Well, I’m a long time ZoneAlarm user. I just recently pulled a switch to the comodo security suite. Instantly, I’m greeted with dialogs just like I would expect from ZoneAlarm. However, Comodo takes it a step further. It seems to monitor every little thing a program does, from modifying any little registry value in windows, to internet access attempts. Why didn’t I try out Comodo sooner? Well, I was under the impression that ZoneAlarm was awesome, and there couldn’t be something better. Well, I was wrong, dead wrong in fact. I see that comodo does virus scans, updates automatically, secures internet, and monitors programs very closely. Many say that Comodo is less resource heavy as well.
Here’s the real kicker, Comodo is free! ZoneAlarm Pro is not. The regular ZoneAlarm doesn’t come with nearly as many features as the free version of Comodo does. I think I have just found my new favorite software firewall and antivirus. Anyone not running something like ZoneAlarm or Comodo needs to go get one of the two now. No matter how savvy you think you are, there are a lot of strange things on the internet that could trick you, and Comodo or ZoneAlarm will block such things.
In conclusion, Comodo gets my vote now, ZoneAlarm is good, but I don’t think it’s as good as Comodo even in the “pro” version.
Own a website? Ever think about security? If not, well you’re asking for trouble.
These are the best things you can do to secure your website properly
- Use random generated passwords 32-64 characters in length.
- Research your particular software and/or plugins for vulnerabilities at all times by visiting milw0rm and packetstorm on a regular basis.
- Optionally, you may want to install some kind of spam filter if possible on your software.
Own your server? You’ll probably want to do this as well, on top of the list above.
- Do periodic software updates on your server, change the ports that certain services run on, such as FTP and SSH since these are common targets.
- Disable root login.
- Set ServerTokens to “Prod” in Apache.
- Run software that automatically bans an IP after a certain amount of failed login attempts.
- Again, for all passwords on the server use 32-64 char random generated passwords, including the host control panel if you have one.
Just searching around reveals to me that there are far too many insecure websites out there, that could easily enough become fairly secure by following at least some of these methods. You can never be too secure, there are new vulnerabilities found every day, and there is no shortage of malicious users out there ready to deface your website or gain root login to your server for the fun of it. There are many more tactics out there for security, but these are some of the better tactics that will deter most people. Be careful out there.
Thanks go out to nukeit.org