Internet Security

Jegajothy vythilingam
Jegajothy vythilingam used Ask the Experts™
on
My OS is win10 pro 64 bit.  Due to recent security hacking on my pc, I am thinking if NordVPN would provide the security preventing everyone from entry.  I have Avast Premier protection.  Or can I use ZoneAlarm or some other software.  Thank u and regards.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Scott SilvaNetwork Administrator

Commented:
You would be better off investing in a router with some actual internet security and firewalling.

Some DSL connections give you a straight connection to the internet.

None of these will prevent you from opening bad links or clicking on infected attachments though...
Jeff MorlenNetwork Engineer

Commented:
If you have an old PC you can use Sophos home UTM appliance... it is full featured.
I use an Edgerouter X... which is based on Vyatta.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Consider using Windows Defender with Windows 10 V1709 because it is excellent Anti Virus and Firewall. The Smart Screen filter is good.

If you get a router, get a decent one with good firewall capabilities. I use a Cisco RV320 VPN router with commercial VPN as the only way to get into my system uninvited.  But it is fairly technical to set up.

As Scott notes above and I said in another post of yours, be careful where you browse. Nothing prevents you from opening dodgy links.
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.

Commented:
Refer to your other question and my comment there  https://www.experts-exchange.com/questions/29082587/Security-of-the-PC.html#a42460047

Also see Scott Silva's comment above concerning bad links or infected attachments.
Natty GregIn Theory (IT)

Commented:
To add to above - and remember nothing beats social engineering or bad links be aware----- with that said I use pfsense with pfblocker-proxy anti-virus and intrusion detection- with added filter from abuse.ch -- I have gotten bad links- but one of my fail safe would not let it resolve to anything.

on top of that use vlans to segregate subnets which further provide some more security
Refer to this article i.e. seven steps to protect your PC from hackers:
http://expert-advice.org/security/7-steps-to-protect-your-pc-from-hackers/
Distinguished Expert 2018

Commented:
I am thinking if NordVPN would provide the security preventing everyone from entry.
This is very much an incorrect statement. VPN's do not protect your computer from potentially getting hacked, they provide a secure channel of communication to provide privacy between your machine and the servers at NordVPN.

I have Avast Premier protection.  Or can I use ZoneAlarm or some other software.
Now these are products that provide layers of protection. Bear in mind that the only 100% safe measure is actually not connecting to anything, including external storage devices. But safety on the internet isn't totally technical, it's partly is decision based also. Opening strange emails or downloads from shady sites are choices that instantly lower your level of safety.
Install an adblocker as your first line of defense.  The VPN does not protect you from viruses.  VPNs are for keeping your connection or location private or for accessing resources in another jurisdiction or for accessing a private network (usually corporate).  Firewalls with antivirus scanners and malware detectors are for protecting you from malicious websites, downloads and connections.  They must be kept up to date and still do not guaranty 100% safety.  You must also know to not click on suspicious links or downloads and install the malware for the hackers to get access to your system.
In Theory (IT)
Commented:
A properly configured UTM-- with Nord will be just fine---UTM must have
1.proxy
2.antivirus scanning at ingress
3.Firewall with properly configured rules for ingress and egress
4. adblocking
5.geoblocking
6.telemetry blocking
7.fingerprinting blocking
8.Of course vpn for privacy
9.DNS filtering

but all of this will not keep you safe- without education- monthly or quarterly reminders- clinking on a bad link from a porn site will not save you or some crafty email message link or attachment you click on - however if you use the abuse.ch list in your network you can mitigate some of these viruses or worms from calling home. Therefore containing the attack. Antivirus and malware scanners are still needed on each host just the same.

Author

Commented:
in response to Natty, thank u for your inputs.  U mentioned abuse.ch list.  I have not heard of this before, can u please point me a link to where this is.  
also this :" on top of that use vlans to segregate subnets which further provide some more security"
thanks
Natty GregIn Theory (IT)

Commented:
Hi Jegajothy
here is the link to zeus tracker it gives a list of know domains to block along with ip adress on the this site you will also find the abuse.ch list which you can implement into your firewall.
https://zeustracker.abuse.ch/blocklist.php or here https://abuse.ch/

I know the talk of vlan hopping- however that only happens on poorly configured vlans and on multiple vlans using the same wire, I do have Vlans running but on seperate physical interface- with firewall rules blocking connection for intervlan connectivity- only allowing specific device to connect for only the service it needs and on a particular port everything else is blocked.

but you can read here about securing networks with vlans and vlan access control list

https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/10601-90.html

Author

Commented:
thank u

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial