Have you folks noticed the article in more detail?
This follows the standard marketing process in trying to get people to use products. (Its becoming old).
(1) Create a need for something (with statistics).
ie: "Did you know that there are so-many malware out today?"
(2) Provide a band-aid => "Look! We have a tool to help you! Our solution has helped, blah-blah-blah."
Reality: All this anti-malware nonsense are REACTIVE band-aids! (anti-virus software has been outgunned at every level). You want PROACTIVE measures. ie: Prevention is better than cure.
(1) Use Limited User Account (SRP) + Software Restriction Policy (SRP) + SuRun.
=> SuRun allows a LUA to escalate privileges to admin if necessary. SRP will allow you to prevent exe, dlls, vbs/vbe, ocx, etc, etc files from executing. (anything else you specify).
(2) Use your brain (and education).
=> Don't download keygens, cracks, etc, blindly click on email attachments, and fill in your financial details into forms of suspicious origins, etc.
Install software only from trusted or official sources. If you don't know where it came from...Delete it!
If something is too good to be true, it typically is.
(3) Use third party solutions if possible.
=> Firefox (with NoScript extension), Thunderbird, etc. Avoid MS solutions as best as you can. (Only use it if you have absolutely no choice).
(4) Stay updated.
=> Including third-party apps!
(5) Keep anti-malware solutions to a minimum.
=> A firewall with some form of execution blocker or HIPS. Threatfire, Comodo Firewall (with its Defense+ feature), etc.
(6) Use Group Policies to disable things.
=> ie: you can disable autorun on ALL removable devices! (Optical drives, USB, etc)
(7) Disable things you do NOT use.
=> eg: If you don't use "Terminal Services", "Remote Registry", etc in Windows, turn it off and disable them from running.
That's all you really need...What you don't need is more and more anti-malware crap floating in the background, wasting system resources.
This follows the standard marketing process in trying to get people to use products. (Its becoming old).
(1) Create a need for something (with statistics).
ie: "Did you know that there are so-many malware out today?"
(2) Provide a band-aid => "Look! We have a tool to help you! Our solution has helped, blah-blah-blah."
Reality: All this anti-malware nonsense are REACTIVE band-aids! (anti-virus software has been outgunned at every level). You want PROACTIVE measures. ie: Prevention is better than cure.
(1) Use Limited User Account (SRP) + Software Restriction Policy (SRP) + SuRun.
=> SuRun allows a LUA to escalate privileges to admin if necessary. SRP will allow you to prevent exe, dlls, vbs/vbe, ocx, etc, etc files from executing. (anything else you specify).
(2) Use your brain (and education).
=> Don't download keygens, cracks, etc, blindly click on email attachments, and fill in your financial details into forms of suspicious origins, etc.
Install software only from trusted or official sources. If you don't know where it came from...Delete it!
If something is too good to be true, it typically is.
(3) Use third party solutions if possible.
=> Firefox (with NoScript extension), Thunderbird, etc. Avoid MS solutions as best as you can. (Only use it if you have absolutely no choice).
(4) Stay updated.
=> Including third-party apps!
(5) Keep anti-malware solutions to a minimum.
=> A firewall with some form of execution blocker or HIPS. Threatfire, Comodo Firewall (with its Defense+ feature), etc.
(6) Use Group Policies to disable things.
=> ie: you can disable autorun on ALL removable devices! (Optical drives, USB, etc)
(7) Disable things you do NOT use.
=> eg: If you don't use "Terminal Services", "Remote Registry", etc in Windows, turn it off and disable them from running.
That's all you really need...What you don't need is more and more anti-malware crap floating in the background, wasting system resources.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/762/2519#2519