Recommend a Security Suite

Discussion in 'Windows Vista Security' started by razor_303, Sep 3, 2007.

  1. Okay. The reason for my question was more because I was interested in
    what problem these personal firewalls were meant to solve.
    I don't feel that a third party firewall is needed. Therefore I was
    curious as to why you think so.
     
    Straight Talk, Sep 10, 2007
    #41
    1. Advertisements

  2. razor_303

    occam Guest

    I use Kaspersky Anti-Virus 7.0 (not the KIS security suite) and I find
    it excellent for both WinXP and Vista. Really first class service and
    support. (But it is not free like Avast and some others.)

    One thing is certain - stay away from Norton if you have the choice!
     
    occam, Sep 10, 2007
    #42
    1. Advertisements

  3. razor_303

    Charlie42 Guest

    In-/outbound traffic control, monitoring applications using internet, port
    stealthing, and so on.
    I don't, not since Vista was released anyway. At home I just use Vista
    firewall alongside with my router firewall. They let me set the policies I
    need to, and Defender/UAC keep sufficient control of my applications. I
    think Vista FW could be more user friendly though, the 'advanced settings'
    seem tucked away and complicated to the average home user.

    But again: razor_303 asked about third party suites, so I felt I had tip
    about some proper, less resource consuming, firewalls that can be used in
    addition to NOD32.

    The discussion over Vista vs. third party FW is an interesting one I think,
    I haven't quite made my mind up yet, and I'd like to hear your points of
    view.

    Charlie42
     
    Charlie42, Sep 10, 2007
    #43
  4. razor_303

    PTravel Guest

    It's not a myth. Again, do you have anything substantive to add, or do you
    just like to snipe?
     
    PTravel, Sep 11, 2007
    #44
  5. Yes, it is. It's impossible in a windows environment for code A to
    reliably prevent code B from calling out. Malware determined to call
    out unattended won't let a PFW get in the way.

    If the malware has system level access it can do what it wants, like
    modifying the TCP/IP stack - or create it's own stack for that matter.

    Or it may just piggy bag on an application you have already granted
    access.

    Malware is too dangerous to be something you allow to run thinking
    that you can control it. It's something you don't run at all.
    Calm down. I'm not the one needing to learn here.

    Client Firewalls and Security Theater
    http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx

    "Personal Firewalls" are mostly snake-oil
    http://samspade.org/d/firewalls.html


    * Instead of reducing the number of network-aware services, a personal
    firewall is an additional service that consumes system resources and
    can also be the target of an attack, as exemplified by the Witty [1]
    worm.
    * If the system has been compromised by Malware, Spyware or similar
    software, these programs can also manipulate the firewall, because
    both are running on the same system. It may be possible to bypass or
    even completely shut down software firewalls in such a manner.
    * The high number of alerts generated by such applications can
    possibly desensitize users to alerts by warning the user of actions
    that may not be malicious (e.g. ICMP requests).
    * Software firewalls that interface with the operating system at the
    kernel mode level may potentially cause instability and/or introduce
    security flaws and other software bugs.
    http://en.wikipedia.org/wiki/Personal_firewall#Criticisms

    About "Comodo" - considered by many to be one of the top PFW's:
    "The implementation of the security design is very superficial.
    Today's malware creators would not have problems to bypass the
    protection of Comodo. "
    http://www.matousec.com/projects/wi...s/Comodo-Personal-Firewall-2.3.6.81/#security
     
    Straight Talk, Sep 11, 2007
    #45
  6. razor_303

    ptravel Guest

    And that's possible with any firewall. My post said AVG is a better
    firewall than Windows because of the easier control over out-going
    traffic. You seem to be advocating not using an outgoing firewall at
    all. If you don't want one on your system because of it won't catch
    every conceivable instance of unauthorized out-going traffic, fine.
    No software offers 100% security. I'll go with one that offers some
    fraction of that, and prefer the one that is easiest to configure and
    the most transparent in its actions.

    You seem to assume that anyone who uses a firewall doesn't know this.
    I know this. However, advocating not using a firewall is like
    advocating not using seat belts because they won't help you if your
    car blows up.
    I'm going to guess what you do for a living. You're in IT, right?

    I run into this attitude a lot.
    You're citing Wikipedia? Whatever.

    I don't have any system instability because of running AVG, at least
    no more than is introduced by Vista itself.
    More Wikipedia cites? 1. We're not talking about Comodo. 2. The
    issue isn't whether malware can bypass firewalls, but whether running
    a firewall will stop more malware than not running a firewall.
     
    ptravel, Sep 12, 2007
    #46
  7. And thereby adding instability, and worst of all, introducing more
    vulnerabilities to your system.
    Very bad analogy. Unlike outbound control, a seat belt does what it's
    meant to do highly reliably and it does not make your care more
    vulnerable.

    I mentioned Comodo since it's often considered one of the best. I hope
    you realize that the AVG thingie that you seem to rely on just leaks
    like a sieve.
    This is where your argument fails, because you don't consider the
    costs involved with adding PFW code.

    And BTW, don't expect your AVG thingie to stop any malware at all..
     
    Straight Talk, Sep 12, 2007
    #47
  8. razor_303

    John Guest

    I felt that way after Norton was acquired by Symantec. The original Norton
    folks outshone everybody, including Symantec. Then Symantec bought them.
    They haven't been as good ever since. Sure, they do throw a lot of money
    into their product, but the quality that comes from enthusiasm is gone.

    On the subject of the thread, however, I bit on CA's ad and spent all kinds
    of time installing it, but when I ran it, it blew up. When I called for
    support, the guy said, "Oh, we're not ready to support 64bit Vista yet." As
    a programmer, I wondered why their software didn't know it was trying to
    support the wrong operating system and refuse to install it! I don't recall
    for sure, but I don't think the question was raised when I ordered the
    software. I don't know if Vista64 has been in Beta since early 2006, but I
    suspect it was since all kinds of developers have had 64bit products ready
    at Vista introduction time. Needless to say, I'm not waiting for their
    64bit system.

    Bottom line: Someone asked in a post why folks were paying for antivirus
    software when there were essentially as-good (if not better)
    free-for-homeuse packages available. I bit and installed Avast 64bit. It
    works fine, except that it needs a little better step-by-step: it has two
    things come up and it's hard to figure out exactly what to do to insure it
    is working, possibly because it is a Czeck group and I only do English. But
    they seem to try hard and the basic product is very good, so I am very
    pleased with Avast.

    John
     
    John, Sep 12, 2007
    #48

  9. Please provide some sort of documentation or White Papers to
    substantiate what appears, on the face of it, and based on my
    experience, to be a patently absurd claim. As you've been told, no one
    thinks outbound protection is a magic bullet, but it does add an
    addition layer of protection, and it certainly does not create
    additional vulnerabilities. (Poorly designed, coded, or configured
    individual applications might cause problems, but that doesn't render
    the concept of outbound protection invalid.)





    --

    Bruce Chambers

    Help us help you:
    http://dts-l.org/goodpost.htm
    http://www.catb.org/~esr/faqs/smart-questions.html

    They that can give up essential liberty to obtain a little temporary
    safety deserve neither liberty nor safety. -Benjamin Franklin

    Many people would rather die than think; in fact, most do. -Bertrand Russell
     
    Bruce Chambers, Sep 13, 2007
    #49
  10. What are you talking about? You are asking me to document the obvious
    here!

    I'm talking about adding 100+ hooks containing complex and buggy code
    to already critical functions, which is what outbound "control" on a
    windows host is about.

    I'm talking about the impossible task of creating an entire security
    layer on top of an OS providing numerous IPC methods for malware to
    manipulate and interface with other app's.

    In other words I'm talking about the foolishness of endangering your
    system by adding numerous kernel hacks for no real benefit, since
    malware determined to circumvent it will just do so anyway. And why
    would malware not want to do so?
    Oh, please...
     
    Straight Talk, Sep 13, 2007
    #50
  11. "Obvious" only to you, apparently. So far, the remainder of the IT
    industry seems to remain unaware. But thanks for confirming that you
    have *NO* way of substantiating your otherwise unfounded claims. That's
    exactly what I anticipated.


    --

    Bruce Chambers

    Help us help you:
    http://dts-l.org/goodpost.htm
    http://www.catb.org/~esr/faqs/smart-questions.html

    They that can give up essential liberty to obtain a little temporary
    safety deserve neither liberty nor safety. -Benjamin Franklin

    Many people would rather die than think; in fact, most do. -Bertrand Russell
     
    Bruce Chambers, Sep 13, 2007
    #51
  12. Don't give me this common wisdom BS.
    Since you just snipped away all the stuff you didn't understand,
    further debate would be a waste of time. EOD.
     
    Straight Talk, Sep 13, 2007
    #52
  13. razor_303

    JanJ Guest

    Guess Straight Talk chickened out then... Does he always do that? Him
    constantly posting unsubstantiated opinions is pretty annoying. One for the
    kill file?
    JJ
     
    JanJ, Sep 14, 2007
    #53
  14. Guess the never-heard-of-before JanJ suddenly popped out to make a
    fool of himself.
    Do you have anything on topic to offer or are you just babbling?
    Feel free to close your eyes.
     
    Straight Talk, Sep 14, 2007
    #54
  15. razor_303

    kuki68ster Guest

    kaspersky for me does it....
     
    kuki68ster, Nov 24, 2008
    #55
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.