Do you need a software firewall w/Prevx 1?

If not, then please explain why not.

If you do, then please explain why you do.

Right now I'm testing Prevx along with Look N Stop and everything is running fine but is this too much with a router?

I've seen a few of posts that mention you are basically covered using Prevx with the Windows XP firewall & a router, true?

Oh and please, no answers like "This program covers everything" or "Prevx is all you need"

Thanks.

 

I understand about using a software firewall with a router but in this case would Prevx and a firewall be too much?

 

My approach to on-line security is the following:

1. It starts with a great Antivirus
2. Then you get a great spyware/malware
3. A Firewall for your executeables (HIPS)
4. A software Firewall
5. All behind a router

I feel that this layered approach leaves me truly protected from jsut about any nasty virus ir malware out there.

Antivirus: I use Nod32, but also considered Kaspersky and Bit Defender. These are all world class products in my book. I like the fact that NOD32 is extremely light on resources but also thorough (most VB100's of any product on the market). It also prevents a ton of malware and has been tested against other dedicated antispyware programs.

Antispyware and HIPS: I use on-line armor to prevent the spyware that NOD32 doesn't stop. On-line armor also acts as a Firewall for my .exe files. No executeable file runs on my computer without On-line Armor giving it permission. I also thow in Spyware Blaster as it is free and doesn't require any time. You donload it and keep it updated. That's all.

Software Firewall: Presently using Comodo. It is a phenomenal product. But I plan to give the Firewall fomr On-line Armor a chance when it is released.

All of this sits behind my linksys router which I have set to stealth all my ports. With this set up, I feel very safe.

I really can't answer your Prevx question. But I can definitely say that I don't think I could ever trust just one piece of software to protwct my system. A layered approach is the best in my book.

 

It's a tricky balancing act to optimize your protection AND avoid system conflicts. I'm using Prevx1 (in ABC mode) with Comodo, but with Comodo's HIPS-like feature turned off. Likewise, I have my AV set to use only the features that apply to my set-up. No apparent conflicts.

 

CJsDad,
I would use a firewall regardless of what else I may use. As near as I understand PrevX, it's community based HIPS, controlling what can and cannot run. I use a classic HIPS instead of PrevX, which performs a very similar function. Controlling traffic in and out of a PC is not HIPS purpose. Controlling application activity and behavior is. What you'd want to avoid while using PrevX would be a firewall with a HIPS or behavior blocker component, which could conflict with PrevX. If nothing else, a firewall with its own HIPS component used with PrevX would be a duplication in coverage. An ideal firewall for use with PrevX would be one that filters internet traffic only, a packet filter. These have no need to hook the kernel so a software conflict between one of these and PrevX or another HIPS is unlikely. There are a few around. Kerio 2.1.5 is an older rule based firewall, still used by many. It's light, effective, and free and is a good companion to HIPS software. Using both PrevX and a software firewall with a router is not an overkill. Each performs a function that neither of the other 2 can do. The combination you describe is a good start for an effective layered security package.

No problem. No single program can truly claim to be "all you need".
Rick

 

@Herbalist

Could you please help someone who is learning about security what you mean when you say use a 'classic HIPS', could you give an example(s) of such programs. I know about Prevx1, Online Armor and SSM, but they appear to me to not be 'classic hips'. Not looked at any others like Process Guard.

Thanks

 

Thank you Herbalist and to the others that have responded as well.
As for Kerio 2.1.5, I use that firewall also, I use either L n S or K 2.1.5, both are my favorite.
As I already mentioned I'm not having any problems running L n S along with Prevx, seems like a good combination so far.

 

I'm more or less in the same place. For myself, it's not even about security per se, it's control. I like to be able to control whether applications communicate with the outside world or not, I prefer to make the final call on whether that's allowed or not and I like to do it on my own terms - even for perfectly valid applications performing innocuous tasks.

Blue

 

Classic HIPS referrs to apps like SSM and Process Guard. It usually referrs to the original or classic form of HIPS where the user makes all the decisions as to what is allowed to run and what these apps are allowed to do. Classic HIPS doesn't differentiate between system executables, legitimate programs, or malware executables. They're all treated the same.
Rick

 

And this magic castle will collapse like a chart house, if you are stacking layer upon layer on top of a fundamentally flawed system, i.e. using an operating system that scolds you for running as anything but an administrator.

 

For me, security/privacy comes from control over your system. When all is said, you secure a system by controlling several key factors.
1, Control over all traffic in and out of your PC. A firewall and/or router.
2, Control over processes, what can or can't run, and what these can do. HIPS software. For some that's PrevX or OA. For me, it's SSM.
3, Contol over the content of the allowed internet traffic, in and out. Filtering. For me, it's Proxomitron. Others like NoScript or similar items.
4, Control over other users, who can use it and what they can run.
These are the core of my system. Everything else is secondary, including the AV. As long as a user stays with the better security-ware, the brand is far less important than the task it performs. Any software package that performs these functions and doesn't conflict will secure your system. You'll see all kinds of "which is better" threads, especially with HIPS and firewalls. The ones that are best are the ones that match your needs and skill level and get along with your other software.
Rick

 

In answer to your question, you could turn on the firewall in XP and be fine. I personally would only use this, in comjunction with a router to. So if you dont use a router, use a software firewall.

 

Prevx1 handles outbound connections, but not inbound. If you're not concerned with known good programs connecting, and only want to know about unknowns, then you can just use the XP Firewall. If you want full control of all outbound connections then you would want a 3rd party firewall. I like Look'n'Stop I would indeed say, however, that you should have a firewall on your system regardless of whether you have a router or any other software. If you don't like the XP Firewall, there's also always the other free inbound-only firewalls like CHX-I. I'm in the middle of trying to set up a real hardware firewall, but will still have software firewalls on the desktops.