Lessons from the front line...

Discussion in 'other firewalls' started by TJworld, Nov 30, 2005.

Thread Status:
Not open for further replies.
  1. I don't think that even if you do "understand" (whatever that means) the application it gives you a license to load up a ton of software. :)

    I guess the question is how much is "a large number of realtime security". My observation is that over here 4-5 isn't considered large and many people run closer to 6-10 once you factor in privacy stuff or if you desire backuping just in case.

    In fact if I look at the answers you give Blue, it seems at least 4 is necessary. Most likely 5 if you run two for the last entry. And all this is on top of a hardware router.

    1. AV
    2. AT with good memory scanner
    3. Firewall
    4. Process/file/registry guard/monitor/protection :)

    And for some people, this might even understate matters since some of the entries 1-4 overlap with others. People trying to run KAV 6 full on with online armor, appdefend .

    Then again there are people who are minimists running around trying to prove they can surivive only with shadowuser. Oh well.
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,996
    Hi,
    Devil, you don't have to be so fiendish. :)
    People here want to help, that's the most important thing. Whether their advice is valid or not - well whoever listens should decide. Btw, could you give me:
    Your opinion of what a minimalistic setup should be?
    Your opinion of what a good setup should be?
    How about my router-which-is-not-a-router-solution? Isn't that simple and beautiful?
    Mrk
     
  3. "Your" solution to use a spare PC as a router is a well known idea, though any people who do so prefer to run linux with ipchains because it's lighter, more robust and can be locked down more easily and completely than a windows box.

    In many ways it's similar to using a NAT router, which is after all running linux for firmware. The main advantage of hardware routers is that it's simple, robust and simplicity means it is less likely to have flaws for people to exploit.

    Your solution should try to mimick the same virtues. So the most important thing is that you should strip down the PC that is acting as the NAT router, and lock it down as much as possible. if you do not do this, it can be exploited the same as any PC. Remember the fact that it is used to do NAT does not in any way confer it any magical defensive powers. Do not in any circumstance use it to surf, or do work. Keep it as simple and basic as possible.

    You might know all this already, but then again you might not.
     
  4. Arup

    Arup Guest

    Routers are fine till you hit their limitation, all medium range routers have limited memory space, what this does is that when you need multiple connection and speed, say for example, running a P2P app, majority of low and mid range routers choke on that and start dropping connections when their NAT table goes full, same with their SPI firewall, ACL full and off goes your P2P connection. Otherwise, routers are the best thing to happen to the broadband world, average users without it and an improperly set firewall would be totally vulnerable, take for example, Zone Alarm, when first installed, it will ask the average Joe if sever access is to be granted to MS Task at 1025, most would panic and say yes, now if the same were to happen with a Trojan or Key Logger, think about that, few newbies or first time firewall users know what is a server right or an inbound connection, this is where NAT routers come in really handy.
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,996
    Hi,
    Cheers!
    I agree about the Linux box. Some time ago I contemplated the idea of an old P2 acting as a server but eventually did not go forth with it. I do use dual boot with Linux, though.
    But since this thread is obviously aimed at Windows users, what would you suggest a Windows user do? I think the idea was to show that you can have reasonable security without going head over heels with programs and more programs and more programs. Similar to the El Cheapo router and Windows firewall threads at dslbroadbands. I think this is what the author intended.
    Would you suggest anything else?
    Mrk
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.