OT: Which firewall is best? - Page 3

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: OT: Which firewall is best?

On Sun, 22 Feb 2009 20:55:38 -0600, James Morrow

Quoted text here. Click to load it

No, so please explain.

Re: OT: Which firewall is best?

only.invalid says...
Quoted text here. Click to load it

If you have a Trojan calling out you'll never know. That you don't know
will hurt you.

--
James E. Morrow
 Email to: jamesemorrow@email.com

Re: OT: Which firewall is best?

On Mon, 23 Feb 2009 20:34:47 -0600, James Morrow

Quoted text here. Click to load it

It seems like by the time you have a trojan calling out, you've
already been compromised. It's rather late to be expecting a firewall
to protect you.


Re: OT: Which firewall is best?

none@none.invalid says...
Quoted text here. Click to load it

The firewall appliance can keep other systems from being infected in
SOME cases as well as alert you to the fact that you'e been compromised.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

I'm just saying that those tasks would seem to land squarely in the
antivirus/antimalware space.


Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

Those with a clue heard you and agree.

Re: OT: Which firewall is best?

only.invalid says...
Quoted text here. Click to load it

And that's why people that don't filter content from multiple paths,
that only rely on a single product, get compromised. Shows that you
don't have a clue.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

WTF does that mean?

Re: OT: Which firewall is best?

only.invalid says...
Quoted text here. Click to load it
If you don't understand what it means then you don't know enough to make
the comments you made.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

Ho Hum. You are such a cock. You write a sentence of your opinionated
jibberish and then try and justify it with a schoolboy statement. I was
hoping you would at least attempt to construct the sentence again in
comprehensible English.

I made the comments so I understand them. I "know" I am more versed in
the subject of network security then you will ever be.

You still have not stated which "software" firewall product you
recommend in your, supposed role, where you "design secure networks for
a living".
You are the first network security "professional" I have ever heard of,
who recommends a software firewall product, so I am interested in which
one.

Re: OT: Which firewall is best?

only.invalid says...
Quoted text here. Click to load it

No, I'm not the first, as I don't/didn't recommend a soft firewall on
ANY PERSONAL computer. There are dedicated software based firewalls that
run on Servers, but users don't sit at that server and mess with it
daily.

You didn't understand what you read, again, and that's why you get the
comments you get as well as making the stupid assumptions you did.

I don't recommend you disable the Windows firewall on a PC, but I do
state that it does little to protect the typical ignorant user, AND I do
state that most home users would benefit, greatly, from a NAT router vs.
windows firewall.


--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

That will help you http://www.iyogi.net/firewall-configure.html


Quoted text here. Click to load it


Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

You may need this but you are alone.

Re: OT: Which firewall is best?

none@none.invalid says...
Quoted text here. Click to load it

I don't believe they are on that plate.

A compromised computer that sends 10,000 emails per hour can easily be
detected by a firewall appliance, or at least can be seen in the logs of
the firewall appliance - at the same time the threat could have made
itself invisible to the antivirus/malware product.

A quality firewall also includes monitoring ability as well as detection
ability for various attack vectors.

While AV products are good, generally, they do little to stop 0-Day
exploits, but a quality firewall with services to filter HTTP and SMTP
can do a LOT to prevent their reaching your computers/network.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

Since you've now drifted to an appliance, the rules change and you're
no longer limited to a firewall if all you want to do is to 'detect'
outbound traffic or have it 'be seen in the logs'. Any proxy will do
the same thing, for example.

Quoted text here. Click to load it

If the goal now is to "prevent their reaching your computers/network"
then we've indeed come full circle and can once again look at a
firewall for its INBOUND filtering capabilities.

BTW, I don't agree that AV products do little to stop 0-day exploits.
Some are better than others, but I don't think it's fair to say they
do little. "It depends" is a better answer.


Re: OT: Which firewall is best?

none@none.invalid says...
Quoted text here. Click to load it

Actually, I've been talking about a NAT Router, which IS AN APPLIANCE,
as a better option than Windows Firewall in most cases.

A NAT router will show in and out traffic in the LOGS, it will enable
users to identify the source IP as well as PORT and destination, in real
time. While not all NAT routers have logging, Linksys seems to have the
most user friendly logging and there are free utilities that make it
easy for non-technical users to read/see.

Quoted text here. Click to load it

We never left, it's always been about inbound and outbound, but some of
you have limited your scope to what Windows firewall is capable of -
which is why it's not a good firewall.

A NAT Router, not really a firewall, is still better for both IN and OUT
traffic than Windows firewall.

Quoted text here. Click to load it

That's true, IT DEPENDS, but there are a LOT of exploited machines that
run AV with updates....
 

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

That help you http://www.iyogi.net/firewall-configure.html

Quoted text here. Click to load it


Re: OT: Which firewall is best?

On Mon, 23 Feb 2009 20:34:47 -0600, James Morrow

Quoted text here. Click to load it

If you are too stupid to realise you have a Trojan then you are not
likely to pay much attention to a message about it wanting Internet
access.
If it has not already disabled the firewall.
Or injected its data into traffic already allowed out with some other
application that the user clicked yes to (or the firewall allowed out by
default).

On the other hand I might as well remove Avast and my Anti-Malware
software as my trusty old firewall will save the day.

Re: OT: Which firewall is best?


On Sun, 22 Feb 2009 20:55:38 -0600, James Morrow

Quoted text here. Click to load it

Well you've already called it a "path" yourself. Why change to a
"hole" when it isn't a "hole" at all? A user choice has been made. The
firewall hasn't failed.


Quoted text here. Click to load it

A choice in which he can say no. Or maybe clicking on "No" establishes
the connection anyway? Either way it's not the job of a firewall to
deal with that.

If the user perceives that he's a dimwit he can install a security
suite to take over and run the computer for him. Windows firewall
doesn't claim to be a security suite. It's just a standard firewall
which does its job better than third party alternatives.


Jim.


Re: OT: Which firewall is best?

Quoted text here. Click to load it

Yes, the firewall has done what it was told to do. Thus, no it has not
failed in that sense. But the poor dumb user now has an unprotected
machine. The difference between a path and a hole is semantic. But if
the user fails to understand his vulnerability then there is no real
distinction between a path and and hole.

You point out correctly that the connection is a choice the user can
make. It is the firewall's duty to warn the user. Whether a firewall
can wise him up is something we both might doubt. A firewall is not a
substitute for a knowledgeable user but it is a warning devise.


--
James E. Morrow
 Email to: jamesemorrow@email.com

Site Timeline