Source: TechRepublic (http://techrepublic.com.com/2001-1-0.html)
By George Ou
May 26, 2006

There's been plenty of debate lately that maybe with the release of Windows Vista, we might be able to get away with not using antivirus on our computers. Well I'm about to make an even bolder assertion, that running antivirus or even additional third party security software such as firewalls on your computer makes you even less safe! Now before you start the flaming, hear me out first.

It's well understood in the security community that every additional piece of software on a computer system is another potential target for attack. That's why it comes as no surprise that another antivirus package is open to a massive attack that can affect 200 million Symantec antivirus users running Symantec Antivirus 10.x or Symantec Client Security 3.x. This is actually nothing new and virtually every Antivirus vendor has had their share of remote exploits. Even an extra security feature such as compressed file scanning opens the user up to additional vulnerabilities and all the major AV solutions have had their share of malformed compressed file vulnerabilities. Just the mere act of decompressing a ZIP or ARJ file to see what's inside of it could set off a malicious payload.

Every third party firewall product such as ZoneAlarm and Kerio have exposed the very users they're suppose to protect to complete system level compromise. Ironically the built in Windows XP SP2 firewall which always gets unfairly picked on has never had any remote exploits. Sure it doesn't provide any outbound packet filtering which is only relevant if my computer is already owned in which case any firewall could be disabled anyways, but at least it doesn't leave me wide open to a remote attacker. With the Windows Vista built-in firewall, outbound packet filtering is now supported but the pundits are already jumping on it because it doesn't turn on outbound blocking for user actions by default and requires command line manipulation to access the outbound controls. What's left out is that the XP SP2 and Vista firewall can be centrally managed via Microsoft's Active Directory group policy whereas the third party firewall vendors want you to buy an expensive enterprise management and policy deployment system. But with Microsoft's personal firewall and its superior security track record, and the fact that it doesn't cost anything extra, one has to wonder what the point of third party firewalls is.

Read entire blog here (http://blogs.techrepublic.com.com/Ou/?p=234).

It wont last. People will find ways to get around Vista's protection just like they did with XP. And I doubt the protection Vista will have to offer is better than some of the secondary software out today anyways.

Actually this is microsofts plan all along.. Building a system thats entirely secure while allowing other third party software to be compromised or to run scripts or put a virus on the machine.

I'll stick with Windows XP SP2, Nod32 AntiVirus, Ewido Anti-Malware, Outpost Firewall.... I feel quite secure.

And Outpost 4.0 is coming... with insane security, absolutely insane security features: http://outpostfirewall.com/forum/showthread.php?p=123435#post123435

I'll stick with Mac OS X.

;)

Sure, I have to use Windows, but simply with the Windows Firewall, the latest Opera beta and Thunderbird for e-mail, my Windows machine never got a virus, with a little basic networking knowledge you don't need to dump $65 on Norton every year...and sure, you could argue the flaws of the Windows Firewall, but what firewall isn't flawed? Look at the recent vulnerability in Symantec's software, there's your hole right there, spending $65 for protection for a program with holes when you could've gotten that with regular Windows XP and Windows Update...

I'll stick with Windows XP SP2, Nod32 AntiVirus, Ewido Anti-Malware, Outpost Firewall.... I feel quite secure.

And Outpost 4.0 is coming... with insane security, absolutely insane security features: http://outpostfirewall.com/forum/showthread.php?p=123435#post123435

you don't need all that

run behind a NAT
use firefox
launch every internet facing application (Web browser, Instant messaging, EMail) using dropMyRights

I'll stick with Windows XP SP2, Nod32 AntiVirus, Ewido Anti-Malware, Outpost Firewall.... I feel quite secure.

And Outpost 4.0 is coming... with insane security, absolutely insane security features: http://outpostfirewall.com/forum/showthread.php?p=123435#post123435
Same here. You have an excellent security setup by the way.


you don't need all that

run behind a NAT
use firefox
launch every internet facing application (Web browser, Instant messaging, EMail) using dropMyRights
NAT is not nearly as good as a firewall, and does not even pass all leaktests, it also gives you no control. For example if you have a trojan such as SubSeven on your computer and somebody is trying to establish a connection, the NAT does not stop it. However a firewall does. Firefox helps but NOD32 and Ewido in real-time offer you much better protection.

I agree with lifehacker, protection from Windows Vista won't last long. Microsoft, has always try to make things easy for all end users so it would make compromises on security to run Windows!

A good router setup with XP ICF, an Anti-Virus program for scanning only and Ad-Watch works perfectly. I haven't got a bit of spyware installed on my computer since I accidentally installed it while fiddling with it.

Any AV program that always runs in the backround slows down the computer something terrible. It's not nessecary for always on but just for scanning.

I havn't had a anti virus on my pc for years, viruses are for silly people.

I use a hardware firewall, firefox and nod32, i get no viruses (Id be lieing if i said i dont surf porn and warez tho) last time I had a virus was on my older pc. Now I know you can get viruses just cause but if you dont surf stupid your good IMO. And I cant stand those anti trojan programs like ewido, they just plan suck, most virus programs will catch that without the extra crap software.

I know people thta dont even use a anti virus software, they have no problems.

I use in Real-time:
-NOD32
-Look n' stop firewall
-Process Guard
-NAT
The setup does not use many resources, and leaves my system well secured.

And I cant stand those anti trojan programs like ewido, they just plan suck, most virus programs will catch that without the extra crap software.
Ewido offers some of the best protection against malware available. What are you basing this opinion on?! Ewido's OD scanner catches things that many AVs dont including the top ones such as KAV, NOD32, BitDefender, etc.

I remember when they advertised XP as the most secure Win OS ever. Then not long after they had to patch a flaw, it's been a constant flood of patching ever since. I do think MS needs to handle their own security even if third parties get upset, though.

I've been playing around with SUSE, Mepis and Ubuntu and am starting to slowly get the hang of things(Hell I didn't learn Windows overnight). I think I'll be heading in that direction before Vista.

The only two program I use are NOD/Kaspersky and Outpost. Unfortunately NOD must be bumping heads with some other program, the computer starts blue screening everytime I install it so I use Kaspersky 6 now.

I've read a couple George Ou articles and everytime he's kissing MS ass.

Same here. You have an excellent security setup by the way.
Thank you. Computer Security is going to be my specialty when I complete my CS degree :-). (I'm a first year student, so I'm no expert quite yet).

NAT is not nearly as good as a firewall, and does not even pass all leaktests, it also gives you no control. For example if you have a trojan such as SubSeven on your computer and somebody is trying to establish a connection, the NAT does not stop it. However a firewall does. Firefox helps but NOD32 and Ewido in real-time offer you much better protection.
Exactly, NAT is okay, but not nearly good enough. By the way, Outpost 4.0 is going to be integrating alot of ProcessGuard functionality, so definately keep an eye on it.

you don't need all that
run behind a NAT
use firefox
launch every internet facing application (Web browser, Instant messaging, EMail) using dropMyRights
I have a WRT54G with Thibor firmware. NAT is covered.
I use Firefox.
And holy christ, DropMyRights is amazing, its in my "must have" utilities now (unless I find it to suck, but so far it looks amazing). I'll be using it extensively soon. I cant believe how simplistic it is in design.

And I cant stand those anti trojan programs like ewido, they just plan suck, most virus programs will catch that without the extra crap software.
I know people thta dont even use a anti virus software, they have no problems.
You think you know, but you dont. Ewido is very, very well written piece of software, and is very effective against Trojans. Nod32 is, IMO, the best AV on the market right now, but even it can't possibly catch everything.

Exactly, NAT is okay, but not nearly good enough. By the way, Outpost 4.0 is going to be integrating alot of ProcessGuard functionality, so definately keep an eye on it..
I prefer Look n' stop as my firewall but I'll test Outpost 4 and try it out all the same.

I prefer Look n' stop as my firewall but I'll test Outpost 4 and try it out all the same.

Look n' Stop just tied Outpost in the brand new Firewall Leak Tester: http://www.firewallleaktester.com/tests.php

I had a compaq p3 with a netgear firewall, avg internet security network edition, mi desktop didnt have anyfing like that only win xp pro sp2, jus set up a decent piece of hardware like netgear, then a cheap and cheerful server for firewall, and intrusion alerts and stuff, 2 the email, then u b sorted, easy as, thats y i dont any probs, i have 3 pc up and running, i even use a caddy on mi linux pc 2 scan, a caddy is an external usb encloser for hard drives/cd drives/dvd drives. Also a internal firewall can slow down a pc, depending on the clients specs and the server output, if u monitor wots going on u can track easiely no probs with that use IP! and get through it better that way, i wud recommend these days using a bit more money on a decent program to protect ur stuff like credits cards, orders and and protect urselft from backdoor crap, mcafee does do well, there are lots out there, bullgaurd, however norton does play up and buga up big time, easy to buga up so i wudnt recomment getting that program, anyway its ur pcs do woteva u want to protect ur files and most importantly backup ur files on another hdd and get partition magic, or ghost for woteva version of windows u use, and create a ghost file and recover u stuff from woteva state u want, its that simple, better than system restore. Anova tip, delete cookies like doubleclick.txt that is a type of spyware that u can get, also delete everyfing in temporary internet files, make sure u show hidden files in the folders, in folder options located in my computer in tools. wen downloading u always want 2 show the complete extension file, cuz it can say .mp3 wen it cud b somits else like .mp3.file so agen make sure u so the file extensions located in options in tools of my computer.

ope its helps people.
wrighty

I use AVG which is cool, and FREE

Look n' Stop just tied Outpost in the brand new Firewall Leak Tester: http://www.firewallleaktester.com/tests.php
I know I saw those results. Seems like Jetico got first place while Outpost and Look n' Stop tied for second. Both Outpost and Look n' Stop are very good firewalls but I haven't tried Jetico. Maybe I'll try it out now.

I had a computer that I had to chuck away in the summer, it was 4 years old no antivirus software and also was on the internet, no virus was found when I used a caddy to virus scan the computer, basically to prove that I do not need antivirus on it. I own a Toshiba Equium laptop that is almost a year old with Microsoft OneLive and Norton that is disabled and had more problems then ever. I also own a Packard Bell Intel pentium 2, and a Compaq pentium 2, these have Free edition of avg as I am not paying out for programs that my machine needs or does not need in some cases. Really just be carefull, as some people say that I have had no problems with viruses on my machine, no viruses on my machine when there is no antivirus programs on it. Well there are two sides of the story, just download and enjoy and surf the porn of the net, that is what its there for.

Cheers from Wrighty
Actually, I bet there were plenty of viruses on your computer just the scanners you used could not find it because they were all really bad. Whats "a caddy" antivirus? Then again if you use firefox and dont visit and porn/warez sites you could if you're lucky never get a virus.

I use AVG which is cool, and FREE
AVG is alright its good for the average user who does not visit porn/warez sites

AVG is alright its good for the average user who does not visit porn/warez sitesOh please, you are so wrong.




























Everyone visits porn sites LOL!

AVG is alright its good for the average user who does not visit porn/warez sites

Lets not forget Avast!, it has a better (and yet still free) scanning engine... it just has a horrible non-polished, non-professional GUI.

Lets not forget Avast!, it has a better (and yet still free) scanning engine... it just has a horrible non-polished, non-professional GUI.
AVG uses less recources than Avast! though.

I am not holding my breath that the new Microsoft Vista will be the magical answer to all of our security concerns, given the record of Microsoft to date .I protect my computer by using NOD32, Firefox, Thunderbird and Counterspy and they have done a great job so far. I am well aware of the danger of viruses and trojans from surfing internet porn sites trying to infect your computer and I can honestly say some have tried, but Nod32 shuts them all down dead.

I am not holding my breath that the new Microsoft Vista will be the magical answer to all of our security concerns, given the record of Microsoft to date .I protect my computer by using NOD32, Firefox, Thunderbird and Counterspy and they have done a great job so far. I am well aware of the danger of viruses and trojans from surfing internet porn sites trying to infect your computer and I can honestly say some have tried, but Nod32 shuts them all down dead.
NOD32 is one of the best antiviruses available these days. I also use it.

I remember when they advertised XP as the most secure Win OS ever. Then not long after they had to patch a flaw, it's been a constant flood of patching ever since.

Yeah me too. I stayed on Windows 98 for a long time. After a while I didn't even bother patching. Nobody seemed to care enough about my old 98 system enough to want to hack it. They were too busy looking for exploits for XP. Never got a virus, or spyware. Just surfed smart. Finally switched to XP. Caught 3 viruses in the first month.

It will be the same thing here. Windows will blow about how secure it's new system is going to be, then it will come out, and reality will rear it's ugly head. We'll all forget the unrealistic claims of added security.

Isn't this going to be the Operating system which hooks up TCPA with the hardware? Anything which allows private companies to tell me what I can, or can't do on my computer isn't secure.

i used Look n stop for sometime too but unfortunatly i started getting low id on emule and the speed dropped drastically so thats why i went back to WIndows own firewall. can u let me knw wht i need to do or wht iam doing wrong!
thanx bro


I use in Real-time:
-NOD32
-Look n' stop firewall
-Process Guard
-NAT
The setup does not use many resources, and leaves my system well secured.


Ewido offers some of the best protection against malware available. What are you basing this opinion on?! Ewido's OD scanner catches things that many AVs dont including the top ones such as KAV, NOD32, BitDefender, etc.

Windows Vista may not need anti-virus software because it may contain it's own custom made anti-virus software built right into the operating system.

This information is not 100% certain yet, however, it is a distinct and real possibility.

Windows Vista may not need anti-virus software because it may contain it's own custom made anti-virus software built right into the operating system.

This information is not 100% certain yet, however, it is a distinct and real possibility.

Thats assuming the Vista AV is any good. Mark my words, it will be wholly innefective, or it will become a point of attack itself.

Thats assuming the Vista AV is any good. Mark my words, it will be wholly innefective, or it will become a point of attack itself.
Thats exactly what I wanted to say. Microsoft has not been able to produce any very good AV software, and I doubt it will this time.

i used Look n stop for sometime too but unfortunatly i started getting low id on emule and the speed dropped drastically so thats why i went back to WIndows own firewall. can u let me knw wht i need to do or wht iam doing wrong!
thanx bro
Look n' stop is a complicated firewall to use. But for emule there is a plugin you can download from Look n' stop's website: http://www.looknstop.com/En/rules/rules.htm

Thats exactly what I wanted to say. Microsoft has not been able to produce any very good AV software, and I doubt it will this time.


Look n' stop is a complicated firewall to use. But for emule there is a plugin you can download from Look n' stop's website: http://www.looknstop.com/En/rules/rules.htm


thanx alot for the help bro!!
i will give it a shot!
tell me something bro do u think this firewall slows down ur connection speed?

thanx alot for the help bro!!
i will give it a shot!
tell me something bro do u think this firewall slows down ur connection speed?
If you configure it correctly it shouldnt slow down your download speed.

Outpost 4 is obsolete.

well i've had a virus twice,a sticky bugger that hides in back-up files,had to wipe pc back to day of purchse both times,damn it was a blag

well i've had a virus twice,a sticky bugger that hides in back-up files,had to wipe pc back to day of purchse both times,damn it was a blag
1000TH POST!!!!! Why not just get a good antivirus to protect you agianst viruses instead of having to delete everything?!

i did have one on,but the fucking thing got in and took it off,i won't be using McAfee again its shit

i did have one on,but the fucking thing got in and took it off,i won't be using McAfee again its shit
You can use ProcessGuard to protect your antivirus files from any unauthorized changes or terminations. Also most antiviruses have their own protection against termination (like NOD32, Kaspersky, BitDefender, F-secure, F-prot and some others) also a good antivirus will discover a virus trying to kill the antivirus process before it is able to do anything.

Outpost 4 is obsolete.

Outpost 4 will be the most comprehensive firewall solution ever introduced. Ever.

Outpost 4 is obsolete.
Where are you getting this info from?!

Outpost 4 will be the most comprehensive firewall solution ever introduced. Ever.
Outpost firewall products tend to have a high resource usage, hows the resource usage on this one?

Outpost firewall products tend to have a high resource usage, hows the resource usage on this one?

Unfortunately I can't comment, other than repeating information publically released by Agnitum.

I'm just looking for a firewall that allows me to control whats going out

I basically just dont want a program phoning home for any reason via the net unless it has my permission to do so

any advice would be greatly appreciated

There are probably a good number of combinations you can use, and still have good protection. If anyone had the end all program, there would beno competition between vendors - and we would all be using Norton (yuk!

What ever your choices, use something to protect your system. Somekind of Firewall, spyware and antivirus protection. Don't forget the Trojans as well....

Some products out there will combine services. One I use is Ewido. It claims to protect against Trojans, Worms, Dialers, Hijackers, Spyware and Keyloggers. It has also merged with Grisoft, the makers of AVG (antivirus).

I personally use AVG, Ewido, Kerio Firewall (Advanced), along with the Firewall built into my router.

My biggest piece of advise.... drop IE as a browser. I use Opera 9, I have never had a problem with Opera. They also do not rely on 3rd party patches for most of their enhanced functionality,


Just be safe! :icon_tong

I'm just looking for a firewall that allows me to control whats going out
I basically just dont want a program phoning home for any reason via the net unless it has my permission to do so
any advice would be greatly appreciated

My advice is ZoneAlarm for firewall, it so easy to use and really stops the intrusion
and AVG for AV

NOTE: for the new user of Pc and other inexperienced users
Dont ever, ever use 2 or more anti-virus, your PC only get worse to not woring properly
so stick in one AV

Some products out there will combine services. One I use is Ewido. It claims to protect against Trojans, Worms, Dialers, Hijackers, Spyware and Keyloggers. It has also merged with Grisoft, the makers of AVG (antivirus).
I personally use AVG, Ewido, Kerio Firewall (Advanced), along with the Firewall built into my router.
My biggest piece of advise.... drop IE as a browser. I use Opera 9, I have never had a problem with Opera. They also do not rely on 3rd party patches for most of their enhanced functionality,

:icon_salu thats nice :icon_salu
one thing to remeber, dont try to use a protection "all in one"
all makers has different speciality

Other browser than IE, thats better, if you got problem with OPERa, FF, etc. all you have to do is uninstall the browser then reinstall
IE- if problem occurs, your system affected ($uck&)

:@: infoseeker :@:

Some products out there will combine services. One I use is Ewido. It claims to protect against Trojans, Worms, Dialers, Hijackers, Spyware and Keyloggers. It has also merged with Grisoft, the makers of AVG (antivirus).
Ewido is a great program, I use myself though not in real-time just as a scanner.

I use the combo of Kaspersky 6 and Outpost 3.5. Been working great for me!