The Feb. 19 Top Story by editorial director Brian Livingston described McAfee's attempts to ensure that the security ratings generated by the company's SiteAdvisor service are up-to-date. That column followed the previous week's Top Story by Mark Joseph Edwards, which reported that SiteAdvisor's ratings could be as much as one year old.

Eric Legge wrote in to tell us of his efforts to have his site retested after it was assigned a yellow rating by SiteAdvisor:

• "SiteAdvisor is talking rubbish about dealing with complaints promptly. I complained by e-mail and by letter to the [McAfee] CEO about every page on my site having a yellow rating in October 2008. I also requested that my site be revisited after I had removed the [offending] link, which I removed only because I have probably been losing visitors for years because of this lousy service.

  "My entire site [PC Buyer Beware] still has a yellow rating for a link to this page, which SiteAdviser has given a green rating! [The page contains] a valid fix for the Smitfraud virus.

  "You only have to search the Web to find a number of site owners who have had their sites' existence threatened by SiteAdvisor errors. Thanks for taking this 'service' to task."
  

So many people street value of cialis asked us about SiteAdvisor alternatives that we're planning a technical review of the accuracy of SiteAdvisor, Web of Trust, and other site-rating services. This complex task will take a while to finish, but we hope to offer our recommendations sometime within the next few weeks. At this point, it's not clear how bad the situation is and which services are really the most correct.

SiteAdvisor plug-in may not be easy to remove

Our report on SiteAdvisor caused many readers to uninstall the plug-in for their browsers. Unfortunately, getting the program off your system may require some extra effort, as reader Chris Coddington discovered:

• "In the recent article on SiteAdvisor's retesting policy, I and most others certainly read between the lines and know what to expect if [we] continue to use the 'service.' I suspect that many users — including myself — are uninstalling SiteAdvisor. If we can't trust the [service's] red warnings, we can't trust the green warnings, either.

  "Now the only problem is how to uninstall the beast! It certainly can't be found [by clicking] Start, All Programs, and I don't have any other McAfee software on my system. It sounds like they are hiding it someplace. It's getting to sound almost like another virus to worry about!"
  

SiteAdvisor can be removed via standard Control Panel applets: Add or Remove Programs in XP and Programs and Features in Vista. In XP, another way to get to Add or Remove Programs is to click Start, Run; type appwiz.cpl; and press Enter. An alternative way to open Programs and Features in Vista is to press the Windows key, type appwiz.cpl, and press Enter.

Once you're in the Control Panel applet in either version of Windows, select the entry for McAfee SiteAdvisor, click Change/Remove in XP or Uninstall in Vista, and step through the wizard.

The Windows uninstaller may not completely remove the program. McAfee provides a free Consumer Products Removal utility (more info and download page). This tool promises to clear your system of several of the company's products, not just SiteAdvisor.

If you prefer to disable rather than uninstall the SiteAdvisor plug-in, you can do so in Firefox by clicking Tools, Add-ons; selecting McAfee SiteAdvisor; and choosing Disable. In IE, click Tools, Manage Add-ons, Enable or Disable Add-ons; select both McAfee SiteAdvisor BHO and McAfee SiteAdvisor Toolbar, one at a time; and choose Disable under Settings near the bottom of the dialog box.

Another possible SiteAdvisor alternative

In the Feb. 19 Known Issues column, reader George Elting recommended two free programs designed to make your Web browsing safer. In summary, CallingID (more info) and LinkScanner Lite (more info) are more specialized services than SiteAdvisor. The former identifies the location of the site's server, and the latter verifies the links returned by search engines.

Larry Croy offers another suggestion for secure browsing:

• "Just a heads-up for another free alternative to SiteAdvisor. I have been using the Finjan SecureBrowsing software [more info] for several years with no problems. They have both IE and Firefox versions."
  

As I mentioned above, we'll be taking a closer look at Web security programs in a future article. Stay tuned!

By Ryan Russell

Norton Internet Security Suite 2009, the top-rated security suite this year — as it was last year — now uses fewer system resources than before without skimping on protection.

If you're not a fan of Norton products, there are plenty of other contenders worthy of consideration that can challenge the long-time security-software leader.

Windows Secrets writers periodically analyze the ratings of trusted reviewers and summarize for you in the WS Security Baseline which personal-protection products are currently getting the best marks. Based on reviews from PC World, PCMag, Maximum PC, and others, today's security-suite winner is Symantec's Norton Internet Security 2009 (photo at right).

This product may seem like a repeat from last year's tally of ratings. Scott Dunn's Jan. 24, 2008, Top Story reported that Norton Internet Security 2008 had received the most Editors' Choice awards of any suite. However, the latest release of NIS is faster and less resource-hungry than previous versions, according to reviewers.

Symantec has not been deaf to the complaints of Norton Internet Security users about the program's spendthrift ways with your PC's memory and CPU cycles. In its review of the program, PCMag.com says, "this is definitely the slimmest, most unobtrusive Norton ever." (See below for links to this and other reviews of the product.)

As with most of the leading security-suite contenders, Norton Internet Security protects against infection by viruses, spyware, and rootkits. The program's components include a software firewall and a content-filtering utility for browsers and instant-messaging clients.

Runner-up suites challenge Norton products

If you're one of the many people who've sworn never to install a Norton or McAfee security product again, I understand your pain. More than once, I've had to venture into the Windows file system and Registry to manually uninstall security programs from the two biggest names in the field, ripping the pieces out one by one.

The good news is that there are a lot of other, strong contenders for security-suite top dog. Maximum PC lists ESET Smart Security as its second choice; the program matched Symantec's score of 9 out of 10. The magazine's reviewers gave a lot of weight to performance and the impact the program has on system resources.

PCMag.com gives Trend Micro Internet Security Pro 2009 and ZoneAlarm Internet Security Suite 2009 a tie for second place, trailing only Symantec's product. The site also weighted performance heavily, site cialis particularly the boot times of the programs it tested.

PC World rates BitDefender Internet Security 2009 as the second choice, yet again trailing the rating for Norton Internet Security. The review names the BitDefender suite a value and also singles out Avira Premium Security Suite 8.2 as the best malware detector.

For those who'd rather select their security program solely on the results of independent antivirus test labs, you'll find several testing organizations described and linked to in Scott Dunn's Feb. 14, 2008, Known Issues column: "Labs provide alternatives in evaluating suites."

(Disclosure: My employer, BigFix Inc., sells a couple of different brands of anti-malware software to enterprises. While the company competes with many of the firms that are mentioned in this review — and partners with at least one of them — BigFix doesn't sell products such as the ones mentioned above to consumers.)

Finding the sweet spot of security suites

From my point of view, the most important criterion for selecting a security suite is whether the program includes all the components you need.

Nearly all of the top-rated security suites provide a firewall and a range of anti-malware tools. The programs are differentiated by their auxiliary security components. For example, youngsters and inexperienced users may require first-rate Web-content filtering and antiphishing tools. More-experienced PC users may find such features less important.

In terms of which programs offer the best virus detection, I'm afraid the days of ranking an antivirus engine the best because of an advantage of a few percentage points in detection tests are over. It never was a really useful measurement. The myth that an antivirus app will protect you from the latest infections is even less credible now.

The sheer volume of new malware has outstripped the ability of AV vendors to create and distribute their virus-definition updates. No security program made today can prevent all PC infections. The virus-detection rates of the top-rated apps are so similar, it makes sense to give a little more weight to the tools' design, performance, and range of features. A tool people can't understand and use is no protection to them at all.

Email security is about a lot more than just using a good password on your POP or IMAP server. Perhaps the most important part of email security is ensuring you don’t shoot yourself in the foot.

In February this year, I listed five basic email security tips that everyone should employ. The following is a list of five more good pieces of email security advice:

There’s a lot of information out there about securing your e-mail. safe cialis Much of it is advanced and doesn’t apply to the typical end user. Configuring spam filters such as SpamAssassin, setting up encrypted authentication on mail servers, and e-mail gateway virus scanner management are not basic end-user tasks.

When one can find end-user e-mail security tips, they’re usually specific to a single mail client or mail user agent such as Microsoft Outlook, Mozilla Thunderbird, or Mutt. This sort of information is of critical importance to many users of these applications, but there are few sources of more general security information for e-mail users that aren’t specific to a given client application.

The following is a short list of some important security tips that apply to all e-mail users — not just users of a specific application. They are listed in the order one should employ them, from the first priority to the last. This priority is affected not only by how important a given tip is, but also by how easy it is to employ; the easier something is to do, the more likely one is to actually do it and move on to the next tip.

Be aware of both your virtual and physical surroundings when communicating via e-mail. Be careful. Trust no one that you do not absolutely have to trust, and recognize the dangers and potential consequences of that trust.

Your e-mail security does not just affect you; it affects others, as well, if your e-mail account is compromised. Even if the e-mail account itself is not compromised, your computer may be if you do not take reasonable care with how you deal with e-mails — and that, in turn, can lead to affecting both you and others adversely as well.

Don’t be a victim.

Whether you’re new to network administration or to the Windows environment, a few common oversights and mistakes can trip you up. Deb Shinder explains how to avoid some of the problems new Windows admins often encounter.

---

Maybe you’re a brand new network admin. You’ve taken some courses, you’ve passed some certification exams, perhaps you even have a Windows domain set up at home. But you’ll soon find that being responsible for a company network brings challenges you hadn’t anticipated.

Or maybe you’re an experienced corporate IT person, but up until now, you’ve worked in a UNIX environment. Now — either due to a job change or a new deployment in your current workplace — you find yourself in the less familiar world of Windows.

This article is aimed at helping you avoid some of the most common mistakes made by new Windows administrators.

Note: This information is also available as a PDF download.

#1: Trying to change everything all at once

When you come into a new job, or start working with a new technology, you may have all sorts of bright ideas. If you’re new to the workplace, you immediately hone in on those things that your predecessors were (or seem to have been) doing wrong. You’re full of all the best practices and tips and tricks that you learned in school. If you’re an experienced administrator coming from a different environment, you may be set in your ways and want to do things the way you did them before, rather than taking advantage of features of the new OS.

Either way, you’re likely to cause yourself a great deal of grief. The best bet for someone new to Windows networking (or to any other job, for that matter) is give yourself time to adapt, observe and learn, and proceed slowly. You’ll make your own job easier in the long run and make more friends (or at least fewer enemies) that way.

#2: Overestimating the technical expertise of end users

Many new administrators expect users to have a better understanding of the technology than they do. Don’t assume that end rx cialis low price users realize the importance of security, or that they will be able to accurately describe the errors they’re getting, or that they know what you mean when you tell them to perform a simple (to you) task such as going to Device Manager and checking the status of the sound card.

Many people in the business world use computers every day but know very little about them beyond how to operate a few specific applications. If you get frustrated with them, or make them feel stupid, most of them will try to avoid calling you when there’s a problem. Instead they’ll ignore it (if they can) or worse, try to fix it themselves. That means the problem may be far worse when you finally do become aware of it.

#3: Underestimating the technical expertise of end users

Although the above applies to many of your users, most companies will have at least a few who are advanced computer hobbyists and know a lot about technology. They’re the ones who will come up with inventive workarounds to circumvent the restrictions you put in place if those restrictions inconvenience them. Most of these users aren’t malicious; they just resent having someone else in control of their computer use — especially if you treat them as if they don’t know anything.

The best tactic with these users is to show them that you respect their skills, seek out their input, and let them know the reasons for the rules and restrictions. Point out that even a topnotch racecar driver who has demonstrated the ability to safely handle a vehicle at high speed must abide by the speed limits on the public roads, and it’s not because you doubt his/her technology skills that you must insist on everyone following the rules.

#4: Not turning on auditing

Windows Server operating systems have built-in security auditing, but it’s not enabled by default. It’s also not one of the best documented features, so some administrators fail to take advantage of it. And that’s a shame, because with the auditing features, you can keep track of logon attempts, access to files and other objects, and directory service access.

 Active Directory Domain Services (AD DS) auditing has been enhanced in Windows Server 2008 and can be done more granularly now. Without either the built-in auditing or third-party auditing software running, it can be almost impossible to pinpoint and analyze what happened in a security breach.

#5: Not keeping systems updated

This one ought to be a no-brainer: Keeping your servers and client machines patched with the latest security updates can go a long way toward preventing downtime, data loss, and other consequences of malware and attacks. Yet many administrators fall behind, and their networks are running systems that aren’t properly patched.

This happens for several reasons. Understaffed and overworked IT departments just may not get around to applying patches as soon as they’re released. After all, it’s not always a matter of “just doing it” — everyone knows that some updates can break things, bringing your whole network to a stop. Thus it’s prudent to check out new patches in a testbed environment that simulates the applications and configurations of your production network. However, that takes time — time you may not have.

Automating the processes as much as possible can help you keep those updates flowing. Have your test network ready each month, for instance, before Microsoft releases its regular patches. Use

Windows Server Update Services (WSUS) or other tools to simplify and automate the process once you’ve decided that a patch is safe to apply. And don’t forget that applications — not just the operating system — need to be kept updated, too.

#6: Getting sloppy about security

Many administrators enforce best security practices for their users but get sloppy when it comes to their own workstations. For example, IT pros who would never allow users to run XP every day logged on with administrative accounts think nothing about running as administrators themselves while doing routine work that doesn’t require that level of privileges. Some administrators seem to think they’re immune to malware and attacks because they “know better.” But this over confidence can lead to disaster, as it does in the case of police officers who have a high occurrence of firearms accidents because they’re around guns all the time and become complacent about the dangers.

#7: Not documenting changes and fixes

Documentation is one of the most important things that you, as a network admin, can do to make your own job easier and to make it easier for someone else to step in and take care of the network in your absence. Yet it’s also one of the most neglected of all administrative tasks.

You may think you’ll remember what patch you applied or what configuration change you made that fixed an exasperating problem, but a year later, you probably won’t. If you document your actions, you don’t have to waste precious time reinventing the wheel (or the fix) all over again.

Some admins don’t want to document what they do because they think that if they keep it all in their heads, they’ll be indispensible. In truth, no one is ever irreplaceable — and by making it difficult for anyone else to learn your job, you make it less likely that you’ll ever get promoted out of the job.

Besides, what if you got hit by a truck crossing the street? Do you really want the company to come to a standstill because nobody knows the passwords to the administrative accounts or has a clue about how you have things set up and what daily duties you have to perform to keep the network running smoothly?

#8: Failing to test backups

One of the things that home users end up regretting the most is forgetting to back up their important data — and thus losing it all when a hard drive fails. Most IT pros understand the importance of backing up and do it on a regular schedule. What some busy admins don’t remember to do regularly is test those backups to make sure that the data really is there and that it can be restored.

Remember that making the backup is only the first step. You need to ensure that those backups will work if and when you need them.

#9: Overpromising and underdelivering

When your boss is pressuring you for answers to questions like “When can you have all the desktop systems upgraded to the new version of the software?” or “How much will it cost to get the new database server up and running?”, your natural tendency may be to give a response that makes you look good. But if you make promises you can’t keep and come in late or over budget, you do yourself more damage than good.

A good rule of thumb in any business is to underpromise and overdeliver instead of doing the opposite. If you think it will take two weeks to deploy a new system, give yourself some wiggle room and promise it in three weeks. If you’re pretty sure you’ll be able to buy the hardware you need for $10,000, ask for $12,000 just in case. Your boss will be impressed when you get the project done days ahead of time or spend less money than expected.

#10: Being afraid to ask for help

Ego is a funny thing, and many IT administrators have a lot invested in theirs. When it comes to technology, you may be reluctant to admit that you don’t know it all, and thus afraid — or embarrassed — to ask for help. I’ve know MCSEs and MVPs who couldn’t bear to seek help from colleagues because they felt they were supposed to be the “experts” and that their reputations would be hurt if they admitted otherwise. But plunging ahead with a project when you don’t know what you’re doing can get you in hot water, cost the company money, and even cost you your job.

If you’re in over your head, be willing to admit it and seek help from someone more knowledgeable about the subject. You can save days, weeks, or even months of grief by doing so.