Current Security Setup

I'm a little paranoid about computer security. I've never personally had my computer hacked, identity stolen, etc. But, I've had my share of viruses and spyware. But, really nothing in the last three years.

With that in mind, I'd like to pass along sage advice to anyone who's trying to get up to speed in the desktop/laptop security world, or is wondering how their current solution (free or not free) compares to what I think is the new khaki of the security world.

So, I have tried a lot of antivirus programs:

1. Antivir
2. AVG (Old Favorite Antivirus)
3. Avast
4. Comodo
   
5. McAfee
6. Norton

I've also tried a couple of firewalls:

1. Comodo Personal Firewall
   
2. ZoneAlarm (free)
3. Windows Firewall (I know, worst of the worst... but it's still technically a firewall ;)

And some anti-malware products:

1. Comodo Boclean
2. Threatfire (formerly Cyberhawk)
   

And don't forget about the antispyware products:

1. Adaware
2. Microsoft Defender
   
3. Spybot Search and Destroy
   

I think I've finally found a great comprehensive setup to take care of my Windows XP security needs. Also, can you see a trend here? There are only two pay-for programs here: McAfee and Norton. And I didn't pay for them; either I used them at work, or got them free/bundled. Yeah, I'm cheap.

So, there's a rumor out there that a layered defense is the best way to ensure security. Well, here are my layers:

1. A Router
   
   Just a basic router: no firewall, or anything. Just something else to sit behind as a first line of misdirection/defense. Besides, I needed something to hook up my VOIP phone adapter (I use and love Packet8). Just make sure you change your default password and follow suggested security practices for your router.
   
   
2. Comodo Personal Firewall
   
   I used the latest released version. Nothing fancy, or special about the setup. It just works and I know I'm secure. See this for proof.
   
   
3. Comodo Antivirus-Spyware (CAVS)
   
   This is a signature-based antivirus client with a Host Intrusion Protection System (HIPS) component. Now, I think that HIPS are typically too noisy. I don't need more popups in my life. So, I actually turn the protection down to Low, which only pops up HIPS allow/deny warnings for .exe's. This is a little more manageable for me, but then again, we practice very safe computing at home.
   
   
4. Comodo Boclean
   
   This is a recent Comodo acquisition. It is a preemptive security product. The idea is that it will stop malware before it has a chance to start. It uses heuristics to identify malware, so this also helps with zero-day attacks. While it works fine, I would like a cleaner interface and better integration. But, there's rumor that they will integrate this functionality into their CAVS, which would make a better and all-inclusive product.
   
   
5. OpenDNS
   
   I've covered OpenDNS in another post. It's sufficient to say that it's worth doing.
   
   
6. Various Windows Tweaks and Addons
   
   I follow standard paranoid security tweaking practices:
   
   • Disable Universal Plug and Play (Here's a utility)
   • Disable the following services (some because I'm not on a network, wired or wireless):
   • Alerter
   • Messenger
   • Wireless Zero Configuration
   • Help and Support
   • Automatic Update Service
   • Remote Registry
   • Secondary Logon
   • Telnet
     
   • Disable administrative shares
     
     If you want more information on these, the Tech Republic has a very good list of Windows services.
     
     
7. Keep Computer Updated
   
   First, you probably noticed that I disabled Automatic Updates, but yet my computer is up to date? I also don't go to Microsoft Update. How is my computer updated, you ask? Easy:
   
1. Use Windiz Update. It's Firefox compatible (unlike Microsoft Update). Also, it doesn't require WGA Verification. Don't get me started on WGA.
2. Use Autopatcher. I really like Autopatcher because it comes with tweaks and addons. I have broadband, so I don't mind the download. And, it's updated monthly! It's also useful if you're helping someone (or yourself) with dialup. You can download it using broadband and put it on a thumb drive/CD. Updates on the go!
   
   Update: Apparently Microsoft has offered Autopatcher a nice cease-and-desist letter. That's a real bummer. Apparently, they're thinking about alternatives, but as of August 2007, the Autopatcher we know and love is probably gone for good :(
   
   
8. Occasionally run cleanup utilities
   
   I like to use the following utilities, when I'm thinking about it:
1. CCleaner. This is good to clean up stuff that I don't want to track down myself.
2. Spybot Search and Destroy. Yes, Adaware is fine too. But Dave! You said that you're safe! Yes, I did and I am. In the past year, SS&D has found one piece of spyware. So there.
   

As an added step, I'm considering exploring Sudo4Win, or a similar product. However, it's almost getting to the point where I'm going to just switch to Linux (Freespire, Ubuntu or PC Linux OS; but, if I do that, I'll make a whole new post with a step-by-step) . I've already decided that when Windows XP support ends (in like 2011?), that I'm dumping Windows. Only a couple of things keep me on Windows, and I'm almost willing to run a windows session in VmWare to do them. So, I'm just waiting for Wine and my favorite distros to mature.

So, with the exception of a router (which, I actually got free from a friend - yay hand-me-downs!), I have a 100% free security solution that provides me with the level of confidence that I'm looking for. At this point, any breaches of security on my computer are probably my fault.

Total time working this solution, keeping things up to date, etc.? How about almost none. I let everything autoupdate. I don't worry about logs, or anything unless I notice a problem. If the computer goes wacky, that's these things are the first place I look. But, I have yet to find anything security-related when that happens. How's that for "set it and forget it?"

I'm sure that I could drone on and on about why I chose these products, but here are the basic reasons. In my experience, they are:

1. Free
2. Effective

If you have suggestions or more information, please make a comment. I didn't get this far without trying a lot of suggestions! Advice and opinions are free!