Recommend a Security Suite

  • Thread starter Thread starter razor_303
  • Start date Start date
On Mon, 10 Sep 2007 12:04:25 +0200, "Charlie42"
<Charlie42@spam.me.not> wrote:

>
>"Straight Talk" <b__nice@hotmail.com> wrote in
>news:mi06e31o7tvcj610cpi4dsuifvl0eso4s8@4ax.com...
>>>You should also use a proper firewall, both Comodo Pro and Agnitum Outpost
>>>are known to work well with NOD32.
>>
>> If those firewalls are the answer, what exactly is the question?
>
>NOD32 v2.7 doesn't come with a firewall, and razor_303 asked for advice on
>security suites. Therefore I felt obliged to mention some firewalls I know
>to work with NOD32. Imo. buying an entire security suite is the wrong thing
>to do when your memory and CPU resources are stretched, rather I'd recommend
>a stand alone anti-malware program and a firewall.

Okay. The reason for my question was more because I was interested in
what problem these personal firewalls were meant to solve.

>As Victek pointed out, Comodo for Vista is still in beta stage of
>development (so is Outpost). For the time being, running NOD32 alongside
>with Windows Firewall is an option. If you feel a third party firewall is
>required, both PCTools and Jetico have released firewalls for Vista. PCTools
>is a bit of a hog though, I haven't tried Jetico myself.

I don't feel that a third party firewall is needed. Therefore I was
curious as to why you think so.
 
razor_303 wrote:
> what about kaspersky's latest internet security software, i think its 7
> im not sure, is it any good?
>
> "razor_303" <razor_303@earthlink.net> wrote in message
> news:5B3F1101-8454-4684-ADB9-8AE348F31424@microsoft.com...
>> I am currently using Norton Internet Security 2007, for both my
>> recently purchased laptop and my older desktop computer. I have seen
>> the reviews for the 2008 version and I'm not very confident in getting
>> it.
>>
>> I wanted to get some recommendations on security software that I can
>> buy that includes the whole package, like a firewall, anti-virus,
>> anti-spyware etc.
>>
>> I know to stay away from Computer Associates and PC-cillin as I've
>> tried those and pretty much wasted my money with both, so I've had
>> Norton for a while now. and Mcaffe ive heard it sucks so im not going
>> there either
>>
>> Can I have the whole name and not abberviations so I can look up the
>> software?
>>
>> getting tired of norton, uses up too much memory...
>>
>> Thanks
>
I use Kaspersky Anti-Virus 7.0 (not the KIS security suite) and I find
it excellent for both WinXP and Vista. Really first class service and
support. (But it is not free like Avast and some others.)

One thing is certain - stay away from Norton if you have the choice!
 
"Straight Talk" <b__nice@hotmail.com> wrote in
news:3gfae3t9eqhl6nmnabfbpf4iq045obp3ce@4ax.com...

> Okay. The reason for my question was more because I was interested in
> what problem these personal firewalls were meant to solve.

In-/outbound traffic control, monitoring applications using internet, port
stealthing, and so on.

> I don't feel that a third party firewall is needed. Therefore I was
> curious as to why you think so.

I don't, not since Vista was released anyway. At home I just use Vista
firewall alongside with my router firewall. They let me set the policies I
need to, and Defender/UAC keep sufficient control of my applications. I
think Vista FW could be more user friendly though, the 'advanced settings'
seem tucked away and complicated to the average home user.

But again: razor_303 asked about third party suites, so I felt I had tip
about some proper, less resource consuming, firewalls that can be used in
addition to NOD32.

The discussion over Vista vs. third party FW is an interesting one I think,
I haven't quite made my mind up yet, and I'd like to hear your points of
view.

Charlie42
 
"Straight Talk" <b__nice@hotmail.com> wrote in message
news:1pl9e3de8dphvtpdqhhji8flvjaa60u2jl@4ax.com...
> On Sun, 09 Sep 2007 21:44:50 -0700, ptravel@travelersvideo.com wrote:
>
>>Unlike Windows Firewall, AVG gives transparent control over both in-
>>coming and out-going network communications.
>
> The outbound control myth is so tenacious.

It's not a myth. Again, do you have anything substantive to add, or do you
just like to snipe?
 
On Tue, 11 Sep 2007 09:55:10 -0700, "PTravel"
wrote:

>
>"Straight Talk" <b__nice@hotmail.com> wrote in message
>news:1pl9e3de8dphvtpdqhhji8flvjaa60u2jl@4ax.com...
>> On Sun, 09 Sep 2007 21:44:50 -0700, ptravel@travelersvideo.com wrote:
>>
>>>Unlike Windows Firewall, AVG gives transparent control over both in-
>>>coming and out-going network communications.
>>
>> The outbound control myth is so tenacious.
>
>It's not a myth.

Yes, it is. It's impossible in a windows environment for code A to
reliably prevent code B from calling out. Malware determined to call
out unattended won't let a PFW get in the way.

If the malware has system level access it can do what it wants, like
modifying the TCP/IP stack - or create it's own stack for that matter.

Or it may just piggy bag on an application you have already granted
access.

Malware is too dangerous to be something you allow to run thinking
that you can control it. It's something you don't run at all.

>Again, do you have anything substantive to add, or do you
>just like to snipe?

Calm down. I'm not the one needing to learn here.

Client Firewalls and Security Theater
http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx

"Personal Firewalls" are mostly snake-oil
http://samspade.org/d/firewalls.html


* Instead of reducing the number of network-aware services, a personal
firewall is an additional service that consumes system resources and
can also be the target of an attack, as exemplified by the Witty [1]
worm.
* If the system has been compromised by Malware, Spyware or similar
software, these programs can also manipulate the firewall, because
both are running on the same system. It may be possible to bypass or
even completely shut down software firewalls in such a manner.
* The high number of alerts generated by such applications can
possibly desensitize users to alerts by warning the user of actions
that may not be malicious (e.g. ICMP requests).
* Software firewalls that interface with the operating system at the
kernel mode level may potentially cause instability and/or introduce
security flaws and other software bugs.
http://en.wikipedia.org/wiki/Personal_firewall#Criticisms

About "Comodo" - considered by many to be one of the top PFW's:
"The implementation of the security design is very superficial.
Today's malware creators would not have problems to bypass the
protection of Comodo. "
http://www.matousec.com/projects/wi...s/Comodo-Personal-Firewall-2.3.6.81/#security
 
Last edited by a moderator:
On Sep 11, 1:13 pm, Straight Talk <b__n...@hotmail.com> wrote:
> On Tue, 11 Sep 2007 09:55:10 -0700, "PTravel"
>
> wrote:
>
> >"Straight Talk" <b__n...@hotmail.com> wrote in message
> >news:1pl9e3de8dphvtpdqhhji8flvjaa60u2jl@4ax.com...
> >> On Sun, 09 Sep 2007 21:44:50 -0700, ptra...@travelersvideo.com wrote:
>
> >>>Unlike Windows Firewall, AVG gives transparent control over both in-
> >>>coming and out-going network communications.
>
> >> The outbound control myth is so tenacious.
>
> >It's not a myth.
>
> Yes, it is. It's impossible in a windows environment for code A to
> reliably prevent code B from calling out. Malware determined to call
> out unattended won't let a PFW get in the way.
>
> If the malware has system level access it can do what it wants, like
> modifying the TCP/IP stack - or create it's own stack for that matter.
>
> Or it may just piggy bag on an application you have already granted
> access.

And that's possible with any firewall. My post said AVG is a better
firewall than Windows because of the easier control over out-going
traffic. You seem to be advocating not using an outgoing firewall at
all. If you don't want one on your system because of it won't catch
every conceivable instance of unauthorized out-going traffic, fine.
No software offers 100% security. I'll go with one that offers some
fraction of that, and prefer the one that is easiest to configure and
the most transparent in its actions.


>
> Malware is too dangerous to be something you allow to run thinking
> that you can control it. It's something you don't run at all.

You seem to assume that anyone who uses a firewall doesn't know this.
I know this. However, advocating not using a firewall is like
advocating not using seat belts because they won't help you if your
car blows up.

>
> >Again, do you have anything substantive to add, or do you
> >just like to snipe?
>
> Calm down. I'm not the one needing to learn here.

I'm going to guess what you do for a living. You're in IT, right?

I run into this attitude a lot.

>
> Client Firewalls and Security Theaterhttp://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirew...
>
> "Personal Firewalls" are mostly snake-oilhttp://samspade.org/d/firewalls.html
>
> * Instead of reducing the number of network-aware services, a personal
> firewall is an additional service that consumes system resources and
> can also be the target of an attack, as exemplified by the Witty [1]
> worm.
> * If the system has been compromised by Malware, Spyware or similar
> software, these programs can also manipulate the firewall, because
> both are running on the same system. It may be possible to bypass or
> even completely shut down software firewalls in such a manner.
> * The high number of alerts generated by such applications can
> possibly desensitize users to alerts by warning the user of actions
> that may not be malicious (e.g. ICMP requests).
> * Software firewalls that interface with the operating system at the
> kernel mode level may potentially cause instability and/or introduce
> security flaws and other software bugs.http://en.wikipedia.org/wiki/Personal_firewall#Criticisms

You're citing Wikipedia? Whatever.

I don't have any system instability because of running AVG, at least
no more than is introduced by Vista itself.

>
> About "Comodo" - considered by many to be one of the top PFW's:
> "The implementation of the security design is very superficial.
> Today's malware creators would not have problems to bypass the
> protection of Comodo. "http://www.matousec.com/projects/windows-personal-firewall-analysis/C...

More Wikipedia cites? 1. We're not talking about Comodo. 2. The
issue isn't whether malware can bypass firewalls, but whether running
a firewall will stop more malware than not running a firewall.
 
Last edited by a moderator:
On Tue, 11 Sep 2007 19:24:53 -0700, ptravel@travelersvideo.com wrote:

>> Or it may just piggy bag on an application you have already granted
>> access.
>
>And that's possible with any firewall. My post said AVG is a better
>firewall than Windows because of the easier control over out-going
>traffic. You seem to be advocating not using an outgoing firewall at
>all. If you don't want one on your system because of it won't catch
>every conceivable instance of unauthorized out-going traffic, fine.
>No software offers 100% security. I'll go with one that offers some
>fraction of that, and prefer the one that is easiest to configure and
>the most transparent in its actions.

And thereby adding instability, and worst of all, introducing more
vulnerabilities to your system.

>> Malware is too dangerous to be something you allow to run thinking
>> that you can control it. It's something you don't run at all.
>
>You seem to assume that anyone who uses a firewall doesn't know this.
>I know this. However, advocating not using a firewall is like
>advocating not using seat belts because they won't help you if your
>car blows up.

Very bad analogy. Unlike outbound control, a seat belt does what it's
meant to do highly reliably and it does not make your care more
vulnerable.

<snip>

>1. We're not talking about Comodo.

I mentioned Comodo since it's often considered one of the best. I hope
you realize that the AVG thingie that you seem to rely on just leaks
like a sieve.

>2. The issue isn't whether malware can bypass firewalls, but whether running
>a firewall will stop more malware than not running a firewall.

This is where your argument fails, because you don't consider the
costs involved with adding PFW code.

And BTW, don't expect your AVG thingie to stop any malware at all..
 
"Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
news:Ox4HgQm7HHA.4476@TK2MSFTNGP06.phx.gbl...
> razor_303 wrote:

> But it's been several years since I've been tempted to try McAfee
> products. Their quality seemed to take a steep nose-dive after they were
> acquired by Network Associates.

I felt that way after Norton was acquired by Symantec. The original Norton
folks outshone everybody, including Symantec. Then Symantec bought them.
They haven't been as good ever since. Sure, they do throw a lot of money
into their product, but the quality that comes from enthusiasm is gone.

On the subject of the thread, however, I bit on CA's ad and spent all kinds
of time installing it, but when I ran it, it blew up. When I called for
support, the guy said, "Oh, we're not ready to support 64bit Vista yet." As
a programmer, I wondered why their software didn't know it was trying to
support the wrong operating system and refuse to install it! I don't recall
for sure, but I don't think the question was raised when I ordered the
software. I don't know if Vista64 has been in Beta since early 2006, but I
suspect it was since all kinds of developers have had 64bit products ready
at Vista introduction time. Needless to say, I'm not waiting for their
64bit system.

Bottom line: Someone asked in a post why folks were paying for antivirus
software when there were essentially as-good (if not better)
free-for-homeuse packages available. I bit and installed Avast 64bit. It
works fine, except that it needs a little better step-by-step: it has two
things come up and it's hard to figure out exactly what to do to insure it
is working, possibly because it is a Czeck group and I only do English. But
they seem to try hard and the basic product is very good, so I am very
pleased with Avast.

John
 
Straight Talk wrote:
>
>> And that's possible with any firewall. My post said AVG is a better
>> firewall than Windows because of the easier control over out-going
>> traffic. You seem to be advocating not using an outgoing firewall at
>> all. If you don't want one on your system because of it won't catch
>> every conceivable instance of unauthorized out-going traffic, fine.
>> No software offers 100% security. I'll go with one that offers some
>> fraction of that, and prefer the one that is easiest to configure and
>> the most transparent in its actions.
>
> And thereby adding instability, and worst of all, introducing more
> vulnerabilities to your system.
>


Please provide some sort of documentation or White Papers to
substantiate what appears, on the face of it, and based on my
experience, to be a patently absurd claim. As you've been told, no one
thinks outbound protection is a magic bullet, but it does add an
addition layer of protection, and it certainly does not create
additional vulnerabilities. (Poorly designed, coded, or configured
individual applications might cause problems, but that doesn't render
the concept of outbound protection invalid.)





--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think in fact, most do. -Bertrand Russell
 
On Wed, 12 Sep 2007 19:57:30 -0600, Bruce Chambers
<bchambers@cable0ne.n3t> wrote:

>Straight Talk wrote:
>> And thereby adding instability, and worst of all, introducing more
>> vulnerabilities to your system.
>>
>
>
> Please provide some sort of documentation or White Papers to
>substantiate what appears, on the face of it, and based on my
>experience, to be a patently absurd claim.

What are you talking about? You are asking me to document the obvious
here!

I'm talking about adding 100+ hooks containing complex and buggy code
to already critical functions, which is what outbound "control" on a
windows host is about.

I'm talking about the impossible task of creating an entire security
layer on top of an OS providing numerous IPC methods for malware to
manipulate and interface with other app's.

In other words I'm talking about the foolishness of endangering your
system by adding numerous kernel hacks for no real benefit, since
malware determined to circumvent it will just do so anyway. And why
would malware not want to do so?

>As you've been told, no one thinks outbound protection is a magic bullet,
>but it does add an addition layer of protection, and it certainly does not create
>additional vulnerabilities.

Oh, please...
 
Straight Talk wrote:
> On Wed, 12 Sep 2007 19:57:30 -0600, Bruce Chambers
> <bchambers@cable0ne.n3t> wrote:
>
>> Straight Talk wrote:
>>> And thereby adding instability, and worst of all, introducing more
>>> vulnerabilities to your system.
>>>
>>
>> Please provide some sort of documentation or White Papers to
>> substantiate what appears, on the face of it, and based on my
>> experience, to be a patently absurd claim.
>
> What are you talking about? You are asking me to document the obvious
> here!
>

"Obvious" only to you, apparently. So far, the remainder of the IT
industry seems to remain unaware. But thanks for confirming that you
have *NO* way of substantiating your otherwise unfounded claims. That's
exactly what I anticipated.


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think in fact, most do. -Bertrand Russell
 
On Thu, 13 Sep 2007 11:25:33 -0600, Bruce Chambers
<bchambers@cable0ne.n3t> wrote:

>Straight Talk wrote:
>> On Wed, 12 Sep 2007 19:57:30 -0600, Bruce Chambers
>> <bchambers@cable0ne.n3t> wrote:
>>
>>> Straight Talk wrote:
>>>> And thereby adding instability, and worst of all, introducing more
>>>> vulnerabilities to your system.
>>>>
>>>
>>> Please provide some sort of documentation or White Papers to
>>> substantiate what appears, on the face of it, and based on my
>>> experience, to be a patently absurd claim.
>>
>> What are you talking about? You are asking me to document the obvious
>> here!
>>
>
> "Obvious" only to you, apparently. So far, the remainder of the IT
>industry seems to remain unaware.

Don't give me this common wisdom BS.

> But thanks for confirming that you
>have *NO* way of substantiating your otherwise unfounded claims. That's
>exactly what I anticipated.

Since you just snipped away all the stuff you didn't understand,
further debate would be a waste of time. EOD.
 
"Straight Talk" wrote:

> >>> Please provide some sort of documentation or White Papers to
> >>> substantiate what appears, on the face of it, and based on my
> >>> experience, to be a patently absurd claim.
> >>
> >> What are you talking about? You are asking me to document the obvious
> >> here!
> >>
> >
> > "Obvious" only to you, apparently. So far, the remainder of the IT
> >industry seems to remain unaware.
>
> Don't give me this common wisdom BS.
>
> > But thanks for confirming that you
> >have *NO* way of substantiating your otherwise unfounded claims. That's
> >exactly what I anticipated.
>
> Since you just snipped away all the stuff you didn't understand,
> further debate would be a waste of time. EOD.

Guess Straight Talk chickened out then... Does he always do that? Him
constantly posting unsubstantiated opinions is pretty annoying. One for the
kill file?
JJ
 
On Fri, 14 Sep 2007 11:06:00 -0700, JanJ
<JanJ@discussions.microsoft.com> wrote:

>"Straight Talk" wrote:
>
>> >>> Please provide some sort of documentation or White Papers to
>> >>> substantiate what appears, on the face of it, and based on my
>> >>> experience, to be a patently absurd claim.
>> >>
>> >> What are you talking about? You are asking me to document the obvious
>> >> here!
>> >>
>> >
>> > "Obvious" only to you, apparently. So far, the remainder of the IT
>> >industry seems to remain unaware.
>>
>> Don't give me this common wisdom BS.
>>
>> > But thanks for confirming that you
>> >have *NO* way of substantiating your otherwise unfounded claims. That's
>> >exactly what I anticipated.
>>
>> Since you just snipped away all the stuff you didn't understand,
>> further debate would be a waste of time. EOD.
>
>Guess Straight Talk chickened out then...

Guess the never-heard-of-before JanJ suddenly popped out to make a
fool of himself.

>Does he always do that? Him constantly posting unsubstantiated
>opinions is pretty annoying.

Do you have anything on topic to offer or are you just babbling?

>One for the kill file?

Feel free to close your eyes.
 
Back
Top