Scott Hanselman

Anti-Things you must install on your fresh Windows box

September 23, 2003 Comment on this post [0] Posted in Tools | Web Services
Sponsored By

There's nothing quite like the smell of a fresh Windows box.  After that first reboot, seeing that clean, smooth desktop brings a tear to my one good eye.  Everything is possible with a fresh Windows box.  Everything runs faster with a fresh Windows box.

Then I plug into the network and I'm immediately attacked by Popup Ads, Gator (evil), DoS attacks, Messenger Service Popups, HTTP requests for /system32/cmd.exe and clever neighbors trying to print to my printer. 

How should we protect our fresh Windows boxes, these new fawns, just before we hurl them into the abyss?

Well, here's the first things I put on ANY Windows box.  This is the "don't leave home without 'em" list.  This is the "You're not seriously going out without your _______" list. 

"Anti"-Things you must install on your fresh Windows box in the 21st century

  1. Firewall
    At a minimum, enable the Windows XP built in firewall.  This will protect you from MSBlast (which I removed off half a dozen relative's computers).  Other folks use Tiny Personal Firewall, and others, but if you're serious (and you love your family) just buy ZoneAlarm Pro.
  2. Anti-Virus
    In the old days, (last year) you could be clever and avoid viruses.  Don't open anything, don't talk to anyone.  But now, with attachments being sent to my Mom with names like babypics.jpg.exe, I just can't trust her to be THAT clever.  Heck, I don't know if I am that clever.  I use either Panda, ETrust, or Norton...but my preference is Norton.
  3. Anti-Spyware
    The #1 least understood problem on PCs today, IMHO, is spyware/malware/scumware.  A friend of mine visited recently from Malaysia and brought his laptop.  He's a technical guy, and a developer, but he was complaining of weird popups and odd behavior in his browser during development.  We ran Ad-Aware and counted up 357 different components of spyware.  He had at least 20 different evil (but not viruses!) bits on his box, including CometCursor, Gator, SafeCast, Hotbar, and a particuarly evil bit of spyware that actually chained and appeared in the TCP/IP Properties and literally sniffed traffic at the protocol level.  I install Ad-Aware and run it on Startup.
  4. Anti-Spam
    Everyone has their favorite, but I recommend SpamNet, it's like Napster for getting rid of Spam.  When you block a spam message with SpamNet you are "voting" for that message as Spam.  The more people vote, the more accurate SpamNet gets.  It's at least 99% with VERY few false positives, since actual humans are involved.  On the server-side for a Spam solution, I'm going to check out SPAMSoap.  I'll just change the MX record on my mail server, and mail will route through SPAMSoap first, then to me.  It appears to be a nice, cheap way for me to protect all my users.

If you're not running these particular tools, make sure you are at least running something to address these issues.  And seriously, run Ad-Aware if you haven't.  You'll be surprised.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Hosting By
Hosted in an Azure App Service

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.