| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 52855 | 2005-01-01 02:05:00 | firewalls | susievb (4439) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 309435 | 2005-01-02 08:44:00 | If you use an ISP who blocks virus and you have a good anti-virus program then a fire wall is unnecessary. All the know alls who subscribe to this forum are forever rubbishing MS's built in fire wall, but in reality it gives ample protection. We need moderators that delete such bollocks when it gets written so poor advice doesn't get spread around. :stare: :stare: |
E|im (87) | ||
| 309436 | 2005-01-02 08:49:00 | And this Moderator doesnt like people who are so arrogant. Something like this _may_ be more fitting: In reality ISP's block Email viruses, but not the likes of the Blaster etc. So therefore they cant protect against everything. E|im - last warning dude - You gotta keep it friendly or I'll put my Moderator hat on and you can wear the banned label for a week aight! |
Chilling_Silence (9) | ||
| 309437 | 2005-01-02 08:50:00 | Generic host process for win32 is allowed through by default with most firewalls so i don't know how that can be an issue. also the default browser is allowed through much to my disgust. sorry chill i got to disagree...Application level security IS a must for 95% of users. its the top 5% of users who don't really need it due to their forever watchfull eye and good net/pc habits. i know lots of people (most of them are newbies) where the firewalls has saved their bacon on more than one occasion. in 2 cases its saved them a rather big phone bill (a rather nasty dailer). |
tweak'e (69) | ||
| 309438 | 2005-01-02 08:53:00 | You've got a point, but how hard is it to modify some trojan source so it hijacks explorer.exe? Effectively making that security added redundant... | Chilling_Silence (9) | ||
| 309439 | 2005-01-02 08:59:00 | yeah thats why i don't like allowing things through by default. if your already infected it can go through unnoticed. however most firewalls now check what module etc actaully makes the call so it can pick an app useing another app to get through. | tweak'e (69) | ||
| 309440 | 2005-01-02 09:03:00 | What do you mean by what module? The executable will be running and making the call, Ive seen it done, and Ive seen it pass through the firewall.... Zone Alarm, Kerio, Symantec etc Im not trying to be negative or anything, just asking for a little clarification :) |
Chilling_Silence (9) | ||
| 309441 | 2005-01-02 09:21:00 | Thats my programming Goal, and if there's anybody else here who likes that idea, then I'd be keen to hear from them It's a common joke at work that we should badge up our own custom firewall, with lots of flashing lights, radio buttons and slider bars.... that don't actually do anything. God bless the placebo effect. |
ninja (1671) | ||
| 309442 | 2005-01-02 09:34:00 | What do you mean by what module? The executable will be running and making the call, Ive seen it done, and Ive seen it pass through the firewall.... Zone Alarm, Kerio, Symantec etcI know when I used Agnitum Outpost last, it would alert me that a program that had previous permission, has now been altered since it last accessed the internet and would then re-ask for permission. The alert went on to mention that this would happen if you had just updated that program, otherwise consider blocking it (or words to that affect). I remember the firewall went nuts after I installed SP2 on XP with all those updates ... :rolleyes: | Jen (38) | ||
| 309443 | 2005-01-02 09:53:00 | I know when I used Agnitum Outpost last, it would alert me that a program that had previous permission, has now been altered since it last accessed the internet and would then re-ask for permission. The alert went on to mention that this would happen if you had just updated that program, otherwise consider blocking it (or words to that affect). I remember the firewall went nuts after I installed SP2 on XP with all those updates ... :rolleyes: Yeah component control. Quite a useful feature as other firewalls just check if the main exe is modified, but there are also DLLs and other parts of the program that can be modified as well, possibly indicating a trojan. But blimin annoying with all the alerts it pops up so I just turn it off. |
E|im (87) | ||
| 309444 | 2005-01-02 09:57:00 | OK - stock Windows XP install with no patches will get the Sasser worm in approximately two minutes. Try it yourself or search the web for information on the Sasser worm. Get yourself a slipstreamed disk (builds in SP2 to XP) and you won't have to worry about that. As for what a Firewall will do for you, read the excellent article on a reported at www.usatoday.com on a honey pot test run by Kevin Mitnick. Looks like the Windows firewall alone stopped a compromise during this test. However, Zone Alarm also works just fine, nowithstanding the advice I got to the contrary from the Paradise Technical Help Desk. Don't have Zone Alarm and Windows Firewall turned on at the same time. |
Twelvevolts (5457) | ||
| 1 2 3 4 5 6 | |||||