How many antivirii's can you install? - Page 2
Page 2 of 6 FirstFirst 1234 ... LastLast
Results 11 to 20 of 57

Thread: How many antivirii's can you install?

  1. #11
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    My experience with software firewalls is that they chew performance. I recommend software firewalls for dial up users.....but as JP stated if you are on cable or dsl ...spend the 100 bucks.
    I have heard too many horror stories of fresh installs getting infected...trying to get the updates from ms and av companies


    As for 2 anti virus...that will cause problems....

    I use an online scanner as a backup to the AV I have installed on the ws...if a machine is infected with a virus...I clean using it a local av ( as some viruses are easy to clean in safe mode)...then I use an online scanner to be sure I got it all.

    just disable the local av til the online scan is done.

    mlf
    How people treat you is their karma- how you react is yours-Wayne Dyer

  2. #12
    The ultimate factor is, how important is what's on your computer, and how much damage can it do you if in the wrong hands? If the answer is none, then relying on Win updates and your router is enough. If the answer is "a lot", then you need to consider additional steps. In some cases, a hardware firewall doubled with a software firewall may seem overkill, but it wouldn't hurt, if you know what you're doing.

    A lot of it depends on how much memory you have to spread among processes too. If all the security measures bog down your performance to a crawl, then you have a problem. But if your machine can handle it in stride, then do what you feel is necessary.

  3. #13
    Banned
    Join Date
    Jul 2001
    Posts
    1,100
    Originally posted here by AngelicKnight
    In some cases, a hardware firewall doubled with a software firewall may seem overkill, but it wouldn't hurt, if you know what you're doing.
    If you "know what you're doing", you realize installing both is stupid, and you don't do it in the first place. You don't just install security mechanisms because "it wouldn't hurt" if it "doesn't help" either.

    I'm not sure where people are getting confused as to what exactly a firewall does, and why so many people are saying install both.

    For example, someone said they installed a desktop firewall to take care of things that "slip through" their hardware firewall?

    Firewalls are set up with a set of rules. Things don't just "slip through" them. It's not like the rules only work "some of the time". If that were the case, we'd call them Firewall Suggestions, and not Firewall Rules.

    Even the largest of corporations and governmental agencies rely on border firewalls, and certainly don't expect each desktop to act as a firewall as well. Why not? Because that's not the role of a desktop computer, and for good reason!

    Firewalls are intended to be a border access control device, plain and simple. Desktop software versions of them were invented during the "dial up" era as a gimp version of a firewall, because individuals didn't have control over border access at all. (The earliest versions of these were freeware programs written by users on IRC to block things like winnuke. Software companies figured hey, might as well add a bit more functionality and make a commercial product out of them). They have long since outlived their usefulness, and exist solely to satisfy a consumer demand driven by a clear lack of understanding of what a firewall is and does, and the role one plays in information security.

    I stand by my earlier recommendation.


  4. #14
    I think you're 99.9% correct, but I'm always thinking about that unlikely .1% when something wierd goes wrong. To trust even your hardware firewall 100% isn't wise, for if everything worked that well we'd all be out of jobs.

    But that's all just theoretical thinking from someone still quite a bit fresh in the infosec world. But like I said in another thread, we can never afford to become too confident in either ourselves or what we use. Always consider the unlikely, even the extremely unlikely.

    So that's why I say when you have the resources to spare, why not?

    (The great JP argued one of my points! I've been noticed! Yay, I feel special now!)

  5. #15
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    JP,
    I have a small wireless LAN on my home setup and I don't nessisarily trust the other 2 computers on it. I have WEP installed and am using it on the wireless portion, but as we all know that is not a real good protection.
    The D-Link router I use has a firewall in it, but would you consider that enough for this arragement.
    Note -- I do also use a software firewall on my system, at present.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  6. #16
    Banned
    Join Date
    Jul 2001
    Posts
    1,100
    Originally posted here by moxnix
    JP,
    I have a small wireless LAN on my home setup and I don't nessisarily trust the other 2 computers on it.
    I really don't think that home users should set up wireless lans (especially when you allow 3rd parties connecting to it, but regardless of that), unless they're willing to go the extra step of setting up what amounts to a DMZ (or, Demilitarized Zone).

    border firewall + WAP (wireless access point) =>> wireless lan =>> internal firewall =>> protected internal lan

    This way, users that you're allowing to connect to you wirelessly (to share bandwidth I assume?) do not have access to your personal lan. If all of the computers are yours, then I would strongly recommend against keeping anything "important" on the "wireless lan" segment.

    The worry isn't that something will make its way through your border firewall, but that a rogue node could connect to your access point device and make itself part of your lan. You've taken steps to protect against such an occurrence, but you're right in not relying on it as a certainty.

    In the above configuration, you are taking this possibility into account by having your important data located on a secondary segment of your network that is protected from the segment containing the wireless nodes. You can then set up MAC Address control on your border router, that would prevent any potential rogue node from connecting to the internet, even if it did manage to connect to your DMZ.

    Also keep in mind, that some mid sized firewall appliances will allow you to do all of this virtually, without the need for 2 seperate firewalls. We call them "vlans" (or, virtual lans). You can then configure what access each vlan has to each other, and what access each has to the internet.

    This setup may or may not need adjusted depending on what the precise purpose of your wireless nodes are in the first place.

  7. #17
    *taking notes frantically*

  8. #18
    I'm with angelic, Notes,notes,and more notes. This is what I was looking for great experience being passed on it doesn't get better!!!! thanks all who answered this thread!!!! You people rock..

  9. #19
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    quote:

    Desktop software versions of them were invented during the "dial up" era as a gimp version of a firewall, because individuals didn't have control over border access at all.
    It may have escaped your attention JP, but a great number of people throughout the world are STILL in the dial-up era. I am talking about private individuals here. People who wouldn't know how to configure a firewalled router if their very lives depended on it, and who probably couldn't afford one anyway?

    Why has Microsoft persisted with "home" and "professional" versions of their OSes if this "divide" does not in fact exist?

    I feel that we sometimes tend to be a little too elitist and geek, thus losing touch with the realities of the world beyond the ivory tower.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  10. #20
    I feel that we sometimes tend to be a little too elitist and geek, thus losing touch with the realities of the world beyond the ivory tower.
    No kidding! Just try being one of us new guys to the IT world. There's plenty of "What? You didn't know that?" and "What a stupid idea that is!" going around, as if we all come out of the womb quoting Linux code or something. "Noob" is pretty much a 4-letter word nowadays it seems.

    Aaaahhh, just had to get that out of my system.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides