| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 52855 | 2005-01-01 02:05:00 | firewalls | susievb (4439) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 309425 | 2005-01-01 23:25:00 | Baldy: Tweak'e and Jen are right, there is simply NO excuse to go online without a Firewall using WinXP. Hell, any version of doze for that matter. Send me your IP and I'll break your box right now and prove to you that you _need_ a firewall if you run Doze! I can take your bragging one step farther and say I dont Degfrag my HDD, its a high-performance unbreakable file-system. I dont have Anti-Virus software, I dont have Spyware worries, I dont have a firewall, and I can modify the source code to my OS at any time (And I do) and make it more how I want it! Ive got a firewall on my familys WinXP SP2 PC, even thou they're behind a NAT'd router, and soon to be behind a Linux firewall/proxy also. Having done a fair bit of security analysis work, I can safely say that while ignorance is bliss, there's no excuse not to have AV software and a Firewall! Even Microsoft acknowledge its a _must_ have. Check out the Windows Update website and there's three things a windows box NEEDS: 1. Up-to-date Windows, security patches etc 2. Firewall - No excuse not to have it 3. Anti-Virus software Realistically they should add Anti-Spyware software to that list, as some predictions are that in 2006 it'll outnumber virus problems. That I believe. My 2c worth anyways. Chill. |
Chilling_Silence (9) | ||
| 309426 | 2005-01-02 01:02:00 | Check out the Windows Update website and there's three things a windows box NEEDS: 1. Up-to-date Windows, security patches etc 2. Firewall - No excuse not to have it 3. Anti-Virus software Realistically they should add Anti-Spyware software to that list, as some predictions are that in 2006 it'll outnumber virus problems. That I believe. My 2c worth anyways. Chill.[/QUOTE] If MS thought a firewall was essential why did they not design the XP firewall to be more effective. The reality is that very few home computers on XP have an additional firewall and with just normal web browsing and email use very few have any problems that could be put down to lack of a firewall. Sounds as if you are rather paranoid about security. Remember the average user is not using their computer for the things that a lot of the forum members do. All they do is email and occasional web browsing and installing and and configuring a firewall is not something they would want to get involved with and would probably cause more problems than it prevented. Spyware is another problem again and we can blame MS insecure systems for that and of course the answer to that is obvious. |
Safari (3993) | ||
| 309427 | 2005-01-02 01:45:00 | The problem with a lot of firewalls, is that they do invoke an element of scaremongering - you can see the corporate sense in this "OMG wow - ZoneAlarm stopped eleventeen hacksters this week I should send them money". Whilst it seems more and more advisable to use them, they do cause problems significant problems for the uninitiated. It doesn't take long with ZoneAlarm before someone has blocked IE and the base DNS processes from accessing the intarweb and no longer has connectivity. Joe User generally doesn't understand the intricacies of a firewall, doesn't understand the questions being asked when a program requests access, nor desires to learn them. Most people just want to turn on their intarwebnet and have it work. They do cause a significant number of problems for end users and for Internet Helpdesks having to support them. We did some interesting research at work and found that customers who had significant problems downloading large attachments all used ZoneAlarm. After looking into it, it turns out that ZA by default blocks the protocol used to negotiate the size of packets exchanged between server and client. As such data was being sent in smaller blocks so was more prone to errors etc, which effectively slowed their internet down significantly causing more frequent problems. The next step from that is the pop up alerts, or the cutesy little map features that Symantec Firewall has which displays a map with a big X-hair on it pointing at the country that "hackers" came from. This often spurs the just a tad more enlightened user to start taking screenshots and e-mailing every abuse/support desk they can find to report these "hackers". Whilst users think they are contributing something to the greater good, getting an e-mail with an MS Word attachment containing a screenshot pointing to Pakistan sent to support@domain.xx.xx abuse@domain.xx.xx dns@domain.xx.xx to every host between them and the purported hacker's location really does very little. Whilst the idea of a firewall is excellent, it is exceedingly difficult with the number of users that don't understand what is going on with them to have firewalls used effectively. An initial install of Zone Alarm can completely shoot internet access out with two clicks on the first alert that pops up. Then the uninstall process can (and regularly does) completely hose the TCP/IP stack breaking things further. The number of misguided complaints to abuse@myisp.xx.xx I get each week from people complain that our DNS servers have been trying to "h4x0r my intarweb and steal my jiggahurtz" is infuriating - not to mention time wasting on my part, and the part of the customer thats taken the time to write in about some innocuous traffic. It'd be good to see more people using firewalls, however the software needs to be better better built for end users - i.e. it shouldn't post confusing popup "alerts" and be more silent in it's alerts of supposed "hacking". There should also be more information available when it does ask a question so that when someone sees OMG "iexplore.exe is trying to access the intarweb" the instinct isn't to click NO! straight away. These are two quite good reads: www.samspade.org and: www.samspade.org "Personal Firewalls" are mostly snake-oil The second is more insidious... Why is an end user going to buy / register / upgrade their 'personal firewall'? They're not going to do so if they don't perceive any benefit from it. If it were a properly written application that just sat there, doing its job quietly in the background, users would forget it was there. But if it pops up warnings about 'attacks' all the time then it's clearly Doing Something. Most of those warnings are entirely frivolous - normal network traffic. Well worth reading the entire page. |
ninja (1671) | ||
| 309428 | 2005-01-02 02:20:00 | Yes in an ideal world, but who can afford a hardware firewall? He's is a little wrong, or this was written before the msblaster worm . ( referring to his mention of "If you're running a Windows machine and not running IIS you have nothing to worry about" . ) I install a software firewall on all computers that come through the shop . With zonealarm, just turned the notifications off . A small piece of instruction and they have had no problems . When the Blaster worm struck, no clients got it . Co-incidence or firewall? That is more proof to me of the value of a software firewall than an opinion . Sorry, firewalls are an "insurance" for the average user . |
pheonix (36) | ||
| 309429 | 2005-01-02 05:46:00 | Even just a firewall that performs the same function as my routers NAT would suffice!! The windows firewall is basic to prevent what ninja has described. Im not currently happy with any of the firewalls out there. They're all much to difficult for Joe-Average to use. Ideally a firewall is needed thats about as easy as running the installer and thats it. Advanced options such as pinholing should be available.... But stuff application-level security. Its piss-easy for a trojan to hijack another process/executable etc. If you dont trust the applications your PC runs, time to think about a change..... Chill. |
Chilling_Silence (9) | ||
| 309430 | 2005-01-02 06:06:00 | I use KERIO - works fine. | augustus (6717) | ||
| 309431 | 2005-01-02 07:42:00 | ninja . . . . . . the same spade thing is old and if i remember correct it was partly due to the guys little spat with zonealarm . as far as customers blocking themselves off the net (or blocking their favorite program) it just a matter of learning to use a program just like every other one they use . frankly if they can't work out a yes or no question they shouldn't be allowed a pc ! ! ! as far as compalints eg "someones hacking my pc ! " and the "i got 54 attempts today wow" once the novelty has worn off it soon goes . look at how many firewall alert requests we get here now . . . . . none . however i do have to agree about the over the top warnings/alerts most firewalls have, there often there simly to promote their product, just like everyone else . people soon get sick of it and turn the alerts off . unfortunatly the people that NEED firewalls the most are the ones most likly won't have one or use one properly . |
tweak'e (69) | ||
| 309432 | 2005-01-02 08:00:00 | as far as customers blocking themselves off the net (or blocking their favorite program) it just a matter of learning to use a program just like every other one they use. frankly if they can't work out a yes or no question they shouldn't be allowed a pc ! ! ! Generic host process for win32 (or something to that effect) is attempting to access the internet. Do you wish to allow this? User: Hmm... that doesn't sound like intarwebnet explorer. *clicks no* Seconds later... Generic host process for win32 (or something to that effect) is attempting to access the internet. Do you wish to allow this? User: Hmm... that doesn't sound like intarwebnet explorer. *clicks no* More seconds later... Generic host process for win32 (or something to that effect) is attempting to access the internet. Do you wish to allow this? User: Gah... stupid thing keeps annoying me *ticks the remember this box and clicks no* Bang... no more DNS. Thus no more intarweb. Thus no more Inbox Outlook Express e-mails. Generally followed by a call to their ISP - don't see ZoneAlarm having a helpdesk (at least Norton have the decency to). I wouldn't expect many home users to look at that message and think wow I bet I need that to be online. |
ninja (1671) | ||
| 309433 | 2005-01-02 08:04:00 | I'm probably in a minority group but I'm firmly of the opinion that for the average home user an external fire wall is just something else to annoy you. If you use an ISP who blocks virus and you have a good anti-virus program then a fire wall is unnecessary. All the know alls who subscribe to this forum are forever rubbishing MS's built in fire wall, but in reality it gives ample protection. If you want it and are worried still you could try Zone Alarm. But in my opinion it's just a nuisance. Forever telling you that some perfectly legitimate program wants to contact the web. I took it out after a month. Another near useless program is AdAware. Every time I run it , it finds half a dozen "tracking cookies". You remove these cookies and they are back again in about half an hour. They are inserted by sites you regularly visit. AdAware has never, ever found anything else on my computer. I'm fully of the opinion that most "protection programs" are purely there to make money for the writers. Viruses, in the main, are being over hyped. I can do a lot more damage to my computer than any virus ever has. Jack |
JJJJJ (528) | ||
| 309434 | 2005-01-02 08:37:00 | I think that Jack, Tweak'e and Ninja all have some valid points here..... Application level security isnt a _must_ for 95% users - Something that'll NAT will work fine. JJJJJ: The WinXP Firewall (In answer to the origional question, and confirming what you've said) is sufficient for a _lot_ of things, but personally I dont trust Doze because I cant see the inner workings of it. Personally, I reakon we need a simple firewall that can NAT, and open ports, and thats what Im going to start working on shortly. Thats my programming Goal, and if there's anybody else here who likes that idea, then I'd be keen to hear from them Cheers Chill. |
Chilling_Silence (9) | ||
| 1 2 3 4 5 6 | |||||