|
In order to efficiently protect your computer from attack, you need to know your computer system and the attacks out there in Internet. Then you can choose the right solution and products to protect your online computer. The attackers intrude the victim's computer in many ways. No single solution or product can provides full coverage. To be a smart user, you need to consider multiple solution and product to harden your security. In general, you may need to consider the following products for security.
As a indiviual end user, you can still install either a standalone Firewall or PC Firewall software on your computer. This will limit the inbound access to your computer. Beyond that some PC firewall, for example, the Firewall in Windows XP SP2 can also block the outbound access from the application running. This prevent the backdoor outbound traffic.
Even it has limitation, you still need it. It can scan the file system to identify the virus based on the pre-defintion. You also need to keep your virus definition file up to date.
Most people recognize this kind of software as IDS or IPS. Actually most current IDS or IPS just provides part of protection as Real Time Threat Monitoring Software required. Another drawback of IDS and IPS is it heavily rely on the signature which is behind the attack.
Real Time Threat/Attack Monitoring software can identify the attack based on the anormally activity. The anormaly activity means the activities utilizing the system vunlernabilities. Usually the normal system activity do not do it.