Earliest defense for making sure windows doesn't get infected - NAT, don't leave a windows machine on a public IP...
I actually miss the old versions of McAfee vscan and equivalents. Light weight, checked things over (yes, it wasn't active, might miss corrupting programs, etc...), but if you know what you are doing, like above mentions, you can be pretty safe on windows.
That said, I'm mostly a mac/'nix house hold these days.
> Earliest defense for making sure windows doesn't get infected - NAT, don't leave a windows machine on a public IP...
Yes, but a basic one. You'd prevent something running on port X from being exploited directly. Doesn't do anything against other methods, like getting you to open a shady PDF or SWF file.
> That said, I'm mostly a mac/'nix house hold these days.
If you're running a window manager, there's virtually no difference between them and recent versions of Windows. If anything, Windows has the upper hand on the non-headless side.
It's nice to be able to say "At least I'm not on Windows anymore", but it is no reason whatsoever to not be as vigilant.
The primary reason why you're not targeted as much on OS X or Linux is not that they have a much smaller attack surface than Windows (anymore.) It's that it doesn't make economic sense for an attacker to target Linux users if they are less than 2% of the desktop computer market share, and they generally consist of tech-savvy (e.g. more likely to use NoScript, or spot shady processes than normals).
I actually miss the old versions of McAfee vscan and equivalents. Light weight, checked things over (yes, it wasn't active, might miss corrupting programs, etc...), but if you know what you are doing, like above mentions, you can be pretty safe on windows.
That said, I'm mostly a mac/'nix house hold these days.