e-mail program is configured to
display
e-mail messages in 'Plain Text' only.
You may wish to consider removing the 'AntiVir
Nagscreen'
http://www.elitekiller.com/files/disable_antivir_nag.htm
5.Windows Defender - Free
http://www.microsoft.com/athome/security/spyware/software/default.mspx
WD monitors the start-registry and hooks
registers/files
to prevent spyware and worms to install to the
OS.
Interesting reading:
http://www.pcworld.com/article/id,136195/article.html
"...Windows Defender did excel in behavior-based
protection, which detects changes to key areas
of the
system without having to know anything about the
actual
threat."
Windows Defender is probably OK but too
specialized IMO. I've had it installed for over a
year now and it's never found anything even though
it's the first thing run.
6.On-demand scanners
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
MalwareBytes is only OK; I don't like it because
it throws false hits on any install program that
may be located in any directory it doesn't expect
one to be in. It doesn't actually check to see if
the setup.exe is malicious or not: it depends
entirely on where the setup.exe is located. Not
effective, and could wipe out useful program
setups the user won't realize until they come to
try to use it again some time later.
Check their forums: Lots of info there on this
one: They're even asking users to send them info
on the false hits so they can "improve their
software" as opposed to writing the code properly.
No experience with this one. No problems AFAIK.
Definitely recommended. This alone can cure the
majority of problems with security.
IMO WinPatrol is one of the best apps one can
have. It asks permission before it lets ANY
program run that hasn't run before, can replaces
the Services editor, and monitors in real time
with a very small footprint. Many features, some
of which are not for the beginner.
HTH,
Twayne
