Some advice please..now that I have a router...

I am aware this Q may have been asked before, just looking for some advice..

Now have home network set-up:
:wired
: on cable
:behind router: Cisco850
:3 desktops no server
-1 with NAV/NIS and Prevx and other tools ( old desktop ) - XPHome updated
-2 new with Sophos AV and WPF only - XpPro updated
( Sophos came as part of package: easy so far erhaps not greatest AV but just
chugs away and has nice little HIPS utility)
2 main users some guests, Admin. accts set up

Outlook 2007 for E-mail.

Do I need FW at all now: Rather than run the above FWs, was thinking about OA or Prosecurity (?? or even PrevX) as only apps behind the router is that a sensible choice?

Do I need Av as well?
Will prolly put SAS on for demand scanner
Always: Spyware blaster and MRU Blaster and CC and a couple of others..

In reality since IE hijack and reformat about 4 years ago, no mals that I am aware of
(unless you count NIS and Prevx calling N.Sofer's tools and keyfinders as malware heh)

I think it IS appropriate to have some tools behind the router: just pondering how to go..
Any advices ?
Regards.

 

When you ask with respect to "need", that requires so much more information about you and your situation to answer intelligently, that the answer is you really should unask the question. One perspective, if you feel that you need to ask, the answer is a firm yes.

With respect to a firewall - do you wish to have a say with respect to outbound communications? Yes = firewall; no/don't care = no firewall. After that, it's a matter of feature set choice.

With respect to an AV - how do you plan to validate any downloaded content? If you can reliably do it without an AV = no AV; if you can't reliably do it without an AV = use an AV.

Blue

 

Have you seen this current thread in the other firewalls forum? Behind a router - is a firewall needed?

 

@Dogbuiscuit: thx
@Blue: thanks for the time and thought. Syntactically intricate but crystal
@Pete:
Decision: keep AV and trial OA.
Regards.

 

Hello,

I don't really follow you ... I thought you've had a router forever and ran no security software ... or am I mistaken ...?

Blue pretty much summed it regarding the AV and firewall. I don't think you "need" any special tools, router or no. It's the matter of choice and convenience.

My best advice would be to stick to non-MS apps, this will reduce the exposure vectors, probably improve your productivity and most likely improve your overall security...

Mrk

 

Hello back

( Pete or me?)
Yeah but..soul mate likes M$ stuff..( have convinced her re FF and NOScript: *nix further down the track) work needs M$ stuff and VPN for remote log ins..
:E-mails need watching..some of those "joke" e-mails with a .wmv or images attached might need a scanner? Mistakenly click on some spam..or such..even files from friends...pdfs, .docs
: ..wrong web page, even right web page..even with FF and N-s.
: Downloads of apps or files ( or .iso's ) might need scanning
: some installs might try and phone home for auto-updating: dont always like that and they may need squashing or watching
: some mal may be trying to call out..

I guess it's about control: to paraphrase the great HST: It was the Law of the Sea, they said. Civilization ends at the web. Beyond that, we all enter the food chain, and not always right at the top.

No argument there..I have no particular beef with M$: after all been a constant evolving companion for years...but...

To digress a bit:
My latest adventure with the trusty VMWorkstation: have PCLOS set-up well, now my primary interface: Local Networked via VM: access to printer; NAS access, mail all good:
Update system : DAMN: short of HD space in the VM: clone VM -for safety- use vmwarediscmanager expand virtual HD 6G to 12G : try and fix partitions with Knoppix live and QTparted: no go; get iso of GPartEd: fantastic tool :rearrange virtual HD, increase swap: no probs: all good: system flying.
Love that VMWare: next to Terabyte and FDISR best tools ever

I may need HELP ; I've been "traveling": see attached: ?Distro fatigue:
Heh: mostly your fault :damn that dedoimedo

Partly my original question was to tap the instant well of experience and insight here and get a feel for this new equipment and set-up: knew it (the router) was the right thing to do but just feeling my way with new set-ups for work and home HW and softs .

Blue is as ever a serious source as shown, Pete knows a lot about me and my needs and set-up.
LOL: some of the rest is thanks to you
all mistakes made by me: work in progress: rush slowly
Regards

 

Hello,

Actually, that's not that many VMs I have tried approx. 50 distros or more I think, but to keep things tidy, I keep most archived and only work with about 5-6 on one machine and another 6-7 on another.

Working with VMs is like with another comp, except that it sits inside another, right there. Once people get the hang of it, you can run virtual networks like a king.

Best solution for emails (any file downloaded from an external source):

- Run the parent application sandboxed / limited privileges.
- Child apps (media player opening an attachment, for example) will launch with inherited permissions and automatically have reduced ability and impact on the system. The most transparent way to do is DropMyRights. You can also use DefenseWall or SandboxIE, for instance.

- Finally, if you have the time and nerves, try security policies. You can limit the self-inflictive abilities seriously - prevent the user from making suicidal mistakes.

No need to blast money on scanners. Actually, if you know what you're doing, you can away with just about anything, but this ain't the way for everyone.

Running scanners occasionally is a good thing, for several special reasons and NOT the expected one (detect malware):

- Find FP and report to the vendor.

- Find these FP and know your data could be deleted if it comes to exist in such a setup, thus know how to avoid. For example, A2 has a year-old issue with CDBurnerXP Pro. Thus, I'd never recommend A2 to a friend with CDBurner or vice versa, knowing critical files could be deleted. Another example, if you run AV, test it against good files and see if it doesn't cause trouble. On one of my machines, the AV flagged UBCD4WIN packages quite a few times as bad and caused network replication problems. Identifying VENDOR problems, not MALWARE problems, can help your setup thrive and coexist more peacefully in mixed environments.

- Check compatibility issues.

- Check load, performance impact, annoyance levels, because REMEMBER, security is more than just your machine. What will you recommend to your less-computer-savvy friends?

That's about it, I think ...

Mrk

 

There is nothing more depraved than a man in the depths of .iso binge.


50 VMs eh: I've only got to 49 before melting the mb and my brain

Sandboxie: yes +++; not perfect: can send out of 'box, cannot install drivers: but a great tool. DW still on the list: config getting necessarily more complex ??

Scanners and FPs can = catastrophe; yes. Limit options and lol , auto clean.
Vendor issues: sure.

hhmmm, easy for you to say: I get lost and forget what will do what.
I still tend to commit the grave sin of running as admin: ergo deserve what I get .

Useage for "retail" customers needs to be smooth: secretaries and household: in reality there are lots of options. Router has added some deep background if you like; therefore time to reconsider current strategies.

that could be it ..
regards.

PS the reason for posting about the vmdiscmanager was just to say that it actually works well with linux VM. I had thought about a reinstall. REassuring for other VMs that I unwittingly made too small. Learning curve but then quick.

PPS: debian? FEdora? CEntOs still things to do...places to see.
Given up on the BSDs other than PCBSD.
SLack and Gentoo might be too hard...