OT: Which firewall is best?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Is there really a need for an additional firewall besides the one that
comes with windows? If so, of the free ones, which do most consider as
a very good one?

Thanks,
Mark

Re: OT: Which firewall is best?

On Fri, 20 Feb 2009 11:06:44 -0600, FERRANTE wrote:

Quoted text here. Click to load it

The short answers are no, and none.

No provided the Windows user thoroughly understands and  applies the
principles of safe hex. Just ask here if you don't know what they are,
you'll be deluged with answers.

However, you do realise that you've stirred up a hornets' nest don't you?
The first complaint you'll read is that you should have searched the
archives rather that asking a question which has been asked here, and
answered in so many conflictiing ways, so many times!

Good luck with the flak!

Cheers,

Roy

Re: Which firewall is best?



FERRANTE wrote:
Quoted text here. Click to load it

What operating system? Win ?



Re: Which firewall is best?

wrote:

Quoted text here. Click to load it

XP.

Re: Which firewall is best?

FERRANTE wrote:

Quoted text here. Click to load it

I've always liked the Windows Firewall.
http://obligement.free.fr/images/windows_firewall.jpg

--
   -bts
   -Friends don't let friends drive Windows

Re: Which firewall is best?


Quoted text here. Click to load it

And now we all know why!

ROFL and thanks -- that's a gem.

J
--
Replies to: Nherr1professor2doktor31109(at)Oyahoo(dot)Tcom

Re: OT: Which firewall is best?

On Fri, 20 Feb 2009 11:06:44 -0600, FERRANTE

Quoted text here. Click to load it

Many people say yes (Win98).
Some people say no, some people say yes (WinXP).
Many people say no (WinVista).


Quoted text here. Click to load it

You could look here:
http://www.matousec.com/projects/firewall-challenge /
http://www.matousec.com/projects/firewall-challenge/results.php

--
Fred W. (NL)

Re: OT: Which firewall is best?

manthonyferrante@yahoo.com says...
Quoted text here. Click to load it

Yes, if you consider that the firewall on Windows itself is not really a
firewall, it's more like a poor-mans blocker that sort of protects you,
but has many auto configured holes that you just don't know about.

A better method is to purchase a cheap NAT Router, mistakenly called a
Firewall by some vendors, and it will block unsolicited inbound
connections from the internet, even if you screw up the windows
firewall.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?


wrote:

Quoted text here. Click to load it

Perhaps you can point out where all these alleged "holes" are?


Quoted text here. Click to load it

He hasn't mentioned anything about how his computer is networked and
thus you can't say that a nat router is appropriate. Unless you're a
closet clairvoyant, of course.


Jim.


Re: OT: Which firewall is best?

Quoted text here. Click to load it

Sure, all you have to do is google for Windows Firewall Holes and you
can find a list of problems.

Lets not forget that almost every computer shipping from a vendor comes
with File and Printer sharing enabled, no password, and the exception is
enabled in the Windows Firewall also.

Quoted text here. Click to load it

Sure I can - when talking about computers and firewalls, A NAT router
for a home user, since he's not mentioned business, is a minimum level
of protection and is a MUST for any home user.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?


wrote:

Quoted text here. Click to load it

Well the top two returned here say

"To tell the truth, it's not really a hole, but I thought I'd grab
your attention. it's not a flaw in the operation of Windows Firewall
on Windows Vista. It's a design feature, it makes sense, and it fits
in with the principle that the firewall should keep out unsolicited
traffic."

The  next describes how xp sp2 affects security and then the remainder
describe the firewall and gradually drift off topic.

Currently, that's zero holes. Perhaps a different search criteria?

Quoted text here. Click to load it

I've yet to see one configured as such. Indeed even if it is, then it
is not a "hole" and the firewall can simply be reconfigured to close
any open ports that you don't want open.

Quoted text here. Click to load it

How do you know it's a home user wanting to isolate his machine from
the Internet? What if he just wants to isolate machines from each
other on his LAN?


Jim.


Re: OT: Which firewall is best?

Quoted text here. Click to load it

And that would show how limited your experience is.

Quoted text here. Click to load it

And a NAT router would do that too.

A simple NAT router connected to the house LAN and then the computer
connected to the NAT routers lan would disallow connections from the
house lan to the computer behind the NAT router.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

PMFJI, I use a NAT router because I have multiple PC's networked as a
LAN, but if I had only a single PC I wouldn't be so quick to use a NAT
router. Sure, the router blocks unsolicited inbound connections, but
what kinds of exploits are out there that can make an inbound
connection to a PC that isn't listening?


Re: OT: Which firewall is best?

bjar@home.invalid says...
Quoted text here. Click to load it

If you could trust the OS then you wouldn't need a firewall, that's the
point.

A single PC network still greatly benefits from a NAT Router.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

Please explain how.

Re: OT: Which firewall is best?

only.invalid says...
Quoted text here. Click to load it

If you don't understand NAT and how it relates to a single computer
connected to the internet, please search google for a few articles that
explain how NAT Routers work and what they do.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?


Quoted text here. Click to load it


http://secunia.com/advisories/product/16/?task=statistics
60% of the known bugs in xp home allow remote attacks.

Note the comment on the page ...
"Most Critical Unpatched
 The most severe unpatched Secunia advisory
 affecting Microsoft Windows XP Home Edition, with all
 vendor patches applied, is rated Extremely critical"

Try installing xp (original version), and then updating it, on a pc connected
directly to the internet.  It'll be infected long before you can download the
updates.

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)


Re: OT: Which firewall is best?

On Sat, 21 Feb 2009 15:15:07 -0500, "David W. Hodgins"

Quoted text here. Click to load it

yeah yeah, "unpatched", "xp home", "directly connected".
Now explain how when the above does not apply.

Re: OT: Which firewall is best?

only.invalid says...
Quoted text here. Click to load it

Windows XP Firewall, SP2 (as many machines are still using it), File and
Printer sharing enabled, no password on user account, many machines like
this....

Windows XP Firewall, SPx (1,2,3), installed MS Office Prof with SQL
backend - XP Firewall has exception for SQL installed, exploit takes
advantage of SQL flaw through Firewall.

I could go on all night.....

There are just way to many things that punch holes in the XP Firewall to
trust it for the ignorant masses.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

I have used Office Pro and done a 'full' install and it has never
installed any sql backend and opened up any ports in the windows
firewall. Maybe I got lucky.
I know lots of applications do have exceptions added (HP printers for
example) and by default the scope is to allow all addresses. Same
applies to file sharing.
I change all to allow only my own IP range.

I am not disputing that NAT stops inbound by default but do not believe
the hype about Windows firewall being any worse than any other.

I do not use NAT and never intend to. I do run a router with a firewall.
In addition I do run the XP firewall but probably don't need to. It is
there in case my router firewall breaks, which has been known to happen.

Personally I think NAT is more trouble than it is worth. I like to run
the same services on multiple IP addresses (including SIP VoIP).

Quoted text here. Click to load it

Nah, don't do that.

Quoted text here. Click to load it

I disagree.
Any software firewall is going to ask to let the program have Internet
access. If the user says yes (which the "ignorant masses" probably
would) that is their lookout.
I believe the Windows firewall to be more than adequate, and is better
to have the OS developer incorporate it.

Either way, one of either a working NAT, A working Windows Firewall or a
working perimeter firewall (not NAT) would be enough for anyone, if
properly configured.

Site Timeline