On Sat 10 May 2008 03:00:20, Kayman wrote:
> On Thu, 8 May 2008 14:11:07 void.no.spam.com@gmail.com wrote:
>>
>>
>> If you wanted to be certain that a Windows computer was not
>> infected with any viruses/spyware/trojans/etc, which scanners
>> would you use?
>
> Security software manufacturers tend to overstate their product
> description to instill fear and uncertainty; After all it's all
> about the $ almighty. Please step back and try to remove the
> advertisement hype from your mind.
>
> In WinXP the most dependable defenses are:
> 1. Do not work as 'Administrator'; For day-to-day work routinely
> use a Limited User Account (LUA).
> 2. Secure (Harden) your operating system (OS).
> 3. Keep your OS and all software on it updated/patched.
> 4. Reconsider the usage of MSIE and MSOE.
> 5. Review your installed 3rd party software applications
> /utilities;
> Remove clutter.
> 6. Don't expose services to public networks.
> 7. Activate the in-build firewall and configure Windows not to
> use TCP/IP as transport protocol for NetBIOS, SMB and RPC,
> leaving TCP/UDP ports 135,137-139 and 445 (the most exploited
> Windows networking weak point) closed.
> 7a. If on high-speed internet use a router as well.
> 8. Routinely practice safe-hex.
> 9. Regularly back-up data/files.
> 10. Familiarize yourself with crash recovery tools and
> re-installing your OS.
> 11. Utilize a real-time anti-virus (AV) application and vital
> system monitoring utilities/applications.
> 12. Keep abreast of latest developments - Sh!t happens...you know.
>
> The least preferred defenses are:
> Myriads of popular anti-whatever things and staying ignorant.
> Educational Reading:
> Security @ home
> http://home20.inet.tele.dk/b_nice/index.htm
>


Good sensible stuff.

The trouble seems to be that many users want a solution so easy that
they can install and forget it and which needs no maintenance
effort.

The belief that this is possible is sustained by security center
suites which are marketed as if they can do this.