Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

After one year of McAfee...


  • Please log in to reply
24 replies to this topic

#1 FAlonso

FAlonso

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere, France
  • Local time:05:24 PM

Posted 08 March 2015 - 02:07 PM

Hello everyone

 

So this topic is mainly related to firewalls, but i'll post it here as it's also about AV and general internet security.

 

After one year of McAfee and many years of ignorance, i started to learn more about how to correctly use a PC. I've learnt a lot, i'm not an IT genius (yet :)), so i do want something...different from the McAfee i've been using so far but not too complicated to use. I've heard the best protection could achieved with a Bitdefender antivirus next to a Comodo firewall. I also do know the latter has to be configured properly, and while i do understand all of Comodo's instructions, custom rules about this and that port and protocol are a little bit beyond my understanding... and having to create custom rules to make it work would be a problem. So i'm left with two options (paying isn't a problem) :

 

A - Comodo's firewall will work fine without setting custom rules and sticking to proper use of preset settings is enough to make it work, in which case it'll be Bitdefendr AV + Comodo FW

or B - Comodo won't work without good understanding of rules, and i need something a bit more "install & forget", like Kaspersky

 

And would option A give significantly more protection than option B ?

 



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:24 PM

Posted 08 March 2015 - 02:19 PM

Hello there,

From what I've heard, Comodo Firewall is a HIPS firewall (Host Intrusion Prevention System), which can cause a LOT of alerts (I've used another HIPS firewall before - Emsisoft Online Armor - so I'm not joking). If you are not confident in your ability to tell what should be allowed or blocked, I do not recommend using HIPS firewalls in general.

No security solutions will ever give 100% foolproof security - not without common sense at least. Please read this: Simple ways to keep your computer secure and safe online

Also a third-party firewall is unnecessary for most users. Assuming that you are using Windows Vista and later, the Windows Firewall should be adequate protection for normal surfing.

That being said, do you still want to stay with BitDefender? Or do you wish to switch to another AV?

Regards,
Alex

#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:24 PM

Posted 08 March 2015 - 02:21 PM

Hi FAlonso :)

The best protection doesn't exist, otherwise, everyone would be running the same setup and there would only be a few products on the market that could stay alive. The "best protection" for a system is a combinaison of many variables put together that you have to think of, quietman enumerates them in a well detailled manner in his article here:

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

So if Bitdefender and Comodo Firewall is the setup you want to run and that you like, then it's all good, but it doesn't mean that it's "best protection setup ever" :P Now, are you set on using that setup or do you want something else, since I see that you mentionned using Kaspersky (or wanting to use it)?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:24 PM

Posted 08 March 2015 - 02:48 PM

5 Reasons Why the Windows Firewall is One of the Best Firewalls. For more information, please read Choosing a Firewall
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 FAlonso

FAlonso
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere, France
  • Local time:05:24 PM

Posted 08 March 2015 - 03:06 PM

Thanks for the fast replies

 

Common sense is one of the things i do have ^^ so it won't be an issue.

 

I would like to use the Bitdefender package since it has a great quality/price ratio, easy to use, doesn't demand lots of resources, filters websites.........so it's definitely what i'd like to use. But some (most) said it's firewall component struggles to get on par with the competition (wrong ?). True, i have no idea whether that means it's really reliable or not.

i also heard about free solutions doing roughly the same job like the chinese 360 but i'm not too sure about their privacy policy, so no thanks.

 

But if windows firewall does the job i might as well stick to that. It's only that Comodo offers good interesting features beside the firewall. But then again, am i qualified to use it if i can't make rules or would it be wiser to have one that's easier to use?


Edited by FAlonso, 08 March 2015 - 03:12 PM.


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:24 PM

Posted 08 March 2015 - 03:09 PM

What Bitdefender package are you talking about here? Since there's 2-3 of them.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:24 PM

Posted 08 March 2015 - 03:12 PM

But if windows firewall does the job i might as well stick to that. It's only that Comodo offers good interesting features beside the firewall. But then again, Can i use it ?

To be honest, a lot of packages come with unnecessary "bells and whistles" that you might not need. So I'm not a big fan of packages.

May I ask, do you have any AM (anti-malware) solutions installed at the moment?

Alex

#8 FAlonso

FAlonso
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere, France
  • Local time:05:24 PM

Posted 08 March 2015 - 03:19 PM

I use Malwarebytes in it's free version. I'm currently testing the BD antivirus solution without firewall and Comodo's firewall (with windows' deactivated).



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:24 PM

Posted 08 March 2015 - 03:21 PM

So you're using Bit defender Antivirus Plus 2015?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:24 PM

Posted 08 March 2015 - 03:25 PM

If you are using Malwarebytes, I recommend that you upgrade to Premium to benefit from real-time protection and malicious website blocking.

#11 FAlonso

FAlonso
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere, France
  • Local time:05:24 PM

Posted 08 March 2015 - 03:36 PM

@Aura, yes this is the one. currently on 30-day trial.

 

@Alex I'll look into that. real-time protection means it'll scan the files after download ? or when they're executed ?



#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:24 PM

Posted 08 March 2015 - 03:38 PM

Alright just to make sure, since Bitdefender Antivirus Plus doesn't includes a firewall. Usually, products that includes a firewall are named "Internet Security" suite, so the next Bit defender product have it, not this one. Also real-time protection means that all the files are being scanned at any time, the system is being monitored. So any new files will be checked, same as the ones you execute, modify, etc.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 FAlonso

FAlonso
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere, France
  • Local time:05:24 PM

Posted 08 March 2015 - 04:01 PM

Yes, there is a Bitdefender package with a firewall for sale. But I'm using Comodo's as it has more features, plus some others like sandbox. I was actually just checking in this thread, as i've been several times warned against using firewalls that require some configuration like Comodo's, if the understanding and creation of rules were crucial in order to use Comodo's firewall at its best (or not at it's best, but make it work at least). Then i though if it is the case, i might use more "novice-friendly" ones like windows' if you guys say it's reliable :)


Edited by FAlonso, 08 March 2015 - 04:02 PM.


#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,545 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:24 PM

Posted 08 March 2015 - 04:05 PM

There's no actual issue with using COMODO Firewall, it's a good firewall. It's just that its HIPS is so aggressive that the common, non-experienced user will either get annoyed by it or won't understand what it does and will allow everything to go throught, which will defeat the purpose of the HIPS feature. Windows Firewall is good enough, everytime you install a program and launch it for the first time, if it requires some kind of network access (for out/in calls), it'll ask you if you authorize it and on what type of network it should be allowed. So if you see a Windows Firewall prompt for a program or file that shouldn't require one, then it could be a red flag.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:24 PM

Posted 08 March 2015 - 04:12 PM

real-time protection means it'll scan the files after download ? or when they're executed ?

The full version of Malwarebytes Anti-Malware (Premium) includes a real-time Protection Module that uses advanced heuristics scanning technology to monitor your system and prevent the installation of most new malware, stopping malware distribution at the source. This technology dynamically blocks malware sites & servers, prevents the execution of malware, proactively monitors every process and helps stop malicious processes before they can infect your computer. Anti-virus software is inherently reactive...meaning it usually finds malware after a computer has been infected. Keep in mind that this feature does not guarantee something will not slip through as no product can detect and prevent every type of malware. The database that defines the heuristics is updated as often as there is something to add to it. Also keep in mind that Malwarebytes Anti-Malware is not meant to be a replacement for antivirus software...it does not act as a real-time protection scanner for every file like an anti-virus program so it is intended to be a supplement, not a substitute.

Enabling the self-protection module controls whether Malwarebytes creates a safe zone to prevent malicious manipulation of the program and its components. For more specific information, please refer to:



Malicious Website Blocking (IP Protection) is part of the Protection Module and works after it is enabled. When attempting to go to a potential malicious website, Malwarebytes will block the attempt and provide an alert. An outgoing IP alert indicates that a process on your system tried to access a malicious IP and was prevented from loading content onto your system. A browser is not required to be running for an alert to occur...just an active Internet connection with processes running. IP alerts are also triggered by banner ads appearing on websites since in some case these ads are malicious. Notification that an outgoing IP address has been blocked does not necessarily mean the computer is infected. Some legitimate programs on your computer (i.e. iTunes, Instant Messenger client, SKYPE, P2P software, web browsers) have access to the Internet and that action can trigger an IP alert if it tried to access a malicious IP address. IP Protection is also designed to block incoming connections it determines to be malicious. For information about Malicious Website Blocking (IP Protection), please refer to:

Those who purchase the full version receive a license key via email to activate the protection module. Malwarebytes can be set to update itself and schedule scans automatically on a daily basis. The Protection Module is not intrusive as it utilizes few system resources and should not conflict with other scanners or anti-virus programs.

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users