Moving up to ESET NOD32 v5

[Stoic Joker]

Why exactly does a printer driver demand access to the internet?

-Tuxman (November 18, 2011, 06:29 PM)

They don't; but it's a network printer ... and as usual the firewall doesn't make that kind of distinction.

[Tuxman]

Firewalls do, "firewalls" don't. Phrasing is important here!
These "suits" are just like the "Windows Firewall": Not very sophisticated packet filtering, but no firewall functionality at all.

[Stoic Joker]

Firewalls do, "firewalls" don't. Phrasing is important here!
These "suits" are just like the "Windows Firewall": Not very sophisticated packet filtering, but no firewall functionality at all.

-Tuxman (November 18, 2011, 06:44 PM)

Perhapps, but the functionality available in a high-end, full zoot commercial firewall isn't necessary for an end user. Sure if you have publically hosted services that get thousands of hits an hour the full on SPI/Traffic shaping/etc., etc. shenanigans are all necessary & good. But that's not the case with a typical end user.

Most sheeple just need something to sit at the edge of their machine that will say no to (basically all) incoming connection requests, because they don't want to waste time typing/remembering anything more complicated than their dogs name for a password. And the Windows firewall does this just fine (end of need).

Outbound "filtering"? ...I've never seen giving end users choices end well. They either shoot themselves in the foot blocking something necessary, or get eaten alive by something that's trying to get out. The object is to prevent hostile code from getting on the box in the first place. And one of the simplest (processor time free) methods of doing that is to use DNS filtering ...(like OpenDNS).. Which is done at the network border, and does a suprisingly good job of keeping folks away from those infected banner farm servers.

Best way to avoid getting killed in battle, is to avoid battles. 

[Cloq]

I quite like interactive "Personal Firewalls". I don't like applications "phoning home" without my knowledge or consent.

I am too dumb to comprehend half the EULA's that are out there assuming they even mention that the application/installer is going be sending/receiving information/updates behind the scenes.

It's amazing that amount "crap" that various applications pre-install (think auto update programs for instance) that I would have never realized (thereby wouldn't have known to remove/delete those extra apps) without an interactive "personal firewall".

Currently I am using Eset's ESS 5 and Malwarebytes Anti-Malware Pro. They both seem to play and behave well together.

ESS seems to be weak in removing and detecting malware (realtime) and for that Malwarebytes takes over.

[Tuxman]

It's amazing that amount "crap" that various applications pre-install (think auto update programs for instance) that I would have never realized (thereby wouldn't have known to remove/delete those extra apps) without an interactive "personal firewall".

-Cloq (November 19, 2011, 11:36 AM)

Might sound a bit harsh, but: Use your brain. A "personal firewall" is not meant to replace your own thinking. If you don't know what an application actually installs, use snapshots of your system. If you don't want to, I can't see your actual problem with that.

Oh: ESS is not made for malware detection, it features a virus scanner, not a "potentially unwanted software" scanner.

[Cloq]

It's amazing that amount "crap" that various applications pre-install (think auto update programs for instance) that I would have never realized (thereby wouldn't have known to remove/delete those extra apps) without an interactive "personal firewall".

-Cloq (November 19, 2011, 11:36 AM)

Might sound a bit harsh, but: Use your brain. A "personal firewall" is not meant to replace your own thinking. If you don't know what an application actually installs, use snapshots of your system. If you don't want to, I can't see your actual problem with that.

Oh: ESS is not made for malware detection, it features a virus scanner, not a "potentially unwanted software" scanner.

-Tuxman (November 19, 2011, 12:19 PM)

I am not sure how your average user is suppose to know the mind of an author/programmer that is devious in hiding unwanted processes/applications on startup/installation.

What seems to a common trend now is for installations to tack on various toolbars and spyware apps. Even a few of the trusted applications that I use, the newer versions now bundle junk with it, so you have to babysit the damn install and uncheck the junk.

An interactive personal firewall is useful as a first line of defense, it can alert the user that some app wanting out.

ESS like many other antivirus (started off as) programs are now trying to throw in the kitchen sink with their program so they try to be a jack of all trades in that area but are not always successful in every field.

[Tuxman]

I am not sure how your average user is suppose to know the mind of an author/programmer that is devious in hiding unwanted processes/applications on startup/installation.

Don't install software you do not trust. Simple as that.

An interactive personal firewall is useful as a first line of defense, it can alert the user that some app wanting out.

That's why malicious software seldomly says "hi, I'm malicious-software.exe".

[J-Mac]

Yeah Tux, but most here at DC are pretty savvy about software/adware/malware, etc. and still get burned every once in a while. Think of the poor newbies who don’t have many clues at all regarding safe software! Like many members' Moms for example. If someone isn't watching over all their installations, they are pretty much SOL!

Jim

[Tuxman]

Mistakes are made to learn from them.

[Stoic Joker]

That's why malicious software seldomly says "hi, I'm malicious-software.exe".

-Tuxman (November 19, 2011, 01:44 PM)

Hm... (Let's Experiment) Hi, I'm Malicious Software:

[Tuxman]

I will not click it, suspicious file is suspicious.