Router and IDS in a software firewall

Is some kind of IDS in your software firewall useful even if you have a router? There are quite a few software firewalls with a kind of IDS or attack detection or SPI (Norton, Outpost, KIS, Kerio 4, and limited ones in PcTools and Comodo.) I'm currently trialing Outpost firewall. But would Norton's firewall be most useful to me since it detects web based attacks?

 

If you have a router you're probably protected to a large degree from network attacks.
What might need is any personal firewall which can provide basic network protection, 2-way access control and probably some HIPS.

Outpost,KIS,NIS,OnlineArmor all have all of the same inbuilt.

The other approach could be to have a Basic Firewall + HIPS software. For example: Windows Vista Firewall + Defensewall

 

Absolutely, a router is nowadays more a danger then a help (since dnschanger, this thing will evolve be sure) because if your router is owned your chances to notice that are highly decreased. Some high security setups place first specific hardware firewalls.

 

Hi SystemJunkie,

My LAN has users that I trust, but since you think an IDS is useful, which software firewall would you recommend? Is Outpost ok?

 

Just my 2 cents... I think with a router, any further inbound protection is pretty much unnecessary.... Nothing is going to get past the router. In 3 years of router use, I've never had an issue here.

Even without a router, I think an IDS is a little on the overkill/anal side for a home user anyhow. A basic firewall or packet filter will keep you safe enough. That combined with your AV or even HIPS is plenty. A web scanner in the AV might be helpful also.

Nobody is looking to exploit or attack a home user at that level. And if anything does get onto your PC via any other avenue, your other software will catch it, but that pretty much depends on how you use the machine.

I'm sure some will disagree, but as I said, my 2 cents, for what it's worth...

 

Outpost is very good but afaik not 64 bit ready but if you use 32 bit go on.

Oldschool Black Ice was also very interesting, not as firewall but as IDS.
My favorite IDS was Tiny but this company is out of business since 2005.

 

What is this dnschanger pls?.

Hmmm.... I always thought a router and a hardware FW to be the same!!!

 

Sometimes but specific highend hardware firewall should have a much stronger multilayered approach (ALF, SPI, Content Filter, Packet Filter, whitelists) in contradiction to usual routers.

A new breed of malware that scans for specific routers and try to own them so that your router becomes remotely controlled.

 

Would you recommend Outpost over NIS for my needs?

 

In that case addition of a router should be of no additional benefit, why u suggested to use both together?

Even if u have non-default passwords?

Any links for this?

Thanks

 

Hello,

You do not need any IDS with or without the router, completely unnecessary in home environment.

And your router will do its job, let it be.

Mrk

 

Non-Default pass is a must otherwise router gets owned in seconds if you surf the wrong webside.

Absolutely. If you use NIS you must set it up the right way (check all protection extras) otherwise it leaks massively.

 

Hi again - by leaks to you mean in terms of leaks from leak tests, or in another way?

 

Both but also related to leaktests, norton can make up five or more ranks upwards when all protection extras are enabled the same is valid for pctools firewall.