Which Firewall with Nod32?

[MickKi]

Hi folks,

In need of advice again:

If I were to go for Nod32 as my AV on windoze XP, which firewall should I
go for? Nod32 apparently do a plugin for Kerio (what's this product like?)

I've read that Outpost is apparently a sound application but don't know if
it clashes with Nod32 - any experience on this?

I like Norton's feature of controlling cookies/ActiveX/Java by prompting
you to accept/reject, rather than an on, or off setting. Does Outpost
offer such a feature?

Finally, would anyone who knows care to compare Sygate/Outpost/Kerio? I
am not sure if they are all more or less the same, and the newer versions
seem to infringe into AV territory (scanning emails).

Any advice much appreciated.

Regards,

Mick

 

[optikl]

Hi folks,

In need of advice again:

If I were to go for Nod32 as my AV on windoze XP, which firewall should I
go for? Nod32 apparently do a plugin for Kerio (what's this product like?)

Kerio PFW 2.15 is a very good PFW, but it's really for those whom have a
good understanding of TCP/IP protocol. You need to be able to configure it
properly.

I've read that Outpost is apparently a sound application but don't know if
it clashes with Nod32 - any experience on this?

I like Norton's feature of controlling cookies/ActiveX/Java by prompting
you to accept/reject, rather than an on, or off setting. Does Outpost
offer such a feature?
Yep.


Finally, would anyone who knows care to compare Sygate/Outpost/Kerio? I
am not sure if they are all more or less the same, and the newer versions
seem to infringe into AV territory (scanning emails).

Personally, I prefer Kerio or Outpost to Sygate, in no specific order.

Any advice much appreciated.

Regards,

Mick

Using OE, Microsoft's often patched, often exploited email client.
Hey, it beats skydiving for a rush.

 

[Charlie]

The built-in WindowsXP firewall is more than adequate. Enable it through the
Advanced tab after right clicking your internet connection and selecting
Properties. It will yield the much bally-hooed "stealth" test results at
various online security testing sites such as ShieldsUP! at this URL

1. https://grc.com/x/ne.dll?bh0bkyd2

It does not inspect outgoing data packets but that is a very minor
consideration in the real world. 99% of home users when confronted with
outgoing data permission requests have no idea what to allow and what to
disallow anyway. Outgoing data inspection is way over-hyped especially from
vendors with "software firewalls" to sell or endorse. Consider that this
"feature" was not added to the WinXP firewall as it was deemed unnecessary.

 

[Duane Arnold]

Hi folks,

In need of advice again:

If I were to go for Nod32 as my AV on windoze XP, which firewall
should I go for? Nod32 apparently do a plugin for Kerio (what's this
product like?)

I've read that Outpost is apparently a sound application but don't
know if it clashes with Nod32 - any experience on this?

I like Norton's feature of controlling cookies/ActiveX/Java by
prompting you to accept/reject, rather than an on, or off setting.
Does Outpost offer such a feature?

Finally, would anyone who knows care to compare Sygate/Outpost/Kerio?
I am not sure if they are all more or less the same, and the newer
versions seem to infringe into AV territory (scanning emails).

Any advice much appreciated.

Regards,

Mick

Nod32 will work with any FW. Other than outbound protection, XP has a
good FW. And XP has other means to protect itself, like TCP/IP Security
that should be implemented for any computer the is connected directly to
the Internet. For outbound protection, XP has IPsec that is not that hard
to implement or understand or go with any of the other FW(s) for the
outbound protection.

http://www.uksecurityonline.com/husdg/windowsxp.php

Or you can get a cheap NAT router to protect on the inbound and save the
machines resouces for doing other things.

http://www.homenethelp.com/web/explain/about-NAT.asp

Duane

 

[optikl]

The built-in WindowsXP firewall is more than adequate. Enable it through the
Advanced tab after right clicking your internet connection and selecting
Properties. It will yield the much bally-hooed "stealth" test results at
various online security testing sites such as ShieldsUP! at this URL

1. https://grc.com/x/ne.dll?bh0bkyd2

It does not inspect outgoing data packets but that is a very minor
consideration in the real world. 99% of home users when confronted with
outgoing data permission requests have no idea what to allow and what to
disallow anyway.

More accurately, they aren't interested in investing the time to know.

Outgoing data inspection is way over-hyped especially from

vendors with "software firewalls" to sell or endorse. Consider that this
"feature" was not added to the WinXP firewall as it was deemed

unnecessary.

None of this is "necessary". You just have to assess your risk.

 

[Bill]

If I were to go for Nod32 as my AV on windoze XP, which firewall should I
go for?

XP has it's own firewall.

 

[Bill]

The built-in WindowsXP firewall is more than adequate.

Wait a minute. A post from Charles that doesn't include any shills for
Symantec products and I actually agree with his post.

I tihnk I need a drink.

Bill

 

[Jeffrey A. Setaro]

Wait a minute. A post from Charles that doesn't include any shills for
Symantec products and I actually agree with his post.

I tihnk I need a drink.

Have two.

--
Cheers-

Jeff Setaro
jasetaro <at> mags.net
http://people.mags.net/jasetaro/
PGP Key IDs DH/DSS: 0x5D41429D RSA: 0x599D2A99 New RSA: 0xA19EBD34

 

[Charlie]

Happy Holidays Bill....

--

Charlie in Mississippi
(driftin' blues player and gospel picker)

 

[Shane]

The built-in WindowsXP firewall is more than adequate. Enable it through the
Advanced tab after right clicking your internet connection and selecting
Properties. It will yield the much bally-hooed "stealth" test results at
various online security testing sites such as ShieldsUP! at this URL

1. https://grc.com/x/ne.dll?bh0bkyd2

It does not inspect outgoing data packets but that is a very minor
consideration in the real world. 99% of home users when confronted with
outgoing data permission requests have no idea what to allow and what to
disallow anyway. Outgoing data inspection is way over-hyped especially from
vendors with "software firewalls" to sell or endorse. Consider that this
"feature" was not added to the WinXP firewall as it was deemed unnecessary.

When I was completely new to all this - malware, the internet, computers -
and was surfing about looking for recommended programs you didn't have to
pay for, maybe because I'm cheap too but definately because media hype about
viruses and hackers made me aware in some vague, uncomprehending way of a
need to have some kind of security, and I ended up with Zone Alarm. And
PKZip for Windows. And TSAdbot. And ZA alerting me to TSAdbot led me to
Ad-aware.

Even if you figure that as one of the other 1% I'd have figured it out
eventually, for the purposes of damage limitation a firewall alerting that
1% to outgoing requests makes them indispensible, particularly when you
consider it's not just relatively-harmless spyware trying to phone home.

As for security features deemed necessary/unnecessary by MS, isn't that
largely where this group begins?


Shane

 

[Jari Lehtonen]

The built-in WindowsXP firewall is more than adequate
It does not inspect outgoing data packets but that is a very minor
consideration in the real world. 99% of home users when confronted with
outgoing data permission requests have no idea what to allow and what to
disallow anyway. Outgoing data inspection is way over-hyped especially from
vendors with "software firewalls" to sell or endorse.

I must agree. The XP firewall is very good and it does not eat
resources, conflict with fast user switch etc...

And I consider myself somewhat advanced user and I am interested in
data security, but very often some firewall product asks permission to
outbound connection to strange ports etc (even IE does it sometimes).
I have no idea and no time to begin inspecting what it wants, so quite
often I take the erisk and allow the outgoing connection. How can a
newbie know what to allow nad what to deny???

jari

 

[James Egan]

For outbound protection, XP has IPsec that is not that hard
to implement or understand

What's this?


Jim.

 

[Conor]

The built-in WindowsXP firewall is more than adequate. Enable it through the
Advanced tab after right clicking your internet connection and selecting
Properties. It will yield the much bally-hooed "stealth" test results at
various online security testing sites such as ShieldsUP! at this URL

Is it hell. It lacks this certain ability to block OUTGOING traffic,
thus allowing that lovely little WORM/Trojan your free AV software
missed to merrily send out data all day long without you having a clue.

 

[Bill]

Is it hell. It lacks this certain ability to block OUTGOING traffic,
thus allowing that lovely little WORM/Trojan your free AV software
missed to merrily send out data all day long without you having a clue.

Nod32 free? I don't think so. Besides, if the user has an I.Q. above
two digits there won't be any trojan to send out data.

 

[Charlie]

When most users do not know nor even bother with crucial operating system
updates or to know or bother with AV updates (gee I updated my AV just last
year!!) they sure as heck are NOT going to "do some reading" to inform
themselves about outbound data inspection and rules.

I have used various firewalls that alert me to outbound requests. I am not a
newbie and have an MSEE. I do not have the urge to search for however long
on the web, in books, help files, etc to determine if xyz.dll should be
allowed to access the network.

How the heck is Joe Six-Pack gonna deal with this scenario??? He won't....

--

Charlie in Mississippi
(driftin' blues player and gospel picker)

 

[BoB]

I must agree. The XP firewall is very good and it does not eat
resources, conflict with fast user switch etc...

And I consider myself somewhat advanced user and I am interested in
data security, but very often some firewall product asks permission to
outbound connection to strange ports etc (even IE does it sometimes).
I have no idea and no time to begin inspecting what it wants, so quite
often I take the erisk and allow the outgoing connection. How can a
newbie know what to allow nad what to deny???

jari

"allow outbound connection to strange ports etc"?

Either do the exact opposite or turn your FW off so it
doesn't bother you.

BoB

 

[optikl]

I must agree. The XP firewall is very good and it does not eat
resources, conflict with fast user switch etc...

And I consider myself somewhat advanced user and I am interested in
data security, but very often some firewall product asks permission to
outbound connection to strange ports etc (even IE does it sometimes).
I have no idea and no time to begin inspecting what it wants, so quite
often I take the erisk and allow the outgoing connection. How can a
newbie know what to allow nad what to deny???

jari

I recently picked up TrendMicro Internet Security (11.00/12.53). It includes
a firewall component. However, unlike a lot of its competitors, its firewall
isn't application based.
It basically controls communications, in and out, through protocols and
ports, which one either allows, or denies. It allows the creation of
multiple profiles and offers 3 different security settings. Bottom line is
it's pretty much set and forget.

 

[MickKi]

[snip]

Thank you all kindly for your advice and the very useful links. No doubt
if I run into trouble I'll be back with more questions ;o)

Regards,

Mick

 

[kurt wismer]

When most users do not know nor even bother with crucial operating system
updates or to know or bother with AV updates (gee I updated my AV just last
year!!) they sure as heck are NOT going to "do some reading" to inform
themselves about outbound data inspection and rules.

I have used various firewalls that alert me to outbound requests. I am not a
newbie and have an MSEE. I do not have the urge to search for however long
on the web, in books, help files, etc to determine if xyz.dll should be
allowed to access the network.

How the heck is Joe Six-Pack gonna deal with this scenario??? He won't....

crap... what the heck is it with people and firewall technology...
first it was the supposed myth of firewall security and now it's this...

a firewall is a tool, it has a variety of features... if you're too
much of a lazy bum to use this particular feature then don't use it,
but don't pretend for a minute that it can't be a useful feature - on a
system where all apps that should be given outgoing connection
permission already have been given it then additional requests should
indicate a problem exists on the system...

these complaints boil down to the difficulty in managing a white-list,
nothing more... that people won't always know what the best answer to
the "allow/disallow" question without doing some research is irrelevant
- security (real security) is a process and part of that process
involves research... you're not expected to always know the answer
right away, you're expected to do some research sometimes and if that's
too much work or hassle then accept a lower level of security and don't
use security technologies that require you to advance your own knowledge...

 

[Charlie]

C'mon Kurt...name-calling as you did with "lazy bum" is pathetic.

Gee why can't we all just use our PC time researching and investigating Lord
only knows how many dll's exe's etc that will ask for outbound
rights -INSTEAD- of actually using our PC's for productive work. Keeping
your white list is drudgery and ineffective security too since not everyone
will "learn" as you obviously have to be a 100% correct every time firewall
data packet analyzer and rule maker!! Now doesn't that seem silly?

Some of us do not want to be data packet inspectors or firewall rules
experts..we prefer to use our PC's to get work done, have fun, enjoy
multimedia, communicate with loved ones instead of constantly "learning
which apps get outbound rights" and which ones don't.How boring,
ineffectual, unstimulating and misdirected.

You need to get away from your computer for a while Kurt!!!!
But WAIT!!!! ...what was that last outbound firewall data packet request?
A legitimate Internet Explorer outbound request -OR- something evil
masquerading as Internet Explore?

How can you possibly get any sleep at night Kurt????
--

Charlie in Mississippi
(driftin' blues player and gospel picker)