Can I do without firewall

Can I do without firewall
if I have Nod32 and Ewido.
If not.. why not?
Looking forward to hear from you.
Itsme

 

Re: Can I do..

Well there are no firewall in either NOD or Ewido, so I wouldn't recommend it.

 

If you have a Router installed, then you just have to worry for
outbound connctions.

 

According my readings :
1. Router + Software Firewall offers the best protection.
2. If you don't have a router, you NEED a Software Firewall.
3. Router alone : see previous post.

 

Thanks for the reply.
So I need one. I will get one.
Thanks
Itsme

 

No you don't need one

Follow the instructions on http://www.ntsvcfg.de/ntsvcfg_eng.html and you're quite save. I passed security tests on https://www.grc.com/x/ne.dll?bh0bkyd2 without software firewall!
I use my software firewall just to see what application connects to www.

 

Just disabling services is really not enough. It may not leave any system ports open (for now), but a firewall does a lot more than that. An actual firewall will help to ensure that your internet applications are behaving normally, and can stop abnormal behavior. The goal isn't just to prevent incomming connections, it's to prevent unwanted connections of any kind. Just disabling services really isn't going to do that (although it's not a bad idea to do so anyway). A faulty MS patch could potentially re-open some ports, if you end up leaving a service set to "Manual" instead of "Disabled" (which is safer, compatibility-wise) something could start that service back up, vulnerabilities could be more easily exploited in internet software you may be running, you would still be prone to flaws in the TCP/IP stack, and on and on. Keep in mind that those tests are in no way complete, and may not be relevant to future methods of attack that attackers are continually devising. Although there are still quite a few worms that target Windows services, even more malware is made to target internet software. If you end up with spyware that wants to send your personal info home, wouldn't you want to be able to stop it? If your internet software starts creating abnormal connections, wouldn't it be nice to have that transmission automatically stopped? (SPI) A firewall is your most basic first and last line of defense, and it can provide as much complex protection, or as easy and simple protection, as you'd like.

I would say that even a router alone is insufficient, unless it has certified SPI, as *any* connection out will be allowed back in. Actually any connection that the router knows which computer to route to will be allowed. If someone exploits a vulernability in your messenger, for example, and makes it connect in ways that it's not normally supposed to, you will have no way of knowing about, or controlling, that behavior. If you're so inclined you can go so far as to set up a strict whitelist of ways that your apps may communicate across the internet for even greater protection, but not accepting incomming connections is not the same as a packet filter (firewall).

 

Perfect. Just the answers I was looking for. Thank you gubo and thank you Notok - mods? riiiiight.

 

Well, thank you very much for this.
I will see if Nod32, Ewido and Core Force work well together.
Ciao
Itsme

 

Don't those instructions say to turn on XP Firewall?

 

[MOVE]It's too dangerous... :[/MOVE]'(

 

This kind of issue... get a router AND a software firewall and that's safer than having each individual component alone on your system.

 

For the utmost security, I would get one. I have a router as well as a sw firewall. (I use Kerio 2.1.5 mainly to monitor outbound connections.)

Good luck to you.