What should clients use if they want the absolute best protection against viruses?

A

Arcadio

New Member
Reaction score
1
I've got a few clients who are very vulnerable to infection by viruses, malware, etc. I've already talked to them about their online practices, but it seems that they don't want to change: they still visit risky websites.

I appreciate the extra income, but I'd rather do something drastic so that the risk of viruses and malware is lowered to the minimum.

Which browser should the customers use? What settings should be modified in order to prevent viruses and malware without disabling other commonly used plug-ins such as Java and Flash?

I always recommend Firefox, without any special modifications, but they still get malware infections.


Thanks in advance.
 
Paid anti-virus for starters. Firefox with noscript and adblock.

Someone talked about a plugin a few months back that let them lock out certain sites, don't recall the name, maybe someone else knows what I'm talking about there.
 
Another suggestion would be to lock down the computer. Do not make the user have administrator rights. Make them standard users.. Prevent the browser from downloading files off the internet. I have had to do that to a few people because they kept getting infected with virus's.

Again nothing is 100% secure, but at least it helps the computer from being hit over and over again.
 
I'd recommend ESET or Kaspersky (you can find kaspersky cheap on some online retailers, these two should block websites that have infections on them). You should ensure they have the latest windows updates to reduce exploits, and ensure upto date software - particularly PDF readers and Flash. Avoid Internet Explorer, use Firefox with Adblock+. Run their accounts as limited with UAC on. The usual speil about not opening emails/attachments from people you don't know. Ensure windows' firewall is on. Disable cd/usb autorun. Tell them to only add people they know on facebook and not to click ads or those little apps. This won't really stop viruses but ensure the router has a firewall enabled, is encrypted if wireless, and has a strong admin password.

Else,
switch them to linux
 
Last edited:
If you want to do yourself out of business entirely then get them to use a sandbox like Sandboxie or a HIPS/Sandbox like Defensewall. They are extremely unlikely indeed to get infected using those. However they present other challenges to users.
 
First off, take MobileTechie's words to heart. If we lock everybody down completely, we might never hear from them again. Viruses are my bread and butter; the other fixes bring the gravy.

* Dell's got a "KACE" Mozilla-based browser (x32) that's supposed to be sandboxed, etc. I'm x64 so haven't tested it but, if it supports addons, throw on Adblock and NoScript.
* Decide on a DNS server that'll limit sites
* MVPS Hosts with regular updates
* MalwareBytes paid version with site blocking enabled
* Kaspersky AV
* Lock down the router
 
To ensure hey don't get viruses; I'd say set them up on a Linux box and lock down the account.

If Linux isn't an option; Kaspersky set up with the browser and online apps sandboxed, Windows Updates, Limited user account, OpenDNS, Firefox or Chrome, Web of Trust Plugin, and if the system has enough horsepower, maybe add Threatfire in there, too.
 
With the best protection in the world if they going to go and get things you will never stop them. The best anti-virus is education but if people wont change they habits then keep taking they money.
 
They should use common sense, but it appears you already tried that approach with them and they refused. In that case there isn't much you can do except keep taking their money for malware removal.

It doesn't matter what countermeasures you take, if they're unwilling to change their behavior it will ultimately be ineffective. Imagine you work for an alarm company and one of your customers keeps getting robbed because they invite burglars in their home. No amount of motion alarms, bars on windows, door locks, security guards, etc that you add will stop the resident from inviting them inside.
 
I would say confiscate there power cord. Then there is no way of getting viruses.

On a more serious note, prevention is the best protection. Education, and some common sense could help them out to. "No, I wouldn't advise clicking on the 'You have won $1,000,000' link at the top of the page".
 
All this education comes to nought if they visit a site with a zero day exploit. People can get infected without being stupid.

Sandboxes and virtualisation can make it impossible to get infected from drive by attacks.
 
I offer them Kaspersky, and provide a PDF with the sort of stuff described in this thread. Suggestions around de-escalation of account to USER, and using FF with Adblock Plus and WOT + Siteadvisor, + other bits and bobs that will make the machine MUCH more secure - if implemented.

The thing about this is when they get re-infected and come back to me saying "Hey I bought that antivirus product from you and I still got infected - what are you going to do about it?" I can simply point them to the fact that the information was there and they chose not to act on it. Those who do - dont tend to come back with re-infection, and thats great. Im satisfied I have done my job well.

I find this thread interesting though - it seems we really are a bit hamstrung between (a) providing the best products and system config, and (b) what the customer does once they get them. Somewhere in between is education - and I have had many machines back with the pdf I provide still on the desktop - presumably unread.

You can lead a horse to water, but the fact you cant make it drink, is actually a very good thing for us :)
 
Last edited:
I still think the best protection is a condom between the network cable and Ethernet port... nothing gets through! :rolleyes:
 
dk99 said:
I run all of my client's through OpenDNS it filters tons of bad sites. I used to use mvps hosts but that got to be a pain so now I use opendns and it works great....

http://www.opendns.com/
Click to expand...

I don't run any AV on my systems, i just use Opendns. As long as you configure your router and not the nic.
 
OpenDNS is not really an effective AV measure. Even they don't claim it is. It lets through loads of infected sites. I've tested it. If you want an AV DNS then the free Norton one is much better for that.

But even that is only slight protection since the DNS servers don't know of sites until they are reported, by which time they've infected people. The most famous UK case was the Autotrader website which is very popular and totally legit.
 
212eta said:
Instead on relying on doubtful Anti-Malware Scanners...;)
Sandboxie and Returnil. (Both offer Free versions).
Rock-Solid Protection for Free!
I know users who have been Malware-Free for years!:cool:
Click to expand...

Totally. It's hard to perceive how someone using these is going to get infected from the web unless they try very hard indeed.
 
mmm I don't know... I was able to affect some changes with just a simple hex editor and a few lines of code on a personal system. It's probably just a matter of time before some evil doers create something to affect these things.
 
PcTek9 said:
mmm I don't know... I was able to affect some changes with just a simple hex editor and a few lines of code on a personal system. It's probably just a matter of time before some evil doers create something to affect these things.
Click to expand...

Effect some changes to what doing what exactly?

Are you saying you created a app on a website that would get out of Sandboxie and infect Windows?
 
You must log in or register to reply here.

Similar threads

bertie40
"Handbags at 12 paces" between me and ........ Mel.
Replies
3
Views
2K
gadgetfixup
gadgetfixup
FoolishTech
All techs with d7II will receive d7x update...
Replies
3
Views
3K
FoolishTech
FoolishTech
Kitten Kong
  • Sticky
Questions and Answers relating to Microsoft Licencing Guidelines.
Replies
3
Views
12K
Rosco
Rosco
Kitten Kong
Hirens 13 - Now released
2
Replies
31
Views
17K
eloria
E
Back
Top