List of freeware security software on the wiki.

[lusher]

The CastleCops Wiki is hosting a list of Freeware security software, and so far, this is how we have chosen to categorise them.

Freeware Anti-Virus

Freeware Anti-Spyware

Freeware Anti-Trojan

Freeware Anti-Keylogger

Freeware Anti-Rootkit

Freeware Firewall

Freeware Behavior Blocker

Freeware Sandbox

Freeware Virtualization

Freeware Security Analysis Tools

Freeware Hardening Tools

Freeware Blocklists

Freeware Security Services

Freeware Anti-Phishing

Online Malware Scanners

We believe this is by far one of the most comprehensive and through lists of freeware security software available anywhere on the net, and it is constantly updated with the newest and most promising entries.

Please take a look, you will be surprised at the choices available.

Any comments on how to improve are greatly welcome

 

[lusher]

No response?

 

[surikas]

Why not to add something about rogue antiviruses? These are extremely popular right now and people should be informed about what is what..

 

[lusher]

The list already exists at http://spywarewarrior.com/rogue_anti-spyware.htm

Besides, I'm not comfortable with the idea of people playing net cop, deciding what is "rogue" or not. It seems that list is pretty much condamns (rightly or wrongly) any and all entries except for a chosen few.

So instead of using the list you might as well just list the good ones.

 

[Schadenfroh]

Thanks, this will save me from having to rewrite and/or update the Freeware Security Applications Thread (it was corrupted by a FuseTalk bug and my backups were very old).

I assume the moderators police the wiki heavily to prevent malicious bogus products from being added?

 

[lusher]

Yes. But do read the fine print at the bottom of each page.

 

[mechBgon]

Originally posted by: lusher
Any comments on how to improve are greatly welcome

Ok, I'll bite. All these security apps, yeah, but I don't see a single mention of fundamental security best-practices: using a non-Administrator user account, possibly Software Restriction Policy, and the value of keeping User Account Control enabled on Windows Vista.

These aren't security apps, but they constitute something akin to process control / sandbox / HIPS. They're free, highly effective, they safeguard other layers of security from tampering, they have no noticable performance hit, and every version of Windows since Win2000 can use at least a non-Admin account. My testing with my vulnerable Win2000 "punching-bag" system demonstrates the power of non-Admin accounts to bring attacks to a halt, and I have several hundred-thousand machine-hours as a sysadmin that further backs that standpoint.

So before building an elaborate security scheme out of all that freeware, ensure that the foundation you're building it on is bedrock, not sand. Using a non-Admin account is far from impossible, especially on Vista with UAC enabled, but even on WinXP and Win2000.

update: Ok, I did find this:

In theory everyone should be using accounts with administrative privileges only when necessary. But this is not quite realistic for Windows XP users.

I disagree. It is quite feasible. Anyone who can handle half of the other arcane tools you've listed can certainly learn how to use RunAs and/or Fast User Switching where necessary. Instead of deciding for the readers that it's "not realistic," why don't you give the topic fair coverage and let them decide?

Feel free to link to my how-to page if you like; I'm doing OK for bandwidth, thanks to RossMAN's ongoing generosity :thumbsup:

This function is already built in for Windows Vista. So they should not need this.

Vista users should still set up and use Standard (non-Admin-class) user accounts. With UAC, there's no excuse anymore to be running Windows in Win95 fashion.


Having given that criticism, I want to add "nice job" on the rest of the information :thumbsup:

 

[SecPro]

Originally posted by: mechBgon

Originally posted by: lusher
Any comments on how to improve are greatly welcome

Ok, I'll bite. All these security apps, yeah, but I don't see a single mention of fundamental security best-practices: using a non-Administrator user account, possibly Software Restriction Policy, and the value of keeping User Account Control enabled on Windows Vista.

These aren't security apps, but they constitute something akin to process control / sandbox / HIPS. They're free, highly effective, they safeguard other layers of security from tampering, they have no performance hit, and every version of Windows since Win2000 can use at least a non-Admin account. My testing with my vulnerable Win2000 "punching-bag" system demonstrates the power of non-Admin accounts to bring attacks to a halt, and I have several hundred-thousand machine-hours as a sysadmin that further backs that standpoint.

So before building an elaborate security scheme out of all that freeware, ensure that the foundation you're building it on is bedrock, not sand. Using a non-Admin account is far from impossible, especially on Vista with UAC enabled, but even on WinXP and Win2000.

update: Ok, I did find this:

In theory everyone should be using accounts with administrative privileges only when necessary. But this is not quite realistic for Windows XP users.

I disagree. It is quite feasible. Anyone who can handle half of the other arcane tools you've listed can certainly learn how to use RunAs and/or Fast User Switching where necessary. Instead of deciding for the readers that it's "not realistic," why don't you give the topic fair coverage and let them decide?

Feel free to link to my how-to page if you like; I'm doing OK for bandwidth, thanks to RossMAN's ongoing generosity :thumbsup:

This function is already built in for Windows Vista. So they should not need this.

Vista users should still set up and use Standard (non-Admin-class) user accounts. With UAC, there's no excuse anymore to be running Windows in Win95 fashion.


Having given that criticism, I want to add "nice job" on the rest of the information :thumbsup:

All of that is very good advice.

Let me make another suggestion. Go to the Center for Internet Security (CIS) website. They have hardening standards there. Pick out the appropriate one and use it.

 

[lusher]

Thanks for the comments guys.

But those pages are mainly lists of software, not recommendations on how to stay safe (the how to keep safe guide can be found at other places including here ,as such hardening techniques , knowledge, safe hex etc while relevant are not found there.

Remember, I don't claim to be some super expert on security (and having watched and read experts for almost a decade, they seldom agree anyway), so the list of entries is pretty inclusive.Each section is then written to explain why someone would use each of these tools and hence by necessity has to take a certain viewpoint for that purpose.

For instance the section you quoted about using none-admin accounts being not realistic is from the point of view of people who promote the use of dropmyrights and similar software. Clearly given the popularity of such software, there is a sizable group of people who do find using none-admin accounts in XP a pain, and dropmyrights is suitable for them.

(You can debate with these people, just not me).

Of course I could arbitarty decide that people using dropmerights are silly newbies, but then it would mean I would have to decide that these software were useless, and I try not to push my opinions (too much) on others not being as confident that i'm right you see.

Another point is that the site certainly doesn't recommend you go around picking one (or more!!!) freeware from each page , though i guess if someone is silly enough to do that, he probably as bigger problems then keeping his computers safe.

I think the page gives an illusion of a complete guide, when it is actually written piecemeal, if you read all the sections you will notice the comments don't quite jell together...


That said, I knew that I would not gain many friends, when I started adding comments to the list, particularly since everyone has his own subjective biases and opinions and there are many fierce debates about security policy philisophies...and I can't reflect every position given that the sections are brief summaries really.

Feel free to edit the pages if you want to improve them....

 

[mechBgon]

But those pages are mainly lists of software, not recommendations on how to stay safe (the how to keep safe guide can be found at other places including here ,as such hardening techniques , knowledge, safe hex etc while relevant are not found there.

If you are going to include DropMyRights, then you should be including the real thing too. As you probably realize, I'm a CC member too. Even there, I find a mysterious resistance to the use of non-Admin user accounts. I find that very strange for a security-oriented forum.

Poll: AnandTech members on non-Admin accounts If ~25% of us use non-Admin accounts, your readers certainly can do it too. It's easy, and it's reversible if it doesn't work out for them. I'm not editing your Wiki, however

 

[lusher]

In my very unqualified view, I can see how AnandTech forum members would be more embracing of none-admin accounts, while a so called security forum like CC would be less. There are many many variables and factors at play really. I find that surprisingly resistance is fiercest among those who are most capable of using it....because these are the very sorts of people who like to "play" with stuff that requires constant use of admin previlages. On the flipside many professionals at security oriented sites are of the view that newbies won't be able to handle it and hence don't recommend it either.

In any case, you mistake me for some security guru, it is not my job to lead opinion, but rather to reflect it. And they are not my "readers" anyway...

 

[mechBgon]

What do you do at CastleCops, out of curiosity? I was trying to join MIRT, but I seem to be among the Unworthy (maybe because I hold unpopular viewpoints, I dunno).


edit: tangentially, and this continues to surprise me... mechBgon.com has been up since 2005 showing how to build a PC. I only added the Software Restriction Policy page this year, but the SRP page is already on track to overtake the PC-building guide as the most sought-after page on the site. Every time I look at the logs, I see people coming in from search engines looking for info on SRP. Interesting.

 

[Medea]

Originally posted by: mechBgon
What do you do at CastleCops, out of curiosity?

I'd like to know the answer to this as well. I do know how articles are picked and written for Castlecops' Wiki website. Also, your statement about rogue apps struck me as strange:

Besides, I'm not comfortable with the idea of people playing net cop, deciding what is "rogue" or not. It seems that list is pretty much condamns (rightly or wrongly) any and all entries except for a chosen few.

Rogue programs are problematic for many reasons including but limited to the fact that some of them are installed by malware and/or make it easier for malware to infect one's computer. That's why there was a need for a program called RogueRemover.

 

[lusher]

Originally posted by: Medea

Originally posted by: mechBgon
What do you do at CastleCops, out of curiosity?

I'd like to know the answer to this as well. I do know how articles are picked and written for Castlecops' Wiki website. Also, your statement about rogue apps struck me as strange:

Besides, I'm not comfortable with the idea of people playing net cop, deciding what is "rogue" or not. It seems that list is pretty much condamns (rightly or wrongly) any and all entries except for a chosen few.

Rogue programs are problematic for many reasons including but limited to the fact that some of them are installed by malware and/or make it easier for malware to infect one's computer. That's why there was a need for a program called RogueRemover.

I'm not saying rogue products don't exist. Certainly rogue products that install themselves on unsuspecting users computers are harmful and many entries on the list are indeed rogue. I also accept that some products are not as good as others.

But if you look at the list on the oft cited list (you know which one I'm talking about), some other reasons for listing products strikes me as playing netcop (particularly given the conflict of interest problems of the maintainer). E.g Listing for excessive FPs or "false positives work as goad to purchase" or deciding that some product is using deceptive aggressive affiliates for advertisments (as pointed out by some the big boys do exactly the same) is pretty much playing netcop. Heck some are even listed because they don't offer trial versions!!!! I bet very few people actually look closely at why some apps are listed... Some of the reasons are pretty insane.... "not having an update function" or have inadequate details....

Sure a lot of them might be lousy products (though I doubt the guy had time to do more than a cursory look given the number of entries), but to call them rogue ?

Particularly There is some hypocrisy involved I think in claiming that some products are rogue because "false positives work as goad to purchase", when pretty much everyone who is in the know acknowledges that of the "trust worthy" AS, two of them Pest Patrol and to some extent Spyware doctor are full of FPS. Pest Patrol is not known as the king of FP for
no reason....

I guess the maintaners of the list have mind reading powers and know that because computer associates is reputable (read has $$$) so their FPS are due to incompetence only and are not meant to gload?

It's pretty insane, nowadays any new Antispyware product pretty much gets thrown in the rogue list for a few months for some weird reason and then a few months later, it is removed, and the list claims it has "improved"....

And people blindly believe what they read, so any product will always have a stigma even after it is removed (and the list continues to make sure people know that product X was listed a while ago).

From my POV the list sometimes plays a role as barrier of entry stopping many legimate products from competiting with the existing products..

Not that I would use any of the products on the list with a ten foot pole of course.

But I think if you want to brand software rogue, you better have solid reasons and not some vague reasons..

I will probably get flamed, because Eric Howes is a god to most people, and I'm a nobody.

 

[lusher]

Originally posted by: mechBgon
What do you do at CastleCops, out of curiosity? I was trying to join MIRT, but I seem to be among the Unworthy (maybe because I hold unpopular viewpoints, I dunno).

I'm a nobody. I have no titles, or positions conferred to me by the virtual world. if this means a guy with a virtual title here can feel superior to me, and dismiss my points as by someone who is ignorant so be it... It's not like these virtual titles are worth anything anyway.

And to address another question anyone can write on castlecops wiki. The public part anyway.

PS the MIRT lead is a idiot, he doesn't know half of what he is doing most of the time IMHO.

 

[DasFox]

wiki.castlecops is really outdated on a lot of the applications, to bad someone is not keeping it updated...

 

[lusher]

Originally posted by: DasFox
wiki.castlecops is really outdated on a lot of the applications, to bad someone is not keeping it updated...

I'm afraid I will have to take offense at those words, I don't know about other castlecops wiki pages, but those under my care including those urls posted here *are*
being maintained.

If you check the notes for instance, they have being link checked (manually i would add) at 31 december 2007. In terms of new offerings, you will find that the lists i maintain are the quickest in adding new entries (with the attendant risks) , often the only reason why i don't add links is that I'm unclear if they will remain freeware or are free only when in beta e.g ZAforcefield and Trend's new rubot.

I can appreciate that the list might look outdated because it includes some old or applications that are no longer "fashionable", but that is misleading. The list does not attempt to list only the "best of" or "latest and newest" apps, as long as an application's page still exists it will remain even if I personally feel it is not the best.

That's said, in a list of this length, omissions and mistakes are very possible, if you have more specific comments rather than the general "it is not updated", i would be very happy to hear them....