CDRLabs.com

hi guys.

i'm helping out my father-in-law with a computer he's getting for a small business he's starting. it's going to be for the business so i/he/we prefer that it doesn't have any KaZaA/wares software on it.
budget is very tight at the moment...

i need advice about free firewall and anti-virus software.

any suggestions/recommendations/user experiences are welcome.

currently on my mind:

Grisoft's AVG Anti-Virus, Free edition.
http://www.grisoft.com/us/us_dwnl_free.php

Zone Labs ZoneAlarm firewall (free)
http://www.zonelabs.com/store/content/home.jsp

a few questions:
1. are they any good?
2. are these free versions for free use also in a (small) business (not just personal non-commercial use)? couldn't find any info on that on the websites.

also:
the computer comes with a free anti-virus software: PC-Cillin (as a matter of fact so did my computer 2 years ago - came with the mobo). never heard of it. is it any good? how does it compare with Grisoft's AVG?

i'll appreciate any comments, or recommendations for other programs.

I recommend both AVG for anti-virus software and Kerio Personal Firewall and ZoneAlarm for firewall software. All come in free versions for home use, and all good products as well.

AVG runs a continous on-access scanner so that whenever a file is opened, downloaded or copied it is checked for viruses. Or you can run an on-demand scan to check for viruses whenever you want. You can also schedule a complete system scan to be run once a day. Finally, you can schedule it automatically check for new virus database updates once a day as well. I don't know how it compares with PC-Cillin since I've never tried that product. Of course, if it is already loaded on the computer and working, that gives it one leg up!

I think the biggest downside to AVG is that the database updates are not incremental. Each time it needs an update, it has to download the whole ~1.5 MByte file. This is no problem if you have a high-speed Internet connection, but if you have a slow 56K modem the incremental updates of Norton and McAfee are a nicer.

Kerio Personal Firewall is an excellent product. It is very configurable so in the right hands it can really be great. However, all that configuration can make it kind of bewildering to an inexperienced user. Because of that, I generally recommend Kerio for experienced users and ZoneAlarm for inexperienced users.

If I recall the license agreements I clicked through when installing these products (I actually do skim through them), although all of these have free versions for home use, none are free for business use, even if it is just a small business.

Whatever software you choose, be sure to test your installation. Here are some resources.

Anti-Virus:

http://www.eicar.org/anti_virus_test_file.htm


Firewall:

www.grc.com (Look for "Shields Up!". It should be here)

http://www.dslreports.com/secureme

http://www.pcflank.com/about.htm


cfitz

cfitz wrote:Kerio Personal Firewall is an excellent product. It is very configurable so in the right hands it can really be great. However, all that configuration can make it kind of bewildering to an inexperienced user. Because of that, I generally recommend Kerio for experienced users and ZoneAlarm for inexperienced users.

i understand.
but configurability/flexibility/complexity issues aside, which is a better better firewall in your opinion: Kerio Personal Firewall or ZoneAlarm?

I refuse to give you a simple answer! (That's the nature of life).

They both do the required job of shielding your system from incoming and outgoing connections. So neither is any better or worse in terms of that basic functionality.

Having more configuration options allows finer control, and thus allows you to permit exactly what you want without permitting more. On the one hand, that makes Kerio better. There is no need to expose port/protocols/applications you don't need in order to make those you do need work. On the other hand, the additional configuration choices and associated complexity may lead to making mistakes in configuring the firewall, leaving your computer less protected. From this point of view ZoneAlarm would be better. So, which is better overall? It depends on the user and his or her skills.

Kerio also has more tools for monitoring what is going on with active connection, which is a nice bonus if you like, but not something the average user needs. On the other hand, ZoneAlarm, particularly the versions you pay for, offers extras such as pop-up blocking, email checking, etc.

By the way, my comments are based mostly on the free version of ZoneAlarm. I don't have personal experience with the paid versions, and am not intimately familiar with them.

cfitz

I tested AVG Antivirus 6 last week but experienced some problems with it, so I changed back to Norton Antivirus 2003.

The problems was that the update feature didn't work from time to time, with the result that I couldn't download the update for the sobig.f-virus a couple of days ago. So the e-mail scanner didn't catch the virus mail I received in my inbox. A strange thing is that when I finally downloaded and installed the update manually the sobig.f virus mail still get through the email scanner except for half an hour or so, when it caught 40-50 virus mail. But after that the mail kept getting through the scan. I'm pretty sure the (few) AVG email scan settings where ok. Anyway, when I installed NAV2003 it caught and deleted the virus mail the minute after the installation.

That's my experience with AVG, but I have talked to a lot of people who praise the program, so maybe I just had a bad luck with it.

I do agree that the email scanning portion of AVG has a somewhat clunky interface, and that is probably the weakest point of the program. But I haven't had any trouble with it catching viruses sent by email to me. The biggest gripe I have with it is that it seems to scan the Inbox every time I switch to it, not just when I receive new mail. Normally this wouldn't be a problem, but on my old, slow Windows98 box I have a really huge inbox, so it pauses for several seconds to scan every time I switch to the inbox.

cfitz

which version of AVG did you use?
was it the AVG 6 free version?

If you mean me, dodecahedron, then yes. The latest AVG Antivirus 6 Free Edition. I didn't noticed that the AVG e-mail scan scanned the Inbox on my computer. Actually I didn't notice it working at all. Therefore I wasn't surprised when the sobig.f virus mail was dripping into my Inbox one after one. It's a shame that AVG didn't work for me. It would have been nice to use a antivirus program which is freeware. If I have understand it right there aren't many good freeware AV program, so I think I'll be stucked with NAV2003 a while longer.

I've been using AVG Anti-Virus free edition for two years now, it have been very good. Updating works well and it's free. ZoneAlarm isn't very resource friendy, Kerio Personal Firewall is very good and free software firewall.

I like Zone Alarm for my firewall. (Pro or Plus) Never used the free version before, now that I have a router though, I have no use for a firewall, as the router has one built in. As for Anti-Virus, I prefer NAV, because I've used it a long time, and I like it. However, that isn't free.

Software firewalls can still be useful even if you have a hardware firewall.

First, some combined router/switch/broadband access products don't provide full firewall support. This probably isn't such an issue these days, but when they first came out some were not providing full protection. They would block some ports but not all.

Second, the inexpensive consumer level hardware products often do not provide extensive configurability. You many find that in order to open up a port or protocol that you need, you also have to open up others you don't.

Third, many do not block outbound connections. Thus, if you are infected with a trojan or virus that connects out to the Internet to broadcast your personal data, you won't be protected.

Finally, even if your hardware firewall does selectively block outbound connections, you probably won't have an easy time detecting such a rogue outbound connection and the program that originated it. I have detected hidden adware when my software firewall popped up a dialog asking if I wanted to allow application X to access the Internet. "What? Certainly not! Why in the world would that application need to access the Internet?"

I'm not dismissing hardware firewall products. I am, however, saying that current software based firewalls provide a lot of functionality missing from a typical SOHO/consumer broadband firewall/access point.

The best solution is probably defense in depth: hardware firewall and software firewall and anti-virus software and browser proxy software and adware scanning software and spyware scanning software, etc.

cfitz