So for a software firewall I've settled on PCTools Firewall V3.-4wd
With or without ThreatFire ??
-Curt
Sorry, for the slow reply - only visit when the moon is blue, red, green or purple
Without, I don't use any form of HIPS. Since anything 'nasty' that starts to run has to:
a) get onto my PC - which is hard for anyone to do physically.
b) get through the router's firewall, the only open ports go to a dumb NAS not capable of running software - and the router uses SPI, so the connection has to be originated at my end first.
c) get through NAT translation.
d) get through PCTools Firewall V3, which also has SPI on plus it has basic 'software-not-doing-the-right-thing' protection, (in the Application rules).
e) and finally I've even found avast! AntiVirus free edition works remarkably well for picking up stray malware/spyware.
I used to run HIPS of one kind or another, (was a while ago and can't recall any of the products - damn alcohol!), but just found that they caused to much interference with my normal operation of my computer.
I'll also mention here another scenario I have:
I have a XP-SP2 PC, it's an old Dell Optiplex GX150 PIII-1GHz running as a headless, (no keyboard, mouse, monitor), Usenet downloader. It runs 24/7/365.
It doesn't have a firewall, (not even the default XP). It doesn't have antivirus. It's only form of protection is the router, (firewall/NAT). It has run for more than a year. It has never had a virus/spyware/malware/software problem.
Why?
It runs
ONE program only, (SABnzbd - which is compiled Python). It doesn't execute anything it downloads, (it doesn't even get unarchived). It doesn't do Microsoft updates, it doesn't do
any updates. It is permanently stuck at SP2.