How secure would you consider this?

[Steve]

I have a router (D-Link DI-604), and my PC has the following installed:

Windows XP SP2 with all updates. I use IE6 SP1 and OE6.
McAfee Security package (Antivirus, Personal Firewall Plus, Privacy Service) from Comcast.
Windows Defender
Spybot S&D + TeaTimer
SpywareBlaster
Peer Guardian 2 (and I don't even use any P2P or file sharing)
A custom hosts file consisting of the Spybot entries plus those from a recommended website, I think it was this one.

Am I okay as is? Is there anything else I ought to do? I tried using IE7 for the first time yesterday but it seemed to hose up my system so I had to restore back. I'm not keen on Firefox but I am curious about Opera.

Is there a good website that tells how to set up a router properly for firewall rules, etc.? I think mine is mostly at default settings and I'm wondering if I should do more than that in it.

 

[Woodie]

Change the router password, so it's not the default, and so it's long/strong.
Make sure the router doesn't respond to pings from the WAN interface.
Most routers come out of the box w/ no inbound ports. That's what you want, generally.
Wireless settings: Depending on your environment...
...use some sort of encryption
...not WEP or WEP2
...yes to WPA or better
...strong password for pre-shared key


Can't think of anything else off the top of my head.

 

[n0cmonkey]

Don't use an administrator account.

 

[Schadenfroh]

I say overkill and your system is going to be significantly slower with all of that realtime protection going, Mcafee and some of those others are probably what caused IE 7 to be so slow.

Get a hardware firewall in the form of a router or linux box and disable wireless if you are not using it (use WPA or WPA2 if you need it), do what Woodie above stated, read about why you should use a hardware firewall here:
http://www.mechbgon.com/build/router.html

(proceed only if you are offline or behind a hardware firewall)
Get rid of Mcafee Security Package, disable realtime protection in Windows Defender, disable tea-timer and Peer Guardian 2 (since you do not use P2P).

Run the mcafee removal tool
http://www.majorgeeks.com/McAf...emoval_Tool_d5420.html

Now, try a better security suite, Kaspersky Internet Security for free for 30 days (it is far faster than Mcafee's consumer level products and more effective):
http://usa.kaspersky.com/downloads/trial-versions.php

See the detection rate test results of Kaspersky here:
http://forums.anandtech.com/me...y=y&keyword1=detection

Also know that Kaspersky update's their antivirus definitions every hour, so you will have the quickest threat response time in the industry by using them, along with one of the highest (if not the highest) detection rate, along with very low use of system resources.

If you like it, you can get a great deal on it here:
http://forums.anandtech.com/me...y=y&keyword1=antivirus

Use a limited user account, explained here:
http://www.mechbgon.com/build/Limited.html

Keep ALL of your software updated, Microsoft update and run Secunia software inspector to check if all of your installed applications are updated and have no security vulnerabilities:
http://secunia.com/software_inspector/

Upgrade to IE 7, it should be loads faster now that you are using Kaspersky and not Mcafee. But, make sure to use Kaspersky's realtime protection, it is top notch.

 

[Steve]

Thanks very much! I am bookmarking this. IE7 wasn't slowing my system down, my Windows installation seemed to be corrupt after installing it but rolling back made it okay. I have the McAfee free until October so I may just use it all up before I switch.

 

[John]

Originally posted by: Steve
I have the McAfee free until October so I may just use it all up before I switch.

No need to wait when there are freeware solutions that provide better detection and removal, not to mention friendlier on resources. One solution is in my sig, the other that I would recommend is Antivir. I have the instructions on how to disable the Antivir nag screen in my Malware Guide.

 

[mechBgon]

Originally posted by: n0cmonkey
Don't use an administrator account.

:thumbsup: Low-rights approach = bedrock foundation to build the rest of the security measures on top of.

Use a limited user account, explained here:
http://www.mechbgon.com/build/Limited.html

If it's WinXP Professional Edition, you can add a Software Restriction Policy on there for even more proactive protection.

I can also suggest

• fully enabling your Data Execution Prevention, by right-clicking My Computer, choosing Properties, and doing this :camera:
  
• uninstall software you don't actually use. I've found some nasty websites that appear to call up Javascripts that assess what software you have installed, then try to hit you with exploits tailored to your software. Stuff like WinZip, Adobe Reader, QuickTime/iTunes, WinAmp, Flash, and anything else the Secunia scanner reports on, whether you get a passing or failing mark... ask yourself if you need or use that software. If you don't, then reduce your attack surface by completely uninstalling software you don't need or use.
  
• definitely get IE7 on there in place of IE6.

If it were me, I'd stop there and skip the dedicated antispyware apps, if you're the only computer user with access to the Admin powers, and you use a Limited account, and you avoid risky behaviors such as warez, cracks, serials and other Trojan Horse stuff.

I'm coming to realize that not many people can stand using a Limited account on WinXP because it's not always no-brainer simple. Vista is better in that regard due to UAC, built to make non-Admin user accounts more feasible, and with additional safeguards like Windows Integrity Control too. the HOSTS author comments on Vista's performance in the field when visiting ~10,000 malicious websites This reflects my experience too, even with my antivirus software shut down in order to collect samples.

If you see the reason for using a non-Admin account, consider moving to Vista.

 

[Steve]

This thread is a terrific resource, thanks very much all!