Friday, January 2, 2009

You do not have to pay extra for the best antivirus

How to block any malware from entering Vista, for free

The best antivirus on Windows Vista comes free, along with the operating system. Yes, I repeat, its true: the best solution for all spyware and viruses comes along with the operating system; you just have to unlock it.

 

Just go to the control panel, click on user accounts, make a new standard account and enable strict parental controls in allowing only a selected set of programs to run. Then, choose a strong password for your administrator account, and your newly formed standard user account. After that, just log in to your system and start using your computer. Of course, this does not mean you should not use an anti-virus. An antivirus is still needed in case you make a big mistake, but the simple steps above will mean that you will have control over your own security instead of blindly relying on some third party vendor.

You do not believe me? You have heard all about the Swiss cheese security of Windows, right? How come anyone dare say that one can actually surf the Internet freely without being dependent on an antivirus? Ok, believe what you see. I am providing some screenshots how the simple steps taken above have helped me to avoid viruses. Also, kindly note that I still use an antivirus, although a free one. However, to show you the effectiveness of the standard account with parental controls, I had switched off the antivirus while taking the screenshots below.

 

 

This is the first screenshot as to what happens when I try to execute a virus form my malware collection.

 

Similarly, when surfing, a drive by download, or a download which you have mistakenly run cannot execute itself:

 

 

Of course, it will not help you if you still choose to override the parental controls and install rogue software. A proper antidote to unsafe driving and internet surfing has not yet been discovered. However, even then, it is better to use a limited standard account because:

  • You have time to see the publisher and site the program is being downloaded from and if possible get the program analyzed by comprehensive black list based programs like that found in www.virustotal.com before installing it
  • In cases of droppers and downloaders, you get another warning that a further exploit is to be installed
  • it is easy to clean up the mess, and other accounts do not get compromised.

 

Other things to take care of:

Just using a standard account with parental controls will not help fully. For optimum security, you have to take the additional steps:

  1. Keep all the software up to date with security patches. In case you find it difficult to do this, use Secunia personal security inspector.
  2. See that your firewall is turned on. The Windows firewall is adequate for most purposes, and the Vista firewall can be configured to act as a two-way firewall. Advanced users may use a good third party firewall.
  3. Back up your files regularly.
  4. Encrypt your sensitive data. If you are paranoid about online financial security, use a separate password protected user account just for sensitive internet transactions
  5. Use a safe surfing policy. This means setting up site specific settings on a browser, with plugins (and if paranoid, javascript and iFrames) disabled for all but a handful of sites.
  6. Choose a good anti-virus and keep it up to date, so that even if you make a mistake, it may catch it. The present security scenario, with emphasis on fooling the user to install a program, needs a very good blacklist based system in addition to the system I have mentioned above.However, be warned, antiviruses do not detect the vast majority of rogue software out there.
  7. If you have to run a downloaded program, please do an internet search on the site the program has been downloaded from as well as the program itself. It is always advisable to get any downloaded executable (.exe) or archive (.zip, .rar etc)  thoroughly analyzed by a source such a www.virustotal.com. I would recommend doing a MD5 hash search before submitting the sample because it prevents the servers from getting clogged up and saving bandwith charges for a useful free service. The malware writers make use of such a service to see that their programs do not get detected by the majority of the anti-viruses, so why should you not make use of such a service?

 

 

 

 

2 comments:

balram said...

sir, i have got two interesting things to discuss with you. i'll do it tomorrow when i see you. and im writing this even before finishing one para of your blog.

james Dean said...

Here you have providing very useful information Thanks for such an incredible site!
CLICK HERE