Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×

Microsoft Security Essentials sufficient?

jack2964

By jack2964
in IT and Computers

 Share

Recommended Posts

  • Replies 69
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Chicog Star Member

Chicog

Posted
Posted (edited)

Thanks Hawker, really appreciate your effort and time to make things clearer although I have to admit some of the terminology is lost on me.

I have done some googling and I am overwhelmed by the amount of info out there. I'll do as some have suggested here to use MSE and

Avast and pick a spyware/malware as well.

Multiple antivirus products are not recommended. They can actually reduce security.

Not recommended by whom?

Yes they can if they conflict, but there are plenty that can work together and add an extra layer of protection. I would never rely on MSE alone.

Edited by Chicog
Link to comment
Share on other sites
hawker9000 Platinum Member

hawker9000

Posted
Posted (edited)

There are two issues with using more than one antivirus product at the same time. One, they CAN conflict with each other, so you have to ensure going in that the ones you're planning to use don't and WILL play nicely together. In the past, running multiple antivirus at the same time was a no-no, because they'd trigger false positives in each other and conflict otherwise (e.g., one scanner interpreting the low-level monitoring activities of the other as malicious). This might be changing, but do your homework before installing two different antivirus products and if possible ensure that THOSE TWO products have in fact been tested together and found to perform satisfactorily simultaneously. Two, antivirus software, like any software (when it's in memory & running) consumes resources (CPU cycles, cache, memory, etc.). If you intend to have more than one product configured for real-time protection (i.e., running in the background monitoring the OS, program activity, use of memory, etc.), then more resources will be consumed, to essentially the exact same purpose. Depending on what else you're doing, and the actual capabilities of your particular PC, there could be a noticeable impact on performance. Some AV products are still considered resource hogs just running by themselves!

Even multiple antivirus instances running at the same time does not offer 100% assurance of detection. Some zero-day exploits might go undetected by the majority of AV products. You have to consider the tradeoff of actual increased security vs performance & possible conflicts. Each to his own, but I just keep MSE updated religiously and do full scans regularly, and don't bother trying to do the same with a 2nd AV. I do however run other security software (antispyware, etc.). I also make use of reputable online scanners if I get the least little sniff of any possible infection or even an attempt, and to get a second opinion if MSE tells me it's caught something & quarantined or eliminated it.

Edited by hawker9000
Link to comment
Share on other sites
NeverSure Star Member

NeverSure

Posted
Posted

The newer reports on MSE have not been that good and I changed to the free Bitdefender program several months ago and it has been operating very well and giving me notice of web sites not to open (which MSE never did) and these are Google search sites. Although I had used for about a month when first offered free did have comparability issues but that seems to be in the past and operating very well now. AVG is also recommend by many here.

+1. I have a router, then a hardware switch, then Windows Firewall turned on, then AVG. I've never had a problem.

The switch buries me one layer deeper by having it take the LAN IP assigned by the router, and then it assigning yet other IP's to all computers in the room. In other words, the switch creates a new subnet hidden even from the router much less the internet.

Link to comment
Share on other sites
hawker9000 Platinum Member

hawker9000

Posted
Posted

The newer reports on MSE have not been that good and I changed to the free Bitdefender program several months ago and it has been operating very well and giving me notice of web sites not to open (which MSE never did) and these are Google search sites. Although I had used for about a month when first offered free did have comparability issues but that seems to be in the past and operating very well now. AVG is also recommend by many here.

+1. I have a router, then a hardware switch, then Windows Firewall turned on, then AVG. I've never had a problem.

The switch buries me one layer deeper by having it take the LAN IP assigned by the router, and then it assigning yet other IP's to all computers in the room. In other words, the switch creates a new subnet hidden even from the router much less the internet.

Then it's a router (which is doing DHCP and network address translation - NAT)... (Which isn't to say it's not doing some good security-wise. But switches - the kind we're talking about for home-use anyway - distribute packets based on MAC, not IP, address.) It's the NAT that's actually "hiding" the inside IP addresses. 'Most all home routers do that out-of-the-box. It might be more correct to say that what you're using is a router, with a switch "pushed in" or collapsed into it, since multiple inside devices can be and probably have to be on the same subnet (which is to say are all connected to the single 'inside' or "LAN" interface of the router). What you're already referring to as a 'router', can probably do the same things, unless you're confusing it with your cable modem.

Link to comment
Share on other sites
NeverSure Star Member

NeverSure

Posted
Posted

The newer reports on MSE have not been that good and I changed to the free Bitdefender program several months ago and it has been operating very well and giving me notice of web sites not to open (which MSE never did) and these are Google search sites. Although I had used for about a month when first offered free did have comparability issues but that seems to be in the past and operating very well now. AVG is also recommend by many here.

+1. I have a router, then a hardware switch, then Windows Firewall turned on, then AVG. I've never had a problem.

The switch buries me one layer deeper by having it take the LAN IP assigned by the router, and then it assigning yet other IP's to all computers in the room. In other words, the switch creates a new subnet hidden even from the router much less the internet.

Then it's a router (which is doing DHCP and network address translation - NAT)... (Which isn't to say it's not doing some good security-wise. But switches - the kind we're talking about for home-use anyway - distribute packets based on MAC, not IP, address.) It's the NAT that's actually "hiding" the inside IP addresses. 'Most all home routers do that out-of-the-box. It might be more correct to say that what you're using is a router, with a switch "pushed in" or collapsed into it, since multiple inside devices can be and probably have to be on the same subnet (which is to say are all connected to the single 'inside' or "LAN" interface of the router). What you're already referring to as a 'router', can probably do the same things, unless you're confusing it with your cable modem.

Oh no. An ethernet switch assigns IP address to every node hooked to it. I has a dhcp server and does nat. Yes, some routers can be changed to switch mode to use as a bridge or switch, but that's not what I'm talking about.

From the wall out, I have a modem which assigns the router an internet routable IP address. Next after the modem is the router which receives that IP from the modem, but also assigned IP's to anything on the internal subnet using its dhcp and nat. Next out is a switch which gets its IP from the router. The switch also has a dhcp server and does nat translation. It assigns IP's to anything using it, and does the nat back to the router. The router sees the switch as just one node and the switch is a computer just as a router is.

Behind the switch are the other nodes which the router can't see. The router sees only the switch which it assigned an IP to. On send/receive, the switch remembers which node requested (nat), and returns the info to only that node, just as a router would.

Link to comment
Share on other sites
hawker9000 Platinum Member

hawker9000

Posted
Posted (edited)

The newer reports on MSE have not been that good and I changed to the free Bitdefender program several months ago and it has been operating very well and giving me notice of web sites not to open (which MSE never did) and these are Google search sites. Although I had used for about a month when first offered free did have comparability issues but that seems to be in the past and operating very well now. AVG is also recommend by many here.

+1. I have a router, then a hardware switch, then Windows Firewall turned on, then AVG. I've never had a problem.

The switch buries me one layer deeper by having it take the LAN IP assigned by the router, and then it assigning yet other IP's to all computers in the room. In other words, the switch creates a new subnet hidden even from the router much less the internet.

Then it's a router (which is doing DHCP and network address translation - NAT)... (Which isn't to say it's not doing some good security-wise. But switches - the kind we're talking about for home-use anyway - distribute packets based on MAC, not IP, address.) It's the NAT that's actually "hiding" the inside IP addresses. 'Most all home routers do that out-of-the-box. It might be more correct to say that what you're using is a router, with a switch "pushed in" or collapsed into it, since multiple inside devices can be and probably have to be on the same subnet (which is to say are all connected to the single 'inside' or "LAN" interface of the router). What you're already referring to as a 'router', can probably do the same things, unless you're confusing it with your cable modem.

Oh no. An ethernet switch assigns IP address to every node hooked to it. I has a dhcp server and does nat. Yes, some routers can be changed to switch mode to use as a bridge or switch, but that's not what I'm talking about.

From the wall out, I have a modem which assigns the router an internet routable IP address. Next after the modem is the router which receives that IP from the modem, but also assigned IP's to anything on the internal subnet using its dhcp and nat. Next out is a switch which gets its IP from the router. The switch also has a dhcp server and does nat translation. It assigns IP's to anything using it, and does the nat back to the router. The router sees the switch as just one node and the switch is a computer just as a router is.

Behind the switch are the other nodes which the router can't see. The router sees only the switch which it assigned an IP to. On send/receive, the switch remembers which node requested (nat), and returns the info to only that node, just as a router would.

Nope (and I know I'm OT; mea culpa), an Ethernet switch can "discover" but does not assign an IP address to every node hooked to it (well, I guess it could run DHCP, strictly as a convenience feature, but the switch would not then do its switching base on those IP addresses, as switches simply do not do that). "Ethernet" by definition is a Layer2 (DataLink Layer) protocol, and switches packets (the protocol data units are referred to as "frames" actually) based on Ethernet (aka MAC, aka physical, address). The Ethernet header encapsulates the IP header in each frame; an Ethernet switch is unaware of IP data (unless it's doing Layer3 switching - which is another topic). The Ethernet switch may itself HAVE an IP address, but that's for management of the switch, not for actually switching network traffic. It doesn't even assign the Ethernet addresses, as those are built into the network interface cards (NICs) of the attached devices. (Well, on some advanced switches, and some NICs, MAC addresses actually CAN be changed...) Based on your description, what you have are simply two routers in series, an outer router and in inner router, and from your description, double-NAT. You're correct the outer router is unaware of your actual local topography. But using that outer router alone, since it's doing NAT, no one upstream of it (i.e., your ISP) is theoretically aware of that topography either. NAT actually changes the source IP within the IP header of each packet. You're "concealing" (your network), and then concealing it again.

Each time you connect with, say, your browser, to some website, the TCP/IP stack in your OS writes your PC's own IP address to the IP header of the outgoing request packet and routes the packet to your inner router in accordance with a routing table. You can view this routing table with the' route print' command. The inner router changes that source IP written by your PC in the packet header to the IP of its own outside interface, and then routes that packet to the outer router based on ITS table. And once again, if you can get to a console on this device you can view that routing table. This inner router just couldn't do any of that if it were a switch. In fact, an actual switch would be transparent to the routing tables on both your PCs and the outer router. The outside router changes the source IP address again to ITS outside interface, and routes the packet on based on ITS routing table. Switches do not NAT; it's a Layer3/IP Layer/routing function. Switches have MAC tables which correlate MAC address to switchports with devices connected to them: they do not have routing tables and cannot route. If they cannot route, they cannot NAT.

Again, what I think you have (and these are common - I'm using one myself) is a router with a switch (probably a 3 or 4-port switch) integrated into it. Having the extra routing layer, you ARE a bit more secure, but you're paying a small price in latency for that extra routing layer. (A plain vanilla switch, incidentally, wouldn't be offering much if any extra security, not on a small home LAN anyway. It certainly doesn't do anything to prevent the mapping of a network.)

We're dealing in basic definitions here. A router routes based on IP address and routing tables (which correlate IP and MAC addresses). A switch switches based on MAC or physical address and MAC tables (which correlate MAC addresses and switchport numbers or ids, Ethernet being one example but not the only option; there are others). Routers and switches CAN be combined into one physical "box".

Edited by hawker9000
  • Like 1
Link to comment
Share on other sites
JakeBKK Silver Member

JakeBKK

Posted
Posted (edited)

Funnily enough this month's Web User magazine do a Group Test of Anti-virus software.

And guess which came last?

MSE.

'Nuff said.

Isn't it ironic? people will use security software from a company which even can't build a secure os ! i won't even start with timely fixes,patches and whatsoeverbiggrin.png Use a Microsoft OS before SP 1 is like buying one for the titanic and you know by now how that story did do end. I've seen various win 8 computers with all kinds of anti-virus solutions, all of them infected with spy-,ad- and foobar. To clean the you have to run shell-scrips, but in my experience half of all windows users cant even open one.wink.png

Edited by JakeBKK
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formally ThaiVisa) is Thailand's oldest and most popular expat and foriegner forum. Sign up today and have your say!

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...