Do you need a software firewall w/Prevx 1?

Discussion in 'other firewalls' started by CJsDad, Sep 28, 2006.

Thread Status:
Not open for further replies.
  1. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    If not, then please explain why not.

    If you do, then please explain why you do.

    Right now I'm testing Prevx along with Look N Stop and everything is running fine but is this too much with a router?

    I've seen a few of posts that mention you are basically covered using Prevx with the Windows XP firewall & a router, true?

    Oh and please, no answers like "This program covers everything" or "Prevx is all you need"

    Thanks.
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    I say you do need the software firewall, if your router is protecting a network. The router only protects you from the outside. Suppose someone else on your network has an infected computer. With out the firewall.... Also if your network is wireless, there is the possibility of someone getting on your network with an infected computer. I have 3 computers here networked, one is wireless. I have firewalls on all three.

    Pete
     
  3. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    I understand about using a software firewall with a router but in this case would Prevx and a firewall be too much?
     
  4. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    My approach to on-line security is the following:

    1. It starts with a great Antivirus
    2. Then you get a great spyware/malware
    3. A Firewall for your executeables (HIPS)
    4. A software Firewall
    5. All behind a router

    I feel that this layered approach leaves me truly protected from jsut about any nasty virus ir malware out there.

    Antivirus: I use Nod32, but also considered Kaspersky and Bit Defender. These are all world class products in my book. I like the fact that NOD32 is extremely light on resources but also thorough (most VB100's of any product on the market). It also prevents a ton of malware and has been tested against other dedicated antispyware programs.

    Antispyware and HIPS: I use on-line armor to prevent the spyware that NOD32 doesn't stop. On-line armor also acts as a Firewall for my .exe files. No executeable file runs on my computer without On-line Armor giving it permission. I also thow in Spyware Blaster as it is free and doesn't require any time. You donload it and keep it updated. That's all.

    Software Firewall: Presently using Comodo. It is a phenomenal product. But I plan to give the Firewall fomr On-line Armor a chance when it is released.

    All of this sits behind my linksys router which I have set to stealth all my ports. With this set up, I feel very safe.

    I really can't answer your Prevx question. But I can definitely say that I don't think I could ever trust just one piece of software to protwct my system. A layered approach is the best in my book.
     
  5. Jimpdx

    Jimpdx Registered Member

    Joined:
    Aug 25, 2006
    Posts:
    12
    Location:
    Oregon USA
    It's a tricky balancing act to optimize your protection AND avoid system conflicts. I'm using Prevx1 (in ABC mode) with Comodo, but with Comodo's HIPS-like feature turned off. Likewise, I have my AV set to use only the features that apply to my set-up. No apparent conflicts.
     
  6. herbalist

    herbalist Guest

    CJsDad,
    I would use a firewall regardless of what else I may use. As near as I understand PrevX, it's community based HIPS, controlling what can and cannot run. I use a classic HIPS instead of PrevX, which performs a very similar function. Controlling traffic in and out of a PC is not HIPS purpose. Controlling application activity and behavior is. What you'd want to avoid while using PrevX would be a firewall with a HIPS or behavior blocker component, which could conflict with PrevX. If nothing else, a firewall with its own HIPS component used with PrevX would be a duplication in coverage. An ideal firewall for use with PrevX would be one that filters internet traffic only, a packet filter. These have no need to hook the kernel so a software conflict between one of these and PrevX or another HIPS is unlikely. There are a few around. Kerio 2.1.5 is an older rule based firewall, still used by many. It's light, effective, and free and is a good companion to HIPS software. Using both PrevX and a software firewall with a router is not an overkill. Each performs a function that neither of the other 2 can do. The combination you describe is a good start for an effective layered security package.
    No problem. No single program can truly claim to be "all you need".
    Rick
     
    Last edited by a moderator: Sep 28, 2006
  7. Littlemutt

    Littlemutt Guest

    @Herbalist

    Could you please help someone who is learning about security what you mean when you say use a 'classic HIPS', could you give an example(s) of such programs. I know about Prevx1, Online Armor and SSM, but they appear to me to not be 'classic hips'. Not looked at any others like Process Guard.

    Thanks
     
  8. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618

    Thank you Herbalist and to the others that have responded as well.
    As for Kerio 2.1.5, I use that firewall also, I use either L n S or K 2.1.5, both are my favorite.
    As I already mentioned I'm not having any problems running L n S along with Prevx, seems like a good combination so far.
     
  9. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I'm more or less in the same place. For myself, it's not even about security per se, it's control. I like to be able to control whether applications communicate with the outside world or not, I prefer to make the final call on whether that's allowed or not and I like to do it on my own terms - even for perfectly valid applications performing innocuous tasks.

    Blue
     
  10. herbalist

    herbalist Guest

    Classic HIPS referrs to apps like SSM and Process Guard. It usually referrs to the original or classic form of HIPS where the user makes all the decisions as to what is allowed to run and what these apps are allowed to do. Classic HIPS doesn't differentiate between system executables, legitimate programs, or malware executables. They're all treated the same.
    Rick
     
  11. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    And this magic castle will collapse like a chart house, if you are stacking layer upon layer on top of a fundamentally flawed system, i.e. using an operating system that scolds you for running as anything but an administrator.

    o_O
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Well thats great if you can run as a non adminstrator, but most of the business software flat won't run unless you run as an administrator. I'd also be curious to see your evidence for this collapse. I run a very similiar layer, and it has worked well. Of course the smartest layer is the one between the ears.

    Pete
     
  13. herbalist

    herbalist Guest

    For me, security/privacy comes from control over your system. When all is said, you secure a system by controlling several key factors.
    1, Control over all traffic in and out of your PC. A firewall and/or router.
    2, Control over processes, what can or can't run, and what these can do. HIPS software. For some that's PrevX or OA. For me, it's SSM.
    3, Contol over the content of the allowed internet traffic, in and out. Filtering. For me, it's Proxomitron. Others like NoScript or similar items.
    4, Control over other users, who can use it and what they can run.
    These are the core of my system. Everything else is secondary, including the AV. As long as a user stays with the better security-ware, the brand is far less important than the task it performs. Any software package that performs these functions and doesn't conflict will secure your system. You'll see all kinds of "which is better" threads, especially with HIPS and firewalls. The ones that are best are the ones that match your needs and skill level and get along with your other software.
    Rick
     
    Last edited by a moderator: Sep 29, 2006
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    In answer to your question, you could turn on the firewall in XP and be fine. I personally would only use this, in comjunction with a router to. So if you dont use a router, use a software firewall.
     
  15. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Prevx1 handles outbound connections, but not inbound. If you're not concerned with known good programs connecting, and only want to know about unknowns, then you can just use the XP Firewall. If you want full control of all outbound connections then you would want a 3rd party firewall. I like Look'n'Stop :) I would indeed say, however, that you should have a firewall on your system regardless of whether you have a router or any other software. If you don't like the XP Firewall, there's also always the other free inbound-only firewalls like CHX-I. I'm in the middle of trying to set up a real hardware firewall, but will still have software firewalls on the desktops.
     
Loading...
Thread Status:
Not open for further replies.