PDA

View Full Version : Layered anti-virus...a good or bad idea?


Gaz
04-10-2005, 07:30 AM
I have a McAfee anti-virus subscription on my computer. Would I be more secure if I ran AVG & Avast or any other free anti-virus program in addition to McAfee, or is that bordering on paranoia?

xoxo~
Gaz
Knows they are out there, lurking and plotting.

Ari Chi3fs
04-10-2005, 07:33 AM
i would say 'yes' just because I utilize multiple anti spyware programs. One will catch stuff the other will not, so I assume the same with anti-virus progs. Besides, didnt McAfee buy Norton? If so, you definately need a secondary anti-virus prog...

Saulbadguy
04-10-2005, 08:15 AM
Multiple anti-virus programs are usually a bad idea. Its also pretty useless.

Multiple anti-spyware, not as bad, but I wouldn't have the real time "shield" running for all of them, as that would waste resources.

Simplex3
04-10-2005, 08:45 AM
If you have CPU cycles, RAM, and disk bandwidth to burn then run lots of AV programs. Of course you'd be the only person I know with spare power like that.

AV programs in particular are harsh on your performance. Stacking them just makes it that much worse.

Gaz
04-10-2005, 09:27 AM
Are there AV programs that are not resident [am I using that term correctly?]. I have McAfee as my shield program. Should I also run a scan and delete AV program that is not constantly running? Is there such a program?

xoxo~
Gaz
Grasping for some security.

Simplex3
04-10-2005, 09:58 AM
Are there AV programs that are not resident [am I using that term correctly?]. I have McAfee as my shield program. Should I also run a scan and delete AV program that is not constantly running? Is there such a program?
You can configure most of them to just do disk scans, but most of the time you want to catch the virus before it gets into the files. The truly ugly ones will damage data almost immediately upon infecting a file. If you want one that just scans the disk, no TSR app, ClamAV is updated far more frequently than anyone else.

Gaz
04-10-2005, 10:03 AM
Let me make sure I grok this:

If a virus gets past my first line of defense [McAfee shield], I am already screwed? Running ClamAV, for example, is closing the barn door after the milk is spilled?

xoxo~
Gaz
Wonders if life would be easier if he just gave up the Internet at home.

Simplex3
04-10-2005, 10:23 AM
Let me make sure I grok this:

If a virus gets past my first line of defense [McAfee shield], I am already screwed? Running ClamAV, for example, is closing the barn door after the milk is spilled?

xoxo~
Gaz
Wonders if life would be easier if he just gave up the Internet at home.

CAN be. If the virus you get destroys data or self-mutates then you're hosed if it slips past McAfee. If it just lies in wait for something else then you're Ok if it's found later.

Simplex3
04-10-2005, 10:29 AM
Here's the lesson that the pros have already learned:

Be vigilant, do what you can to protect against it without going overboard or making the burden unneccisarly high. Understand that this is only going to keep the average idiot out of your system.

From there it's all about keeping all your original software CDs and backing up what you really need onto a non-destroyable medium like a CD-RW so that WHEN you get hacked you can put everything back together again.

htismaqe
04-10-2005, 11:01 AM
i would say 'yes' just because I utilize multiple anti spyware programs. One will catch stuff the other will not, so I assume the same with anti-virus progs. Besides, didnt McAfee buy Norton? If so, you definately need a secondary anti-virus prog...

I would not recommend running multiple anti-spyware or anti-virus apps on the same machine if they have REAL-TIME scanning capabilities.

They can and will interfere with each other.

There's nothing wrong with using McAfee and Norton (or AVG, etc.) on the same machine as long as only one of them is doing on-access resident scanning. The other can be used for manual sweeps but should otherwise not be running all the time.

The same goes for anti-spyware. I use Spybot and AdAware, but AdWare doesn't have a real-time component.

As for multi-layered defenses, I always recommend that. But those layers should not exist on the same machine. For example, about 95% of all viruses come via email. I strongly recommend using a desktop anti-virus along with a network-based scanning service like Postini or MessageLabs. That's a 2-layer anti-virus defense.

Simplex3
04-10-2005, 11:10 AM
As for multi-layered defenses, I always recommend that. But those layers should not exist on the same machine. For example, about 95% of all viruses come via email. I strongly recommend using a desktop anti-virus along with a network-based scanning service like Postini or MessageLabs. That's a 2-layer anti-virus defense.
Yup. We run a scanner on all inbound mail and kill it before it has a chance to even reach our computers.

Darkwolfe
04-10-2005, 02:39 PM
Bad move using two AV programs. They tend to fight each other and detect the other program's patterns as a virus.

Same with Spyware tools.

Use Spybot Search and Destroy and Avast OR AVG anti-virus. Need a firewall? ZoneAlarm.

You spend 0$ and you get better stuff than McAfee or Norton. Both of those come up as "Junk" these days.

Ari Chi3fs
04-10-2005, 03:17 PM
yeah i didnt take into consideration the "real-time" scanning. Yeah, they drain the piss out of the PC. I really dont run AV all that often.

More of a nuisance than anything. Shit is gonna get owned regardless... it isnt the old viruses that they have fixes for that typically get you, its the brand spankin' newly created ones that get through.

Being paranoid about the inevitable is not healthy.

Just keep your operating system on a 4gb sector of your pc. if a virus infiltrates and dehabilitates your PC, you reformat your OS without losing valuable data.

That way Im never really worried.

Saulbadguy
04-10-2005, 03:23 PM
Just keep your operating system on a 4gb sector of your pc. if a virus infiltrates and dehabilitates your PC, you reformat your OS without losing valuable data.


Indeed. I've got a 20 gb system partition, just in case stuff gets forked.

KCWolfman
04-10-2005, 07:11 PM
Here's the lesson that the pros have already learned:

Be vigilant, do what you can to protect against it without going overboard or making the burden unneccisarly high. Understand that this is only going to keep the average idiot out of your system.

From there it's all about keeping all your original software CDs and backing up what you really need onto a non-destroyable medium like a CD-RW so that WHEN you get hacked you can put everything back together again.
A rebootable CD-RW or CD-R is a nice thing to create as well. Your original reboots are outdated with just a few simple registry changes.

Ari Chi3fs
04-10-2005, 07:14 PM
Indeed. I've got a 20 gb system partition, just in case stuff gets forked.

we are geniouses.

Gaz
04-11-2005, 05:37 AM
Can someone explain to me what I gain with a separate partition for the OS?

FYI: I have McAfee & Zone Alarm running all the time. I run Spybot & Ad-Aware once a day. I use both spyware programs because [1] will sometimes pick up something the other missed.

xoxo~
Gaz
Not the sharpest tool in the shed.

Saulbadguy
04-11-2005, 06:44 AM
Can someone explain to me what I gain with a separate partition for the OS?

FYI: I have McAfee & Zone Alarm running all the time. I run Spybot & Ad-Aware once a day. I use both spyware programs because [1] will sometimes pick up something the other missed.

xoxo~
Gaz
Not the sharpest tool in the shed.

Lets say you have an 80 gig hard drive. Use 10 gigs of that for a "System" partition, and the other 70 for a "Data" partition.

You would install Windows XP (or whatever OS you choose) on the system partition (10 gb), and install any programs you run on that partition as well.

Any DATA (Mp3's, documents, pictures, movies, etc..) would be saved on the DATA Partition (70 gb).

Now, lets say you get a nasty virus, and you need to reinstall Windows. If you had no chance to backup before the virus hit, your data is safe, because its on the Data partition. Only your System partition is infected, or has problems. You can just wipe out the System partition, reinstall XP, and still have all your data.

Gaz
04-11-2005, 06:57 AM
Thanks.

xoxo~
Gaz
Actually understood most of that.

Otter
04-11-2005, 11:51 AM
You would install Windows XP (or whatever OS you choose) on the system partition (10 gb), and install any programs you run on that partition as well.

Mis-read ya, that's the ticket you want...carry on

penguinz
04-12-2005, 01:48 PM
Lets say you have an 80 gig hard drive. Use 10 gigs of that for a "System" partition, and the other 70 for a "Data" partition.

You would install Windows XP (or whatever OS you choose) on the system partition (10 gb), and install any programs you run on that partition as well.

Any DATA (Mp3's, documents, pictures, movies, etc..) would be saved on the DATA Partition (70 gb).

Now, lets say you get a nasty virus, and you need to reinstall Windows. If you had no chance to backup before the virus hit, your data is safe, because its on the Data partition. Only your System partition is infected, or has problems. You can just wipe out the System partition, reinstall XP, and still have all your data.

Even if the files are on a completely different drive you are not safe if you get a virus. If the OS can access the drive then so can the viruses.

Unless you are the type of person who likes to f*ck with their system settings on a regular basis you gain nothing by having multiple partitions.

In fact, if you are running WinXP then you are better off having only one partition.

htismaqe
04-12-2005, 02:06 PM
Even if the files are on a completely different drive you are not safe if you get a virus. If the OS can access the drive then so can the viruses.

Unless you are the type of person who likes to f*ck with their system settings on a regular basis you gain nothing by having multiple partitions.

In fact, if you are running WinXP then you are better off having only one partition.

Actually, having a DATA partitition is relatively secure from most spyware and w32 viruses. Of course, data files can get macro and exploit viruses but those are easily cleaned.

It's all about what the virus actually infects. Actual file infectors are relatively rare anymore, as are boot sector viruses, because it's so much more fun to screw with someone's browser or something.

Saulbadguy
04-12-2005, 02:51 PM
Even if the files are on a completely different drive you are not safe if you get a virus. If the OS can access the drive then so can the viruses.

Unless you are the type of person who likes to f*ck with their system settings on a regular basis you gain nothing by having multiple partitions.

In fact, if you are running WinXP then you are better off having only one partition.
How am I better off running Windows XP on one partition?

Also, like rufus said, most of the virii today are trojan horses, or some sort of browser exploit. Rarely will they infect multiple files, like they did in the olden days.