Main Area and Open Discussion > General Software Discussion

Will Win7 last as long as XP?

<< < (9/11) > >>

cyberdiva:
1) They aren't firewall applications - they are AV applications ;)
2) Avast is free for home use, NOD32 isn't
-Carol Haynes (September 14, 2009, 03:13 AM)
--- End quote ---
Thanks, Carol, for your response.  I don't know where my brain was when I wrote that last message.  I'm well aware that AVAST and NOD32 are AV apps, not firewalls--why I wrote "firewall" is a mystery.  Then again, lots about my so-called mind is a mystery  :-[ .

So am I right in interpreting what you've said as 'NOD32 is probably better than AVAST, but you'd have to pay for NOD32, so let your company pay for it at work and use AVAST at home because it's pretty good and free'? 

Carol Haynes:
I think they are probably comparable in terms of quality. The main reason I don't go for AVAST on business machines is that you end up with firewalls and antispam too - the basic free AV solution for home use is very good (at least I haven't had any problems with it and clients seem happy plus it seems light on resources). NOD32 has a good track record and is very light on systems but has the big advantage that you can buy a license for just the AV software so you don't end up with bulky and uncontrollable suites on business machines.

Having said that I did advise a client to try the NOD32 Security Suite and I now wish I hadn't. The firewall is impenetrable (and as far as I can tell it doesn't obey its won rules). My client had endless problems with a WiFi Brother printer attached to their network (mainly that no one could print on it when NOD32 firewall was enabled). I checked the firewall settings and it clearly stated that network printing was allowed but it didn't work. I tried making specific rules and even through the firewall into learning mode so I could tell it to allow communications through when a print attempt was made. Nothing I did made any difference.

In the end I simply disabled the NOD32 firewall and enabled Vista's firewall which causes absolutely no problems.

tranglos:
I checked the firewall settings and it clearly stated that network printing was allowed but it didn't work. I tried making specific rules and even through the firewall into learning mode so I could tell it to allow communications through when a print attempt was made. Nothing I did made any difference.
-Carol Haynes (September 14, 2009, 08:28 AM)
--- End quote ---

We're drifting off topic for the thread, but it seems to me the scenario you describe above is what eventually happens to some firewalls, after they go beyond some threshold of complexity. I had exactly the same experience with Outpost after a few years of usage. It would randomly block outgoing FTP among others, and no amount of tweaking would fix that. These were known problems, with solutions poste on user forums that required manually changing ini settings, but after a while Outpost became unbearable. I switched to the ESET suite then, and it has served me well for two years, and just last month it decided it didn't like it when Backup4All was copying files to a network drive. Backup4All would freeze at n% copying a random file, and it would not continue until I disabled the firewall in ESET correction: not the firewall, but the real-time scanning component. The end result was the same though, since ESET was taking inordinate amounts of time to finish scanning a tiny .txt file, which it shouldn't even be looking at in the first place.

My guess is at some point the firewall rules become too complex, or maybe there are remains of old rules or old behaviors that the developers abandoned but didn't quite remove from the code? Who knows, but I think I'm seeing a pattern.

I dropped ESET and, since my subscription was about to expire anyway, I bought Kaspersky AV. (Tried their firewall too, liked it in general, didn't like the constant pop-ups. "Total Commander is trying to start a process, blah blah." I'm not paying for you to annoy me, firewall :-) )

Carol Haynes:
The trouble with the ESET firewall is that it was set to 'out-of-the-box' settings since only very common applications are used (e.g. MS Office is the main application) and the firewall has pre-built rules to deal with common applications and simple network setups (including network printing). Even though nothing was tweaked it caused problems and tweaking the settings didn't seem to have any effect at all.

Innuendo:
I'm not a big fan of 3rd party software firewalls, since I find blocking outgoing connections pretty much useless...-f0dder (September 13, 2009, 05:27 PM)
--- End quote ---

While blocking/monitoring outgoing connections is useless in regards to fighting malware I find it invaluable in discovering what non-malware programs are doing and what web sites they are trying to contact. My favorite example to cite regarding this point is that early versions of WinDVD, a popular DVD player, would contact the author's web site and communicate the movie titles of every single movie you watched using their software. I never would have known this without my software firewall. Heck, the current version of WinDVD may still do this. I haven't used it in years, though.

I have to agree with Carol's assertion for having a good AV program installed. Even the best, most cautious behavior surfing the internet isn't an impenetrable defense when people are discovering viruses and trojans on pressed discs bought from a brick and mortar store. I won't even get into the crap we're now having to deal with with poo imbedded in Flash ads, cross-site vulnerabilities, etc. The vectors of attacks are increasing and the days of just being careful what you click on and which sites you visit are coming to an end. The bad guys are getting very clever.

Makes me yearn for 1993....biggest problem we had on the internet was trying to figure out how to block banner ads and popups.

Navigation

[0] Message Index

[#] Next page

[*] Previous page