Intrusion detection in home security suites

  • Thread starter ForgottenSeer 65219
  • Start date
F

ForgottenSeer 65219

Thread author
As recent days Emsisoft announced that internet security removed from product lineup and they stick with windows firewall and "fortify" that ( " blocks illegitimate manipulations of Windows Firewall rules " ).
So my question is :
Are there any needs for host and network based intrusion detection and prevention in home security suites?
( Eset & Kaspersky continue to deliver IDS & IPS in home lineup )
 
D

Deleted member 65228

Thread author
Are there any needs for host and network based intrusion detection and prevention in home security suites?
( Eset & Kaspersky continue to deliver IDS & IPS in home lineup )
If you're using Emsisoft Anti-Malware, you won't need additional replacements for that because Windows Firewall is much better these days and the EAM BB will still be able to block suspicious connections AFAIK. However, if you really want to and can find compatible services to use along-side (e.g. firewall replacement) then feel free to do so. That being said, most modern routers are well protected from a hardware level.

I know that a lot of people alike to ZoneAlarm for firewall alongside EAM so it should be compatible for you too.
 

Plebman123

Level 2
Verified
Aug 30, 2017
69
I'm in the same boat as Opcode since Emsisoft does it job well, and windows firewall has gotten a lot better during the past few years,etc. So if you want extra protection, i looked at
OSSEC Free IDS for Businesses and
WinPatrol for home computers
both you can take a look at yourself and see if its something you want
 
F

ForgottenSeer 65219

Thread author
I'm in the same boat as Opcode since Emsisoft does it job well, and windows firewall has gotten a lot better during the past few years,etc. So if you want extra protection, i looked at
OSSEC Free IDS for Businesses and
WinPatrol for home computers
both you can take a look at yourself and see if its something you want
Thanks for all suggestions.
 
D

Deleted member 178

Thread author
1- learn how to use Windows FW , it is easy.
2- future build of EAM will alert about malicious outbound connections, which is more than enough for most users.

So basically you won't need a 3rd party FW, anyway most of them doesn't grant real benefits except those outbound alerts.
 
F

ForgottenSeer 65219

Thread author
1- learn how to use Windows FW , it is easy.
2- future build of EAM will alert about malicious outbound connections, which is more than enough for most users.

So basically you won't need a 3rd party FW, anyway most of them doesn't grant real benefits except those outbound alerts.
I'm not really impressed by this answer.anyway, thanks for your time.
I must check StackExchange.
 
D

Deleted member 178

Thread author
I have a dedicated firewall appliance running pfSense 2.1.4 & Snort as my IDS/IPS. I also have pfBlockerNG (normally switched off) just in case my network comes under a wider attack. Thanks to my profession I do tend to take network and PC security pretty seriously. :)
you are not an average user anymore :)

The skill to setup PFsense with Snort is out of reach of a basic home user.
 

R2D2

Level 6
Verified
Well-known
Aug 7, 2017
267
you are not an average user anymore :) The skill to setup PFsense with Snort is out of reach of a basic home user.

Frankly setting up pfSense (which is an enterprise grade firewall) is certainly not for the general home user. But people, mainly IT pros, with clear networking concepts and familiarity with basic Linux/FreeBSD commands can certainly configure the firewall. There is plenty of help available on the 'net and on various IT forums including one from the publishers of pfSense.

pfSense is a pretty complex software and can be deployed by SOHO, SME or even enterprises in nearly any networking scenario. I have a dual WAN setup, with IDS/IPS, domain/IP range blocking, a RADIUS server for Wi-Fi client authentication plus a few more add-ons. All this and I have BARELY scratched the surface!

The best part of all? It's free, has excellent support (paid support is expensive) but one can find plenty of help on the Internet. I also dual boot OPNSense (OPNsense® - Open Source Firewall - High-end Security Made Easy™ , another open source enterprise grade firewall) and do comparisons once in a while. But pfSense gets my vote every time.

With pfSense the hardware requirement is minimal. The firewall software, OS (FreeBSD) & all add on packages are free. It is inexpensive to provision and setup. You could use an old clunker of a PC, even a Core 2 Duo for e.g., with at least 2 LAN NICs. I run it on a dedicated appliance that I purchased from Netgate the publishers of pfSense. This appliance came without pfSense preinstalled. A DIY install saved me US $150 (why not?) but that option is not available any longer. All current pfSense hardware now comes with pfSense pre-configured and optimized making it easier for the end user to setup and deploy. A purchase also funds development of the open source software.

EDIT: @Umbra, I am sure you already know all this but I just gave an elaborate reply for the information of other members who may be interested.
 

Tony Cole

Level 27
Verified
May 11, 2014
1,639
Does a 3rd party firewall weaken security, like antivirus software (3rd party). I am now using Emsisoft Internet Security, but not too sure how to use windows firewall for max security.
 
  • Like
Reactions: shmu26
D

Deleted member 178

Thread author
Does a 3rd party firewall weaken security, like antivirus software (3rd party). I am now using Emsisoft Internet Security, but not too sure how to use windows firewall for max security.
no, 3rd party doesn't weaken security unless they are badly coded or misconfigured by the users.
Unlike 3rd party FWs, Windows FW will not warn about outgoing connections, and this is the main issue with it in term of security.
I personally block all outgoing connections with WinFW then create allow rules on-the-fly, but doing this is not convenient and clearly not made for Average Joe.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top