Is M/S firewall enough?

Hey

I got my desktop hooked via via a netgear router for which I use a wireless laptop.

On my desktop I have MS firewall with NOD32.

Is the MS firewall enough on my laptop or would you recomend a security program as well?

I was thinking using one of the free ones if not.

Thanks.

Posted on another thread but I have had any responses so though it might be in wrong section,

 

Would you trust a fox to guard a hen house ??????

Your routers NAT preforms a FW function for some attacks. If your not one that visits the high risk sites or torrent you may be fine.

I do not like Symantic products due to the huge over head they impose. And I had a problems years back with a definition file that has a bad signature and removed some necessary files. They did not acknowledge in any way that they had a problem. So they lost a 2000+ bulk liesen because they ignored me. I only use the free products now like Comodo.

 

Thanks mate I was looking at the free products and yes I do torrent sometimes.

And come on we all visit "highrisk" websites LOL

Anyway will look around, supposid there is a free internet security program that recently beat NOD32, so will check that one out. Cant remember the name though, so not sure how I am going to check it out.

Thanks again

 

No, Windows Firewall isn't enough...and I highly recommend Comodo Firewall. That's all I use on my computer for defense.

 

If you run a 32-bit OS (XP/Vista), Online Armor v.3 is also an excellent option besides Comodo which I can also recommend.

It's Avira AntiVir Personal Edition and Avast! Home Edition that both scored higher than NOD32 in the latest test from AV-Comparatives.
All free programs.
Cheers.

 

Why people say that MS firewall isn't enough? Can you guys give me reasons? Comodo and MS are bidirectional firewall. Firewall is practically used to regulate/control the packets. What can possibly special about comodo?

If the request from incomming doesn't match the outgoing, the firewall will drop the packet. This is just a simple rule. What else is so special about firewall?

 

It's like the fox guarding the hen house. Since MS can not code the systems to keep it closed down, why do you think the FW is any better. What you describe as a FW is a simple NAT. Hackers do not follow rules, they will mask as a process that may have full reign. And most all sites that test FW show the MS is near the bottom. Which if they were to build a perfect OS, third party vendors would go out of business. But that's not going to happen any time soon.

MS got in the FW/AV business to try to capture some of the business revenue they were loosing.

 

merlin, Windows Firewall IMO is not a "true" Firewall. Come on...in all seriousness...it is lame. It doesn't even alert you when intruders try to attack you like Comodo would. (therefore it's not user-friendly) Let's just say it lacks flexibility and features...it's just plain and boring..and I wouldn't trust such a program protecting me. With Windows Firewall on, in my mind it doesn't mean anything really. it's like it's not even there...thas how much respect I have for it. The only thing it's good at is being a nuisance by blocking applications/services unwantedly. I think MS should get-rid of it all together and let the user install a proper Firewall program.

 

I am totally disagreed with you. You are misunderstand about firewall concept. NAT is just a translation between public IP address and private IP address. We are using PAT in Cisco world, and it is more percise.The byproduct is the router will drop any packets that has private IP address as destination. Firewall either software or hardware is packet inspector. It refers as stateful packet firewall. It has simple a rule as the incomming packet must match the outgoing request otherwise the packet will be dropped. Both hardware and software firewall build on this basic principle, but you can tweak it by apply more rules into the firewall.

I don't know what you kintd of test you run on MS firewall. A lof of big corporates are using MS firewall as secondary line of defend. The third party firewall software is only use in consumer environment. I use Vista firewall in my network. Don't underestimate MS firewall product, which is ISA 2006, if you haven't used it, don't comment on it. The only thing that hardware firewall, such as Cisco PIX, is outperform software firewall because hardware firewall is faster than software firewall. It is because of ASIC chip. It inspects the packet at wire speed.

MS firewall is sufficient for home users. Actually, it is even more than enough in the big corporate. I don't see why it doesn't do the job under home usage. The problem is home user running OS as admin privilege unlike in corporate environment. That is more concern than the firewall itself. That is the reason why Vista introduces UAC. I am not going to make a lecture here. Feel free to correct if I am wrong.

 

Okay, maybe i'm just hating on Windows Firewall , but in all fairness, compared to other programs such as Comodo, I don't think Windows Firewall can match up. Especially when it comes to flexibility, notifications and the different features you have at-hand.

 

The firewall, regardless what type, cann't do its job IF the machine has been compromised. If your computer is being compromised, the bad software can mask the traffic as ligitimate packet, and you can't do anything with it. You see my point?

You haven't discover what MS firewall has under the hood yet, so don't judge the book by its cover. It can define the rule as any commercial firewall. It designs to work seemless as much as possible. Don't forget that firewall doesn't help you anything if your machine is already compromise. If your computer already infect with some spyware, Cisco PIX, which cost $$$$, isn't going to help you either.

Let me stress it again that firewall is just a packet inspector. UAC in Vista is the function that prevents you from unknown/bad software and antivirus as well.

 

I use a combination of Outpost Firewall 2009 and nod32. I find this to be the best combination i did months of research and testing. They are not only the BEST IMO Firewall and Antivirus but also very light on resources! And since you are already familiar with "highrisk" websites should be easy to get for nothing

 

router is a good firewall in itself

edit host file

file and printer sharing OFF

remote assistance OFF

etc etc

Windows firewall isnt all that bad but its not all that good either

only blocks "incoming"

 

The integrated HIPS (Defense+) I would say.
I'm not saying the Windows FW is bad or anything, it largely depends on personal preference and user-behaviour what security programs are needed or not but that difference/feature (HIPS) is clear imo.
Cheers.

(I know it's off topic regarding networking, won't happen again)

 

I love to talk about the network though, and I love to hear what people say or reply my post. Since you select a small part of my posts, I would assume that I have valid points on what I said.