Originally Posted by Stealthlude
Sometimes its not that easy either. If you take a look at Page 1 I posted a photo of my Fortigate hardware firewall which also offers a form of Zero Day Protection (thats what Watchguard calls it). Basically it looks at IPS/IDS signatures and looks for anomalies and blocks based on that as well.
So even before the database is updated, it still offers some form of protection.
Any NAT router will prevent IPS/IDS attacks. Your router just also looks at "approved" nat traffic and scans it for viruses and spyware, ect...
I don't care who you are you have high speed internet your going to see what is called "noise" IE IPS/IDS, there is constant traffic of probes and port scans going on all the time by scripts, its just the unfortunate nature of the internet these days.
But by having a simple NAT firewall it prevents you from all of that.
I mean If I turned on IDS logging on my firewall I'd have the same information, I just don't bother with it, as it does me no good to even look at it.
My network is actually pretty active, and take a look at the pictures and see how many IPS/IDS attacks were on my network.
Like I said thats nothing new, happens to anyone with high speed internet every day and a simple NAT will protect you from that.
Not all are actual threats; but are things that are logged because they triggered an event in my firewall. If one was not correctly patched, it would pass through the firewall and onto a system.
Tell me how can an un-solicited IP packet pass through a NAT firewall?
If you use any software like Pear Guardian, you would get a better idea of what's actually happening thought the wire. Call me paranoid but a lot more is going on that most think.
I'll join you and call you very paranoid.
End of the day any protection is better than none. I don't want to get too technical, but most people who say no need to have AV on a media center because they don't surf is crazy.
I agree with you there, but like I already said SEVERAL times is that if you take the proper precautions then you wouldn't have to worry about it either. First and foremost, do not run as administrator. Not running as admin is huge. Then with the advancement of UAC in Vista, and the vista firewall, I honestly see no reason or need to run AV software.