Default Please recommend me an AV + Firewall combination - Thanks!

[Guest]

[Vicky]

Hello,

I am an average webmaster, and too much concerned about security of my system. What I do not want is:

* Having any virus executed on my system, as it could probably erase my very important data.

* Having any spyware on my system, as it could steal passwords of my important domains and so.

I have been using Norton + Sygate for years, but I think its time to change things .. I have not been very satisfied with Norton, as I was got infected by a known virus in the presence of Norton (Auto-Protect Enabled), and it detected the virus in USB Drive after execution. Secondly, its so goddamn heavy.

Sygate is just not updated for years, so I prefer to drop that as well.

Now, I am after a new and better combination of two .. which don't slow the system much and offer good security.

A couple days ago I installed NOD32 v3 + COMODO Firewall v3, I was quit happy with both .. but I noticed some compatibility issues, those are also discussed here http://www.wilderssecurity.com/showthread.php?t=192305 ... now I am not sure what to do.

Should I drop them both and find a better combination? Or get a decent AV to use with COMODO? ... Since NOD32 wont let any decent firewall do its work, should i must go?

I am confused 

[marcos.zy]

Hello Vicky,

I will explain to you my own experience on this subject, and you will be able to take your own decision, also taking in consideration the next responses to this thread. 

I had used many anti-virus in the past, some of them paid, and some of them free. The last one was Panda Internet Security 2007 Platinum, which was unninstalled from my machines just about 3 or 4 days ago, because it begins to "find" viruses on files that I have total certainty that was not infected (comproved through analysis on virustotal.com, through inumerous engines).

This caused inumerous problems to me, because Panda is not interactive at the momment of detection, and it simply try to clear and/or sends the file to quarantine. The result: I had many files corrupted and almost had to format some of my machines. As I have paid for the solution, and the licence will expire only on January/2008, I tried to contact Panda Technical Support in Brazil, that is totally inefficient. And if you try to ask Panda Technical Support from Europe or USA, for example, they simply delivered back your problem to local representative, i.e., nothing was done to solve my issues. It seems that a Panda customer is obligated to obtain technical support only in your country, even if they are totally inefficient.

Panda Solution also blocked all my internet and LAN access, and there was not any rule that solve it problem, nor the Firewall deactivation. Only the total deactivation of Panda was solving the problem. And, again, Panda Technical Support was not able to solve the problem.

So, I have decided to unninstall Panda of all of my machines, and have choosed two applications:

- Comodo Firewall Pro V3

A really great firewall, easy to install and manage, with a beautiful interface and a HIPS integrated system. It has passed on all tests I have made at PcFlank and ShieldsUp, with all my ports being showed as "stealth". It has also passed on the trojan test and on the leak test. The list of features are very cool, and you can take a look at that to see with your own eyes.

- Avira AntiVir PersonalEdition Classic (freeware

A great anti-virus, with a good detection rate, easy to install and manage, daily updates, rootkit detection and a good technical support, even being a free product, through a support forum both in deutsch and english. It consumes very lower resources of the system, too.

For me, the above mentioned combination is being very useful and powerful, until CAVS V3 be released, of course. 

Complement the above combination with Comodo BOClean, and I think that you will be extremely protected, combining, of course, with good practices while navigation, etc.

Regards.

[Vicky]

Thanks for replying marcos.zy

I have installed NOD32 again, and trying to resolve my issue with its ekrn.exe local proxy .. Plus COMODO Firewall v2 .. I guess its good combination.

Lets see how things evolve.

[marcos.zy]

You are welcome. 

[MorphOS REBOL]

Hi Vicky, just use Avira free and Comodo free and feel FREE.

 

[Info-Sec]

Vicky, I have ZERO problems with NOD 32 2.7 and COMODO V2.

Since Eset dosnt sell V2.7 anymore, if you dont have an installer i'd be more then happy to pass you my installer

[Blas]

The compatibility issue between nod32 and cfp only applies to the latest, 3rd version of NOD. NOD32 v2.7 and cfp v3 are totally compatible as far as I know (I used it back then when comodo was still in beta and I did not encounter any problems) But now I am also using avira free. It has a better detection rate than nod32 and it is free of course (ok...ok... I know nod32 can be also made free with a "patch")
My point is that cfp v3 wont let execute malware on your computer without you knowing/allowing it so you don't even need your av to check things on-access. If your computer can handle it you can turn on on access though but I think it is not strictly necessary. To sum it up I think we don't really need anything resident alongside cfp v3 only a file scanner with a decent detection rate as a backup.

[Info-Sec]

"It has a better detection rate than nod32"

Depends on the site

Either way NOD 32 has a great detection rate as does avira. 

If your looking for a light and great protection NOD is your best bet.

Avira im not sure if its light or not, but avira has good detection.

As far as i know avira free (or avira dosnt have heuristics [correct me if im wrong])

Nod32 has very powerful and most accurate heuristics ( 0 false positives) boosting its detection up a lot.

So its your choice, but since you have NOD already just stick with it

[Blas]

Yep. True. NOD is a great product. It is very light on resources if not the lightest. (the web monitor slowed down my net though but I haven't found any av that did not slowed my net down. Not much, but noticeable.) Now looking back to my post I admit that I said that detection rate thing as a fact which is quite subjective. It does depend on the site, you are right. These sites on the other hand are not necessarily based on real world scenarios. My statement was based on virus total tests. Back then when I was testing NOD v3 (well lets say I liked more v 2.7 mostly because compatibility and performance issues with the newer) I came across several malware samples which were not detected by nod and when I uploaded them to virustotal most of them were known by Avira and a few others. (naturally I sent these samples to ESET. One of them were detected after 2 weeks. The others were not. This in itself could mean that the samples were from the dinosaurs age except one which I received from an infected msn partner. I dont know if it is detected now but 3 weeks after I submitted it it was not detected. This lead me to some concerns. btw avira detected it the day I received it. After diggin after it on internet I found out that it was a repacked version of a widespread worm. So much for heuristics...) This above mentioned own experience+ratings on av-comparative+recent test made by Burillo here on the forums lead me to that statement.
But now rethinking it it doesn't really make sense.

As a conclusion detection rate is not an easily definable thing. It depends on the malware collection used in the tests which are often biased indeed. But several tests from different sources show similar results we may have a clue. Anyway the results of these tests not really show the effectiveness of the product. Still, although NOD32 is a great product my personal preference is Avira with cfp3 at the moment. I do not need email scanning nor http scanning and with cfp v3 to tell the truth I don't even need on acces protection. This is why right now I prefer Avira (it has heuristics  too. Yes, the free version.) I only use it for its high detection rate and lack of compatibility problems (so far). Only as a backup layer of defense. Note that this is only my personal preference, taste.

[Info-Sec]

Quite true.  Since we both have these arguments, vicky make it easier on yourself and stick with nod, you already have it, and you need to focus on your work.  If you feel avira will serve you better then by all means use avira.

[Attila]

try the combination of nod32 2.7 (version 3 is still buggy) and online armor free...sorry guy but i think there is quiete a lot of work to be done on CPF3. 

[Blas]

Well I tried online armor. It worked well but I prefer more control than that. I like to know what is happening. (tried the free version) So I will stick with cfp3. Personal taste . I really liked the network statistic part of OA though. The speed measurement is just a nice extra but I would really welcome the DNS resolving in cfp.

[Info-Sec]

Online armor is more of a HIPS thought.  The firewall is malware resistant and the antivirus is kaspersky so the antivirus is quite solid.  I dont like the idea of OA being the 'security suite' but its nothing more then a suped up HIPS.  If i cant use any other programs (like my spysweeper) with OA, and trusting my system to just a HIPS dosnt suite my paranoid needs

[Blas]

I only tried OA free. Well, as a HIPS cfp for me is much more configurable than OAfree. As for me OAfree as a "HIPS" was more cfp2.4-like.

[Tags:]