I use Symantec Endpoint Protection as it is the software our University has licensed. However, on my desktop at work I can't use it due to my hacking tools getting sucked up by Symantec. I use F-Secure on my desktop at work.
These days the attack vectors are mainly via social engineering of some type as well as simply visiting a trusted website that just happens to have an infected or malicious advertisement on it. Most of the evilware tries to exploit vulnerabilities in software that is on your computer or a weakness in your operating system.
Keep ALL software up to date (especially java, adoble flash, adobe reader).
Use a reputable Anti-Virus software solution.
http://www.virustotal.com/ is a site you can upload files to to see if they might be malicious. i use this often when doing forensics on compromised computers.
Install Secunia Personal Software Inspector from http://secunia.com/vulnerability_scanning/personal/. This is an incredible application which I use on my work computer. It checks your current software and lets you know if something needs patching. It is very simple to use and believe it just got out of BETA recently. Invaluable tool!
Be suspicious of any solicitation whatsoever that asks you to enter in login credentials. If you get a warning from Blizzard go to blizzard's site directly and not by clicking a link in an email.
This isn't everything but enough to keep you at least a little safe.
Oh, and use a separate computer to surf for porn.There is a bunch of nasty shit on those sites and I don't mean kinky.
EDIT: Also you can use something called OpenDNS which will help keep your computer from being exposed to known malicious hosts. At Penn we are running one as a pilot and it is really a huge help in preventing compromises. When your computer requests something via web, ftp, etc it queries the first DNS server listed. If Open DNS is the first one it checks to see if it is known to be bad or not.
Reply With Quote
Connect With Us