Solved

Do I need virus and firewall protection?

Posted on 2004-04-05
17
446 Views
Last Modified: 2013-12-04
Customer has a 5-station XP peer network, with a DSL router attached to the hub as well.  Only two of the stations ever access the internet.  They don't want to spend unecessary money, so here are the questions:

1) Do they really NEED norton antivirus on EACH computer, or can they get by with it on just those two that ever access the internet?

2) Same thing with norton firewall--do the NEED it on EACH computer?

I know it would be BEST to have it on all, but is it actually a risk by not having it on the stations that never open IE and never go on the internet in any way, and never get e-mail, etc?  They are just basic workstations that happen to have access to the internet only because all the stations and the router are on the same hub, but they never access the internet.

If it's NOT OK to just protect the two that access the internet, please help me understand WHY so I can explain to them why they need to protect them all...thanks

0
Comment
Question by:sasllc
  • 8
  • 5
  • 2
  • +2
17 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 150 total points
ID: 10760571
YES, modern viri go out of their way to infect neibouring PC's on their victims network. some even set up server applications just to find close computers to infect :)
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 150 total points
ID: 10760793
Typically you need AV on each, and you'd have all PC's go through 1 firewall.

[Internet --> FW --> Users] or  [Internet --> FW --> Router/switch/hub --> users]

To save money though, you should try a program like ZoneAlarm. They have a Free version that will do what I am about to detail:
ZA not only block's attempts to access your macnines, but it also blocks access to processes, until the user has told ZA that is ok to allow, or it should deny the process. So if your PC was the 1st to get hit by a virus, and that virus wanted to infect others and spread... it would start a new process, and ZA would prompt you asking if you would like "viri.exe" to access the internet, or act as a server etc... you would say no, and place a check mark in the "remember this response" box.

Now... ZA will deny the virus access, BUT it will not clean it off your system. You need AV to do that, or use the tools from the big 2 (mcAfee and Norton) to get rid of them. Each time a new virus comes out, Norton and McAfee typically put out stand-alone programs that will remove and find one or two different virus'. These tools are free.

http://securityresponse.symantec.com/avcenter/tools.list.html
http://vil.nai.com/vil/stinger/

However, the real price advantage is in TCO- total cost of ownership. PutMcafee on each machine, even ones that do not access the internet, and a single FW at the preimeter of the network, this will keep administration cost and task's lower.
But.... If this is your network: Internet -->HUB/Switch --> users
Then yes, they all need AV and they All need FW, not necessarily Norton's... As it may not have the process locking features. Again, ZA is free, and a great FW. As stated above, since they are all able to see one another, since they are on a hub, they will infect even the macines that don't access the internet. Your less likely to get infected from those... but they are able to be infected nonetheless.
GL!
-rich
0
 
LVL 3

Author Comment

by:sasllc
ID: 10760845
Very helpful, but I'm not clear on how to use just one instance of firewall 'on the perimeter', because in this case, they have 5 XP computers hooked together peer-to-peer through a hub, and the DSL router is hooked to the hub as well.  So, if I were to put one copy of ZA (or other firewall) on the network, WHERE would it need to go?  Which computer?
0
 
LVL 12

Assisted Solution

by:trywaredk
trywaredk earned 150 total points
ID: 10760965
I agree with PETELONG and RICHRUMBLE - You definitely need a good protection on all the computers, and you don't have to spend much money on it.

Today you have to face, that one computer infected vith virus or spyware or trojans or backdoors, will indeed infect all other computes on the same hub. No doubt about it.

Remember the NIMDA virus ?
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_NIMDA.E
***quote***
PE_NIMDA.E is a fast-spreading Internet worm and file infector that arrives via email, as an attachment called SAMPLE.EXE. It employs several infection mechanisms and exploits several known vulnerabilities. Similar to the original variant, PE_NIMDA.A, it has four modes of propagation: through email, through network shared drives, through unpatched IIS servers, and through file infection.
***end of quote

You should immidiately install both antivirus and antispywareprograms (they does'nt allways do the same), and you should also install a firewall. And you should also get all the latest hotfixes from microsoft

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10760967
Use this free online Trend Housecall scanner to find and clean every known virus/rootkits/backdoors:
http://housecall.trendmicro.com/housecall/start_corp.asp

Some viruses can't be removed by housecall. If so, use the free Trend Micro system cleaner:
http://www.trendmicro.com/download/tsc.asp

If you get's an ActiveX error, when loading the HouseCall web page:
http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=4317

If you want to secure your one workstation in the future, consider to purchase PC-cillin with builtin firewall:
http://www.trendmicro.com/en/products/desktop/pc-cillin/evaluate/overview.htm
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10760972
Getting a personal Firewall
http://www.zensecurity.co.uk/default.asp?URL=personal

Download the free version of Sygate personal firewall
http://smb.sygate.com/support/documents/spf/default.htm
http://smb.sygate.com/download/download.php?pid=spf

Download the free version of ZoneAlarm firewall
http://www.zonelabs.com/store/content/company/zap_za_grid.jsp?lid=ho_za

Comparative reviews of personal firewall software:
http://www.firewallguide.com/software.htm

Firewall Product Selector - Choose yourself which one to compare
http://www.spirit.com/cgi-new/report.pl?dbase=fw&function=view
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10760976
No no no no stop the spam...
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10760980
too late... more to follow... gahhh
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 12

Expert Comment

by:trywaredk
ID: 10760983
Spybot:
http://security.kolla.de/index.php

Ad-aware Standard Edition is THE award winning, free*, multicomponent adware detection and removal utility:
http://www.lavasoft.de/software/adaware/

SpyFerret detects & removes spyware
http://www.onlinepcfix.com/spyware/spyware.htm

Bazooka Adware and Spyware Scanner v1.13.01
http://www.kephyr.com/spywarescanner/

Automatic check of your browser for parasites, adware and spyware
http://www.doxdesk.com/parasite/
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10760988
Sygate free scanning your security: quick, stealth, trojan, tcp, udp, icmp
http://scan.sygatetech.com/

One Usage of the HACKYOURSELF scan: TCP Scan (65534 ports),UDP scan (800+ ports), and Netbios Scan
http://www.hackerwhacker.com/

Shields UP! quickly checks the SECURITY of YOUR computer's connection to the Internet.
https://grc.com/x/ne.dll?bh0bkyd2

Port scan.. Get an instant security analysis now. You dont even need to know your own IP address!
http://www.dslreports.com/scan
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10760990
every time...
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10760993
>"So, if I were to put one copy of ZA (or other firewall) on the network, WHERE would it need to go?  Which computer?"

On each computer!
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10761029
About Windows Update (SUS)
http://v4.windowsupdate.microsoft.com/en/about.asp

Download and install Microsofts automatic update server (also known as SUS)
http://www.microsoft.com/windows2000/downloads/recommended/susclient/default.asp
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10761070
You'd need one computer to be your gateway. It would need 2 NIC's  so your network would look like:

                                                       Firewall-PC
Internet (the router that is)-->  nic1            nic2 -->hub --> other pc's

http://support.microsoft.com/default.aspx?scid=kb;EN-US;234815
The FW-PC would use ICS (windows internet connection sharing)  Nic1 would be connected to the router (dsl/cable router)  and nic2 would connect to the hub, along with the other pcs
But if you don't what to rework your network, ZA on each pc would be grand. ZA is chatty at first... then you'll get fewer and fewer pop-ups asking to allow this and that... read the documentation fully.
-rich
0
 
LVL 1

Assisted Solution

by:meatdog8
meatdog8 earned 50 total points
ID: 10762956
Check out the dsl/router that is currently installed to see if it has a built in firewall... Typically the basic router will have what is called a NAT(network address translation) firewall... If you have the NAT fire wall built into the router that will suffice for blocking unwanted incomming traffic from the internet.  In addition to the NAT firewall you could turn on the firewall that comes with XP, it is under the connection properties.  Speaking from experience, put Antivirus on all computers.  (like someone said previously, it will save money in the long run.. (I like Norton, I've had too many bad experiences with McAfee).

Good Luck
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 10793358
ThanQ
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10800400
:o) Glad we could help you - thank you for the points

BTW: Have a look on http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now