| Author |
Message |
Ansgar -59cobalt- Wiecher
Guest
|
 Posted:
Wed Dec 14, 2005 5:22 pm Post subject:
Re: WinXP SP2 firewall |
|
|
Alan Illeman wrote:
| Quote: | "Kyle Stedman" <kyle_st@yahoo.com> wrote in message news:Xns972BC66354474kylest@69.28.186.158...
Only idiots use personal software firewalls. Get a NAT router with SPI.
See this, from http://www.samspade.org/d/firewalls.html
"Personal Firewalls" are mostly snake-oil
Just one opinion, that's all.
|
It's more than "just one opinion". He gave a lot of good reasons, though
you obviously chose to ignore them.
| Quote: | I'm running Win2K Pro, SP4, FAT32 instead of the more complicated
NTFS, always run as Admin
|
Well, having different users on FAT32 would be utterly pointless anyway,
wouldn't it?
| Quote: | and have been virus free for three years - because of the so-called
"Personal" firewall, Kerio 2.1.5
|
That's plain wrong, because no firewall protects you from virii. When a
firewall detects an infection you're already toast.
cu
59cobalt
--
"Abstractions save us time working, but they don't save us time learning."
--Joel Spolsky |
|
| Back to top |
|
 |
Alan Illeman
Guest
|
| Posted:
Wed Dec 14, 2005 5:22 pm Post subject:
Re: WinXP SP2 firewall |
|
|
"Kyle Stedman" <kyle_st@yahoo.com> wrote in message news:Xns972BC66354474kylest@69.28.186.158...
Just one opinion, that's all. I'm running Win2K Pro, SP4, FAT32 instead of
the more complicated NTFS, always run as Admin and have been virus free
for three years - because of the so-called "Personal" firewall, Kerio 2.1.5
I check with Grisoft AVG7 (subscription). |
|
| Back to top |
|
|
Jeff B
Guest
|
| Posted:
Thu Dec 15, 2005 1:14 am Post subject:
Re: WinXP SP2 firewall |
|
|
go in peace :-)
--
---
Jeff B (remove the No-Spam to reply) |
|
| Back to top |
|
|
Alan Illeman
Guest
|
| Posted:
Thu Dec 15, 2005 3:46 am Post subject:
Re: WinXP SP2 firewall |
|
|
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
| Quote: | Alan Illeman wrote:
"Kyle Stedman" <kyle_st@yahoo.com> wrote in message news:Xns972BC66354474kylest@69.28.186.158...
Only idiots use personal software firewalls. Get a NAT router with SPI.
See this, from http://www.samspade.org/d/firewalls.html
"Personal Firewalls" are mostly snake-oil
Just one opinion, that's all.
It's more than "just one opinion". He gave a lot of good reasons, though
you obviously chose to ignore them.
I'm running Win2K Pro, SP4, FAT32 instead of the more complicated
NTFS, always run as Admin
Well, having different users on FAT32 would be utterly pointless anyway,
wouldn't it?
and have been virus free for three years - because of the so-called
"Personal" firewall, Kerio 2.1.5
That's plain wrong, because no firewall protects you from virii. When a
firewall detects an infection you're already toast.
|
That doesn't explain why I've been virus free for so long. |
|
| Back to top |
|
|
Triffid
Guest
|
| Posted:
Thu Dec 15, 2005 7:47 am Post subject:
Re: WinXP SP2 firewall |
|
|
Alan Illeman wrote:
| Quote: | "Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
Alan Illeman wrote:
"Kyle Stedman" <kyle_st@yahoo.com> wrote in message news:Xns972BC66354474kylest@69.28.186.158...
Only idiots use personal software firewalls. Get a NAT router with SPI.
See this, from http://www.samspade.org/d/firewalls.html
"Personal Firewalls" are mostly snake-oil
Just one opinion, that's all.
It's more than "just one opinion". He gave a lot of good reasons, though
you obviously chose to ignore them.
I'm running Win2K Pro, SP4, FAT32 instead of the more complicated
NTFS, always run as Admin
Well, having different users on FAT32 would be utterly pointless anyway,
wouldn't it?
and have been virus free for three years - because of the so-called
"Personal" firewall, Kerio 2.1.5
That's plain wrong, because no firewall protects you from virii. When a
firewall detects an infection you're already toast.
That doesn't explain why I've been virus free for so long.
|
You are virus free because you use AVG.
The fact you also use a PFW is irrelevant. Claiming you are virus free
"because of" a PFW is plain wrong, as 59cobalt pointed out.
Triffid |
|
| Back to top |
|
|
Triffid
Guest
|
| Posted:
Thu Dec 15, 2005 8:33 am Post subject:
Re: WinXP SP2 firewall |
|
|
Leythos wrote:
| Quote: | In article <439fab4f@news.uni-ulm.de>, bumens@dingens.org says...
Kyle Stedman <kyle_st@yahoo.com> wrote:
Only idiots use personal software firewalls.
This is not true. Many people use them, because they don't understand
what's going on and are believing the manufaturors of "Personal Firewalls",
what they're promising.
Actually, many security types, people that make a living designing
secure solutions, run PFW solutions on their mobile devices with 100%
effectiveness. To bad people want you to believe that FPW are 100%
useless.
|
PFWs are designed around the patently false assumptions that a firewall
process can control the behavior of other processes running under the
same OS kernel instance, and is somehow immune to being controlled by
other processes.
I accept that your experience as a person making a living designing
secure solutions leads you to believe PFWs are 100% effective, yet I
somehow doubt you would recommend your clients run anything other than
firewall processes on their firewalls. Same thing.
Can you cite an instance where a PFW provided protection which was not
afforded by best practice - i.e. services minimised, least privilege,
user vigilance?
Triffid |
|
| Back to top |
|
|
Alan Illeman
Guest
|
| Posted:
Thu Dec 15, 2005 5:21 pm Post subject:
Re: WinXP SP2 firewall |
|
|
"Triffid" <triffid@nebula.net> wrote in message news:NW3of.2425$El.260542@news20.bellglobal.com...
| Quote: |
Alan Illeman wrote:
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
Alan Illeman wrote:
"Kyle Stedman" <kyle_st@yahoo.com> wrote in message news:Xns972BC66354474kylest@69.28.186.158...
Only idiots use personal software firewalls. Get a NAT router with SPI.
See this, from http://www.samspade.org/d/firewalls.html
"Personal Firewalls" are mostly snake-oil
Just one opinion, that's all.
It's more than "just one opinion". He gave a lot of good reasons, though
you obviously chose to ignore them.
I'm running Win2K Pro, SP4, FAT32 instead of the more complicated
NTFS, always run as Admin
Well, having different users on FAT32 would be utterly pointless anyway,
wouldn't it?
and have been virus free for three years - because of the so-called
"Personal" firewall, Kerio 2.1.5
That's plain wrong, because no firewall protects you from virii. When a
firewall detects an infection you're already toast.
That doesn't explain why I've been virus free for so long.
You are virus free because you use AVG.
The fact you also use a PFW is irrelevant. Claiming you are virus free
"because of" a PFW is plain wrong, as 59cobalt pointed out.
|
That is just plain silly. AVG doesn't prevent infections, it just checks if they
are present.
His comment..
"no firewall protects you from virii. When a firewall detects an infection
you're already toast."
...misses the point entirely. A firewall, correctly implemented, prevents
unauthorised access. |
|
| Back to top |
|
|
Ansgar -59cobalt- Wiecher
Guest
|
| Posted:
Thu Dec 15, 2005 5:21 pm Post subject:
Re: WinXP SP2 firewall |
|
|
Alan Illeman wrote:
| Quote: | "Triffid" <triffid@nebula.net> wrote in message news:NW3of.2425$El.260542@news20.bellglobal.com...
Alan Illeman wrote:
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
That's plain wrong, because no firewall protects you from virii.
When a firewall detects an infection you're already toast.
That doesn't explain why I've been virus free for so long.
You are virus free because you use AVG.
The fact you also use a PFW is irrelevant. Claiming you are virus
free "because of" a PFW is plain wrong, as 59cobalt pointed out.
That is just plain silly. AVG doesn't prevent infections, it just
checks if they are present.
|
No. On-demand scanners allow you to scan files before you execute them.
On-access scanners check whether a file you're about to access/execute
is infected. Both will help you to avoid an infection.
| Quote: | His comment..
"no firewall protects you from virii. When a firewall detects an
infection you're already toast."
..misses the point entirely. A firewall, correctly implemented,
prevents unauthorised access.
|
You seriously need to get your terms straight. A firewall prevents
unwanted traffic between two or more networks. That's what firewalls are
made for. In case of a host-based firewall it prevents unwanted traffic
*to* that host. It may thus protect a host from worms, and though some
virii may also show worm characteristics, they are in general something
completely different as they don't necessarily need to cause any kind of
network traffic.
That's why personal firewalls can't (by design and definition) protect
you from virii though they may protect you from worms. If a personal
firewall detects traffic caused by a virus on your system, the virus is
already active and has compromised your system.
cu
59cobalt
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq |
|
| Back to top |
|
|
Leythos
Guest
|
| Posted:
Thu Dec 15, 2005 5:21 pm Post subject:
Re: WinXP SP2 firewall |
|
|
In article <WB4of.3115$PQ3.578166@news20.bellglobal.com>,
triffid@nebula.net says...
| Quote: |
Leythos wrote:
In article <439fab4f@news.uni-ulm.de>, bumens@dingens.org says...
Kyle Stedman <kyle_st@yahoo.com> wrote:
Only idiots use personal software firewalls.
This is not true. Many people use them, because they don't understand
what's going on and are believing the manufaturors of "Personal Firewalls",
what they're promising.
Actually, many security types, people that make a living designing
secure solutions, run PFW solutions on their mobile devices with 100%
effectiveness. To bad people want you to believe that FPW are 100%
useless.
PFWs are designed around the patently false assumptions that a firewall
process can control the behavior of other processes running under the
same OS kernel instance, and is somehow immune to being controlled by
other processes.
I accept that your experience as a person making a living designing
secure solutions leads you to believe PFWs are 100% effective, yet I
somehow doubt you would recommend your clients run anything other than
firewall processes on their firewalls. Same thing.
Can you cite an instance where a PFW provided protection which was not
afforded by best practice - i.e. services minimised, least privilege,
user vigilance?
|
Yes, taking my laptop into a government agency, where they were
compromised by a exploit that was killing their network, infecting
machines that a patch had not been issued for yet. My laptop running
Tiny was set to block all INBOUND and ALL OUTBOUND (my normal starting
point when I walk into a new client/wild). I was able to see the inbound
traffic, keep my computer from being infected by the exploit.
A good example of the outbound protection was the 4 computers that were
infected with a SMTP engine virus at a Sorority. While one machine had a
PFW, it was setup to only allow SMTP access to the local outbound email
server - this computer was "Trying" to spew more than 100 emails/sec to
random addresses, but the PFW blocked it from reaching outbound via SMTP
of it's own engine (the virus didn't try and relay through the local
server). The other three machines were not protected by a PFW and were
spewing virus containing emails all over the planet. At the same time,
after being called in, I set my laptop to block all in/out, then setup
an IP on the network, then watched the traffic hitting my laptop -
determined the compromised machines and disconnected them until clean.
As a side not we got a contract to setup their network and secure their
systems - keep in mind that these are all different types of computers,
various OS's, various AV/PFW products, etc... In the following periods
this group has only had one infection (in three years) and it was an
exploit in AOL IM that caused 5 machines to be compromised, but, that
was through a path that was normally open and easy to pass through - it
was odd that the AV software didn't pick it up (it did a couple days
later)... Almost every system arriving for this year had quality AV
software, all were running at least SP2 and had the Windows Firewall
enabled, about 40% were running NIS or ZAP, and the ones running a PFW
have had the least issues this year.
--
spam999free@rrohio.com
remove 999 in order to email me |
|
| Back to top |
|
|
Ansgar -59cobalt- Wiecher
Guest
|
| Posted:
Fri Dec 16, 2005 12:36 am Post subject:
Re: WinXP SP2 firewall |
|
|
Alan Illeman wrote:
| Quote: | "Triffid" <triffid@nebula.net> wrote in message news:NW3of.2425$El.260542@news20.bellglobal.com...
Alan Illeman wrote:
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
That's plain wrong, because no firewall protects you from virii.
When a firewall detects an infection you're already toast.
That doesn't explain why I've been virus free for so long.
You are virus free because you use AVG.
The fact you also use a PFW is irrelevant. Claiming you are virus
free "because of" a PFW is plain wrong, as 59cobalt pointed out.
That is just plain silly. AVG doesn't prevent infections, it just
checks if they are present.
|
No. On-demand scanners allow you to scan files before you execute them.
On-access scanners check whether a file you're about to access/execute
is infected. Both will help you to avoid an infection.
| Quote: | His comment..
"no firewall protects you from virii. When a firewall detects an
infection you're already toast."
..misses the point entirely. A firewall, correctly implemented,
prevents unauthorised access.
|
You seriously need to get your terms straight. A firewall prevents
unwanted traffic between two or more networks. That's what firewalls are
made for. In case of a host-based firewall it prevents unwanted traffic
*to* that host. It may thus protect a host from worms. Virii OTOH,
though some of them may also show worm characteristics, are in general
something completely different as they don't necessarily need to cause
any kind of network traffic.
That's why personal firewalls can't (by design and definition) protect
you from virii though they may protect you from worms. If a personal
firewall detects traffic caused by a virus on your system, the virus is
already active and has compromised your system.
cu
59cobalt
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq |
|
| Back to top |
|
|
Leythos
Guest
|
| Posted:
Fri Dec 16, 2005 12:48 am Post subject:
Re: WinXP SP2 firewall |
|
|
In article <40drcoF19hmiuU2@individual.net>, usenet-2005
@planetcobalt.net says...
| Quote: | On-demand scanners allow you to scan files before you execute them.
|
On-demand scanners allow you to scan files you KNOW ABOUT before you act
on them, but many programs act on more than just the file you are
opening, which will not be scanned by an "on-demand" scanner.
--
spam999free@rrohio.com
remove 999 in order to email me |
|
| Back to top |
|
|
Alan Illeman
Guest
|
| Posted:
Fri Dec 16, 2005 5:39 am Post subject:
Re: WinXP SP2 firewall |
|
|
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40di8uF19odc0U1@individual.net...
| Quote: | Alan Illeman wrote:
"Triffid" <triffid@nebula.net> wrote in message news:NW3of.2425$El.260542@news20.bellglobal.com...
Alan Illeman wrote:
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
That's plain wrong, because no firewall protects you from virii.
When a firewall detects an infection you're already toast.
That doesn't explain why I've been virus free for so long.
You are virus free because you use AVG.
The fact you also use a PFW is irrelevant. Claiming you are virus
free "because of" a PFW is plain wrong, as 59cobalt pointed out.
That is just plain silly. AVG doesn't prevent infections, it just
checks if they are present.
No. On-demand scanners allow you to scan files before you execute them.
On-access scanners check whether a file you're about to access/execute
is infected. Both will help you to avoid an infection.
His comment..
"no firewall protects you from virii. When a firewall detects an
infection you're already toast."
..misses the point entirely. A firewall, correctly implemented,
prevents unauthorised access.
You seriously need to get your terms straight. A firewall prevents
unwanted traffic between two or more networks. That's what firewalls are
made for.
|
That's what I just said, maybe in not the same words, but that was the intention.
If I <allow> unauthorised access, someone <may> install a virus on my PC. |
|
| Back to top |
|
|
Alan Illeman
Guest
|
| Posted:
Fri Dec 16, 2005 5:47 am Post subject:
Re: WinXP SP2 firewall |
|
|
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40drcoF19hmiuU2@individual.net...
| Quote: | Alan Illeman wrote:
"Triffid" <triffid@nebula.net> wrote in message news:NW3of.2425$El.260542@news20.bellglobal.com...
Alan Illeman wrote:
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
That's plain wrong, because no firewall protects you from virii.
When a firewall detects an infection you're already toast.
That doesn't explain why I've been virus free for so long.
You are virus free because you use AVG.
The fact you also use a PFW is irrelevant. Claiming you are virus
free "because of" a PFW is plain wrong, as 59cobalt pointed out.
That is just plain silly. AVG doesn't prevent infections, it just
checks if they are present.
No. On-demand scanners allow you to scan files before you execute them.
On-access scanners check whether a file you're about to access/execute
is infected. Both will help you to avoid an infection.
|
On-demand, On-access -- I've no idea what you're talking about (and neither
do I want to know).
When I scan with AVG7 it tells me if there are any viruses present (it has not
happened yet) and I'm told that the infected file is placed in a secure 'virus
vault' - so I can replace the original from my backup disks/tape, whatever. |
|
| Back to top |
|
|
Leythos
Guest
|
| Posted:
Fri Dec 16, 2005 6:20 am Post subject:
Re: WinXP SP2 firewall |
|
|
In article <11q3vv21pdbcn55@news.supernews.com>, illemann@surfbest.net
says...
| Quote: |
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40drcoF19hmiuU2@individual.net...
Alan Illeman wrote:
"Triffid" <triffid@nebula.net> wrote in message news:NW3of.2425$El.260542@news20.bellglobal.com...
Alan Illeman wrote:
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
That's plain wrong, because no firewall protects you from virii.
When a firewall detects an infection you're already toast.
That doesn't explain why I've been virus free for so long.
You are virus free because you use AVG.
The fact you also use a PFW is irrelevant. Claiming you are virus
free "because of" a PFW is plain wrong, as 59cobalt pointed out.
That is just plain silly. AVG doesn't prevent infections, it just
checks if they are present.
No. On-demand scanners allow you to scan files before you execute them.
On-access scanners check whether a file you're about to access/execute
is infected. Both will help you to avoid an infection.
On-demand, On-access -- I've no idea what you're talking about (and neither
do I want to know).
When I scan with AVG7 it tells me if there are any viruses present (it has not
happened yet) and I'm told that the infected file is placed in a secure 'virus
vault' - so I can replace the original from my backup disks/tape, whatever.
|
A resident scanner, something that runs in the background all the time,
like AVG7, will scan files in real time as they are accessed, and it
will also check memory in real time. An On-Demand scanner is one that is
not resident/running in the background, it only scans files/memory when
you click the button to do it.
--
spam999free@rrohio.com
remove 999 in order to email me |
|
| Back to top |
|
|
Triffid
Guest
|
| Posted:
Fri Dec 16, 2005 7:07 am Post subject:
Re: WinXP SP2 firewall |
|
|
Alan Illeman wrote:
| Quote: | "Triffid" <triffid@nebula.net> wrote in message news:NW3of.2425$El.260542@news20.bellglobal.com...
Alan Illeman wrote:
"Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
Alan Illeman wrote:
"Kyle Stedman" <kyle_st@yahoo.com> wrote in message news:Xns972BC66354474kylest@69.28.186.158...
Only idiots use personal software firewalls. Get a NAT router with SPI.
See this, from http://www.samspade.org/d/firewalls.html
"Personal Firewalls" are mostly snake-oil
Just one opinion, that's all.
It's more than "just one opinion". He gave a lot of good reasons, though
you obviously chose to ignore them.
I'm running Win2K Pro, SP4, FAT32 instead of the more complicated
NTFS, always run as Admin
Well, having different users on FAT32 would be utterly pointless anyway,
wouldn't it?
and have been virus free for three years - because of the so-called
"Personal" firewall, Kerio 2.1.5
That's plain wrong, because no firewall protects you from virii. When a
firewall detects an infection you're already toast.
That doesn't explain why I've been virus free for so long.
You are virus free because you use AVG.
The fact you also use a PFW is irrelevant. Claiming you are virus free
"because of" a PFW is plain wrong, as 59cobalt pointed out.
That is just plain silly. AVG doesn't prevent infections, it just checks if they
are present.
|
If you have the Resident Shield feature enabled, AVG scans 'infectable'
files whenever the operating system attempts to open a file, and blocks
access to the file if a virus is found.
If you have the E-mail Scanner feature enabled, AVG scans incoming and
outgoing e-mail and attachments, and blocks the message if a virus is found.
These features prevent infections. Disabling them is just plain silly.
Triffid |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in