question

Discussion in 'Virus Information' started by RB, Apr 10, 2010.

  1. RB

    RB Guest

    This is the first time I have visited this group so I am not sure what specific
    subject matter is conversed here. So forgive and guide me as necessary.
    My question is about this Browser Encapsulation software called SafeCentral .

    1.Has anyone had any experience with it they would share with me good or bad?

    2.And for that matter what exactly is the main thrust of this group, do you mainly
    try to help users that are already infected or do you also advocate various
    preventative measures ?

    3.Do the top 4 or 5 Security Suites really do much to help or is it all about
    calculated risks and NAT routers with Netbios ports blocked on the WAN,
    and surfing the web with limited user accts with guest acct disabled?
    Appreciate any input.
     
    RB, Apr 10, 2010
    #1
    1. Advertisements

  2. From: "RB" <NoMail@NoSpam>

    | This is the first time I have visited this group so I am not sure what specific
    | subject matter is conversed here. So forgive and guide me as necessary.
    | My question is about this Browser Encapsulation software called SafeCentral .

    | 1.Has anyone had any experience with it they would share with me good or bad?

    | 2.And for that matter what exactly is the main thrust of this group, do you mainly
    | try to help users that are already infected or do you also advocate various
    | preventative measures ?

    | 3.Do the top 4 or 5 Security Suites really do much to help or is it all about
    | calculated risks and NAT routers with Netbios ports blocked on the WAN,
    | and surfing the web with limited user accts with guest acct disabled?
    | Appreciate any input.



    The main thrust of this group is dealing with malicious code in respect to Microsoft
    operating systems. This could be; Internet traffic (such as Internet worms), Internet
    content, executables and scripts or vulnerabilities that may lead to malware.

    We do try to help those who have a computer that is infected and we can help provide
    information to help those from being infected.

    As for "Browser Encapsulation software called SafeCentral " I can't give any information
    on it as I have not herad of it -- sorry.

    As Q #3...

    I am one does not believe in "suites". If you are goin to go that route, choose bst
    in-class of the type of component required. They may be from different vendors. That is
    one vendor for anti virus, another vendor for a FireWall application and another vendor
    for anti spam, etc.

    I am an advocate of blocking TCP/UDP Port 135 ~ 139 and 445 on SOHOR Routers and/or
    FireWall appliances. It certainly doesn't hurt and it specifically closes thaose doors of
    ingess/egress for NetBIOS over IP.

    It is suggested to use Limited User Accounts such that the effect of most malre is limited
    as well. The user can not modify the the OS and lower its security settings.
     
    David H. Lipman, Apr 10, 2010
    #2
    1. Advertisements

  3. RB

    RB Guest

    I am one does not believe in "suites".
    Sorry meant to get back here sooner. Thanks for the reply.
    Would you give me your favorites for firewall
    and also for malware and / or rootkits ?
    (They don't have to be free)
     
    RB, Apr 11, 2010
    #3
  4. | Sorry meant to get back here sooner. Thanks for the reply.
    | Would you give me your favorites for firewall
    | and also for malware and / or rootkits ?
    | (They don't have to be free)



    I'm not one for a FireWall application but a NAT Router or FireWall Appliance combined
    with the native FireWall of XP, Vista or Win7.

    As for anti virus, Avira AntiVir.
    For non-viral malware, Malwarebytes' Anti Malware (aka; MBAM).

    I do NOT suggest end-user casual scanning for RootKits. But, may favourite is Gmer.
     
    David H. Lipman, Apr 11, 2010
    #4
  5. RB

    RB Guest

    I'm not one for a FireWall application but a NAT Router or FireWall Appliance
    2 questions,
    1. I have a NAT router but I don't think it has any hardware firewall
    on it, do I need one that does ? (I do have the netbios ports blocked on the Wan port)

    2. I heard the Microsoft Firewall only monitors what comes in and no control
    over what goes out. Isn't it prudent to monitor the outflow also ?
     
    RB, Apr 12, 2010
    #5
  6. | 2 questions,
    | 1. I have a NAT router but I don't think it has any hardware firewall
    | on it, do I need one that does ? (I do have the netbios ports blocked on the Wan
    | port)

    | 2. I heard the Microsoft Firewall only monitors what comes in and no control
    | over what goes out. Isn't it prudent to monitor the outflow also ?


    NAT Routers by their nature are simplistic FireWalls and have FireWall constructs such as
    blocking and IP from accessing the Internet, blocking a port or port range, etc. Some NAT
    Routers have a full FireWall implementation built-in.

    The idea that the MS included FireWall is unidirectional is untrue. The rumour may have
    gotten started with WinXP Gold/SP1 which had a premature FireWall.
     
    David H. Lipman, Apr 12, 2010
    #6
  7. RB

    Leythos Guest

    A basic NAT router is often called a firewall by sales people and
    marketing types. The "NAT ROUTER" works to 'protect' your network by
    only allowing inbound connections that have been requested by something
    INSIDE your network.

    Some NAT routers have "firewall like" features, allowing you to block
    inbound or outbound ports, but, don't confuse them with firewalls.

    As an example, if I choose to specify an HTTP rule, the firewall can
    inspect the traffic to ensure that it's actually HTTP traffic and not
    FTP or SMTP traffic, but the NAT router only passes the PORT traffic
    without actually knowing what it's passing.

    If you secure your operating system properly and don't run as a local
    Admin, a simple NAT router is likely to protect you from most attacks.
    At the same time, a poorly configured firewall is likely to not provide
    as much protection as a NAT router.

    With that said, most of the quality firewall can inspect traffic and
    remove detectable malware from web-browsing, email, ftp, etc...
     
    Leythos, Apr 12, 2010
    #7
  8. RB

    RB Guest

    I am aware (in my unprofessional ability) of the more secure NAT hookup as opposed
    to a direct connection to the WAN modem, but I have read some texts that while more
    challenging it is possible to hack past and see inside the NAT.
    I have been thinking of looking for a good router with a built in two way firewall, but have
    been apprehensive about the logistics. I.e. it will have to periodically download updateds
    to new issues just like a software fire won't it ?
    Wow that is enlightening. There is "much" talk recorded on the net referring to the
    dated scenario (without any mention of the updated capability)
     
    RB, Apr 12, 2010
    #8
  9. | I am aware (in my unprofessional ability) of the more secure NAT hookup as opposed
    | to a direct connection to the WAN modem, but I have read some texts that while more
    | challenging it is possible to hack past and see inside the NAT.
    | I have been thinking of looking for a good router with a built in two way firewall, but
    | have
    | been apprehensive about the logistics. I.e. it will have to periodically download
    | updateds
    | to new issues just like a software fire won't it ?

    | Wow that is enlightening. There is "much" talk recorded on the net referring to the
    | dated scenario (without any mention of the updated capability)



    The problem with NAT is that it is possible to be "invited" to the LAN side. The WAN/LAN
    door may be closed but, it can be opened. Specifically blocking posrts such as 135 ~ 139
    and 445 means the door is locked andf can not be opened.

    As for updates to a FireWakll appliance, that usually would be a firmware upgrade. The
    actual FireWall would be rules based.
     
    David H. Lipman, Apr 12, 2010
    #9
  10. RB

    RB Guest

    Thanks for the info, it was explained well. I have read that by using
    a bonafide firewall router in conjunction with a software firewall
    that one would get better performance. I have no idea how this
    would occur since the text did not elaborate, but I surmised
    something to do with possibly less restrictive settings for software
    (depending more on the router firewall ) and thereby leaving
    the software to concentrate on malware issues. Is this a bunch
    of web blab or is there any reality to it ?
     
    RB, Apr 12, 2010
    #10
  11. RB

    RJK Guest

    "Performance" is an ambiguous term :) The main benefit, IMO, from using a
    good 3rd party firewall is that, (whilst training it up at least), it alerts
    you, somewhat, to unauthorised outbound connection attempts, (Windows
    firewall only monitors for unauthorised inbound connection attempts). With
    so much "web enabled" software contained in a typical PC with XP platform,
    (not to mention that XP was designed to "serve" - and they've been plugging
    the holes ever since), I like, (in addition to manually monitoring an
    enormous heap of web enabled software, which can be really time consuming),
    to know what's in there trying to get out !

    I've always liked AVG internet security suite, and recently have been using
    PrevX, with its' "cloud" technology, and I particularly like how it monitors
    for PBP (Pretty Bad Proxys'), during https / secure sockets layer
    connections :) ....and it's British :) ...and is written in assembler
    so is VERY fast. ...F-secure rootkit scanner "Blacklight" also appears to
    be wriiten in assembler - must take a look into that ...mumble ....mumble.

    regards, Richard
     
    RJK, Apr 12, 2010
    #11
  12. From: "RJK" <>




    | "Performance" is an ambiguous term :) The main benefit, IMO, from using a
    | good 3rd party firewall is that, (whilst training it up at least), it alerts
    | you, somewhat, to unauthorised outbound connection attempts, (Windows
    | firewall only monitors for unauthorised inbound connection attempts). With
    | so much "web enabled" software contained in a typical PC with XP platform,
    | (not to mention that XP was designed to "serve" - and they've been plugging
    | the holes ever since), I like, (in addition to manually monitoring an
    | enormous heap of web enabled software, which can be really time consuming),
    | to know what's in there trying to get out !

    | I've always liked AVG internet security suite, and recently have been using
    | PrevX, with its' "cloud" technology, and I particularly like how it monitors
    | for PBP (Pretty Bad Proxys'), during https / secure sockets layer
    | connections :) ....and it's British :) ...and is written in assembler
    | so is VERY fast. ...F-secure rootkit scanner "Blacklight" also appears to
    | be wriiten in assembler - must take a look into that ...mumble ....mumble.

    | regards, Richard


    Well you can say that by NOT using a 3rd party FireWall application you would have better
    performance due to the lack of overhead and processing caused by the 3rd party FireWall
    application. Thus not a performance hit.

    However you will have a latency introduced with a FireWall Appliance.
     
    David H. Lipman, Apr 12, 2010
    #12
  13. RB

    RJK Guest

    I do agree, ...you're quite right of course, ...though unless "todays"
    PC/OS/gui environment is so stuffed with bloatware / items loaded at
    startup etc.
    (...I'll never forget that flatbed scanner lid detector, that sat polled
    several times a second, in case the user wanted to do a scan ! ...who writes
    rubbish like that?)
    ...performance shouldn't really be an issue ? e.g. ...Socket 7 350mhz cpu
    based machine vs. my "old" x2 3ghz dual core cpu etc. ,<grin>

    regards, Richard
     
    RJK, Apr 12, 2010
    #13
  14. RB

    Leythos Guest

    www.watchguard.com is my first and primary choice.
     
    Leythos, Apr 12, 2010
    #14
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.