Do you need a software firewall?

I personally never put any financial, banking or other important information on my machine, ever. So I don't have that worry, however, I do realize that many people do. So perhaps they need to be more cautious. My comments above agreeing that outbound control was overrated were more aimed at the Comodo crowd, who seem totally obsessed with it all. Practical concerns are fine, but some people get too carried away IMO..

 

This resumes it all.
Bind packets to applications is OK, checking hashes, path, name of file is OK. Detecting really dangerous behaviours (launching hidden instances of browser, launching browsers with abnormal command-line parameters, abnormal DNS traffic, mass mailing, etc) may be fine. Some self-protection is OK. Trying to be leak-proof covering every Windows hole and trying to be immortal is pointless.

 

Well you should keep your personal data in an encrypted file. Keepass is a great password manager that can be used to keep all your important personal information.

Also maybe online banking should be done with banks who provide multi-factor authentication. I hear HSBC provide you with a secureid style token. Paypal is also phasing this in.

 

Hi,

We are behind a router wth NAT/SPI firewall. Software firewall on all machines are off. We have some kind of outbound notification.

XP box: TF with outbound rules, DW, Avast (with standard shield off, but others on, Network module is sort of light NIDS)

Vista64 box: Defender, PRSC, HauteSecure, Avast (on writes) and VistaFirewallcontrol.

So not a Yes or a No, but somewhere between Kerodo and Lucas1985

 

Do you need a software firewall?.........Hmmmm.......Need ? ........
Maybe maybe not, but I sleep better knowing I have one even with a hardware FW.

 

Nothing paranoid here. That's a solid policy that prevents a lot of problems.

Over 6GB of my file system is encrypted. I'll be satisfied when that's 100%. Encryption is only as secure as the system it runs on. Trojans and keyloggers will defeat the best encryption packages. IMO, if a user is going to go thru the trouble of setting up file or partition encryption, they should spend just as much time making sure the passwords aren't captured and sent out.

As for the instance I mentioned, that was a couple years back, before banks and users were forced into more intelligent password policies. Regarding my use of the word WE, the owners son was the most computer literate in their home and was watching at the time. He read the alert before I did and recognized that it wasn't a normal system process. Any individual who's willing to learn what's supposed to be there or who will take the time to research what they find can do this.

As for programs like KeyPass, I don't use them. There's easier ways to hide passwords without having to use a separate app that creates another running process that's rarely needed. Such an app can have vulnerabilities of its own and if it gets popular, someone will find a way to attack it. I keep mine in a text file that's in plain sight, and copy and paste from it. It looks like this. I have 5 of these. How long will it take someone to exhaust all the possible combinations when they don't know where I started or ended, which of the 5 files I used, the length of the password, the direction I copied, or if I used more than one segment? Simple and effective.
Rick

 

IMO that is actually bad password policy. In an offline attack, a computer should be able to process the file quickly.

Trojans and keyloggers will also be able to monitor clipboards so if a system is already compromised, copying from a file will also be ineffective.

I do agree that programs like Keepass needs to have secure implementation. WEP is a good example of a secure cipher that was incorrectly implemented, making it insecure. However from reading documentation, you can really get a feel for the secure design of a program. For example, Truecrypt documentation in particular demonstrates that secure design was a high priority. The same can be said for keepass. Version 2 also has anti keylogger Kand clipboard monitor functions built in.