What is required for security after VPN is installed.

Topic

New Reply

I have installed SurfShark VPN I also have Norton Security and Zemana AntiMalware, I used to have MalwareBytes but their pricing is greedy. Anybody have better suggestions for online security.

Thank you

Peter

Reply | Quote

Replies

Well that’ll depend on what you’re doing… there’s plenty that *could* be done, so what do you mean with “better” anyway? VPN and security suite aren’t a panacea.

Norton Security says it does all kinds of things but it has its limits, like everything. Such as, SSL/TLS-protected traffic, like https, cannot be inspected unless integrated with the application generating the traffic, and malicious (or hijacked) sites on https do exist. So, check what browsers it supports and that the integration component is turned on.

Don’t use IE or other known-insecure applications.

Check that your email and other communication applications are secure. SSL or TLS on, passwords sufficiently complex, maybe multi-factor authentication on. Autofetch of linked external content off or at least severely restricted, message encryption and signing… is at least recommended.

Reply | Quote

How does SurfShark VPN help with your security? Do you use public wifi?

cheers, Paul

Reply | Quote

Thank you both for your replies. I do use public WiFi, but only for browsing, there are no financials on the tablet. I use VPN on my desktop PC which is connected to the router with cabling, not WiFi, I use Internet banking and pay for items with PayPal and less frequently my CC. I use Chrome for browsing and Outlook for emailing. My apologies for not advising in detail how I use my PC.

Peter

Reply | Quote

Hello Paul,

As I understand VPN’s, they give my PC a different IP address and location.

Peter

Reply | Quote

anonymous wrote:

As I understand VPN’s, they give my PC a different IP address and location.

Well yes, and in a business context… sometimes that IP address and location is at your office even when you’re traveling. Get to use resources from your office LAN that way.

Now the name “SurfShark” doesn’t exactly sound like that’d be their main selling point but I haven’t checked closely…

Reply | Quote

It was rated second after NordVPN.

Reply | Quote

anonymous wrote:

It was rated second after NordVPN.

Before or after their rating was recently dropped???

 
PCMag NordVPN Review:

Editors’ Note: NordVPN recently reported a server breach that took place in 2018. As we explain below, we took the events seriously enough to drop the service’s rating from five stars to four stars.

 
NordVPN and TorGuard VPN Breaches: What You Need to Know

Reply | Quote

… right, I checked, SurfShark isn’t the kind of VPN you use to remote in to your office LAN from wherever.

Apples and oranges.

(However, I could use some pointers about good OpenVPN and L2TP client applications for Windows 10. Shrew Soft used to be good but, well, the last release was in 2013 and hasn’t always worked on post-1607 Windows 10… the Windows 10 builtin VPN client didn’t work on L2TP with some gateways out there and doesn’t have OpenVPN protocol support at all.)

Reply | Quote

It seems at best that this VPN will limit ads and connections to recognised bad sites. If this makes you feel safer and you are happy to pay for this feeling then go for it.

What you haven’t mentioned is whether you have a regular backup of your machine. I consider this to be the best form of security as it allows you to recover from any problem.
Use an external hard disk and backup software, and store the disk away from your computer when you have finished the backup.

cheers, Paul

Reply | Quote

Thank you all for your input. I am retired and my PC is just used at home. I make two images a week with Acronis True Image to external drives and keep them in my vehicle. But it is not data loss I am worried about, it is about some miscreant getting access to my banking/PayPal and credit card details.

Reply | Quote

Here’s a few ideas for a step up in security, that might be easy or not depending on your level of technical comfort and willingness to research the subject:

Easy: If you don’t use 2 factor authentication, please research the subject and use it as much as possible.

Easy (at least technically) : Never reuse the same password. If it gets stolen somewhere, it might be used somewhere else. Consider a password manager if you find it too hard to manually manage different passwords. Use very long passwords or passphrases when possible.

On Windows 7, you can use the free Microsoft provided EMET. On Windows 10, learn how to use Windows Defender Application Guard and its friends that replace it. This is a proactive security measure that can help prevent infections from unknown threats, blocking some of the means they use to infect.

You could run your browser in a sandbox like Sandboxie or run Firefox (I prefer Firefox for more privacy) in a low-privilege mode if you are willing to research the subject. This isolates your browser from the rest of your system and reduces the likelihood that the infection could spread to other parts of your system.

Although I wouldn’t recommend Avast anymore, there is a feature that is called hardened mode that was working pretty well before when set to aggressive (not sure it works the same way anymore with the latest versions) : it blocked any non-recognized executable file from running without your approval, which can be useful to prevent some unrecognized malware from running. Look for a similar feature in your security suite.

Reply | Quote

CC loss is difficult to manage as 3rd parties have that information and may not be as security conscious as you. All you can do is keep an eye on transactions via your bank/CC site.

To keep your bank details secure make sure you only ever go to your bank site direct from your browser / banking app, not from an email link.
A VPN probably won’t make any difference here as the browser uses HTTPS to securely connect, so it’s all about using 2FA and not having malware on your machine.

cheers, Paul

Reply | Quote

Thank you all again for your contributions.

Reply | Quote