Maggie's Farm

I can't remember the exact stats, but the last time I read an estimate on how many American computers were infected by something, it was pretty staggering.  About two-thirds, as I recall.  That probably puts you — unless you're actively taking measures and have all of your security programs up to date — smack-dab on the list.

There are three main areas of security:

• Anti-virus — This keeps an eye out for malicious software that usually comes drifting in with file attachments, email, infected programs, etc.
  


• Anti-spyware — These are programs that don't do any outright damage to the system (which would be counterproductive); instead they report information back to the bad guys, such as your keyboard strokes.
  
  Spyware can also allow your computer to be controlled from the outside and used to 'hammer' web sites in what's called a Denial of Service (DoS) attack.  The master 'bot simply tells its 10,000 junior 'bots (of which your computer might be one) to constantly access and thus jam a certain web site from now until eternity — or until the web site company forks over the blackmail money.
  


• Firewall — This attempts to keep the above from contacting the aforementioned bad guys.  It's also designed to keep outside hackers from getting in.  If anything tries to get in or out of your computer, it stops them cold unless you give it the green light.

For years I've used Norton for anti-virus and firewall work, and, after extensive research, SpySweeper for anti-spyware chores.  Recently, however, my Norton account expired so I decided to take the whole thing from the top.

When it comes to anti-virus software, it appears the traditional heavyweights, like Norton and McAfee, have been getting a run for their money.  In many of the reviews, they're just somewhere on the middle of the pack, rather than battling it out for the #1 slot as they have for the past two decades.  They still both fit into the 'very good' category, though.

A program called BitDefender was widely hailed, but I found it to drag the entire system down.  It's actively examining every new file and folder on the system as they're being opened or created, so the net result is that everything feels 'draggy' in computer terms.  I'd run some setup program and the whole thing would just freeze for 10 seconds while BitDefender closely examined the file for bad things.  Other programs manage to pull this off without dragging down the system, so that was enough to nix it.

This has also traditionally been true of Norton Anti-Virus.  If you've ever heard anyone badmouth the program by calling it "slow", it's because it was (to the best of my knowledge) the first anti-virus program to run in real-time.  So what the vocal whinority didn't 'get' was that (1) it was doing something conceivably vitally important, and (2) it could be turned off.  The reputation was undeserved.

It still tends to drag the system down more than I like, though, so I moved on.

I tried a few other programs but settled on ZoneAlarm Internet Security Suite.  Their free version has always been a piece of junk, but their commercial version now sits atop a number of reviewer's lists.

It's all three programs in one, and while it monitors the entire system in real-time, it does a much less intrusive job of it than BitDefender.  I'll include some setup notes below.

Again, at this point in time the most dangerous thing out there are keyloggers, and for that you need a dedicated anti-spyware program, not just the anti-virus program you might be running now.  If you don't want to scrap your whole system and go with ZoneAlarm, I'd strongly suggest you pick up SpySweeper.

One other program that should be mentioned is Microsoft's Malicious Spyware Removal Tool.  Their monthly version is picked up via Windows Update (Tools Menu in your browser).  If you don't have your Windows Updates turned on, and for some reason you don't want to install any of the other updates, you should at least install the Spyware Removal Tool.

And, of course, all of your security programs should have their 'live update' feature turned on, since it's the newest stuff that's making the rounds and should be your biggest worry.

Also on the subject of online security:

• 'Phishing' is putting a 'redirect' link in an otherwise legitimate-looking email, often from what looks to be a legitimate bank.  The actual text and pictures and such that you're seeing really are from the bank, but the link you click to 'verify your account info" (meaning, handing them your account name & password) redirects you to the bad guys.
  


• You should have a separate credit card account just for online purchases, and kept with a minimum balance.  I've never actually tested it, but my Bank of America online transfer thing says "immediately", so (in theory) all you'd have to do would be to transfer over the necessary funds and then go order the product.  Or just wait if it takes a day to get transferred.
  


• You should also have a separate email account just for web use, such as purchases.  Keep one for your friends and one for everything else.  That way you'll pretty much be guaranteed that whatever drifts into the junk account is just that and can be safely and quickly deleted, and if it gets put on some spam list it won't be that big a deal.
  


• Yes, you can pick up nasty things just from visiting web sites.  Keeping an eye on things is the anti-spyware program's job.
  


• No, you Mac and Firefox users aren't safe by any stretch.  I've already collected a handful of articles documenting how some hacker got so incredibly bored one day that he actually deigned to write a Mac virus or exploit a Firefox bug, so those days of thinking "We're immune!" are long gone.

Summation

There's an immense gulf between having your system go up in flames because some virus exploded, and sending your keystrokes off into the Great Beyond.  The rules have changed.  Before, it was just the cost of repair.  Now, it could be the cost of your entire bank account, so please take precautions.

Update

I did something interesting the other day. I first disconnected my hard drives and fired up a spare drive with just Norton Anti-Virus and Zone Alarm on it.  I then went to the 'binaries' section of Usenet and started downloading every anti-virus/spyware program in site.  Or sight.  I also downloaded 'keygen' programs (programs that generate the serial number for a commercial program), hacker programs, cracker programs, and other kewl programs.

Roughly 75% of them were infested.

What's applicable here is that Norton actually did a slightly better job than Zone Alarm at phishing out the bad boys.  In one folder, about ten different downloads of anti-virus programs, Norton found 7 baddies and Zone found 6.  In another test, Norton found 5 and Zone found 4.  Otherwise, they were even-up.

I'm still using Zone because I'd rather take the slight extra chance and not have my system feel 'draggy', but I point it out for evaluation purposes.  There's usually a slight trade-off in the programs, which is why the reviews and their charts are handy.  One program might be slightly better at detecting malevolent web sites, another might be slightly better at scanning downloads, and another might be slightly better with its in-depth system scan.  How quickly the home site updates its datafiles is also a factor, since, as noted above, it's the new kids that'll be the ones that get ya.

Setting Up ZoneAlarm

Let's run through the settings:

— Firewall/Main:  Make sure both are set to 'High'.
Program Control/Main:  When it comes to what programs on your computer access the 'Net, if you want to trust ZoneAlarm set them both to 'Auto'.  If you want to monitor things personally, set them to 'Maximum' and 'Manual'.

Note:  If you're using the 'Maximum' setting so it notifies you of everything, it actually means everything, not just programs trying to access the Internet.  It'll also notify you when certain programs try to access other system files on the computer.  Normally, this is perfectly okay and you'd tell it to 'Remember this setting' and 'Allow' it.  When it comes to a program trying to access the Internet, you'd normally deny it unless the program actually needs to access it as part of its function.

— Program Control/Programs:  This is a listing of every program that's tried to access the 'Net (or other system files), and how ZoneAlarm is treating it.  If you're not sure about some entry, just click on it with the right mouse button and 'remove' it.  The next time whatever it is tries to access the 'Net, ZoneAlarm will pop open (assuming you have it set to 'Max' and 'Manual', above) and you can decide then.

If you want to clean the slate and start all over, highlight the first entry, hold down the Shift key, highlight the last entry and remove them all at once.

— Anti-Virus/Main:  Both of these should be on, of course.  Click on 'Advanced Options':

— Scan Schedule:  I like scanning things myself so I turned off the two automatic scans.

— Scan Targets:  This is where you tell it which drives to scan so you can remove any drives that are just storage (after perhaps scanning them once).

— Automatic Treatment:  I have it 'alert me', just so I'll know something nefarious has occurred.

— Email Protection:  I turned off the junk filter because it put a big space-wasting tool bar in Outlook Express, and most of the big providers (Verizon, Roadrunner, Gmail, Hotmail, etc) do a great job of filtering spam.

And congrats on a smart purchase.  As I said, a number of reviewers thought this thing was tops.  It's working perfectly on my end, should do the same for you.