Anti Virus Programm

Frank · December 27, 2016, 11:07:28 AM

I currently use Antivir and everything is fine so far. The License is almost at the end of support and I need new licenses.
Do tue the continuously rising amount of devices I need more licenses All together 10.
So I was looking around and found Bitdefender Internet Security.
What do you thing about it and what Software can smoothly be used together with imatch.

Any recommendation?

Frank

Mario · December 27, 2016, 11:22:54 AM

I cannot recommend any virus solution.
I use several virus checkers on different devices and test installations. None of them had any issue with IMatch or IMatch Anywhere.
I also let all files check on virustotal.com before I release them.

There is an ongoing argument whether or not the built-in virus protection in Windows is enough (Windows Defender).

herman · December 27, 2016, 02:26:35 PM

There are many approaches to protecting your devices from malware / viruses / .....

My thought is that you (your habits and your awareness) are the best defense.
Things like using a normal user account in stead of an admin account, applying Windows updates, staying out of the slums of the web, not opening unsolicited mail attachments from unknown senders, only install software from a reputable download source (forget sourceforge and the like!) etc.

The next best thing IMO is to inhibit your devices from contacting malicious sources.
You may have seen that some malware has been distributed by advertising networks, and there is of course the privacy aspect of things like tracking cookies, surveillance, profiling the surfer, the list goes on.......

I think an anti-virus program these days is the last line of defense, something that may kick in when all other measures failed. And, if the AV fails, you have your backups, haven't you?

To prevent your devices from contacting malicious sources you can use an adblocker-plugin for your browser. I tried some of them, I found that, depending on the device, they may slow things down. On top of that the company behind one of them gets payed for allowing "acceptable ads".

In the end I settled for a modified hosts file which prevents the device to contact specified IP addresses.
An added bonus is that it not only blacklists suspicious IP addresses but I also no longer see ads, which (for me) is a good thing.
Should you wish to investigate this for yourself, this is what I am using:
   - HostsMan
   - HostsServer
   - MVPS host list
   - Malware domain list

Your disadvantage is that you have to maintain 10 devices, which may mean some work once a month or so.

There seem to be routers which can be programmed with this kind of blacklists.
The advantage would be that you have only one device to maintain, everything served by that router would be protected automatically.
My router (actually my ISP's router) does not allow me to do this, so I have no experience here.

My last line of defense is W10's Windows Defender together with Malwarebytes 3.
Years ago I bought lifetime licenses for Malwarebytes, which are still valid with their latest incarnation.
Since the day I started using the modified hosts file (about one year ago) Malwarebytes still has to kick in, and so has Windows Defender.
But your mileage may vary, depending on your habits and awareness, ..........

Just my 2 cents.

Frank · December 28, 2016, 10:54:41 AM

Hello Herrmann,
thank you for your detailed information. I will think about it and will inform the community about the result.

Frank

Mario · December 28, 2016, 01:26:42 PM

There is a software (at least one I know) that allows you to automatically update your hosts file automatically:

https://www.safer-networking.org/

It's around for many years and renowned.
It updates the malware lists regularly and applies them to your hosts file.
It does a lot else so you may want to get aquatinted with all the options.

herman · January 05, 2017, 03:24:49 PM

I want to say "thank you" to Frank for asking this question.

When I wrote my first answer I said that there are some routers which can be used to block ranges of addresses, but I had no experience here.

Your question triggered my curiosity though and so I searched for what is possible today.

I found something called Pi-Hole.

In essence it is a very small and inexpensive computing thingy (most people use a Raspberry Pi, a credit-card sized device) which is programmed to be a DNS server for your router. The Pi-Hole is fed by one or more blacklists. When a device on your network generates a DNS request it passes through Pi-Hole. The process stops there when the requested address is in the blacklist, otherwise it is passed on to whatever DNS server you configure it to use.

The advantage is obvious: one device can shield your entire network from ads, tracking stuff, malvertising, drive-by infections, whatever you tell it to do. It won't stop links to hard-coded addresses though.
Maintenance is close to zero, blocking lists are updated automatically daily (!), you may have to do software updates yourself but that can be done from your PC over the network.

The disadvantage may be that you block too much for someone in the household, so you may have to whitelist something that otherwise you would not do.

It is a Linux device, so that may or may not be a hurdle you have to take.
Speaking for myself: I never touched Linux all my life, did not know anything about it. Yet I managed to do a headless installation (no keyboard, no monitor, everything over the network via a Command Line Interface and a rudimentary Linux editor) on a rainy Sunday afternoon. There is plenty of help on the web which I had to use, otherwise it would have been a major disaster

So: thank you Frank!
If you would not have started this topic I would not have discovered this little gem.
I am happy you did

Mario · January 05, 2017, 03:40:11 PM

Many routers allow you to load such black lists into their "Parental Control" feature. Some even can download popular lists automatically.
I use that to block the most common malware etc. lists directly in the router.

Frank · January 06, 2017, 01:59:33 PM

Thank you all for the feedback. I have not decided so far.

I let you know my decision.

Frank

lnh · February 23, 2017, 06:57:31 AM

Tavis Ormandy and others who are part of Google's Project Zero have found some horrific vulnerabilities in lots of common anti-virus software (and password managers for that matter). If I remember, some were even back doors into your system and weren't well protected at that. You can find as many opinions on the internet as there are people, but there seems to be a growing pile of evidence that you are best protected using the built-in capabilities in Windows 10.