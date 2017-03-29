Thread display:
Collapse /
Expand
156 total posts
(Page 1 of 6)
Collapse -
Well, I use Defender with Win 10
for the last month and have had no issues . Nothing to report here .
Does that mean it's working good or am I just lucky ?
Neither my PC's nor Laptop are acting up or freezing or anything.
I used Avast for years but I thought I would give Defender a try and the only thing I notice is that my comps. boot up faster.
Collapse -
Yep!
by
Dafydd
Forum moderator
/
February 12, 2016 5:35 PM PST
If you're a safe surfer no problem. If you torrent/ use dodgy sites, all bets all bets are off.
Dafydd.
Collapse -
I would think that's true
no matter which AV you use.
Collapse -
I Know Someone Who said He Was a "SAFE" Surfer
by
Hforman
/
February 12, 2016 6:26 PM PST
Unfortunately, he picked up the NIMDA virus even with his "safe" surfing and then brought his laptop into the office and caused $10 million worth of damage to over 40 departments. I'm just sayin'!
Collapse -
That's a rich story Hforman
by
muddg
/
March 7, 2016 8:05 PM PST
So you're "just sayin" that the "SAFE" surfer caused $10M worth of damage by connecting to your office network? You're kidding right? This makes me laugh. You're pointing the finger at the "SAFE" surfer when you should be pointing the finger at your IT department. Just sayin. No security expert in your company? Just wonderin.
I never pay for virus software. It is a waste of money. I've been using Microsoft Security Essentials (Defender is a Win 10 reincarnation..I think) for years. I have time and time again rescued other people's infected machines and all had some expensive virus software. Amazingly, it is a variety of free tools including Microsoft's Malicious Software scanner that usually finds the culprit. Recently someone who was using the paid version of Avast was infected. Avast did not intercept nor did it locate the virus on a scan. The free version of MalwareBytes knocked it off. Corporate systems have to take a different tact and be on top of their game with a variety of strategies and tactics including relentless user education. But individuals are wasting their money with paid anti-virus software.
Collapse -
Very Serious
by
Hforman
/
March 8, 2016 8:17 AM PST
If you are on a corporate network where the security points are at the connections to the outside world, a person who brings in anything from a jump drive to a laptop is capable of damage. I was part of the CCERT group that had to evaluate the outage and $10 million is nothing for an outage that lasts several days and shuts down the entire enterprise for these several days. We are talking about shutting down even welfare offices, entire departments sending HOME thousands of employees who could not do their jobs and having some people working 24 hours per day trying to remove the problem. Keep in mind this was a zero-day issue so that AV systems were useless and this was long before having reputation-based AV.
If you want to compare "free" vs. "paid" AV systems look up the magic quadrant over at Gartner.
Collapse -
bogus story
by
9Rune5
/
July 28, 2016 12:03 PM PDT
Most offices do use AV. So if AV systems make that much difference, how came they got infected too?
In my experience... I have actually been infected once during the past 5 years. I had a suspicious executable at hand and I brought it to a laptop running F-Secure. It did not detect anything untowards, so I thought "okay..".
Sure enough, the little critter configured it self to autostart when windows boots.
I de-activated it, waited a month or so, and _then_ F-secure finally agreed with my analysis: Malware.
Those times the AV has detected anything, it has boiled down to false positives or non-threats (typically a text file containing a URL... yeah, I'm shaking!).
For far too many users, AV systems provides them with a false sense of security. They'd probably be better off running the least secure product and be told to "tread carefully" because of this. That might have an effect.
Collapse -
Let Me Explain
by
Hforman
/
April 14, 2017 8:28 PM PDT
Here was a case of a SINGLE user who didn't use any protections whatsoever. He got a brand new never seen before virus. He brought it in. Most network protection is on the gateways into the network. Not on individual network connections within. This was NOT a bogus story because it really did happen. It would be nice if there was someway to guarantee all 100,000 employees were running AV and keeping them up to date, but some departments find stupid excuses why they don't. "Interferes with a (poorly written) application", "slows down our (ancient) computers". Besides, if you have ONE computer trying to infect 100k other computers, the network goes to a crawl and no matter where you are on the intranet, you grind to a halt. AV or no AV. And if the infection was zero-day, well, McAfee didn't even have a name for the virus yet.
So, if you have a "company" (or government) with 40+ departments and each has 5-9 locations and 100k employees, it doesn't take more than a few rotten apples to kill a network.
Collapse -
Proper Security Practices Mitigate Antivirus Deficiencies
Any IT department that allows personal devices on the network without attaching to a perimeter net only network (for say ipads for web use only) is asking for trouble. Also - if the admin account were locked down properly - the damage might only occur to the share folders. With shadow copies enabled you could have rolled back to previous versions of the share folders and all would be forgotten. The worst that might happen is each desktop user profile would have to be reloaded and email re-downloaded. I've had ransomware encryption attacks on a 100MM corporate network that caused a day of headaches, but nothing more because there was only so much it could do. Once I isolated the infected machines, reloaded the shadow copies on the share folders and deleted and reloaded the infected user profiles on each device, all was good.
Just saying that in a properly secured and backed up user environment, antivirus is a secondary thought to an attack mitigation.
Collapse -
Let me add this. I'm not a fan of BYOD.
by
R. Proffitt
Forum moderator
/
November 25, 2017 8:28 PM PST
Bring Your Own Device? Now that we have phones in the mix and companies that shirk the security responsibility until the company burns, my view is we'll see more rather than less leaks and company meltdowns.
Collapse -
And the answer is?
by
richsilv
/
February 1, 2017 7:19 PM PST
I notice you point finger all over the place...
But no solutions....
At least none that this forum tool has presented to me....
Collapse -
all Over the Place?
by
Hforman
/
April 14, 2017 8:38 PM PDT
I don't think so. If you give managers and even some IT people a choice, they will avoid common sense and go with lack of protection. So, what is the solution? You need to have policies and those policies have to have teeth (if you don't enforce policies in a business environment, you might as well not have them as they get called 'intrusive', 'costly' and a few other names by people who are clueless. I was pointing out that an uncontrolled infection in a HUGE (100K employee) enterprise can itself cost a fortune. The secret is to have a team of people under an independent security office who can make policies that have teeth. Even if it just to require anti-malware. If the one employee had "dialed in" as we used to say through SSL VPN, the servers would have checked his machine carefully for patches and AV protection. But they didn't do that for inside network connections. And, yes, $10 million is reasonable if you have to send 1000's of workers home who rely on computer systems with no manual backup. Try going to your bank if the computers are all down and they don't have your signature card on file.
Getting back to the original question, though, we used what the Gartner Magic Quadrant said to use and then created contracts with the vendors.
Collapse -
Corporate Security Fail.
by
B_TheMan
/
November 20, 2017 10:52 AM PST
That is why managers or IT people with no IT security background should never be given the choice. Most IT professionals that have any security training would know how extremely important it is to have IT security policies established. Your example is a case where someone should be fired for allowing this to happen. An organization of your size with 1000's of workstations should never allow non-secure personal computers on the company's secure intranet. This problem is so much larger than simply deciding on what AV protection to use. A company that size should have all security policies automatically established and enforced upon all computers allowed on the intranet. No outside, non-secure computer, should be allowed to connect to the internal network.
Collapse -
This is worth its own discussion.
by
R. Proffitt
Forum moderator
/
November 20, 2017 12:01 PM PST
I can imagine an IT lead demand this but the number of smart phones with no patch for say the KRACK WiFi and more means the company will be both secure and poorer for the effort.
You have hit the nail on the head here and bolstered my view on BYOD (bring your own device) in today's workplace.
-> If the company wants secure devices, my view is they supply them and pay for them rather than get free gear at the employee's expense.
Collapse -
Agreed
by
Hforman
/
November 20, 2017 2:16 PM PST
While I was still working, the "County" tried to implement BYOD but it was a fail. Period. They offered to pay the employees $50 (at first, but cut it down somewhat) to bring their own mobile devices. However, there were NO takers. Seems people did not want County security software loaded on their devices and, if you lost (even, misplaced) the device, it had to be reported and then WIPED clean. Nobody wanted this even though anyone can back up their device and restore it when found or replaced.
My issue is being told by managers that "YOU will NOT waste time dealing with security when we have impossible deadlines to meet". "We can always look at security LATER". ('Later ' never comes and I imagine this is the same attitude at most enterprises. Look at IoT. No security as everyone rushes to get their devices to market ahead of the competition.
Collapse -
Answers?
Answers:
1. Dont allow non-domain joined machines that are not corporate owned on the network. If an Exec need his ipad on wifi - build a wifi link outside your perimeter firewall.
2. Dont allow your admins to use an admin level account for daily desktop login, they should have user level accounts, this way if they are surfing and grab a bug, it only affects their desktop and not the network at large. They should have a separate Admin login that they only use when installing or modifying something that needs admin level access.
3. Run shadow copies and backup as often as your disks/bandwidth allow, at least daily or 6am, 12pm, 6pm to limit network strain to off times.
4. Setup DFS and run full replication between multiple DCs for all critical data. if it creates network strain on your internet connection during the day, setup burst scheduling to limit transfer bandwidth during peak times, but to burst during the off times.
5. Make sure you regularly run updates for all software and all antivirus on the network.
6. Has an emergency operating procedure or action plan written NOW as to how to implement isolation and restoration procedures to limit the attack surface, isolate and eliminate the threat, then restore the system to the last known good version.
Its the best advice I can give you in 10min. Its built on a lifetime of Adminstrator/Network/Datacenter Support process and procedures that I have seen work over and over. If your admins follow the rules and the network is properly configured as outlined above, you limit the attack surface greatly. Zero Day attacks can still affect you, but you can in a worst case scenario, usually only lose 1 days worth of productivity/data when implementing these procedures.
Collapse -
Why risk it?
by
mrpaul
/
February 12, 2016 7:24 PM PST
Avast is a highly rated free program far superior to Defender!
Collapse -
Avast is a highly rated free program far superior to Defende
Yeah, right up until the time they loaded it down with the "extras", like speedup my pc, crap & registry cleaners, not a good idea. I run it, but not the extras.
Collapse -
I have to agree.
by
Dafydd
Forum moderator
/
February 20, 2016 5:31 PM PST
I don't like the extras, going to change.
Dafydd.
Collapse -
Oh Really !
It's now 15 months later and I still have had no viruses or malware or trojans
My comp still starts up and stays blazing fast and Defender only pops up when I'm gonna go into some stupid site.
So tell us....
How is Avast superior in so many ways ?
Have you had any of the aforementioned problems ?
I think I'll just stay blissful in my ignorance and stay with Defender
Collapse -
You've been spoiled.
by
R. Proffitt
Forum moderator
/
April 15, 2017 3:42 PM PDT
By not going to bad places and probably a beefed up browser security you have benefited from avoiding these security suites that seem to bog down our machines.
Some folk need for security and they pay for it. I'll leave who pays for Trump's security to another discussion.
Collapse -
Maybe true
Maybe you just taught me that well .
For now though, until I have some problem and proof that other AV's are really better and being ignorant of Trump's security that hasn't seemed to have any effects on me so far I'm gonna stay firmly in place.
Collapse -
I just read
the April,2017 Tom’s Guide > http://www.tomsguide.com/us/best-antivirus,review-2588-5.html
on their list of Six Free Anti Viruses ,no. 5 is Avast free and no. 6 is Defender .
Avira is no.1 . I have always trusted Tom's , so if I did decide to switch, it would be Avira as it's highly customizable and offers a free VPN , etc.....
Collapse -
Trump's security?
by
Rumpled7
/
November 26, 2017 9:03 PM PST
I'm more worried about Hillary's "self" security through her own server, 33,000 emails that she destroyed, and the $145 million that Russia gave the Clinton foundation for 20% of our uranium. Just for starters on the next discussion... HA!
Collapse -
Experienced with Government and 50 Years of IT
by
Hforman
/
November 26, 2017 10:18 PM PST
There is no such thing as a "SECURE" email server. None. ZIP! It is NOT in any TCP/IP RFC anywhere. Email security must be on a point-to-point basis. If it needs to be secure (and the FBI didn't find any that were outside of the law), it has to be encrypted BEFORE it leaves the computer and can't be decrypted before it reaches the target computer. That is why almost NOBODY encrypts mail unless absolutely necessary. It's a ROYAL PIN in the you-know-what. But there are no "secure" servers and you can't even guarantee where your 1's and 0's go when they leave your computer. Try using TRACERT (target ip) on command line in Windows to see where your data goes...
Collapse -
Your worries
by
Bob__B
/
November 27, 2017 3:33 AM PST
If the justice dept thinks there was some wrong doing there they will investigate.
If they don't they won't.
Right now they are a little busy sneaking up on the moron in the white house.
Some members have been known to include a piece of red meat in their post just to see if someone will bite........you bit.
If you want to start a discussion about your worries you might be better off to post in the speak easy forum.
Collapse -
Windows Defender
I am retired from Microsoft and have my own computer company now and all I use is Defender. I use it in conjunction with Malwarebytes. When I set up a new system for someone I immediately take out what ever anti-virus program is in there and then activate Defender. Even if you go to questionable sites it will kick in but remember, some sites will get past the best of them. I have meetings once a month with notable companies, always Microsoft and most of the time Adobe and Google. Even the folks that built AVG don't use their own program I found out.
I hope this helps. By the way only a few anti-malware programs will work with Defender.
Collapse -
MS Malicious Software Removal Tool
by
dschraub
/
February 20, 2016 12:49 PM PST
What's the difference between Malwarebytes and the MS Malicious Software Removal tool? Is one better than the other? Or do they each perform different functions?
Collapse -
MS Malicious Software
Malwarebytes and the MS Malicious Software Removal Tool do almost the same thing. It will not hurt to use both, as one might catch something the other does not.
Collapse -
Yes! Malwarebytes is all you need...
I have 2 Intel NUC pc's running windows 10 professional on both of them. These computers were (fixed now ) occasionally freezing for about a minute or so and took me several months to figure it out. After trying driver updates etc.. to no avail I noticed hard drive activity was occurring during the freeze. I started to poke around the system and found the Intel Rapid Storage Technology program. In the program I found a performance tab with a setting to enable/disable "Link Power Management" option. I disabled that feature and it solved my problem! I did the same on the other NUC and it stopped freezing too. I recommend to check this out...
Per your question, I am running the exact same config for security as geomurray here is. Malwarebytes will cover 3 computers for $25 per year real time. It is wonderful as it does pattern checking and monitors the ways malware/trojans/viruses hook into your system and stops them dead cold and also stops bad webpages too. Malwarebytes has a free version but does not monitor real time for free, believe me it is well worth the $25 per year!