peterd

As far as I know, firewalls have never been able to directly block a worm/virus from entering a network/system. They can block the proliferation of certain worms by blocking ports that are exploited but that's it.

peterd

But it's true unless... And most importantly do NOT use the Administrator account or an account with Administrator privileges unless needed.

peterd

Agreed - I recommend using one to everyone I know, otherwise I'm the one re-installing their OS. I just don't use one personally. I think the root cause for my aversion to AV software is the bad experiences with them from the Windows 3.x/95/98 days.

canuckster

Every two months or so I run, in the following order:
1) a full TrendMicro scan;
2) AdAware
3) Spybot
4) HijackThis

Again -- all that's ever flagged are tracking cookies and a few worms in my cache. Nothing that dials out, no suspicious processes (if I'm ever in doubt, Process Exporer + HijackThis + some googling will go a long way, and it only takes a moment).

I don't run IIS. I'm not networked. Whenever I update Windows, for example, it's very, very rare that one of their security updates actually applies to something I use.

Maybe I am riding around without a helmet, but to extend that analogy to match my impression of I'm handling things: I'm on the open road with little traffic and great visibility; when a big truck comes by, or an erratic driver, I pull off to let them pass; oil slicks and bumps are easy to spot and avoid; and all the helmets on the market are cumbersome and restrict my vision. If I drove on a winding road or at night, I'd probably don that helmet, but not right now.

And one more note about how 'lucky' I've been -- I'm a web developer who's on the computer probably 8 hours out of every single day, weekends too. So after 4 years of no problems, I'd either have to be lucky in the extreme (ie lottery-winning territory) or perhaps my routines really aren't as dangerous as those of others.

Anyway, I didn't mean to post this thread so that I could attack people for using AV software, or look like a foolish rogue for choosing not to use it -- I merely wanted to share my experience and see what others had to say about it, and learn if anyone else had made a similar choice.

percepts

Canadians do it without protection

__________________
An old dog learning new tricks

desquinn

An example of one of those unknown vulnerabilities that has been around for a while

http://news.bbc.co.uk/1/hi/technology/6509865.stm

heuristics on AV software "could" help with this.......

canuckster

That's an interesting point, desquinn. No doubt the heuristics are better now, but they were absolutely abysmal when I 'left'. It's possible if I used IE and I were visiting sites I should be wary of that this would have infected me.

(I can't remember having visited a site with an animated cursor in years, so just for fun I started up IE and googled for a how-to on animated cursors in order to find a site that would have one -- and be likely to be safe. Sure enough, the cursor appeared, so had it been a malicious site I would have become infected.)

Of course Firefox will suffer these things occasionally too, and who knows what I might click on from a search result -- but the damage is still mild (and correctable). And I'm apprised of the latest threats via a daily security newsletter (hasn't come out yet today, so I don't know if this threat is in it yet), so I'm still preferring to keep that helmet off for now ... but thanks for bringing this up.