Recently I was reading an article saying that most people aren't truly secure and only believe they are. It said that using a firewall and keeping up to date on virus definitions wasn't enough. It claimed that Norton and McAfee were not very good security programs. It also said something about rootkits and other newer threats. Now I keep up with spyware and virus scans and keep it all up to date, running scans regularly, but I don't know too much about rootkits. I read the wikipedia article on them but I'm still not sure I fully understand them. How can I be sure that I am clean of them if the antivirus programs don't scan for them? Are there other security threats as well? If Norton and McAfee aren't very good, what program SHOULD I be running? I want to keep myself informed on the latest threats but it's hard. Is anyone able to help clear this up for me? I just hate having this black magic box mentality where you tell your security software to run and you trust it to protect you. I want to know what it's doing and why, only the will I feel truly secure.

Another question I had is why does everyone seem to keep their IP address a secret? It seems like if you're determined, getting someone's IP address wouldn't be very hard. I mean all you would need to do is get them to connect to your PC through an IM file transfer or something, or click a link to a webserver you are running, or something like that. Is telling someone your IP really that big of a risk? Realistically what could they do with it besides ping you?

Oh and one more thought occurs. I am currently running the free ZoneAlarm firewall. Is this a good firewall? The fact that it is free kind of makes me think there might be better ones out there, but I suppose that isn't necessarily the case :P I do have money and would be willing to pay for a nicer firewall if there are indeed better ones out there though.

I'm sorry if these are stupid beginner questions but I am having trouble finding the answers through simple google searches.

OK, first things first: the only 100% secure computer is one that you never switch on and use. That doesn't mean you cannot aim for 99.9% though :)

Most up to date Internet security suites and anti-virus solutions do now include rootkit scanning in some form or other. All you really need to know about a rootkit, if you don't want to get lost in the technicality, is that one can be used to hide malicious software from the OS.

Getting someone's IP address is very easy indeed. Whether you want to keep yours secret at all costs depends upon how paranoid you are.

There are better firewalls out there than ZoneAlarm Free, for sure, but everyone will recommend something different. The truth of the matter is that provided you have the basic protection in place, and an Internet secuirty suite is good enough (I am Contributing Editor of PC Pro magazine in the UK, and our current recommended security suite is Norton 360 which performed well in our tests - I use it here on one of my Vista machines and have no problems with it), then good security boils down to what you do with your computer.

If you practise safe hex, do not link click on anything that arrives unsolicited in email, do not download dodgy free software, do not install porn movie viewers, do not fall for the too good to be true scams that plague the Internet, then you should stay fairly safe.

i agree. Its impossible to be truly secure.

The most secure machine would be one that was not connected to the internet, and was never on, in a locked room, but even then someone could come in and steal it...

Generally you want:

common sense:


dont download anything claiming to be windows updates etc..., get them yourself from the official MS site)


dont install any addins etc... from the web for internet explorer unless you trust them


keep up to date

a) upgrade to microsoft update and patch every week!

b) keep your AV/Antispyware updated!

C)run regular scans

stay protected

a) get an antivirus with a resident shield
b) get an antispyware
c) get an anti-rootkit

GET A FIREWALL. Be careful. Most people dont know how to configure it correctly and click accept for every app that asks for internet access. Bad idea.