The Big Dawgs

	Anti-virus and Computer Security by The F@t Guy

The Big Dawgs - TFG on Anti-virus, Anti-Spyware, and Anti-Trojan Utilities

If you'll remember my introduction, You might recall my speaking of a big dog and a gun to protect my home- That is the purpose of this article. Naw! I am not asking you to get a gun and a dog (though I do recommend it), I am just trying to draw a comparision between those items and the various programs you might install into your computer as the same sort of protection.

I know you will probably be disappointed, as I usually start these things by regaling you with a bit of back-woods wit, or a story from my misspent yoot- Here, I am afraid, I will just soldier forth into the meat of the thing.

Back in the day (oh, no! Here he goes anyway!) when viruses first came out, it was really pretty simple. All the anti-virus programs were willing to tackle any malware (though some better than others). One could settle in with your favorite program and be fairly confident it was protecting you completely.

Somehow, somewhere along the way, that changed. Anti-virus companies kinda stayed with "viruses" (those malware which infect legitimate files or programs, while leaving trojans (those malware which are actually stand-alone files, not infecting others) to be handled by another security group... Namely, the trojan hunters.

Then came a whole new raft of malware called "ad-ware". While these are basically trojans, or exploit-like viruses, yet another specialized group of security companies handle ad-ware. Curiously, they are called anti-spyware or anti-adware companies.

Are you confused yet?

I don't blame you.

Then the whole lot of them got together, and came up with something called "multi-level" protection, which basically encourages folks to buy all of their products and shove them all on their machines - That way, everybody's happy! And by the time they got done buying each other out, they came up with a new paradigm - The "Security Suite", which got back to the original idea; that of a single vendor handling it all - But with a whole lot more bloat, an irritating "lockdown" mentality, and gigantic, confusing interfaces... Not the improvement one would hope for.

Needless to say, I am not in favor of all this nonsense. Just like any other computer software, a security software must necessarily conform to the basic rules of software use:

It must be useful in it's purpose

It must be understood by it's end user

It must be as light on system resources as is possible.

So why don't we just cut to the chase:

In the first place, a good anti-virus program is absolutely necessary if you plan to run a Windows operating system.
The prevalence of the system, and it's poor construction make it so. If one were to use Linux or Mac for an operating system, the risk is minute, and anti-virus is an afterthought, primarily for one's responsibility to keep infected e-mail from infecting others - There is no real risk to one's own system at all. But for Windows, the need is great, so figure on it.

A good antivirus program should be running in the background at all times.

It should be up-to-date (within hours), and it should be excellent, not only at detecting all three strains of infection, but also at detecting them promptly - in other words, that it's updates and detection rates are very effective.

It's background scanner (sometimes referred to as a "real-time" scanner) should be quite sufficient.

and it's manual scanner (sometimes referred to as an "on-demand" scanner) must be absolutely bulletproof.

Your anti-virus program is your main, and most important defense. It is "the alpha" big dog. It should be able to hear and see far beyond human capabilities, and it should bark loudly if it detects an intruder. It should also be as unobtrusive and lightweight as possible when not needfully barking (low profile, low resources on the machine). This is the one you must count on.

But even a good dog isn't going be effective every time.

Maybe the intruder gets by the dog - shoots it dead. This is a very real comparison, as viruses (virii?) often are able to disable their anti-virus counterparts. What then?

Well, that's why you have a gun or two... and maybe another dog, too. Security is all about the options you have on hand, more than about prevention. This is the essence of "multi-level" or "layered" security theory, and to the point of it's primary principles, I endorse it. But that doesn't mean I would stuff my pooter full of these options, and have them all running all the time... Sure, it would be nearly impregnable, but it would also be nearly unusable, with the security angle taking 75% of your computer's power just to run itself.

Don't laugh. It happens. after infections, the most likely reason for a slow running computer complaint would be too much stuff running in the backgound - And that includes security-ware.

So the main thing you should be looking for in the way of secondary systems (after effectiveness, of course), is their ability to be wholly turned off - So they can be run manually (only).

This is what I expect of secondary anti-virus, anti-spyware, and trojan hunters. To lie there quietly in the drawer, or top shelf in the closet, until I need them. Then they must be deadly in their ability. Of course, one must keep them cleaned and oiled (updated and maintained), and go out shooting cans now and then (run them manually at regular intervals)... But so long as that big ol' dog is around, they probably won't be doing much.

Still, it's a good thing - Having those "options" ready to hand has saved me countless times.

::TFG