Re: Identity P/W and Security question

From: Frode (news_at_mascot.REMOVETOREPLY.dyndns.org)
Date: 08/29/03 

Date: Fri, 29 Aug 2003 10:18:52 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

mto wrote:
> One of the nicer features that is included in the XP version of
> Outlook/OE is the ability to block all attachments from executing.

I am aware of that. But, like I said, I don't trust them. Thus my
recommendation.

> That's just it - one has no clue whatever what incoming traffic it
> prevents or does not prevent. Obviously it cannot possibly block *all*
> incoming traffic because then one could not use email/web browser.

It blocks incoming connections not already established. Common firewall
behavior. As far as a firewall is concerned it seems to do what it's
supposed to do. It just lacks the flexibility to monitor what hits the
firewall. And, of course, also lacks the ability to configure for more
complex uses than just "block everything". It's very simple, no arguing
that. But for simple use that's all that's needed.

> There
> is no method to block ports either collectively or individually.

That's because they're all blocked as far as incoming traffic is concerned.
As far as blocking outgoing traffic that's not really in the scope of a
simple home firewall package (although, technically, it can be argued you
can't call it a firewall unless it can filter in both directions). That's
the domain of spyware busters and virus scanners. But it's a nice added
feature packaged with many of the desktop firewalls because it is
convenient and handy. And, of course, it's added security if you should
manage to get a virus through email before your virus definitions got
updated to handle it.

I repeat, it's a very simple firewall. But for people just running around
the net surfing news sites or whatever it does the job.

> Further, there
> are no logs at all - and no notification whatever if someone is trying to
> access your machine.

That's not really a weakness. It's just a preference. If the firewall
blocks all incoming there's no need to know what it's blocking unless
you're of the curious nature and/or really enjoy looking at 200 daily
attempts at connection to port 80 to try to deposit some IIS worm.

>> When you start getting into adblocking et al I'd consider that a
>> separate item. The google toolbar or any other popup killer will
>> accomplish the same.
> Not by a long shot - having tried many of them. The ZA ad control
> features are not available in any program I've tried - lets you choose to
> block ads on a site by site basis,

Granted, I don't ever want to see popups so I have google's popup killer
active at all times. The same with Opera when I use that. However popups
can be allowed on a site basis easily enough. But why on earth would I want
to. :)

> along with scripts, cookies and much more.

You can even set that in IE's security settings I believe. Anyways, back to
my point. If a person wants to be safe from msblaster and similar, the XP
firewall will do fine, and a simple tool like the google toolbar will
prevent popups just fine. If you want something real fancy then yeah, sure,
other products is the way to go. Neither the XP firewall nor the google
tool are bloatware filled with features. If you need more features than
they provide then use other programs. However, for most casual users, the
XP firewall and toolbar popup blocking will suffice imo.

- --
Frode

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBP08Ma+XlGBWTt1afEQI6JACgxg49Qcg/Q7QsHiHFjBbk1OGeOZ0AoIDK
N9gZuNN+8War5iJTSV8DYUVI
=l8ys
-----END PGP SIGNATURE-----

Relevant Pages

  • Re: Cisco PIX 515E vs. Fortinet Fortigate-300
    ... I m getting one Fortigate box soon. ... > Firewall Evaluation ... > Cisco 515E: Cisco is a good company that stands behind its products. ... > advanced intrusion-protection features, including DNSGuard, ...
    (comp.security.firewalls)
  • Re: Identity P/W and Security question
    ... > can't call it a firewall unless it can filter in both directions). ... Far too many antivirus programs operate strictly on known virus definition ... Once in a great while I *do* want the popup - sometimes sites put ... > tool are bloatware filled with features. ...
    (alt.computer.security)
  • Re: SonicWALL vs. NetGear vs. LinkSys (Pricing/Functionality)
    ... stateful packet inspection, and application proxies. ... Your basic cheap cable/dsl ... other features like VPN's, IDS, extended logging, etc. which many of the ... device with maybe a free or cheap desktop firewall would suffice. ...
    (comp.security.firewalls)
  • Re: [fw-wiz] OT: vendors please respond
    ... 1> Exactly what is this firewall supposed to be protecting? ... A separate IDS? ... 10> Do you need centralized management? ... 1> Features you MUST have. ...
    (Firewall-Wizards)
  • Re: When will microsoft show IP adress instead of netbios names
    ... I guess you're not using the latest version of Windows. ... you have the ICF firewall enabled. ... So, when programming a new OS, new features are prioritized and may ... > able to follow up on attacks. ...
    (microsoft.public.win2000.security)