Firewall Needed or low resource/CPU usage HIPS?

ok i have a router that has NAT and SPI, do i really need a software firewall? if not, are there other things i mite need?

 

Re: Firewall Needed?

Personally i would say no, all i use is my hardware firewall combined with a hips like appdefend which allows me to control outbound connections.

 

Re: Firewall Needed?

You always need both. A hardware firewall which most modems and routers have stop inbounds. A software firewall stops outbounds and protects you from malware.

 

Re: Firewall Needed?

i think i like the idea of just having a HIPS instead of a software firewall, is appdefend even a HIPS?

 

Re: Firewall Needed?

anybody have any good suggestions on low resource/CPU usage HIPS?

 

A router plus HIPS is a good choice I think, that's what I do. I use the router for inbound, then Avira Premium and ThreatFire for the rest, and feel that's plenty for me... TF is pretty low resource usage. Doesn't bother you with many popups either. But it's a behavior blocker and some prefer a more traditional (and annoying) HIPS I guess.... try some and see what you like.

 

wtf lol, the title changed by itself?

 

Basically a hardware router with SPI is sufficient.

There is no need to monitor outbound traffic because most of this is legitimate anyway. If it is malicious, your antivirus or antimalware program will detect it.

Even if a firewall passes leaktests once malware runs on your pc the outbound protection is useless. E.G. a worm could attach itself to all emails you send without you realizing it using a simple script.

 

so far it seems that i like appdefend for its low resource usage, but im also thinking about defensewall, hows its resource usage?

*EDIT*
when i installed appdefend, regdefend was automatically installed with it, can i uninstall regdefend and just have appdefend somehow?

 

I only use antivir premium and Online armor free.Online armor is light(I only have 512 mb ram),software firewall and a great HIPS.I recommend you online armor free.

 

is SSM a HIPS? and i really like OA and i probly would switch my comodo for it, but the free version just doesnt come with some of the good features in Comodo

 

SSM is a HIPS.But the free version is not up to date.Online armor only uses 8+8=16 mb ram .Online armor free is and will be always up to date.I have used comodo before,it is very noisy .

 

Only noisy if you do not know how to use it .

 

OMG here we go. I agree with cet that Comodo is noisey. That whole D+ system needs alot more work. Online Armor just sits there and doesnt bug me unless I uninstall or install something. Very light and the #1 thing about OA is that it REMEMBERS. Comodo 3.0 and 2.4 will ask you the same thing 20 times. When I had Comodo 2.4 I had like 20 FF entries.

 

Vettetech did you even know about the trusted application option which makes comodo operate like oa with 1 popup? That is what i thought. V3 may forget things but it is already fixed and being tested . My comodo remembers because none of my apps use 8.3 file format .

 

ok, lets stop this comodo vs. OA feud right now, i like both, comodo is not noisy once its been on ur system for a bit, once its learned ur apps, the defense+ is not nosiy either just need to wait till its learned everything, then it only pops up when something installing/updating/uninstalling, but then it can remember it.

and OA is very good aswell, only prob is free version has less features than comodo, but it does have a few useful features that comodo doesnt have

both have pros and cons

now lets get back on-topic, low resource HIPS preferably stand-alone HIPS, since i already know the firewall+HIPS ones?

 

Prosecurity. It has a free version and updated often. SSM is also good but they do not spend much time on the free version.
Neoava guard is coming along good but development has been suspended so it will not be up to date for new threats.

I will just make this easy .

http://wiki.castlecops.com/HIPS/IDP_programs/services

 

what HIPS do u people use? everyone post what u use

 

Re: Firewall Needed?

i fully agree with this

 

so what HIPS does everyone use?

 

I use ThreatFire only... if you want to call that a HIPS.... All the others are just plain too annoying for me...

 

im really liking prosecurity, but still waiting to see what u guys use?

 

The three which I regard highly are Threatfire-Prosecurity and Micropoint-all worth testing as standalone behaviour blockers/HIPS

The last two will give more control,which may be a good idea.

http://wiki.castlecops.com/Lists_of_freeware_behavior_blockers

 

Prosecurity is excellent, Threatfire is also very good but heavy on resources.

 

If you have a router, why do redundant double filtering for inbound wth a firewall. All you need is to be alerted if any program is trying to make a connection outbound, a HIPS would do the job well. I like PS but it has not been updated since March and that kind of makes the program not up to date with constantly evolving malware and threats. The ones that are latest, none of them are light, they will make impact on your programs, your Media Player, pic viewer etc. will all show the result of that impact. If you can live with that, by all means try out the various programs like OA, TF etc. that are being recommended.