Recommend a Security Suite

September 7, 2007

"razor_303" <razor_303@earthlink.net> wrote in message

news:CCF3123C-B1BE-41D3-BC03-73D23C8365C8@microsoft.com...

>

> "Donald McDaniel" <orthocross@comcast.invalid> wrote in message

> news:2D06E851-1F0D-4463-8D93-A9A17377FECA@microsoft.com...

>> "razor_303" <razor_303@earthlink.net> wrote in message

>> news:5B3F1101-8454-4684-ADB9-8AE348F31424@microsoft.com...

>>>I am currently using Norton Internet Security 2007, for both my recently

>>>purchased laptop and my older desktop computer. I have seen the reviews

>>>for the 2008 version and I'm not very confident in getting it.

>>>

>>> I wanted to get some recommendations on security software that I can buy

>>> that includes the whole package, like a firewall, anti-virus,

>>> anti-spyware etc.

>>>

>>> I know to stay away from Computer Associates and PC-cillin as I've tried

>>> those and pretty much wasted my money with both, so I've had Norton for

>>> a while now. and Mcaffe ive heard it sucks so im not going there either

>>>

>>> Can I have the whole name and not abberviations so I can look up the

>>> software?

>>>

>>> getting tired of norton, uses up too much memory...

>>>

>>> Thanks

>>

>> I tried Norton Internet Security 2008 last night.

>> Here's my take on it:

>>

>> 1) Takes too much control away from the OS.

>> 2) Takes too much control away from the user.

>> 3) Too ponderous.

>> 4) Too complicated.

>>

>> Here're my suggestions for an Internet Security Suite:

>> 1) Trend Micro Internet Security 2008 (for Vista -- the XP product won't

>> even install under Vista).

>> 2) Once it is released, the NOD32 Suite will be excellent.

>> 3) ZoneLabs Internet Security 2008

>> 4) Or, a third-party Firewall plus NOD32. Probably a better solution

>> than a unified Security Suite.

>> 5) STAY AWAY FROM NORTON in Vista!

>>

>> Donald McDaniel

>

> Sounds like Norton 08 is worse than the 07 edition, what is NOD32

> companie's website?

> ive head that it is really good, id like to see their software

and does anyone know when that security suite (Eset or NOD32 Suite) will be

released?

September 7, 2007

"razor_303" <razor_303@earthlink.net> wrote in

news:02F67FF3-4731-4C78-91BD-46617B930719@microsoft.com...

>>

>> Sounds like Norton 08 is worse than the 07 edition, what is NOD32

>> companie's website?

>> ive head that it is really good, id like to see their software

>

> and does anyone know when that security suite (Eset or NOD32 Suite) will

> be released?

NOD32 is made by Eset, http://www.eset.com/. Version 2.7 works with Vista.

News about the upcoming Eset Smart Security suite can be found at

http://www.eset.com/beta. Smart Security is currently in public beta 2, Eset

does not have a public schedule for future releases.

Charlie42

September 8, 2007

Just because you have to pay for something doesn't automatically make it

good. Norton demonstrates the point perfectly. Not only is it expensive, it

also hogs your resources, and even exibits spyware-like behaviour in that it

"impairs user control over material changes that affects their system

security". It is easily the worst "security" product you could ever get. But

by your reasoning it'd be "better" than the many free and indeed superior

anti-virus applications such as Avast or Antivir, which are not only

resource efficient, but also does not exibit spyware-like behaviour and have

much better detection rates than Norton.

"razor_303" <razor_303@earthlink.net> wrote in message

news:14E45BBF-F47C-40D8-9526-8A9347C96550@microsoft.com...

>

> "Ken Blake, MVP" <kblake@this.is.am.invalid.domain> wrote in message

> news:096pd3hd9brvljo8dt7iaoi7c6qh0i8qet@4ax.com...

>> On Mon, 3 Sep 2007 11:42:24 -0500, "razor_303"

>> <razor_303@earthlink.net> wrote:

>>

>>> I am currently using Norton Internet Security 2007, for both my recently

>>> purchased laptop and my older desktop computer. I have seen the reviews

>>> for

>>> the 2008 version and I'm not very confident in getting it.

>>>

>>> I wanted to get some recommendations on security software that I can buy

>>> that includes the whole package, like a firewall, anti-virus,

>>> anti-spyware

>>> etc.

>>

>> I am very much against using such suites, whether security suites, or

>> any other kind. I believe that it's best to look for the best

>> product(s) in each category. It is not true that because company A

>> makes the best anti-virus program, you should therefore also use its

>> firewall, anti-spyware program, etc.

>>

>> --

>> Ken Blake, Microsoft MVP Windows - Shell/User

>> Please Reply to the Newsgroup

>

> Ok good points made, so what are some good firewalls, anti-virus programs,

> and anti-spyware programs that i could buy that are the best at what they

> do, and i dont trust those free versions, i those kinds of people that

> believe that nothing is free, everything has a price. im willing to pay

> since it is for protecting my data and my school investment.

>

> thanks

September 8, 2007

i just dont see getting something for free and expect it to do be better

than something i paid for, i am trying to protect my investment, i do

realize norton isnt the best, which is why im asking for people's opinions

on what works for them then i take that and combine with what ive read

online and what other people have told me.

thanks

"Chen Shen" <chen@cshen.ca> wrote in message

news:%23hpA1Id8HHA.1208@TK2MSFTNGP03.phx.gbl...

> Just because you have to pay for something doesn't automatically make it

> good. Norton demonstrates the point perfectly. Not only is it expensive,

> it also hogs your resources, and even exibits spyware-like behaviour in

> that it "impairs user control over material changes that affects their

> system security". It is easily the worst "security" product you could ever

> get. But by your reasoning it'd be "better" than the many free and indeed

> superior anti-virus applications such as Avast or Antivir, which are not

> only resource efficient, but also does not exibit spyware-like behaviour

> and have much better detection rates than Norton.

>

> "razor_303" <razor_303@earthlink.net> wrote in message

> news:14E45BBF-F47C-40D8-9526-8A9347C96550@microsoft.com...

>>

>> "Ken Blake, MVP" <kblake@this.is.am.invalid.domain> wrote in message

>> news:096pd3hd9brvljo8dt7iaoi7c6qh0i8qet@4ax.com...

>>> On Mon, 3 Sep 2007 11:42:24 -0500, "razor_303"

>>> <razor_303@earthlink.net> wrote:

>>>

>>>> I am currently using Norton Internet Security 2007, for both my

>>>> recently

>>>> purchased laptop and my older desktop computer. I have seen the reviews

>>>> for

>>>> the 2008 version and I'm not very confident in getting it.

>>>>

>>>> I wanted to get some recommendations on security software that I can

>>>> buy

>>>> that includes the whole package, like a firewall, anti-virus,

>>>> anti-spyware

>>>> etc.

>>>

>>> I am very much against using such suites, whether security suites, or

>>> any other kind. I believe that it's best to look for the best

>>> product(s) in each category. It is not true that because company A

>>> makes the best anti-virus program, you should therefore also use its

>>> firewall, anti-spyware program, etc.

>>>

>>> --

>>> Ken Blake, Microsoft MVP Windows - Shell/User

>>> Please Reply to the Newsgroup

>>

>> Ok good points made, so what are some good firewalls, anti-virus

>> programs, and anti-spyware programs that i could buy that are the best at

>> what they do, and i dont trust those free versions, i those kinds of

>> people that believe that nothing is free, everything has a price. im

>> willing to pay since it is for protecting my data and my school

>> investment.

>>

>> thanks

>

September 8, 2007

On Sat, 8 Sep 2007 09:32:30 -0500, "razor_303"

<razor_303@earthlink.net> wrote:

> i just dont see getting something for free and expect it to do be better

> than something i paid for,

Although I can understand why you feel that way, in the world of

software, it is often not the case. Chen Shen gave you one example

of an expensive paid-for product being inferior to free ones. They are

many more examples.

> i am trying to protect my investment, i do

> realize norton isnt the best, which is why im asking for people's opinions

> on what works for them then i take that and combine with what ive read

> online and what other people have told me.

>

> thanks

>

> "Chen Shen" <chen@cshen.ca> wrote in message

> news:%23hpA1Id8HHA.1208@TK2MSFTNGP03.phx.gbl...

> > Just because you have to pay for something doesn't automatically make it

> > good. Norton demonstrates the point perfectly. Not only is it expensive,

> > it also hogs your resources, and even exibits spyware-like behaviour in

> > that it "impairs user control over material changes that affects their

> > system security". It is easily the worst "security" product you could ever

> > get. But by your reasoning it'd be "better" than the many free and indeed

> > superior anti-virus applications such as Avast or Antivir, which are not

> > only resource efficient, but also does not exibit spyware-like behaviour

> > and have much better detection rates than Norton.

> >

> > "razor_303" <razor_303@earthlink.net> wrote in message

> > news:14E45BBF-F47C-40D8-9526-8A9347C96550@microsoft.com...

> >>

> >> "Ken Blake, MVP" <kblake@this.is.am.invalid.domain> wrote in message

> >> news:096pd3hd9brvljo8dt7iaoi7c6qh0i8qet@4ax.com...

> >>> On Mon, 3 Sep 2007 11:42:24 -0500, "razor_303"

> >>> <razor_303@earthlink.net> wrote:

> >>>

> >>>> I am currently using Norton Internet Security 2007, for both my

> >>>> recently

> >>>> purchased laptop and my older desktop computer. I have seen the reviews

> >>>> for

> >>>> the 2008 version and I'm not very confident in getting it.

> >>>>

> >>>> I wanted to get some recommendations on security software that I can

> >>>> buy

> >>>> that includes the whole package, like a firewall, anti-virus,

> >>>> anti-spyware

> >>>> etc.

> >>>

> >>> I am very much against using such suites, whether security suites, or

> >>> any other kind. I believe that it's best to look for the best

> >>> product(s) in each category. It is not true that because company A

> >>> makes the best anti-virus program, you should therefore also use its

> >>> firewall, anti-spyware program, etc.

> >>>

> >>> --

> >>> Ken Blake, Microsoft MVP Windows - Shell/User

> >>> Please Reply to the Newsgroup

> >>

> >> Ok good points made, so what are some good firewalls, anti-virus

> >> programs, and anti-spyware programs that i could buy that are the best at

> >> what they do, and i dont trust those free versions, i those kinds of

> >> people that believe that nothing is free, everything has a price. im

> >> willing to pay since it is for protecting my data and my school

> >> investment.

> >>

> >> thanks

> >

--

Ken Blake, Microsoft MVP Windows - Shell/User

Please Reply to the Newsgroup

September 8, 2007

"Donald McDaniel" <orthocross@comcast.invalid> wrote in message

news:2D06E851-1F0D-4463-8D93-A9A17377FECA@microsoft.com...

> "razor_303" <razor_303@earthlink.net> wrote in message

> news:5B3F1101-8454-4684-ADB9-8AE348F31424@microsoft.com...

>>I am currently using Norton Internet Security 2007, for both my recently

>>purchased laptop and my older desktop computer. I have seen the reviews

>>for the 2008 version and I'm not very confident in getting it.

>>

>> I wanted to get some recommendations on security software that I can buy

>> that includes the whole package, like a firewall, anti-virus,

>> anti-spyware etc.

>>

>> I know to stay away from Computer Associates and PC-cillin as I've tried

>> those and pretty much wasted my money with both, so I've had Norton for a

>> while now. and Mcaffe ive heard it sucks so im not going there either

>>

>> Can I have the whole name and not abberviations so I can look up the

>> software?

>>

>> getting tired of norton, uses up too much memory...

>>

>> Thanks

>

> I tried Norton Internet Security 2008 last night.

> Here's my take on it:

>

> 1) Takes too much control away from the OS.

> 2) Takes too much control away from the user.

> 3) Too ponderous.

> 4) Too complicated.

>

> Here're my suggestions for an Internet Security Suite:

> 1) Trend Micro Internet Security 2008 (for Vista -- the XP product won't

> even install under Vista).

> 2) Once it is released, the NOD32 Suite will be excellent.

> 3) ZoneLabs Internet Security 2008

> 4) Or, a third-party Firewall plus NOD32. Probably a better solution than

> a unified Security Suite.

> 5) STAY AWAY FROM NORTON in Vista!

>

> Donald McDaniel

Is the current zone alarm suite the 2008 edition or it hasnt come out yet?

right now its at 7.1 but 7.0 was released in June of this year.

September 8, 2007

On Mon, 3 Sep 2007 11:42:24 -0500, "razor_303"

<razor_303@earthlink.net> wrote:

>I am currently using Norton Internet Security 2007, for both my recently

>purchased laptop and my older desktop computer. I have seen the reviews for

>the 2008 version and I'm not very confident in getting it.

>

>I wanted to get some recommendations on security software that I can buy

>that includes the whole package, like a firewall, anti-virus, anti-spyware

>etc.

Why?

By configuring your windows, using not inherently broken software and

using your brain you don't need any such crap.

>I know to stay away from Computer Associates and PC-cillin as I've tried

>those and pretty much wasted my money with both, so I've had Norton for a

>while now. and Mcaffe ive heard it sucks so im not going there either

>

>Can I have the whole name and not abberviations so I can look up the

>software?

You don't need additional software. Additional code doesn't make a

system more secure.

>getting tired of norton, uses up too much memory...

>

>Thanks

September 8, 2007

On Tue, 4 Sep 2007 20:46:24 +0200, "Charlie42" <Charlie42@spam.me.not>

wrote:

>"razor_303" <razor_303@earthlink.net> wrote in

>news:5B3F1101-8454-4684-ADB9-8AE348F31424@microsoft.com...

>>

>> getting tired of norton, uses up too much memory...

>>

>

>If memory and CPU usage is a concern, you should take a look at Eset's NOD32

>anti-virus/anti-malware. It's well known for going easy on a computer's

>resources.

As a HIPS type of application NOD32 makes good sense.

>You should also use a proper firewall, both Comodo Pro and Agnitum Outpost

>are known to work well with NOD32.

If those firewalls are the answer, what exactly is the question?

>Until Eset release their full security suite in v3 (currently in beta), I'd

>go for one of the combinations above.

>

>Links:

>www.eset.com

>www.personalfirewall.comodo.com

>www.agnitum.com

>

>Charlie42

September 8, 2007

On Tue, 4 Sep 2007 16:10:06 -0700, "PTravel"

<ptravel@travelersvideo.com> wrote:

>

>"Paul Adare" <pkadare@gmail.com> wrote in message

>news:14vzvis3dpan0.cp4bxjd9v5gc$.dlg@40tude.net...

>> On Tue, 4 Sep 2007 13:13:15 -0700, PTravel wrote:

>>

>>> I lilke AVG, which also has a better firewall than Windows Defender.

>>

>> Windows Defender is not a firewall.

>

>You're correct. I meant Windows Firewall.

So you're saying that AVG firewall is better than the windows

firewall? If so, you're wrong again.

>AVG will also replace all the functions provided by Defender.

I doubt that.

>>

>> --

>> Paul Adare

>> MVP - Virtual Machines

>> http://www.identit.ca

>> Hardware: The parts of a computer system that can be kicked.

September 8, 2007

On Wed, 05 Sep 2007 12:08:30 -0700, "Ken Blake, MVP"

<kblake@this.is.am.invalid.domain> wrote:

>On Wed, 5 Sep 2007 19:13:29 +0100, "VistaGeek"

><vista.geek@btinternet.com> wrote:

>

>> I use the Zonealarm suite 7.1 and it has worked without a hitch for a few

>> months now!

>

>Your choice, of course. My view is that no matter how well something

>works, it's always possible that something else could work better.

>Just because you haven't had any problems with it doesn't mean it's

>the best possible choice.

It also doesn't mean he would have had problems without it. Actually

"I use the Zonealarm suite 7.1 and it has worked without a hitch for a

few months now!" means nothing in terms of security.

>> No impact on system.

>

>But that's flat out impossible. Anything you run has an impact on

>system performance. Some things have more of an impact than others,

>and some have a small enough impact on performance that you don't

>notice it. But nothing has a zero impact.

Exactly right. And why anyone would use system resources on mostly

nonsense functions like the ones ZA implements puzzles me.

>In this case, I would suspect that the impact is greater than you

>realize.

>

>

>> Good value for two licences

>

>Perhaps. A much better value is freeware. And there's lots of good

>freeware around to compete with it.

How about no ware? Security software is mostly security theater.

You make a system secure by removing attack vectors. Not by adding

further code to it.

September 8, 2007

On Thu, 6 Sep 2007 12:40:58 -0700, "Donald McDaniel"

<orthocross@comcast.invalid> wrote:

>Here're my suggestions for an Internet Security Suite:

>1) Trend Micro Internet Security 2008 (for Vista -- the XP product won't

>even install under Vista).

>2) Once it is released, the NOD32 Suite will be excellent.

>3) ZoneLabs Internet Security 2008

>4) Or, a third-party Firewall plus NOD32. Probably a better solution than a

>unified Security Suite.

>5) STAY AWAY FROM NORTON in Vista!

Here is my suggestion for a security suite:

1) Configure windows properly

2) Install and use not inherently broken software (which rules out IE,

OE and Outlook)

3) Implement Brain 1.0

September 9, 2007

>>>

>>> Ok good points made, so what are some good firewalls, anti-virus

>>> programs, and anti-spyware programs that i could buy that are the best at

>>> what they do, and i dont trust those free versions, i those kinds of

>>> people that believe that nothing is free, everything has a price. im

>>> willing to pay since it is for protecting my data and my school

>>> investment.

>>>

>>> thanks

>>

>

Ad-Aware

AVG

ZoneAlarm

+ good old fashioned common sense.

Oh..and having a HW FW is a good idea too.

--

What were you? A jock or a brain?" http://blinkynet.net/comp/uip5.html

"I was a ghost." PSK - RLU 452647

Warrick Brown and Gil Grissom (Bully for You)

September 10, 2007

On Sep 8, 1:18 pm, Straight Talk <b__n...@hotmail.com> wrote:

> On Tue, 4 Sep 2007 16:10:06 -0700, "PTravel"

>

> <ptra...@travelersvideo.com> wrote:

>

> >"Paul Adare" <pkad...@gmail.com> wrote in message

> >news:14vzvis3dpan0.cp4bxjd9v5gc$.dlg@40tude.net...

> >> On Tue, 4 Sep 2007 13:13:15 -0700,PTravelwrote:

>

> >>> I lilke AVG, which also has a better firewall than Windows Defender.

>

> >> Windows Defender is not a firewall.

>

> >You're correct. I meant Windows Firewall.

>

> So you're saying that AVG firewall is better than the windows

> firewall? If so, you're wrong again.

Unlike Windows Firewall, AVG gives transparent control over both in-

coming and out-going network communications.

>

> >AVG will also replace all the functions provided by Defender.

>

> I doubt that.

I'm not particularly interested in what you doubt or don't. The

Grisoft website provides information for anyone who is interested.

Are you one of those net posters who sense of self-worth comes from

jumping in to threads and screaming, "You're wrong!, "I doubt that!"?

I provided my opinion and explained why I hold it. You, on the other

hand, seem to have very little to say.

>

>

> >> --

> >> Paul Adare

> >> MVP - Virtual Machines

> >>http://www.identit.ca

> >> Hardware: The parts of a computer system that can be kicked.

September 10, 2007

On Sun, 09 Sep 2007 21:44:50 -0700, ptravel@travelersvideo.com wrote:

>Unlike Windows Firewall, AVG gives transparent control over both in-

>coming and out-going network communications.

The outbound control myth is so tenacious.

September 10, 2007

"Straight Talk" <b__nice@hotmail.com> wrote in

news:mi06e31o7tvcj610cpi4dsuifvl0eso4s8@4ax.com...

>>You should also use a proper firewall, both Comodo Pro and Agnitum Outpost

>>are known to work well with NOD32.

>

> If those firewalls are the answer, what exactly is the question?

NOD32 v2.7 doesn't come with a firewall, and razor_303 asked for advice on

security suites. Therefore I felt obliged to mention some firewalls I know

to work with NOD32. Imo. buying an entire security suite is the wrong thing

to do when your memory and CPU resources are stretched, rather I'd recommend

a stand alone anti-malware program and a firewall.

As Victek pointed out, Comodo for Vista is still in beta stage of

development (so is Outpost). For the time being, running NOD32 alongside

with Windows Firewall is an option. If you feel a third party firewall is

required, both PCTools and Jetico have released firewalls for Vista. PCTools

is a bit of a hog though, I haven't tried Jetico myself.

Charlie42

September 10, 2007

On Mon, 10 Sep 2007 12:04:25 +0200, "Charlie42"

<Charlie42@spam.me.not> wrote:

>

>"Straight Talk" <b__nice@hotmail.com> wrote in

>news:mi06e31o7tvcj610cpi4dsuifvl0eso4s8@4ax.com...

>>>You should also use a proper firewall, both Comodo Pro and Agnitum Outpost

>>>are known to work well with NOD32.

>>

>> If those firewalls are the answer, what exactly is the question?

>

>NOD32 v2.7 doesn't come with a firewall, and razor_303 asked for advice on

>security suites. Therefore I felt obliged to mention some firewalls I know

>to work with NOD32. Imo. buying an entire security suite is the wrong thing

>to do when your memory and CPU resources are stretched, rather I'd recommend

>a stand alone anti-malware program and a firewall.

Okay. The reason for my question was more because I was interested in

what problem these personal firewalls were meant to solve.

>As Victek pointed out, Comodo for Vista is still in beta stage of

>development (so is Outpost). For the time being, running NOD32 alongside

>with Windows Firewall is an option. If you feel a third party firewall is

>required, both PCTools and Jetico have released firewalls for Vista. PCTools

>is a bit of a hog though, I haven't tried Jetico myself.

I don't feel that a third party firewall is needed. Therefore I was

curious as to why you think so.

September 10, 2007

razor_303 wrote:

> what about kaspersky's latest internet security software, i think its 7

> im not sure, is it any good?

>

> "razor_303" <razor_303@earthlink.net> wrote in message

> news:5B3F1101-8454-4684-ADB9-8AE348F31424@microsoft.com...

>> I am currently using Norton Internet Security 2007, for both my

>> recently purchased laptop and my older desktop computer. I have seen

>> the reviews for the 2008 version and I'm not very confident in getting

>> it.

>>

>> I wanted to get some recommendations on security software that I can

>> buy that includes the whole package, like a firewall, anti-virus,

>> anti-spyware etc.

>>

>> I know to stay away from Computer Associates and PC-cillin as I've

>> tried those and pretty much wasted my money with both, so I've had

>> Norton for a while now. and Mcaffe ive heard it sucks so im not going

>> there either

>>

>> Can I have the whole name and not abberviations so I can look up the

>> software?

>>

>> getting tired of norton, uses up too much memory...

>>

>> Thanks

>

I use Kaspersky Anti-Virus 7.0 (not the KIS security suite) and I find

it excellent for both WinXP and Vista. Really first class service and

support. (But it is not free like Avast and some others.)

One thing is certain - stay away from Norton if you have the choice!

September 10, 2007

"Straight Talk" <b__nice@hotmail.com> wrote in

news:3gfae3t9eqhl6nmnabfbpf4iq045obp3ce@4ax.com...

> Okay. The reason for my question was more because I was interested in

> what problem these personal firewalls were meant to solve.

In-/outbound traffic control, monitoring applications using internet, port

stealthing, and so on.

> I don't feel that a third party firewall is needed. Therefore I was

> curious as to why you think so.

I don't, not since Vista was released anyway. At home I just use Vista

firewall alongside with my router firewall. They let me set the policies I

need to, and Defender/UAC keep sufficient control of my applications. I

think Vista FW could be more user friendly though, the 'advanced settings'

seem tucked away and complicated to the average home user.

But again: razor_303 asked about third party suites, so I felt I had tip

about some proper, less resource consuming, firewalls that can be used in

addition to NOD32.

The discussion over Vista vs. third party FW is an interesting one I think,

I haven't quite made my mind up yet, and I'd like to hear your points of

view.

Charlie42

September 11, 2007

"Straight Talk" <b__nice@hotmail.com> wrote in message

news:1pl9e3de8dphvtpdqhhji8flvjaa60u2jl@4ax.com...

> On Sun, 09 Sep 2007 21:44:50 -0700, ptravel@travelersvideo.com wrote:

>

>>Unlike Windows Firewall, AVG gives transparent control over both in-

>>coming and out-going network communications.

>

> The outbound control myth is so tenacious.

It's not a myth. Again, do you have anything substantive to add, or do you

just like to snipe?

September 11, 2007

On Tue, 11 Sep 2007 09:55:10 -0700, "PTravel"

<ptravel@travelersvideo.com> wrote:

>

>"Straight Talk" <b__nice@hotmail.com> wrote in message

>news:1pl9e3de8dphvtpdqhhji8flvjaa60u2jl@4ax.com...

>> On Sun, 09 Sep 2007 21:44:50 -0700, ptravel@travelersvideo.com wrote:

>>

>>>Unlike Windows Firewall, AVG gives transparent control over both in-

>>>coming and out-going network communications.

>>

>> The outbound control myth is so tenacious.

>

>It's not a myth.

Yes, it is. It's impossible in a windows environment for code A to

reliably prevent code B from calling out. Malware determined to call

out unattended won't let a PFW get in the way.

If the malware has system level access it can do what it wants, like

modifying the TCP/IP stack - or create it's own stack for that matter.

Or it may just piggy bag on an application you have already granted

access.

Malware is too dangerous to be something you allow to run thinking

that you can control it. It's something you don't run at all.

>Again, do you have anything substantive to add, or do you

>just like to snipe?

Calm down. I'm not the one needing to learn here.

Client Firewalls and Security Theater

http://www.microsoft.com/technet/technetma...ll/default.aspx

"Personal Firewalls" are mostly snake-oil

http://samspade.org/d/firewalls.html

Instead of reducing the number of network-aware services, a personal

firewall is an additional service that consumes system resources and

can also be the target of an attack, as exemplified by the Witty [1]

worm.

If the system has been compromised by Malware, Spyware or similar

software, these programs can also manipulate the firewall, because

both are running on the same system. It may be possible to bypass or

even completely shut down software firewalls in such a manner.

The high number of alerts generated by such applications can

possibly desensitize users to alerts by warning the user of actions

that may not be malicious (e.g. ICMP requests).

Software firewalls that interface with the operating system at the

kernel mode level may potentially cause instability and/or introduce

security flaws and other software bugs.

http://en.wikipedia.org/wiki/Personal_firewall#Criticisms

About "Comodo" - considered by many to be one of the top PFW's:

"The implementation of the security design is very superficial.

Today's malware creators would not have problems to bypass the

protection of Comodo. "

http://www.matousec.com/projects/windows-p....6.81/#security

September 12, 2007

On Sep 11, 1:13 pm, Straight Talk <b__n...@hotmail.com> wrote:

> On Tue, 11 Sep 2007 09:55:10 -0700, "PTravel"

>

> <ptra...@travelersvideo.com> wrote:

>

> >"Straight Talk" <b__n...@hotmail.com> wrote in message

> >news:1pl9e3de8dphvtpdqhhji8flvjaa60u2jl@4ax.com...

> >> On Sun, 09 Sep 2007 21:44:50 -0700, ptra...@travelersvideo.com wrote:

>

> >>>Unlike Windows Firewall, AVG gives transparent control over both in-

> >>>coming and out-going network communications.

>

> >> The outbound control myth is so tenacious.

>

> >It's not a myth.

>

> Yes, it is. It's impossible in a windows environment for code A to

> reliably prevent code B from calling out. Malware determined to call

> out unattended won't let a PFW get in the way.

>

> If the malware has system level access it can do what it wants, like

> modifying the TCP/IP stack - or create it's own stack for that matter.

>

> Or it may just piggy bag on an application you have already granted

> access.

And that's possible with any firewall. My post said AVG is a better

firewall than Windows because of the easier control over out-going

traffic. You seem to be advocating not using an outgoing firewall at

all. If you don't want one on your system because of it won't catch

every conceivable instance of unauthorized out-going traffic, fine.

No software offers 100% security. I'll go with one that offers some

fraction of that, and prefer the one that is easiest to configure and

the most transparent in its actions.

>

> Malware is too dangerous to be something you allow to run thinking

> that you can control it. It's something you don't run at all.

You seem to assume that anyone who uses a firewall doesn't know this.

I know this. However, advocating not using a firewall is like

advocating not using seat belts because they won't help you if your

car blows up.

>

> >Again, do you have anything substantive to add, or do you

> >just like to snipe?

>

> Calm down. I'm not the one needing to learn here.

I'm going to guess what you do for a living. You're in IT, right?

I run into this attitude a lot.

>

> Client Firewalls and Security Theaterhttp://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirew...

>

> "Personal Firewalls" are mostly snake-oilhttp://samspade.org/d/firewalls.html

>

> Instead of reducing the number of network-aware services, a personal

> firewall is an additional service that consumes system resources and

> can also be the target of an attack, as exemplified by the Witty [1]

> worm.

> If the system has been compromised by Malware, Spyware or similar

> software, these programs can also manipulate the firewall, because

> both are running on the same system. It may be possible to bypass or

> even completely shut down software firewalls in such a manner.

> The high number of alerts generated by such applications can

> possibly desensitize users to alerts by warning the user of actions

> that may not be malicious (e.g. ICMP requests).

> Software firewalls that interface with the operating system at the

> kernel mode level may potentially cause instability and/or introduce

> security flaws and other software bugs.http://en.wikipedia.org/wiki/Personal_firewall#Criticisms

You're citing Wikipedia? Whatever.

I don't have any system instability because of running AVG, at least

no more than is introduced by Vista itself.

>

> About "Comodo" - considered by many to be one of the top PFW's:

> "The implementation of the security design is very superficial.

> Today's malware creators would not have problems to bypass the

> protection of Comodo. "http://www.matousec.com/projects/windows-personal-firewall-analysis/C...

More Wikipedia cites? 1. We're not talking about Comodo. 2. The

issue isn't whether malware can bypass firewalls, but whether running

a firewall will stop more malware than not running a firewall.

September 12, 2007

On Tue, 11 Sep 2007 19:24:53 -0700, ptravel@travelersvideo.com wrote:

>> Or it may just piggy bag on an application you have already granted

>> access.

>

>And that's possible with any firewall. My post said AVG is a better

>firewall than Windows because of the easier control over out-going

>traffic. You seem to be advocating not using an outgoing firewall at

>all. If you don't want one on your system because of it won't catch

>every conceivable instance of unauthorized out-going traffic, fine.

>No software offers 100% security. I'll go with one that offers some

>fraction of that, and prefer the one that is easiest to configure and

>the most transparent in its actions.

And thereby adding instability, and worst of all, introducing more

vulnerabilities to your system.

>> Malware is too dangerous to be something you allow to run thinking

>> that you can control it. It's something you don't run at all.

>

>You seem to assume that anyone who uses a firewall doesn't know this.

>I know this. However, advocating not using a firewall is like

>advocating not using seat belts because they won't help you if your

>car blows up.

Very bad analogy. Unlike outbound control, a seat belt does what it's

meant to do highly reliably and it does not make your care more

vulnerable.

<snip>

>1. We're not talking about Comodo.

I mentioned Comodo since it's often considered one of the best. I hope

you realize that the AVG thingie that you seem to rely on just leaks

like a sieve.

>2. The issue isn't whether malware can bypass firewalls, but whether running

>a firewall will stop more malware than not running a firewall.

This is where your argument fails, because you don't consider the

costs involved with adding PFW code.

And BTW, don't expect your AVG thingie to stop any malware at all..

September 12, 2007

"Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message

news:Ox4HgQm7HHA.4476@TK2MSFTNGP06.phx.gbl...

> razor_303 wrote:

> But it's been several years since I've been tempted to try McAfee

> products. Their quality seemed to take a steep nose-dive after they were

> acquired by Network Associates.

I felt that way after Norton was acquired by Symantec. The original Norton

folks outshone everybody, including Symantec. Then Symantec bought them.

They haven't been as good ever since. Sure, they do throw a lot of money

into their product, but the quality that comes from enthusiasm is gone.

On the subject of the thread, however, I bit on CA's ad and spent all kinds

of time installing it, but when I ran it, it blew up. When I called for

support, the guy said, "Oh, we're not ready to support 64bit Vista yet." As

a programmer, I wondered why their software didn't know it was trying to

support the wrong operating system and refuse to install it! I don't recall

for sure, but I don't think the question was raised when I ordered the

software. I don't know if Vista64 has been in Beta since early 2006, but I

suspect it was since all kinds of developers have had 64bit products ready

at Vista introduction time. Needless to say, I'm not waiting for their

64bit system.

Bottom line: Someone asked in a post why folks were paying for antivirus

software when there were essentially as-good (if not better)

free-for-homeuse packages available. I bit and installed Avast 64bit. It

works fine, except that it needs a little better step-by-step: it has two

things come up and it's hard to figure out exactly what to do to insure it

is working, possibly because it is a Czeck group and I only do English. But

they seem to try hard and the basic product is very good, so I am very

pleased with Avast.

John

September 13, 2007

Straight Talk wrote:

>

>> And that's possible with any firewall. My post said AVG is a better

>> firewall than Windows because of the easier control over out-going

>> traffic. You seem to be advocating not using an outgoing firewall at

>> all. If you don't want one on your system because of it won't catch

>> every conceivable instance of unauthorized out-going traffic, fine.

>> No software offers 100% security. I'll go with one that offers some

>> fraction of that, and prefer the one that is easiest to configure and

>> the most transparent in its actions.

>

> And thereby adding instability, and worst of all, introducing more

> vulnerabilities to your system.

>

Please provide some sort of documentation or White Papers to

substantiate what appears, on the face of it, and based on my

experience, to be a patently absurd claim. As you've been told, no one

thinks outbound protection is a magic bullet, but it does add an

addition layer of protection, and it certainly does not create

additional vulnerabilities. (Poorly designed, coded, or configured

individual applications might cause problems, but that doesn't render

the concept of outbound protection invalid.)

--

Bruce Chambers

Help us help you:

http://dts-l.org/goodpost.htm

http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary

safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell

September 13, 2007

On Wed, 12 Sep 2007 19:57:30 -0600, Bruce Chambers

<bchambers@cable0ne.n3t> wrote:

>Straight Talk wrote:

>> And thereby adding instability, and worst of all, introducing more

>> vulnerabilities to your system.

>>

>

> Please provide some sort of documentation or White Papers to

>substantiate what appears, on the face of it, and based on my

>experience, to be a patently absurd claim.

What are you talking about? You are asking me to document the obvious

here!

I'm talking about adding 100+ hooks containing complex and buggy code

to already critical functions, which is what outbound "control" on a

windows host is about.

I'm talking about the impossible task of creating an entire security

layer on top of an OS providing numerous IPC methods for malware to

manipulate and interface with other app's.

In other words I'm talking about the foolishness of endangering your

system by adding numerous kernel hacks for no real benefit, since

malware determined to circumvent it will just do so anyway. And why

would malware not want to do so?

>As you've been told, no one thinks outbound protection is a magic bullet,

>but it does add an addition layer of protection, and it certainly does not create

>additional vulnerabilities.

Oh, please...

Sign In

Recommend a Security Suite

Recommended Posts

Guest razor_303

Popular Days

Popular Days

Guest Charlie42

Guest Chen Shen

Guest razor_303

Guest Ken Blake, MVP

Guest razor_303

Guest Straight Talk

Guest Straight Talk

Guest Straight Talk

Guest Straight Talk

Guest Straight Talk

Guest Pseudo Silk Kimono

Guest ptravel@travelersvideo.com

Guest Straight Talk

Guest Charlie42

Guest Straight Talk

Guest occam

Guest Charlie42

Guest PTravel

Guest Straight Talk

Guest ptravel@travelersvideo.com

Guest Straight Talk

Guest John

Guest Bruce Chambers

Guest Straight Talk

Join the conversation

Browse

Activity

Support