Hehe your question has opening a whole can or worms, a lot of this stuff is personal opinion
But I'll offer you some advice anyways.
The thing is that every situation is different. If you are dealing with a large corporate set up, then a hardware firewall is usually prefered. This
means no interaction from the normal day to day users, they are protected from a central point and don't need to worry about it. This should be
combined with an email filter and a web filter, that will block users from downloading malicious files such as all executables, vbs etc etc. Combined
with strong group policy options setting browsing options, regular roll outs of security patches and a virus program that can be deployed throughout
the system this type of setup is usually the way companies go, as it relies on the system admin to configure and not the users.
Home computing security software is completely down to the user, and there are many different routes you can take. Zone Alarm is a great firewall, no
doubt about it, and this is what I would recommend to basic/average home users. As for a virus scanner, probably bit defender. It has a great record
of detecting viruses, but both of these programs have a huge advantage : They are user friendly
You really need to weigh up usability against
security. You don't want to install so much security features on a user's computer that they can't do anything on it.
Apart from the two products mentioned, its a good idea to disable all unnecessary services from running (run->services.msc). Windows comes with heaps
of services listening by default, and not only is it good practice to disable all the crap, but it makes your machine run a lot faster too. The
notebook im using at the minute only has one service listening (epmap) which I don't believe you can disable. Of course you will need to enable more
services for more functions like Wireless etc, but it is a good idea to start at the bare bones with nothing enabled and work your way up, enabling
critical services as required.
Spyware is another issue to look at. For the average home user, a firewall and virus scanner is confusing enough, but now there are multitudes of
spyware scanners out there too. I take the view that spyware really shouldnt get there in the first place. Using firefox is the first step forward,
but people think that if they use firefox they wont get spyware. Not true. You must still take certain precautions, but again, you need to weigh up
getting spyware by the bucketload every day/week, you have a problem and cleaning it each day is only getting rid of the symptom, not the cause.
There is no need for spyware to be there, period.
Finally, I'll offer my setup for the "advanced" user (my current setting). Right now my firewall is Outpost Pro. Its like Zone Alarm in many
ways, but IMO is aimed at more advanced use and is a bit more tricky to master than Zone Alarm, but much more rewarding. It has content filtering
options and I have these set up to block almost everything from web sites that I havent specifically added myself. This, combined with hardening
Firefox myself, has eliminated the need for any spyware programs (though I still schedule a scan each night with a-squared and adaware just in case).
I also find that outpost leaves much less of a footprint when running (i.e. its not as high-load as zone alarm).
My virus scanner is NOD32, which is the only virus scanner to have 100% on the VB100% awards (means it catches a LOT of viruses
), and again, this
has a very low footprint but is a little more tricky to set up, which is why I wouldn't deploy it on a normal users machine. Finally I run a program
called Process Guard, which stops things such as global hooks (for keyloggers), and asks me whether or not I want each specific program to run. I
like the control this program offers, although I find myself turning it off for installs. Prevx is a fantastic piece of software too and if I was
being totally anal I would install this as well. However, I just find prevx too chatty sometimes, and it probably overkill combined with process
guard, since I know what I am doing and usually what is going on in my computer.
Aside from this, I regulary use process explorer, tcpview and rootkitrevealer (all freeware) just for piece of mind to make sure everything is running
as I like it. You mentioned Reg Mechanic before, I actually quite like this program to tidy up my registry, but its the only proggy Ive used like
this so I cant really offer an opinion on the others. But imo its pretty good
Anyway, hope this rambling has helped you
[edit on 17/6/05 by slick]