Hello.

I am behind of NAT/SPI Router so should i use software firewall? If your answer is "yes" why? and which firewall i have to use.

My new protection - testing for now-

OS
Xp Pro. Sp3 - Original licence.
Limited user account working

Realtime
Avast Home Edition 4.8
ThreatFire Free

On-demand
a-squared Free
SUPERAntiSpyware Free
Malwarebytes' Anti-Malware Free
FREE Dr.Web CureIt!

Other
Firefox 3.0.7 (adblock + keyscrambler + WOT) - daily surfing.
IE 7 (WOT + keyscrambler) - banking and shopping only.
CCleaner using - before when i close my computer.

My opinion is that the basic windows xp firewall will keep you safe enough, with a rude attempt to let you know somethign is trying to be a host. Whether you need a firewall though is really hinged on your trust level of what you have installed and what you will install, desired or not.

If like I, you trust all your apps and know them well, and never let a new app onto your real OS without first testing it and seeing what it may be doing, then why would you need to be told by a firewall what you already know is happening?

On the other hand, should there ever arise the possiblity of something being installed without your knowledge or a truste app being hijacked, you may not know it without a firewall telling you about it.

Personally, I use xp firewall, but I rely on ipsec with basic outbound port restrictions to do most of it. For example, I only allow outbound port 53 dns to my 3 dns server addresses. It may not be a kill all, but it will stop apps that have a dns address coded in them to use. I also only allow outbound ports 80,8080,443 and some others. This does not again be a kill all, but it does reduce the odd chance of other things happening.

Sul.

To make it simple, Yes. Software firewall should be employed on every computer for the security of outbound protection. Even with the router(only inbound protection), it is not enough. I would probably suggest a firewall with HIPS, such as comodo or online armor but more importantly something that works in conjunction with your other security programs. BTW, i'm not sure how compatible those firewall's HIPS work with threatfire. Maybe someone else can put some more insight on this.

no u dont need a software firewall if u got a router, why do u need to have outbound protection if u dont get any infections? if i were u, focus on not getting infected in the first place instead of trying to control the information it sends out. cuz if uve been infected, idc what software FW u use, you are sill compromised. just keep windows FW on and you will be just fine.

-{ Quote: "no u dont need a software firewall if u got a router, why do u need to have outbound protection if u dont get any infections? if i were u, focus on not getting infected in the first place instead of trying to control the information it sends out. cuz if uve been infected, idc what software FW u use, you are sill compromised. just keep windows FW on and you will be just fine." }-

-{ Quote: "To make it simple, Yes. Software firewall should be employed on every computer for the security of outbound protection. Even with the router(only inbound protection), it is not enough. I would probably suggest a firewall with HIPS, such as comodo or online armor but more importantly something that works in conjunction with your other security programs. BTW, i'm not sure how compatible those firewall's HIPS work with threatfire. Maybe someone else can put some more insight on this." }-

Two different answers so i am confused ??? i am waiting other member' posts for final decision.

-{ Quote: "Hello.

I am behind of NAT/SPI Router so should i use software firewall? If your answer is "yes" why? and which firewall i have to use.

My new protection - testing for now-

OS
Xp Pro. Sp3 - Original licence.
Limited user account working

Realtime
Avast Home Edition 4.8
ThreatFire Free

On-demand
a-squared Free
SUPERAntiSpyware Free
Malwarebytes' Anti-Malware Free
FREE Dr.Web CureIt!

Other
Firefox 3.0.7 (adblock + keyscrambler + WOT) - daily surfing.
IE 7 (WOT + keyscrambler) - banking and shopping only.
CCleaner using - before when i close my computer." }-
You would only want a software firewall if you were very concerned about outbound traffic getting out without your knowledge. I would think since you're using a decent AV, and Threatfire, you'd be covered pretty well, and would not need one. But again, it depends on you, your internet habits, and your concerns. Personally speaking, I dumped software firewalls the minute I bought my router, over 3 years ago.... but it's a personal choice.

Who's to say your computer won't be infected? No AV is 100% secure. Yes there are ways to minimize your risk, but if you computer is clean what does it matter? If your infected and if don't know your screwed, and if data is coming out of your machine your screwed twice, why have less protection? It's the reason why software firewalls were made to have two direction of protection or else they would of just made them with only inbound. Second i wouldn't use windows firewall, if you look around its one of the worst firewalls.

-{ Quote: "Who's to say your computer won't be infected? No AV is 100% secure. Yes there are ways to minimize your risk, but if you computer is clean what does it matter? If your infected and if don't know your screwed, and if data is coming out of your machine your screwed twice, why have less protection? It's the reason why software firewalls were made to have two direction of protection or else they would of just made them with only inbound. Second i wouldn't use windows firewall, if you look around its one of the worst firewalls." }-

thats ur opinion i guess, but not a single infection with me and no software FW, and lol im kinda risky surfer ;D if malware really wants to, it will find a way to transmit data im sure, and as u said no AV is 100%, no FW is 100% either to catch all outbound, 99.999999% of the time ull be answering the same repetetive non malicious questions from the FW to allow. as i said, focus on keeping infections out rather than trying to keep them in once theyre their. if u got a nasty enough infection, will a software FW save ur comp from being unbootable cuz of serious malware? no..... if u have a bad enough infection, who says it wont just disable ur FW, and boom what a waste.

Now if u make sure to PREVENT the malware getting in, in the first place, then ull never have any of those worries. IMO just focus on prevention, not trying to jail the malware onto ur system once its there. For prevention im not talking about an AV either, AV is good, but threatfire would be more prevention in ur setup, u culd add maybe Defensewall or something to add to the prevention layer, etc.

I have a router and I use a software firewall too.
My reasoning is that it adds another layer of protection.

Which firewall should you use?
That's difficult to answer.
From the list of programs that you posted I'm guessing that you would want freeware.
Online Armor free or PCTools Firewall Plus free are two firewalls that I like and they are easy to use.

http://www.tallemu.com/free-firewall-protection-software.html


http://www.pctools.com/firewall/

Hope that helps you.

-{ Quote: "To make it simple, Yes. Software firewall should be employed on every computer for the security of outbound protection." }-

-{ Quote: "no u dont need a software firewall if u got a router, why do u need to have outbound protection if u dont get any infections?" }-

I agree with both, but if you ever notice the outbound protection it is too late :( The system has been infected ...

-{ Quote: "if you ever notice the outbound protection it is too late :( The system has been infected ..." }-

Exactly my point

some reading for you http://samspade.org/d/firewalls.html

-{ Quote: "some reading for you http://samspade.org/d/firewalls.html" }-

Interesting... It's something I've come across with sometime ago.

I personally enjoy much more, along side with software firewall, a home made firewall, instead a router.

But, getting back on that document, if we can call it that way, isn't a router a piece of hardware with a software firewall on it, to control inbound traffic?

From that perspective, would a router provide any additional security, if turning off the services?

I mean, who ever wrote that piece of text, claims that personal firewalls, and I'll assume that's what he/she had in mind, simply suck.

Well, a router also sucks, even greater. Why? Only inbound protection. But, then, we could say that even this protection isn't needed if we turn off services.

Then, it is suggested for people to create their own firewall, using for the effect Linux, FreeBSD or OpenBSD.

Right, most people don't even know how to deal with Windows very well, and they've used since ever, even less one of those, even if just for setting up a firewall.

But, then again, wouldn't this be useless as well, considering that all people would have to do is disable services?

-{ Quote: "some reading for you http://samspade.org/d/firewalls.html" }-
This article makes a lot of wrong assumptions and I wouldn't consider it exactly a definitive source of information about firewalls. If you want more details about what I mean, please tell me and I will elaborate.

As for closing services... In some situations, it is a good idea. If there is no open port on a computer, there is almost no probability of a network attack. From this point of view, a router or a firewall with inbound protection will be useless. However, take into account the fact that it's not always possible to close all services that listen to a certain port, so a firewall or a router are the only possibilities for protecting the computer from an inbound attack.

i don't understand firewalls, or claim to. i know i didn't use one (and don't now despite my signature) and they have only ever caused grief to me, pc used for online gaming mainly, in the 4 months out of many many years i feel the resource and pop ups and unessesary blocking outways what they do, if indeed they do anything.

-{ Quote: "Exactly my point" }-

Agree but for a less knowlegeable user, it may be the only way to find out that he/she is infected.:-\

-{ Quote: "Agree but for a less knowlegeable user, it may be the only way to find out that he/she is infected.:-\" }-

yes that might be tru for some people, but im just reinforcing, if uve already been infected, no software FW is gunna do anything to help you in the end. ur already compromised :-\ just keep the frontline preventetive defences strong and you will be perfectly fine + u'll have less grief which software FW's usually cause.

and router's are more effective because they are seperated from ur windows operating system and are a protection before of the network stack in windows which means they can intercept and attack much earlier, unlike personal software firewalls, and since they are a completely seperate piece of hardware, they are almsot never directly targetted and the traffic HAS to move through the router's firewall where software firewalls can be disabled or bypassed.

-{ Quote: "Hello.

I am behind of NAT/SPI Router so should i use software firewall? If your answer is "yes" why? and which firewall i have to use.

My new protection - testing for now-

OS
Xp Pro. Sp3 - Original licence.
Limited user account working

Realtime
Avast Home Edition 4.8
ThreatFire Free

" }-

Until you decide if you need software f/w or not (my suggestion is yes! yes!;D ) , you can go to your threatfire at custom rules and activate
the rule about outbound control (don't remember exactly as i don't have it anymore). Then stop/start threatfire. After this, every application that tries to connect to internet will produce a threatfire pop-up, so if you agree you create a remember rule :thumb:

another thought i have always had. If a nasty has got passed everything and is phoning home, i would really doubt if a non technical person would know, it's hardly going to say "a trojan is trying to connect to..." these programs are written very well (unfortunatly) i just cant see a firewall doing anything, i suppose the hips ones would help, but you don't need a firewall to have hips of course.

-{ Quote: "another thought i have always had. If a nasty has got passed everything and is phoning home, i would really doubt if a non technical person would know, it's hardly going to say "a trojan is trying to connect to..." these programs are written very well (unfortunatly) i just cant see a firewall doing anything, i suppose the hips ones would help, but you don't need a firewall to have hips of course." }-

thats very tru

@Runoades

Like I said initially, and all the posts since have only proved the point. IF you are knowledgable and TRUST the software on your computer, and feel SAFE from possible infections etc, then there is no need.

IF you are the type who HAS to know what is leaving your computer, then use one that monitors applications.

If you were to get compromised, a firewall can give you some indication. But too late at that point.

Many prefer a HIPS/Firewall combo approach, or some method thereof, to ensure all is safe. If you don't mind investing the time and gaining experience to KNOWLEDGABLY know how to answer all the prompts, then go for it.

Bottom line, a firewall comes in two flavors. Application aware and application unaware. IMO both to be used properly require some amount of knowledge as to what is going on.

All software firewall users need to ask themselves a very simple question. If you use a firewall to restrict for example IE, and allow it outbound on port 80, how do you know it is infected unless you have told it only to go to ip a.b.c.d. A firewall, unless very tightly restricting application such as IE, can not tell you it is going to BadSite.com the way most people set the rules up. You would need a HIPS sort of portion with it.

At that point IMO it is no longer a firewall, but an internet security suite.

Which is the OP asking for? A firewall, or a suite? Lot's of questions but only the answers can come from the OP.

Sul.

EDIT: I dont' know about others here, but I would rather have an app like 'Little Snitch' that simply informs me of a network access attempt, and then allow or deny. That would be enough for me.

-{ Quote: "To make it simple, Yes. Software firewall should be employed on every computer for the security of outbound protection. Even with the router(only inbound protection), it is not enough. I would probably suggest a firewall with HIPS, such as comodo or online armor but more importantly something that works in conjunction with your other security programs. BTW, i'm not sure how compatible those firewall's HIPS work with threatfire. Maybe someone else can put some more insight on this." }-
I don't use a NAT router, so all the inbound/outbound filtering that goes through my computer is managed by a software firewall.
With the right configurations, a firewall w/ HIPS is enough to keep you secure when surfing the web, as long as you know the decisions you have to take when occasional pop-ups occur.

I run CIS Firewall and Defense+ with ThreatFire, and so far I have NO compatibility issues whatsoever.
ThreatFire is a behavior blocker and not a HIPS, so it doesn't conflict with Defense+.

-{ Quote: "yes that might be tru for some people, but im just reinforcing, if uve already been infected, no software FW is gunna do anything to help you in the end. ur already compromised
" }-
This is not true. Even if you are infected, a personal firewall might help you see what happens. It might even stop spreading an infection from your computer to other computers on your LAN (if you are part of one). An important part of malware do not try anything special to connect out, contrary to what leaktest writers/fans will tell you. (Don't get me wrong, if you are infected by a clever piece of malware, personal firewall might not be capable of stopping it from spreading).

-{ Quote: "
and router's are more effective because they are seperated from ur windows operating system and are a protection before of the network stack in windows which means they can intercept and attack much earlier, unlike personal software firewalls, and since they are a completely seperate piece of hardware, they are almsot never directly targetted and the traffic HAS to move through the router's firewall where software firewalls can be disabled or bypassed." }-
100% true for incoming attacks, not true for outgoing. A router can stop all incoming attacks, but it will have a hard time stopping attacks originating from your computer, and that happens exactly because the router is separated from your machine, and the packet ownership information is lost.

-{ Quote: "This is not true. Even if you are infected, a personal firewall might help you see what happens. It might even stop spreading an infection from your computer to other computers on your LAN (if you are part of one). An important part of malware do not try anything special to connect out, contrary to what leaktest writers/fans will tell you. (Don't get me wrong, if you are infected by a clever piece of malware, personal firewall might not be capable of stopping it from spreading).


100% true for incoming attacks, not true for outgoing. A router can stop all incoming attacks, but it will have a hard time stopping attacks originating from your computer, and that happens exactly because the router is separated from your machine, and the packet ownership information is lost." }-

yes a FW will protect outbound, but only things i dont like about them are

a) can be bypassed/disabled by malware
b) can cause a lot of grief
c) if ur already infected and compromised, u cant trust anything on ur system, already too late, FW will just contain then infection (so it might be somewhat helpful in a LAN)
d) why worry about keeping an infection in when u culd have stopped it from the start? find me a single person who thinks that isnt true...

im telling TS, focus on prevention, try out something like GesWall or Defensewall and you will NEVER have a need to worry about a FW, i can assure u that, i believe GesWall even has outbound protection as does Threatfire if u configure it right, so there u go, no need for a software FW anyways.

-{ Quote: "yes a FW will protect outbound, but only things i dont like about them are

a) can be bypassed/disabled by malware
b) can cause a lot of grief
c) if ur already infected and compromised, u cant trust anything on ur system, already too late, FW will just contain then infection (so it might be somewhat helpful in a LAN)
d) why worry about keeping an infection in when u culd have stopped it from the start? find me a single person who thinks that isnt true...

im telling TS, focus on prevention, try out something like GesWall or Defensewall and you will NEVER have a need to worry about a FW, i can assure u that, i believe GesWall even has outbound protection as does Threatfire if u configure it right, so there u go, no need for a software FW anyways." }-

Is not a firewall's task to prevent a system from becoming infected. That's a job for the antimalware industry and to those knowing what they do, HIPS (although malware tagging is still up to the antimalware industry).

The same way an antivirus won't prevent hackers from getting in your system.

So, a firewall will never stop an infection from happening, in the first place.


I'll give you an example. Not so long ago I experienced something really odd. The Internet connection of a relative, besides connecting to his ISP's DNS servers IPs, was connecting to a third IP.

This IP clearly wasn't part of the needed connections. Not even related to the ISP.

Most likely this was the result a botnet.

If weren't for the firewall alerting for that connection, then, my relative would never know about it.

Of course, it was blocked since day one. I then applied a policy to only allow connections trusted, as those needed by the antivirus, etc. Anything else, simply blocked.

It's true that the firewall, itself, didn't stop the botnet, in the first place, but, it helped mitigate the end result. That's what I hope from a firewall. Not to be the one and only solution, but part of it.

So, personal firewalls are useful. They're part of a layered security. Just like an antivirus is, even missing a lot malware.

Now, would a router give such warning? No. Would my relative ever know something was wrong? No.

in ur case, did u relative even understand what that extra connection was? i doubt it if there an average user, most people wuld just go, ok im gunna allow this for no reason, and boom useless, now if ur relative had better preventetive measures in place, like defensewall or geswall or some sort of virtualization etc, then the botnet wuldnt be ther in the first place, thus leaving the FW to do nothing but waste resources and slow down ur traffic. and if the user is experienced, then they know well enough how to protect themselves without the need for a FW to jail the already ther infection into their system. the only real place i can see a FW even remotly useful is in a LAN, and thats if ur prevention fails.

and i never said a FW is to stop infection, i said it just bottles it into ur system (that is if it isnt bypassed/diasbled)

this discussion culd go back and forth forever, both sides will always say the other is wrong.

-{ Quote: "in ur case, did u relative even understand what that extra connection was? i doubt it if there an average user, most people wuld just go, ok im gunna allow this for no reason, and boom useless, now if ur relative had better preventetive measures in place, like defensewall or geswall or some sort of virtualization etc, then the botnet wuldnt be ther in the first place, thus leaving the FW to do nothing but waste resources and slow down ur traffic. and if the user is experienced, then they know well enough how to protect themselves without the need for a FW to jail the already ther infection into their system. the only real place i can see a FW even remotly useful is in a LAN, and thats if ur prevention fails.

and i never said a FW is to stop infection, i said it just bottles it into ur system (that is if it isnt bypassed/diasbled)

this discussion culd go back and forth forever, both sides will always say the other is wrong." }-


firzen711, i'm just wondering when you had avira security suite beta did you disable and not install the firewall?

-{ Quote: "firzen711, i'm just wondering when you had avira security suite beta did you disable and not install the firewall?" }-

i just chose to not install it during installation, and was only using the suite because during the beta they only had the suite.

I guess I'll throw in my 2cents.

I used to use Outpost Pro (still do on my laptops that travel) On my office / home boxes I do not use a FW. My approach is NAT / SPI & Hips for outbound.
In fact my new set-up has two routers. Actually the first one is really a Gateway that provides the static IP the second is a wireless router. I've found that for outbound protection a Hips is the answer. It allows as much or little control as you want.


...screamer

-{ Quote: "I guess I'll throw in my 2cents.

I used to use Outpost Pro (still do on my laptops that travel) On my office / home boxes I do not use a FW. My approach is NAT / SPI & Hips for outbound.
In fact my new set-up has two routers. Actually the first one is really a Gateway that provides the static IP the second is a wireless router. I've found that for outbound protection a Hips is the answer. It allows as much or little control as you want.


...screamer" }-

i agree, if u really want to have that extra control, use a HIPS, least that is preventetive AND will protect u on outbound

-{ Quote: "i just chose to not install it during installation, and was only using the suite because during the beta they only had the suite." }-

I don't disagree with you firzen771 about more prevention is needed over a firewall, and that is where the focus should be. I agree with you on that point. However, not every malware is going to disable your AV or FW or even disable your computer so that you can't use it. I believe not having "any" outbound control is a mistake even though its not 100% leakproof. Almost like saying why use a AV if its not 100% detectable. With a firewall all he would be loosing is some grief and a little speed, he'll gain more inbound/outbound control --having application/port rules more than a router or windows firewall--and include HIPS into his list of security programs.

-{ Quote: "I guess I'll throw in my 2cents.

I used to use Outpost Pro (still do on my laptops that travel) On my office / home boxes I do not use a FW. My approach is NAT / SPI & Hips for outbound.
In fact my new set-up has two routers. Actually the first one is really a Gateway that provides the static IP the second is a wireless router. I've found that for outbound protection a Hips is the answer. It allows as much or little control as you want.


...screamer" }-

Sorry, could u give a description of whats this picture is?HIPS?router?

-{ Quote: "Sorry, could u give a description of whats this picture is?HIPS?router?" }-

It's Malware Defender. (HIPS)
A screenshot of the rules settings.

-{ Quote: "It's Malware Defender. (HIPS)
A screenshot of the rules settings." }-

thanks lonewolf

Very good posts, but it still is all conjecture and preference. The OP wants to know if he/she should use a software firewall. I doubt anyone with much experience would say they are bad for the system. But also many have experience enough to stay problem free without one.

It still boils down to what kind of experience the user has, how much the user wants to be 'involved' with it, and how secure they feel thier system is or will be.

The points presented here certainly give good cause to either using one or not.

Personally, I tend to agree that a firewall in the hands of someone who knows how to use it can be beneficial, and in the hands of inexperienced, can be a learning tool. But I don't believe they are an end all to threats. A top notch firewall can be nuetered by a user the same as an average firewall can become top notch in an advanced users system.

Sul.

-{ Quote: "
It still boils down to what kind of experience the user has, how much the user wants to be 'involved' with it, and how secure they feel thier system is or will be.


Sul." }-

Sully, that pretty much sums it up.

...screamer

Yep, good post Sully.... that says it...

-{ Quote: "Two different answers so i am confused ??? i am waiting other member' posts for final decision." }-

With great respect to all this matter is an ongoing "debate" that probably has no single answer that applies to all users! There is no one solution that fits all situations.

It is your call to make. FWIW, my view is with a solid router well set up that should cover issues with incoming packets with windows FW set up as described in one of Stems threads on "hardening" windows FW that would do it for those only concerned with incoming. The argument there is these users trust the appications on their PC's. They have faith and may be unconcerned about packets leaving their PC's for parts unknown. I don't share this faith. But this is well known here.

If you have concern about privacy in todays world and who doesn't then in my view you should have a SW FW that allows YOU to decide which applications should have access or not to the www. Just because they want access and ask for it doesn't mean user should tick yes sir "your wish is my command". I'm not suggesting you guys would do that just making a point.

If you do decide to install a 2 waySW FW there are many out there and lots of information about how they perform here at WSF and on the evaluation sites.

Pick one in the top tier usually about 5 on the list but that changes as the vendors jockey for rankings.

Install a Trial first before laying out $. See how the support is before buying.

Hope this helps.

if one feel like a freaking nerd that wants to know every move on his system a firewall will be a very usefull tool(teacher)but remember no infection "no conection"prevention is better than the cure,silence in a system is cool too;)
this will depend if you want more control of network connection and or learn about your system alitle:)then install a software firewall(in/out)protection ,ok now that you are talking about if one needs a firewall for outbound or not,yestarday i was testing my security apps and guez what?i run the virus(new one)my antivirus didnt do nothing:) and my litle tool call Dynamic Security Agent jump and complaint;D for inbound activity,click allow to see what happens after then DSA complaints for outbound then block it and end of the story.
note:DDSA is kind of hips with a firewall so i think even if i dont like firewalls i still can use them to complement with security:thumb:now if you have a pure hips system or sandbox with sort of outbound protection with just your router/hardware firewall for inbound will be enough:)

-{ Quote: "if one feel like a freaking nerd that wants to know every move on his system a firewall will be a very usefull tool(teacher)but remember no infection "no conection"prevention is better than the cure,silence in a system is cool too;)
this will depend if you want more control of network connection and or learn about your system alitle:)then install a software firewall(in/out)protection ,ok now that you are talking about if one needs a firewall for outbound or not,yestarday i was testing my security apps and guez what?i run the virus(new one)my antivirus didnt do nothing:) and my litle tool call Dynamic Security Agent jump and complaint;D for inbound activity,click allow to see what happens after then DSA complaints for outbound then block it and end of the story.
note:DDSA is kind of hips with a firewall so i think even if i dont like firewalls i still can use them to complement with security:thumb:now if you have a pure hips system or sandbox with sort of outbound protection with just your router/hardware firewall for inbound will be enough:)" }-


Regarding DSA, tell me more about it please.

The vendor, link etc. Is it sort of a hybrid or mini suite like a FW + HIPS.

On the missed virus which AV are you running that missed it?

-{ Quote: "Regarding DSA, tell me more about it please.

The vendor, link etc. Is it sort of a hybrid or mini suite like a FW + HIPS.

On the missed virus which AV are you running that missed it?" }-
Here's a link: http://www.privacyware.com/dynamic_security_agent.html

-{ Quote: " Second i wouldn't use windows firewall, if you look around its one of the worst firewalls." }-
This piqued my curiosity, could you give me some links for the articles that show its one of the worst firewalls? Not for application filtering but in actual packet filtering and all of course.

Cheers,

Alphalutra1

-{ Quote: "Regarding DSA, tell me more about it please.

The vendor, link etc. Is it sort of a hybrid or mini suite like a FW + HIPS.

On the missed virus which AV are you running that missed it?" }-prevx missed it and the app that blocks it was DSA from www.privacyware.com
and it is a hips+firewall,it is very simple but powerfull

-{ Quote: "prevx missed it and the app that blocks it was DSA from www.privacyware.com
and it is a hips+firewall,it is very simple but powerfull" }-

I bet 2 cents ThreatFire would actually catch that new virus of yours. :D

I'd the same experience with Prevx, but then it looked like the Real-Time protection had serious problems overall. New features and improvements are being developed for it though, so stay tuned. :)

-{ Quote: "it is a hips+firewall,it is very simple but powerfull" }-
Do you think that can comes out some conflit if I use DSA and a common firewall?

You're already overloaded with security, why add to it? You're running a router, LUA, an AV and behaviour blocker and several on demand scanners, as well as an alternative browser and privacy app in CCleaner. Seriously, you do not need a software firewall. You are very well protected and have all the bases covered.

-{ Quote: "Seriously, you do not need a software firewall." }-

I agree, I would also remove some On-Demand-Scanners ::)

-{ Quote: "I agree, I would also remove some On-Demand-Scanners ::)" }-

I wuldnt, ondemand scanners add nothint negative to a system, and can ensure ur PC is clean, dont see why ud suggest to not use them :/

-{ Quote: "I wuldnt, ondemand scanners add nothint negative to a system, and can ensure ur PC is clean, dont see why ud suggest to not use them :/" }-

Exactly, just use the reliable ones that don't add a useless process that's running in the background. Use respected and effective ones overall (e.g. SAS, MBAM and/or Dr. Web CureIT!).

-{ Quote: "Do you think that can comes out some conflit if I use DSA and a common firewall?" }-no cause i uninstall prevx and tried it again and fail still:)

-{ Quote: "Do you think that can comes out some conflit if I use DSA and a common firewall?" }-
ah,maybe cause DSA has a built in firewall added to it's hips;)

Thank you everybody. I decided to use Comodo firewall.

-{ Quote: "Thank you everybody. I decided to use Comodo firewall." }-

Good choice. :-)

If you need help with Comodo Firewall let me know, I am over at the Comodo Forums as well (3xist).

Cheers,
Josh

@ jmonge, thanks for clarification. Two firewalls isn't good idea indeed.

Oh well, another overly paranoid wilders member. Why you would want comodo on top of everything you've got, running in LUA, I really don't know. I despair sometimes.

-{ Quote: "Oh well, another overly paranoid wilders member. Why you would want comodo on top of everything you've got, running in LUA, I really don't know. I despair sometimes." }-

That is very tru

In today's www, I'm not sure being "paranoid" is a bad thing!;D

But that said here FWIW are my guidelines not just for FW's

1) Only 1 Antivirus real time exclusions to all real time security SW set
2 Only 1 Antispyware real time exclusions to all real time security SW set
3) Make sure you have FULLY removed all old AV's and ASW's using the vendors removal tools if applicable. (Norton and McAfee for sure)
4) Only 1 HIPS in real time exclusions to all other real time security SW set
5) Only 1 2 way SW FW from the top 3 or 4, choose a stable release
6) Solid Image backup and recovery product.

Now IF you choose a suite KNOW what is in it probably a FW and a HIPS or maybe also an AV. If so you have CHOSEN to rely on one vendor for security now please don't go adding more real time/ active AV's FW's etc in the believe that more is better security. If the user does this he/she is not better off BUT WORSE OFF due to inevitable SW conflict.

In the old days on the factor floor this was called machine interferece!

Hi!!
I am a chronic lurker on these forums, recently joined, not posted a lot, but I have to say this much...
This particular thread has been the least confusing and most useful of anything I have read so far on these forums.:thumb: Most of the other threads provide excellent information and food for thought, but the posts on this has been the clearest one (for me, at least) for putting together and implementing a simple and useful security setup; very helpful, especially for novices like me.
Thanks for the really good advice from all the stalwarts here. [Inspired by firzen771's signature, pretty close to what I already have, missing out on rollback Rx, can't afford it as of now]

I'm glad I found this, less confused and much less paranoid now :)

Cheers, Nessa :)

P.S. to firzen771, if you don't mind me asking, why did you remove Drivesentry from your sig?

-{ Quote: "Hi!!
I am a chronic lurker on these forums, recently joined, not posted a lot, but I have to say this much...
This particular thread has been the least confusing and most useful of anything I have read so far on these forums.:thumb: Most of the other threads provide excellent information and food for thought, but the posts on this has been the clearest one (for me, at least) for putting together and implementing a simple and useful security setup; very helpful, especially for novices like me.
Thanks for the really good advice from all the stalwarts here. I'm glad I found this, less confused and much less paranoid now :)

Cheers, Nessa :)" }-

ur welcome... :-\

-{ Quote: "Oh well, another overly paranoid wilders member. Why you would want comodo on top of everything you've got, running in LUA, I really don't know. I despair sometimes." }-maybe he wants more control over his system;)

-{ Quote: "@ jmonge, thanks for clarification. Two firewalls isn't good idea indeed." }-your welcome;)
note:this one requires alot of babysitting for the first week but still a good app for free;)

-{ Quote: "maybe he wants more control over his system;)" }-
I don't think it has much to do with his system..... ;)

-{ Quote: "I don't think it has much to do with his system..... ;)" }-ah;D ok:) never mind i didnt say anything;D ;)

-{ Quote: "maybe he wants more control over his system;)" }-

Yes that's right. If running in LUA with a powerful HIPS where one wrong answer can render your system unusable is more control then I agree.::)