I would go to DSLR, but I'm not really interested in how many certs people have, and listing what my "box" is made of. I just want some answers.

I have a cable connection. I do have Norton Internet Security now. Renewal time is coming. I only want to have the anti-virus component. Is this safe? I really don't ever leave the modem or the computer on, I shut it down when I am done.

The only thing I like about the firewall software is that is has ad blocking. I use the webcam for video conferencing and meetings, so I have most of the firewall disabled anyway.

I run Zone Alarm Pro on my box, and a bunch of other "security" software because I'm a paranoid freak :).

Actually, of all the software I run, I consider ZAP to be the most valuable. I really like being able to control what programs can talk to the net and which programs cannont. In addition, with ZAP I can control exactly what ports those programs use.

Personally, I wouldn't run a machine without at least the free version of Zone Alarm, but that's just me. If you want to check it out, you can find it here (www.zonelabs.com).

Also, if you want to maintain the ad blocking, I would suggest using a free program called Proxomitron (http://proxomitron.cjb.net/). It's a little work to set up, but once your done, it makes surfing the web much more enjoyable. I know of two good places to help you set it up. One place is the security forum at the "other" place, and the other is ComputerCops (http://www.computercops.biz) which is Z-X's web site. Just check out his forums and you will find an entire section dedicated to Proxo.

This is what I am looking to purchase. I have a hankering to tweak and play with stuff, and this let's me do that.

Personally, I'm not a big fan of Norton products, but I've heard many others say good things about both of those programs.

btdude,
I'm certainly no expert, but I've taken the advice of others and, so far, have been pretty bored.
I run:
NAV2002 (I suspect I'll go to NAV2003, when I have to renew)

ZAF (Like tke711, I like how it tells me what's trying to access the net. I don't have the controls he has with ZAPro, but I probably wouldn't know what to do with them anyway).

TDS3 (a respected Trojan detector/killer - perhaps a little overkill, I dunno)

Proxomitron (I like this one the best. I never get adds/popups/popunders/scrollyads/etc. I never spent any time setting it up, I just use the defaults - well, there was one thing I had to click to allow antimated avatars, but that was it. All cookies are changed to session - no 'doubleclick' tracking for my machine.)

Once a week, or lately once every few weeks, I'll run a full system scan with NAV, or TDS3, or AdAware, or Spy-Bot, and they find nothing. Boring.

FWIW
Regards,

ZoneAlarm Pro for me, folks. And even that's not on all the time. :)

dude - tell me a little bit about your box, os etc.

if you REALLY power everything including your cable modem off when you are done using your machine, then personal firewall should work fine for you.

i would suggest you not fiddle around with system works. in my experience it causes more problems than it solves.

Many will say you don't need a firewall if you can tighten down your computer settings, and I guess I mostly agree with them. But, it's so easy to miss something, and if it's the wrong something, big ouch. Given that, if your system resources can handle it without much drain, you're probably safer to run a firewall.

I use ZAP, with all machines behind a NAT router.

I use a router with NAT.
a) I have more than one computer.
b) The "firewall" is much easier and safer than software firewalls.

You can pick up routers for $40 or so, to me that's a great deal and allows for expansion without having to purchase more firewalls per PC.

One of the biggest reasons for running a properly-configured firewall is to catch what may be trying to get <b>out</b> of your machine. I run Kerio Personal Firewall, which I love because I can control exactly what each and every program on my machine is allowed to do, and where and when it's allowed to do it.

I also run virus protection, a popup/banner removal program, and the router with NAT. If anything, I am over-cautious... better safe than sorry, as they say...

Is linksys good enough as a hard firewall?

A linksys home router should do the trick, as long as it does NAT.

btdude, NAT is probably fine for you, given that you shut down when not in use. If you get a NAT router, disable file and printer sharing, and unbind Netbios from TCP/IP, and give yourself "strong" passwords, you can probably get by just fine without a software firewall.

Originally posted by ethics
Is linksys good enough as a hard firewall?
Again, I'm not an expert, but;
I have a Linksys BEFSR41 and, along with giving me local net capabilities and Internet access on all machines, I believe it also affords pretty good protection on 'inbound' intrusion attempts on my machines.

It's logs are forever recording various attempts on this port or that port. I gather most of these attempts are explained by normal traffic, but many are real blocks to nefarious attempts to screw with my machines.

So, I think my 'linky' does a good job of stopping unwelcomed probes to my home lan. But, I gather, it doesn't know squat about something on my machine accessing the net without my knowledge.

So, the other stuff (ZA, NAV, TDS, Proxo, etc) does the rest of the job to protect me from the other evils that might lurk on the net, namely some app that snuck on my machine.
In my opinion, all necessary layers of protection.

Kind of sad that it's up to us to add this stuff to protect our machines or privacy, but, so be it.
Good luck in your quest of secure surfing.
Regards,

BT,

Just my two cents. Firewall and anti-virus protection is always a must for any system I own or support.

I use Norton personal firewall and AVG (freebie) virus protection

I strongly advise against System Works. A couple others have mentioned this, and I will as well....Norton Systemworks causes more problems than it solves.

I dread nothing more than a call asking for help with a PC that just ran Norton's win doctor or similar utility.

Good luck. If you want a link to AVG let me know and I will dig it up. It is unintrusive and seems to do a good job.

NAT Router's generally do not stop outbound connections. So if the Trojan has made it past your defenses it has no trouble phoning home.

Originally posted by Sir Joseph
I use a router with NAT.
a) I have more than one computer.
b) The "firewall" is much easier and safer than software firewalls.

You can pick up routers for $40 or so, to me that's a great deal and allows for expansion without having to purchase more firewalls per PC. Gosh, so you think that Cisco 3800 series router I have running extended ACLs is a waste?

SM (actually, the router's under my bed, collecting dust. But I can run ATM over it, though.)

With a hardware filter, you can stop outbound as well. One of my computers used to be running Kazaa all the time and I blocked all outgoing ports other than 80.

Sir Joseph, a router with a built-in firewall usually does give you some control over outgoing, but I think what needs to be noted is that NAT is not a firewall. It affords relatively minimal protection, but absolutely no outgoing control... without a specific firewall built into the software of the router.

However, you can't come into my system. My IP is a 192. Secondly, if I allow only port 80 out then it would seem enough and there would be no need for a purchase of a firewall program.

Let me clarify just a little - not all routers have a built in firewall, Sir Joseph. Although NAT assigns internal addresses, thereby making the computer "invisible", so to speak, NAT in and of itself cannot protect from outgoing processes.

In your particular case, if you can control and limit your outgoing ports, you have a software firewall built into the router.

Does that help you see the point I'm trying to make?

Yes as Mikeky said, its too easy to miss something if you are relying on personally tweaking things for security. For the relatively low cost involved its worth the Norton goodies you have in mind. Even better PopupStopper is free as is entry level Zone Alarm. Why not?

I am similar to most here it seems. I have a Router that does NAT, a NetGear 311 I bought about 6 months ago off BBR for $40 Shipped. ZAF, Norton 2000 AV, Proxomitron and Ad-Aware. Proxomitron is my Favorite out of all of them. That program rocks! Right now, ZAP has a 60 free trial that I am trying out. I like it so far, 5 days now, and am definitely thinking of going with the upgrade. That is about the same time my updates for NAV expire. I will probably try AVG, as I have heard good things about it.

I would recommend running ZAF at the very least. It doesn't hurt anything and does provide some really good protection, especially for the price.;) Proxomitron is a great popup stopper, but does require a little configuration that is tricky.

NAT, coupled with a dynamic IP and a computer and router that is off when not in use provides some security. It is like roadside assistance on your cell phone, seems like a waste, until the first time you need it.

wapu

I use Norton Firewall and AV and I get notices of a dozen attack attempts a day.

Both are updated automatically and the computer mags say they are the best.

I do fairly regular tests from Norton and other independent sites that check all ways and means of getting into my comp.

John.

I have NAV on my machine that has ME and have recently purchased etrustEZ anti virus on my XP machine after seeing it highly recommended in a mag I subscribe to. It was only US$20 or AU$37.50 which is a good saving on NAV although Norton has more features.

Thanks to you all. I knew I'd hear some good answers here. I have been away for awhile, long distance car dealing with online prices. DO NOT TRY THIS AT HOME> Anyway. Thanks.