People who relies on pattern based security do not care about pointed attacks. It is not clear whether people should care about these attacks or not. There is always an argument against “Why would someone want to hack me - me, the common user who is just chating with friends …”. And this is not that poor argument as it looks because updated Antivirus software is able to deal with wild Internet worms. On the other side are people (including me) who say that this is not always about pointed attacks, there exist a large business with botnets. These botnets are private tools of blackhats, they are not detected by Antivirus software and are always updated when they become detected. They want every single computer, so common chating user is the ideal target. Just exploit some new vulnerability, install itself into the system, subvert Antivirus software updates with known tricks or to hide from scans with rootkit technology, and you own the user’s machine and just communicate with your botnet master ready for action … The user of infected machine is usually infected for month or years without any notice … Personal firewall is able to prevent this because it is not pattern based.
Okay, that is a little scary. Thanks for the reply David. I will direct him to this thread and have him read it by himself.
Yours truly,
DoomScythe
Setting up Windows provides great security. Firewall, AV and other software are just a layer protection. Cracker can not just open port from outside so easily. There has to be eg. an aplication running and listening to the port like default running Windows services DCOM (135), NetBIOS (137-139), Server (80) and etc. Port scan will just find out, that all ports are closed or stealthed, which means almost the same for the cracker. Port scans randomly look for computers with open ports, they are millions and more of them, so he does not have to bother with attacking computer with closed ports. So unless there is not someone, who wants to hack his computer, there is almost nothing to worry about. As far as I can see, he is a skilled user, but I would never rely on an aplication like AV instead of Firewall. As matousec posted, using software based on signatures is like playing a Russian roulette with malware. I would recommend him to use at least Comodo firewall, which has some kind of IPS.
Firewalls are most important for your computer’s safety. That’s obvious.
Windows Firewall is light, very simple and good enough to stealth your ports.
So unless you know for sure that someone has got your IP and is going to harm your machine in some way, you don’t need to clutter your PC with other 3rd party programs.
I’m paranoid, that’s why I use Comodo software. 
Okay Tom_SK, thanks.
David’s and your replies bring me to another question which have been on my mind for quite some time. How do we classify a user that is skilled? I mean what should a user know to be classified as a skilled or professional? What is the general criteria? Say, I know how to use the registry, MSConfig, get around the Windows and get a rough idea of what my computer is doing. Where does that put me?
This question is stuck on my mind because there are sites or questionaires that ask me to rate my own computer skills. They will have a range such as Newbie, Acquainted, Intermediate, Skilled and Expert. My usual answer is either Acquainted. Any idea?
Yours truly,
DoomScythe
That’s a very interesting way of looking at it, but yes. Without a lock on a door anyone can walk in the same without a firewall on your computer. In the old days, you could leave a door unlocked and never worry but doing this now is just asking for trouble. Although, with a shotgun a may not be as worried.
Mike
PS. I know I used the in the old days cliche, but i’m not that old it’s just what I’ve heard. ;D
Nice question indeed 
So, you say we should somehow define about 5 sorts, let’s use Newbie, Acquainted, Intermediate, Skilled, Expert. I will try to define newbie
Newbie - I think this one is the easiest to recognize. Zero or almost zero knowledge, can not recognize terms like “network interface”, “IP address”, not even “registry”, “process”. These people are able to start computer and run their Office / Internet browser / games. Can have hard times to find something on the Internet.
I am not sure how to define others, would need little more thinking from me
Maybe it would be a good idea to match these 5 sorts with computer terms as I did with newbies.
For example if one know what is non paged pool in the NT kernel …
On the other hand I have got little doubts whether the level of computer knowledge implies the level of the computer security knowledge. I mean that there are people - administrators for example - who understand security pretty well but they are not programmers. And vice versa - programmers who can program, understand some API for example, but are not system or security programmers and know nothing about security.
David,
That question have been haunting me for a very very long time (years). I think it is the general computer skills that matter, not a skewed side of computer knowledge. Like you said:
When those questionaires or forms ask us the level of our computer competency, I think they meant it as general computer knowledge. David, based on your experience (I believe you are at least quite experienced, if not very experienced), what defines a Expert? And what defines a Skilled user?
I seriously hope others can reply to my question. I think this question affects others as well.
Yours truly,
DoomScythe
I have very subjective classification, don’t take this seriously; just my opinion:
Newbie: Person who can barely figure how to start his PC, let alone install anything and/or use a program or play a game (I can see these often here in Israel ._.).
Acquainted: Person who can do simple actions with a computer like install programs and games and just have fun using a PC without actually knowing what he is doing.
Intermediate: The most common level of PC users, in my opinion. They know how to fix random simple problems, formating, installing Windows, know how to use Google, etc.
Skilled: That’s how I see myself. I know what I’m doing, I can fix almost any problem myself and even if I can’t, I can easily find a solution. I can keep my machine free of problems, and fix the machine of problems incase I acquire any.
Expert: People who actually get paid from doing computer-related works, know how to code in at least one language; the people that “Skilled” users go to when they have a serious problem, like people that are part of the Comodo crew.
Am I close? 
Well, truth to be told, the classification of users that I have in my mind is close to yours. However, I don’t know about what the others think. If only someone from a surveyor company is in this forums. :-\
Anyway Bullhorn, thanks for your reply. Nice to know that someone else share the same idea as I do.
Yours truly,
DoomScythe
It was my pleasure.
I’ll wait for more replies to see if more people see ot as do DoomScythe and I. (:WIN)
DoomScythe,
I will try to give my opinion on BullHorn’s message:
I think this is close to my ‘definition’ above, just push the button and play games, write homework in office, or write an email to friend using webmail. These people do not install new software themselves. Autologon enabled?
The first one who is able to download and install new software? Is very vulnerable to infected downloads. Is not able to fix problems with PC but is able to find help if something goes wrong.
Is able to chat in webchat. Still zero security knowledge except user/pass login.
I agree except thath this is the most common. I think this is the most common level of users that you can ‘meet’ on the Internet but I am not sure that this is the most common level in general. I think people in offices using only one software to do their job are not on this level and they are the majority I think.
I think this is quite a big skip compared to the previous group. But ok. Maybe this is the first class of users that maybe try something with ‘alternative’ software (I am talking about Mozilla, Linux, OpenOffice, …). Lot of application level programmers can be here.
I would put low level and security programmers here as well as skilled system and network administrators. Not always paid - I am talking about college professors and students who often create free, open and academic tools and projects.
Great, now we have 3 people with an almost similar idea. I just want to hear others contributing to this. Anyway, thanks David.
Yours truly,
DoomScythe
How do you know my name? O_o
-EDIT: Oh, you didn’t mean me. xD
100% better than AVG. I had AVG anti-virus on here, and my computer started acting up. I did a scan and nothing. Well seeing I was already using your firewall I decided to try your anti-virus as well. as soon as I deleted avg and installed comodo, bam a virus detected, bam another one, bam, bam, bam, by the time it was said and tone I had 13 showing up. I didnt even have the anti-virus on for 3 minutes and I was able to identify the problem and resolve it. So happens it was a websearch taskbar on explorer, and there .dll’s were viruses. Now after I deleted the viruses and the program I ran my Runalyzer program which you can get for free online, and scanned my registery to get rid of the key that they had placed for startup. Thanks COMODO YOUR THE BEST! Not Norton, not Macafee, and surely not AVG but COMODO! (S) (:CLP)
Hello,
I am glad you like it :D, however please realize that this current version is still a beta, the 2.0 version which should be released sometime this month, I believe on September 18th. However this date is subject to change. The 2.0 version will fix many bugs, and add some nice new features such as HIPS.
~Justin
we are looking around mid oct for a release I am afraid 
we will have another beta though before then.
Melih
All my hopes dashed in a single sentence. Looking forward to the next version still though. 
Mike
back to topic
I just voted (http://www.matousec.com/) on 23rd Sept and CPF is in 6th place with Windows, BlackICE and McAfee trailing behind at 7th, 8th, 9th
WOOO HOOOOO
CAV is also in 6th place, ahead of McAfee, BitDefender, Symantec, PC-cillin, Norton and Zone Alarm
(and that’s just for the CAV 1 beta)
WOOOOOOOOOO HOOOOOOOOOOO
Comodo is getting there (:CLP)
UPDATE: It’s only a few hours later and CAV has soared into 5th place displacing AntiVir,
WELL, what can I say? (:CLP) (:CLP) (:CLP)