Firewall or HIPS or both?

Discussion in 'polls' started by AaLF, Dec 30, 2006.

?

Which one - Firewall or HIPS or both?

  1. Should I run with a basic firewall and HIPs?

    21 vote(s)
    46.7%
  2. Or go with a more comprehensive Firewall alone?

    12 vote(s)
    26.7%
  3. Do away with the firewall and just take a HIPS?

    5 vote(s)
    11.1%
  4. Other - please specify

    7 vote(s)
    15.6%
Thread Status:
Not open for further replies.
  1. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    Please read before voting.

    Will I benefit from HIPS?

    So far I have happily settled on NOD32 :thumb: for my AV. My internet is ADSL via a router / modem which the user manual assures me that I'm "in-bound secure".

    I feel a firewall is necessary primarily to control naughty outbounds. I tried Jetico which annoyed me because I'm not into endless authorize/block Pop-Ups. I tried a few others as well in short periods to see what they were like. These were Sunbelt Kerio and Commodo. At present I'm running LnS which appeals because its simple and not constantly "in my face".

    It seems many people like HIPS. so I booted System safety Monitor up to see what all the fuss is about. It is a little busy for my liking. But is showing signs of "settling down". By trialing several comprehensive programs I realise that monitoring of my programs / processes is important as well as just outbound traffic.

    So I want something/s without "too much" constant hands-on that will give
    me a reasonable degree of protection against suspicious internal processes and outbound internet.

    1. Do I run with a basic firewall and HIPs?
    2. Or go with a more comprehensive Firewall alone?
    3. Do away with the firewall and just take a HIPS.
    4. Other - please specify.

    Keep in mind I like "less" hands-on (note I didn't say "no" hands-on) and inbound internet is not an issue.

    For myself, I'm willing to pay. But as lots of readers are in a similar quandary perhaps the members can offer both a paid and free solution. (Don't forget to vote).
     
  2. herbalist

    herbalist Guest

    I run both and prefer to keep them separate. Using separate apps will allow you to change or upgrade one without changing the other. Yes, SSM will settle down once you have a basic ruleset made. Until then, it's definitely not "less hands on". The free version isn't as comprehensive as the pay version, but it's by no means weak.
    A firewall will quiet down once you get the basic ruleset done. In that respect, they're quite similar to HIPS. If you're installing both a firewall and HIPS, there's no way around lots of prompts. You may find it easier to work with them separately.
    Rick
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    id try Comodo Firewall. its plenty powerful in outbound protection and it can easily be customized to show less alerts.
     
  4. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    I have voted nr. 1

    *try SafeNSec (has also an integrated application firewall)

    or

    *AbuseShield (this in combi with Nod 32 and LnS)
     
  5. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    for me: a good firewall and a sandbox(another kind of HIPS)
     
  6. EASTER.2010

    EASTER.2010 Guest

    Given the past clever designs of malware to happily invade your system's turf and coupled with the abuse of microsoft's poor choice of coding for the combo of internet web sites & Windows core systems, that leaves me with no other alternative than at the very least a trio of BASIC protection, accent on Basic. There is many more additionals to help apply a LAYERED defense shield to wall up some real security so as to be able to enjoy that monthly service fee spent for access to the internet.

    I go ShadowSurfer #1, then System Safety Monitor #2, and with or without either of those 2, KERIO 2.15 or (Any Dependable) Firewall (ruleset) protection IS AN ABSOLUTE MUST HAVE SCENARIO.
     
  7. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    If I had a router, I would not use a firewall nor HIPS, but you ask for yourself, so I voted first.
    1-st + 2-nd: firewall + HIPS or firewall with HIPS abilities, it gives almost the same protection.
    Since you are a skilled user, you will benefit from having a HIPS, so you if you like it, keep it.
     
  8. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    Thanks for the replies so far.

    With regards to the HIPS my limited hands-on is with System Safety Monitor. I'm impressed.

    For those of us who wish to tread the freeware track...

    Is the SSM-free version plus a general firewall effective as well? What's the main drawback to the freebie SSM compared to the shareware one??
     
  9. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,

    Other: use a firewall that you like and works well with your programs and no HIPS. If you ask if you need one, you probably do, but you will not be able to use it properly, in which case you don't need it. That's Catch 554.

    BTW, HIPS functionality can be relatively easily replaced by using simple education - learning how things work. That way, you will be able to understand fully what the OS is about and what it does and what all those little processes do.

    When a crucial moment comes and you are asked to allow scvhost.exe, will you do it? It comes down to your decisions - and if you don't know the right answer, you might as well throw the entire setup away. Security is a strong as its weakest link and it is always the user.

    You will be better off burying your head in books and learning the magic beyond the desktop.

    Mrk
     
  10. ASpace

    ASpace Guest

    @ tisatashar

    If I were you I'd choose firewall and HIPS but it is all up to you !
    Up to your personality , your wishes and your habits .

    I run Windows Firewall , NOD32 and Ewido micro only and I feel pretty safe but some people will be like malware busters jumping from one sneaky site to another and my setup may not be appropriate for them ...

    If you want program control , I think that Zone Alarm free is enough for that :thumb:


    P.S. And don't become paranoid user with tons of security things . Microsoft campaign recommended Firewall+Update Windows+Antivirus+Antispyware for enough , I have seen users with 16 and 18 different security applications . Having more (and more complicated) doesn't make you more security , that is for sure
     
  11. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    you can compare the versions at teh bottom of this page
     
  12. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    HIPS is the most over-rated 'gimmick' on the market at the moment, its not needed at all and although its a little different, its not even that great of a product. 3/10

    a comprehensive firewall is all you need, or not even that.. if you have a router with built in NAT firewall.
     
  13. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    The reason I've brought this issue up is the fact that Internet Security Suites e.g. Kaspersky have included in their package detection / alerts to goings-on within the computer. E.G. something legal / illegal is trying to launch / install itself.

    Where as AV-onlys' like NOD 32 and Dr Web etc are oblivious to these internal activities.

    Are you saying that this area is unlikely to be where a disaster will occur??
     
  14. pipester

    pipester Guest

    The only security applications on my computer are NOD32 Antivirus and the Windows XP Firewall.
     
  15. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    I use KIS which has Firewall and HIPS. Also have a few on-demand spyware scanners (SuperAntiSpyware + AVG antispyware) which only detect cookies... nothing has infiltrated KIS... yet :D
     
  16. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    If you trust your router and are sure it works well, then another firewall is useless except for protecting from LAN based attacks. If you close all of your ports manually, then a firewall is really of no use. So, I would use either SSM Paid, SSM Free or Ghostsecurity.

    Cheers,

    Alphalutra1
     
Thread Status:
Not open for further replies.