1) Anti-Spyware
2) Anti-virus
3) Firewalls
Printable View
1) Anti-Spyware
2) Anti-virus
3) Firewalls
You for got
4) Patched OS
5) Limited User Accounts
6) Internet and email habits
7) all of the above
All depends on the environment
;)
MLF
You forgot another, Unix/Linux.
Thats right...I forgot.
They never need to be patched...or need a firewall
and everyonne can run as Root\ or SU :rolleyes:
you are fooling yourself if you think that running an OS other then MS is security
pfffft
MLF
Sorry.. That's BS.. There's nothing in Unix/linux that makes it more secure then Windows. The only reason is the apparent lack of malware for *nix. It's just not widely known but it is there and you can get bitten by it. I know I've seen many pwn3d linux systems.Quote:
Originally Posted by isildur
One really big urban myth is that you need admin/root to do anything. This is just not true. You'll be amazed at what the www/nobody user can do.
If they are not properly configured and kept up to date, none of them.Quote:
What type of security system gives you the most security?
1) Anti-Spyware
2) Anti-virus
3) Firewalls
Having said that they all do different things, and if you look at major players such as Norton, McAfee, ZoneAlarm, AVG, Avast, PC-Cillin, Panda, Kaspersky and the like you will see that they offer a "security suite" that combines a variety of functions including those three.
I think this means no one knows what to use...?
I personally don't know the best but I use these products with good results.
AVG - anti virus
Spy Sweeper - anti-spyware
Zone Alarm - Firewall
(I don't know about the free versions) Probably better than nothing...
Yes you have to configure all security programs to work properly. This combination seems safe and doesn't bog my system down as much as most but nothing is perfect.
Use them all...
Security is a layered approach
MLF
Agree, security is layered approach, basically you should start from
1. Risk management, define which area contain high risk
2. Control the risk using appropriate approach e.g antivirus, firewall, biometric, kerberos.
3. Repeat the 1,2 step.
-Anjar Priandoyo-
http://securityprocedure.com
I choose "None of what you listed".
Not one thing on there is going to be 100% sure.
As for saying Linux or UNIX is going to give you a better shot, I'll stir the pot here and say "Actually it will if you know how".
Why?
Windows doesn't let you play with the Kernel. Windows needs RPC.
So no matter how much you say Windows can be locked down just as well as any version of UNIX, Linux, or BSD, I'll say that's crap.
What if someone needs to set up a server cluster that can NOT be taken down, and needs to be locked farther than usual?
Well with Windows that won't happen. Something is going to need an update and those all need a reboot in Windows.
If I said set up a Free BSD server, hire a good UNIX coder, and basically take the Kernel down to NOTHING but what you need to boot, and then basically hack a Web Server directly into the Kernel telling it to drop ALL packets that aren't web traffic, you have a machine that is going to be mighty hard to break into since it's nothing but a Kernel and a Server hacked into it and the only packets it's ging to let through are requests from a web browser asking for the web page.
You just can't do that with Windows.
That's the ONE argument where it's somewhat true that you can make BSD and Linux much more secure than any other OS.
And the chance that Microsoft is going to let users start playing with the Kernel source is VERY unlikely. So until then, I'll stir this pot until it simmers.
Of course, if someone can actually prove that wrong I'd LOVE to hear about it ;)
And just in case someone wants to reply without reading anything on here that I've said in full, I was talking about reducing Linux or BSD to nothing but the Kernel, and THEN reducing the Kernel to nothing but what is needed for the EXACT hardware in the machine, and hacking a web server right into it and then making it drop ALL packets that aren't web traffic.
I know of some places that do this with their need to be up machines and as far as I know, they don't need to even update those boxes.