| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 105046 | 2009-11-17 04:53:00 | Question about Firewalls | Tony (4941) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 830936 | 2009-11-17 23:40:00 | that sort of thinking is seriously flawed. I agree in a commercial context that would be a dodgy philosophy, but in a home environment where you know exactly what is happening and are sensible about what you are doing, it seems to me OK - or not? | Tony (4941) | ||
| 830937 | 2009-11-17 23:41:00 | That said, I disable my firewalls anyways and just use the routers NAT... But I'm the exception, not the rule ;)That's what I do, and I guess is one of the issues under discussion here. | Tony (4941) | ||
| 830938 | 2009-11-18 02:29:00 | For application-control, what's wrong with the built-in Windows firewall? Seems to block applications as far as I'm aware, and it won't let things out unless you specifically "OK" it. i havn't bothered to try MS firewall for a long time. imho theres better freebes. but its better than nothing. it shows how important firewalls are if MS actually relented and put one in. I agree in a commercial context that would be a dodgy philosophy, but in a home environment where you know exactly what is happening and are sensible about what you are doing, it seems to me OK - or not? not really. any decent commercial pc will be usually cut down and users are limited to what can be done ie install progs etc. home pc's are the worse and the hardest to do security for. you have an unrestricted pc (you can do anything you like to it), unrestricted use by anyone in the house and no IT admin to call for help. its totally at the mercy of the user. ideally the AV should catch the bugs but that doesn't always happen. firewall is handy so it contains the bug, stops it sending off info (eg bank acc details) or used remotely for other purposes. the other thing to keep in mind is not every bad thing is flagged by AV or antispyware. there are some things which shouldn't access the net but they are commercial products so AV companies ignore them. perfect example is a few adware companies who have done deals so AV products don't detect their software. |
tweak'e (69) | ||
| 830939 | 2009-11-18 02:45:00 | OK, maybe I'm misunderstanding totally here. I have always thought: Firewalls stop worms etc getting in, i.e. uninvited access to your PC. Nothing to do with viruses attached to emails (dealt with by AV) or dodgy websites that you voluntarily visit and effectively invite access (your problem if you are so dumb, but also helped by AV and sometimes the browser). Firewalls can also stop things going out by blocking specific ports. If I understand what is being said here, a firewall can also block outwards traffic (a) from specific applications, (b) to specific websites. I guess it is these last two where "updating" (which is what started this thread off) would occur. Comments? |
Tony (4941) | ||
| 830940 | 2009-11-18 03:13:00 | Well no firewalls dont stop worms.. If youre dumb enough to go to dodgy / warez sites / use P2P programs and you run whatever program / file (and its got a trojan, virus or worm in it), and you didnt scan it first, its a bit late for a firewall to stop it from coming in. It came in c/o the user. And depending on WHAT it is, it may also disable your firewall and AV program. Which can happen A firewall MAY block it from communicating with its owner / site. Thats if you know what youre doing (with the firewall). And whether or not, you know WHAT the file is the firewall is trying to block. Some people probably dont know WHAT some files are (so they let it through the firewall). AV programs (if they have the option, and IF its enabled) should scan attachments. Altho NOT all AV programs do this. They'll only pick something up, ONCE you extract the file (if its zipped or something) Most firewalls I think have ports in their options by default. You can add whatever port you want (if you want something to get through it (ie: like networked computers). If youre using a modem / router, some can also block sites / domains. So noone can go to whatever site. It depends on WHAT exactly you mean by updating. If you add ports, then youre updating (whats not in the firewall already). Thats not updating the program itself. Updating usually means the maker has added new features / fixed bugs / vulnerabilities.. And this usually means you'll have to download the new version, then install it over the old version. Or the program has an update option in it, and it can update itself while its running (or it'll let you know when an update is available). |
Speedy Gonzales (78) | ||
| 830941 | 2009-11-18 03:25:00 | Well no firewalls dont stop worms.. If youre dumb enough to go to dodgy / warez sites / use P2P programs and you run whatever program / file (and its got a trojan, virus or worm in it), and you didnt scan it first, its a bit late for a firewall to stop it from coming in... Firewalls can stop the spread of worms. Yes, once it is in your computer, a firewall isn't going to stop it already. But it will stop the worm from infecting other computers as the firewall will deny the worm network access. Unless the worm has disabled the firewall as you pointed out. |
utopian201 (6245) | ||
| 830942 | 2009-11-18 04:08:00 | Well no firewalls dont stop worms.. If youre dumb enough to go to dodgy / warez sites / use P2P programs and you run whatever program / file (and its got a trojan, virus or worm in it), and you didnt scan it first, its a bit late for a firewall to stop it from coming in. Well, right, absolutely. I was talking about the stuff that trawls the net looking for unsecured computers. I totally understand that if you go to an infected site, you have opened the door, and would have to rely on AV to protect you. | Tony (4941) | ||
| 830943 | 2009-11-19 01:29:00 | If you get a nasty bit of malware that your A/V etc doesn't pick up (e.g. a keylogger), and you don't have a firewall managing / blocking your outgoing connections, then say goodbye to your PC's security. Most nasties will infect your machine in ways that won't be affected by blocking inbound connections - so assuming you're safe because nothing can get in past your router is a badly flawed assumption, as once it gets in (and it's wise to assume it *will* get in somehow) it can phone home without any impediment. | Erayd (23) | ||
| 830944 | 2009-11-21 06:08:00 | While on the subject of Fire Walls. I have been running W7 for several weeks with Comodo Fire Wall & Windows Fire Wall both on. They seem to be compatible. I have Avast anti virus because Comodo anti virus was giving false positives. I have just done a virus scan & a Spy bot scan and apart from a few Cookies found nothing. With Xp there always seemed to be swags of greebies. Could it be that W7 is more resistant to greebies --- at present? |
mzee (3324) | ||
| 830945 | 2009-11-21 06:27:00 | I wouldnt have both firewalls on. They may go alongside one another. But theyre probably conflicting. And will miss something sooner or later It depends on WHAT you do on the internet, and where you go / what you get. On whether you'll get infected or not |
Speedy Gonzales (78) | ||
| 1 2 3 | |||||