AV

Best free antivirus

Dave Farquhar security , , , , , , ,

What’s the best free antivirus? I have an answer that may surprise you. I also have a supplement that may surprise you. And I have a third supplement you already have but probably never heard of.

Keep something in mind. I don’t like using words like “good” and “best” in the same sentence as antivirus software. Imagine a college graduating class whose valedictorian is Chris Farley’s character from the movie Tommy Boy. What you want from your antivirus software is something that doesn’t do a lot of damage.

Read more

So just how dangerous is an old, out of date operating system anyway?

Dave Farquhar Retro Computing , , , , , , ,

Glaurung brought up a good point in a comment yesterday. If you never go online and/or you’re really careful, do you really need to update your OS to something new?

In my professional opinion, it depends. Didn’t you know that would be my answer? Read more

More about Pfsense, the alternative to the crappy consumer router

Dave Farquhar security , , , , , , , , , , , , , , ,

I spent some time over the weekend playing with Pfsense, and I can’t say much about it other than it does what it says. I didn’t throw a ton of hardware at it–the best motherboard I have laying around is a late P4-era Celeron board, and the best network card I could find was, believe it or not, an ancient Netgear 10/100 card with the late, lamented DEC Tulip chipset on it. Great card for its time, but, yeah, nice 100-megabit throughput, hipster.

If you actually configure your routers rather than just plugging them in, you can do this. Plug in a couple of network cards, plug in a hard drive that you don’t mind getting overwritten, download Pfsense, write the image file to a USB stick, boot off the USB stick, and follow the prompts. Then, to add wireless, plug in a well-supported card like a TP-Link and follow the howto. Read more

Using antivirus to deliver a virus

Dave Farquhar security ,

A coworker tipped me off the other day to how it’s possible to use a certain major-brand antivirus to infect a computer. “I didn’t have admin rights,” I overheard him explaining, “So I got them with [redacted] antivirus.”

My head spun around violently. “You did what?

“Google ‘confused deputy persistence,'” he deadbeated. “It’s the first result.” Then he went back to explaining the problem at hand. Read more

Avast 8 is out and already well-regarded

Dave Farquhar security , , , , ,
Avast 8 is out, and the initial reviews are positive.

If you use Avast, either as your primary or as your secondary AV, updating it is a good idea. One critical improvement is that virus database updates happen more frequently now. There’s no such thing as too frequently when it comes to database updates.

Some security-ish short takes

Dave Farquhar security , , , , ,

Windows 7 SP1 is coming soon. Possibly as soon as this weekend.

Historically, service packs tend to get off to a bit of a rocky start, so I’m not going to be installing this right away. But since it’s so imminent, I’m not going to be installing Windows 7 on anything else yet either. I’ll probably give it a couple of weeks, then slipstream and install. Being the first on the block to install a service pack usually isn’t a good idea. Seems to me that in one Slashdot poll several years ago, given the choice between installing a service pack on the first day or watching the movie Master of Disguise, the really bad Dana Carvey movie won out. There’s a reason for that.

Microsoft Security Essentials, Take 43,291. And while we’re picking on Microsoft, my biggest beef with Microsoft Security Essentials is that it doesn’t update itself quickly enough. But you can make it check for updates as frequently as every hour. Directions are at http://lifehacker.com/5733597/change-microsoft-security-essentials-update-frequency

They cite this as a good thing to do on laptops. I completely agree. My laptop gets used just sporadically enough that it has trouble staying updated, and usually, when I use it on the road, it’s not up to date at first, and it’s when you’re using strange networks that you most want to be up to date.

Frankly I think it’s a good thing to do on your desktop too. When the signatures get updated, would you rather get the updates right away, or tomorrow? I’ll vote for right away.

When I was administering antivirus for a living, when I updated my AV server, my clients got the updates within an hour or so. Sometimes it was within a few minutes. That system wasn’t even directly connected to the Internet. So if that system needed its updates that fast, so do home PCs.

Passwords. It’s now possible to test 400,000 passwords per second using Amazon’s services, at a cost of 28 cents per minute. So, testing 24 million possible passwords costs 28 cents.

Strengthen your passwords. Going to 16 characters with two uppers, two lowers, two special characters and two umlauts is overkill, but you want to be using more than 8 characters, and use at least one number, one upper and one lowercase letter, and one special character like a punctuation mark. If your password is something like “popcorn,” well, let’s do the math. It takes one second to test 400,000 passwords, and there are arguably a million words in the English language, so cracking a simple one-word password should take a maximum of two and a half seconds and cost 3 cents.

I just downloaded Microsoft Security Essentials

Dave Farquhar Software , , , , , , ,

I just downloaded Microsoft Security Essentials, and, depending on your situation, I recommend you do it too.

MSSE is free antivirus software, from Microsoft. It’s not the best thing out there, but it’s far from the worst. If you don’t have any antivirus software, go get it.The usual suspects fell all over themselves to heap praise on MSSE. Some people never saw a Microsoft product they didn’t like, so no surprises here.

I trust PC Magazine a whole lot more. They found it was overall a decent product. Not top-tier, but much better than nothing, and it didn’t interfere much with system performance.

That’s the knock on a lot of AV software. Uninstall the preloaded Norton Antivirus from the computer you bought at Office Depot, and suddenly your $399 computer feels like a $3999 computer. And it might also, like, work or something. (My mom’s HP gave random filesystem errors until I uninstalled that scourge on humanity.)

If you can afford NOD32, I continue to believe it’s the best overall antivirus product out there. It’s fast, it’s reasonably priced, it catches more than any Symantec product does, and it slows the system down a lot less. It’s better than McAfee’s products too.

But if you can’t afford NOD32, I suggest running MSSE. And frankly, even if you paid and subscribed to a Symantec/Norton or McAfee product, I don’t think you lose much by switching. Regardless, it’s definitely better than running nothing.

02/12/2001

Dave Farquhar General , , , , ,

Mailbag:

Keyboards; Optimizing Windows

Sweet! In Optimizing Windows, I lamented that no one had made a hardware RAM disk. Leave it to the Aussies, someone did it. I found a reference to Platypus Technologies ( www.platypus.net ) on Storage Review’s forum. It’s pricey–a half-gig disk will run $1,500, while an 8-gig job runs into five figures–but you’ll never find anything faster. It’s a plug-in PCI card that uses SDRAM DIMMs. Whether it’ll take off-the-shelf DIMMs or just Platypus-manufactured DIMMs, I’m not sure.

I’d love to see this catch on and drive the price down. The size seems a bit small, but keep in mind that for, say, a Web server, speed is much more important than size, and a half gig will hold an awful lot of HTML. And there was a time when operating systems and a reasonable number of apps easily fit in half a gig, if you’re thinking workstations.

I’d say I think I’m in love, but that’s not true. This device is 100% Grade-A lust. Now the question becomes how do I convince Computer Shopper UK that they’ve really got to do an in-depth look at this killer device, and that I’m absolutely, positively the guy they have to have do it…?

One-button Linux shutdowns. Here’s a great idea.  A lot of people run headless Linux boxes for firewalls or routers or Web servers or other things. But that once or twice a year you need to shut the machine down–due to power failures, for instance–becomes a real pain without a keyboard or mouse. You have to telnet or ssh in, issue the command… Or keep a monitor and keyboard handy, which just wastes space most of the time.

Here’s a solution: a case-mounted pushbutton with a pair of LEDs. Push the button, the PC shuts down. It plugs into a serial port and needs a small daemon to monitor the serial line.

And it occurs to me that nothing stops you from using the PC’s reset switch and its power and HDD LEDs–or turbo LED if it has one–and with that slight modification, it would require no modification to the case. Just put connectors on the PCB for the switch and LEDs and mount it somewhere inside.

Also, I looked at the source code for the daemon, and it would be extremely easy to mofify this project to do any other task–just go to the runshutdown() function and change the system(“/sbin/shutdown -t2 -h now”); command to execute any other Unix command. The C source code is so simple, even a journalist like me can modify it.

If I were building another Linux-based Cable/DSL gateway, I’d probably pull that line and replace it with these two:

   system(“kill -9 $(pidof -x pumpd)”);
   system(“/etc/rc.d/init.d/network restart”);
  
That way, with the push of a button, the gateway could go grab a new IP address.

And if you have multiple serial ports, nothing stops you from building one of these switches for each port and modifying this daemon to run additional commands. A throwback to the Imsai and Altair days, to be sure.

Too bad you don’t see much of this kind of stuff anymore.

Samba. Speaking of Linux, that was one of the weekend’s projects. My church ran out of IP addresses, so I took an old P166, threw a pair of NICs in it, and set up IP masquerading on it (Mandrake 7.2 makes this so nice–just run DrakConf, run Internet Connection Sharing, answer its questions, and you’re in business), then I started assigning 192-net numbers to the PCs that didn’t have addresses. It worked great. Since I had a Linux box with an 8-gig drive just sitting there, I decided I also wanted to set it up as a server. So I tried to configure Samba as an NT domain controller and fell flat on my face. It showed up in Network Neighborhood, but I couldn’t authenticate against it no matter what I tried.

I decided yesterday I was being too ambitious. I reformatted my P120, installed Mandrake 7.2 on it, and configured Samba to just look like a plain old Win95 box. It worked great. They’re not used to having a big network at church, and they’re all on Win98 boxes anyway, so I think I’ll just configure Samba to do user-level authentication, create a few shares, and let it go at that. The primary convenience of the server is the AV booth; one of the staff puts together PowerPoint presentations for the service, which are then loaded on a pair of PCs up in the AV booth for projection on Sundays and Wednesdays. The server will allow them to edit in their office, then go to the AV booth without shuttling around Zip disks. Chances are the DCE, who also serves as the resident PC expert, will also use a share there to store device drivers and other downloaded stuff he finds himself using often. Other than that, the server probably won’t get a lot of work, so trying to create an NT domain with hardcore security probably isn’t a good investment of my time.

So I’ll probably just create an AV share, create a public share that’s read/write accessible to anyone, then I’ll share out home directories and show him how to create user accounts. That way if anyone else wants to use a network drive, it’s there, but not mandatory.

Mailbag:

Keyboards; Optimizing Windows