Best added protection with Software Firewall

Discussion in 'other anti-malware software' started by duke1959, Jan 7, 2007.

Thread Status:
Not open for further replies.
  1. duke1959

    duke1959 Very Frequent Poster

    Jul 21, 2006
    Would Cyberhawk compliment a Software Firewall

    Just wanted to know
    Last edited: Jan 7, 2007
  2. Longboard

    Longboard Registered Member

    Oct 2, 2004
    Sydney, Australia
    Yes :)
    May not be the "best", but pretty darn good. FREE.... whee.
    Little or no downside.
    Last edited: Jan 7, 2007
  3. Kees1958

    Kees1958 Registered Member

    Jul 8, 2006

    Maybe this is an outline which helps (used by IT-trendwatcher firms)

    The left column shows the time of entry on your system. General rule the earlier you stop it the less amount of harm malware can do. The right four colums show decreasing protection (and pitty often increasing configuration effort). Hardening is generally passive protection, Blacklist is active protection of KNOWN treaths, Behavior is active protection against suspicious behavior (but allows the malware to enter), Whitelist allow only th eknown good ones or redirect/buffer/stop the ones that are untrusted/isolated like sandboxes or virtualisation programs do (is called an "inverted" whitelist).

    Antispyware programs could be rated at the process level/vulnarable os-file (as registry watchers/prrotectors for instance).

    The setup I use on our home PC's is illustrated below.

    Explanation of different choices:
    PC2 is of son, likes to download/try programs, that is why he choose CyberHawk over SSM free. He likes to have control over his sanbox and wants the sandbox to be fast, that is why he choose GeSWall pro

    PC1 is of wife, does not want pop-ups, does not try out programs (uses the PC for functionality like downloading music files, ordering on-line). That is why SSM-free runs with user interface disconnected and SensiveGuards is told to deny access in stead of popping up a warning).

    On PC2 we have some overlap (SensiveGuard monitors behavior and outbound traffic, CyberHawk also pop-ups a warning when a program initiated to the Internet), that's why it is yellow (I do not like overlap, consumes CPU)

    Attached Files:

    Last edited: Jan 8, 2007
Thread Status:
Not open for further replies.