F/W - I use a firewall to control incoming and outgoing traffic using comodo default rules and was well as a few rules of my own.(For this current computer that I’m using). I like my computer to be resistant to port scans and be more invisible on the network and online
Hips - I like it because it lets me know if anything unusual is going on especially unknown stuff that will require my attention
av - while it’s basicly a blacklist detector, it reduces the pops up that I need to answer which saves me some trouble right off hand
of having to investigate it
I could go on but thats just the bare basics of why I choose to use it
Just lately i heard of an incident where “an antivirus product” notified
“trojan blocked and q`ed”
but the computer got locked by the rogue though.
Thats why you need a hips (which asks), and a virtual sandbox to delete a drive by.
Without a hips/virtual sandbox, “any” valid notification of an antivirus would let me reinstall (apart from just a file detection).
I use reasonable security (low resource profile, logical layers - closed circle) to know when something is wrong, or to auto delete things that i did not choose to reside anyway.
Dont want to see it by aftermath.
Dont want to swing the brush for an applications fail.
With “no additional” I mean that I use no security product that is not part of my system (Ubuntu). So I use the built in firewall (ufw), the sandboxing-features in the Linux-kernel – which my browser makes good use of (overview) – etc.