Re: Avast or Zone Alarm using proxy server?
From: Gerald Vogt (vogt_at_spamcop.net)
Date: 02/16/05
- Next message: Gerald Vogt: "Re: Avast or Zone Alarm using proxy server?"
- Previous message: Colin B.: "Re: IE 7.0"
- In reply to: Beauregard T. Shagnasty: "Re: Avast or Zone Alarm using proxy server?"
- Next in thread: Beauregard T. Shagnasty: "Re: Avast or Zone Alarm using proxy server?"
- Reply: Beauregard T. Shagnasty: "Re: Avast or Zone Alarm using proxy server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 16 Feb 2005 08:33:28 +0900
Beauregard T. Shagnasty wrote:
> In alt.comp.anti-virus, Gerald Vogt wrote:
>> But at least in this respect they did a good job and provide the
>> security (meaning real security)
>
> <LOL!!!> Joke Of The Week!
Why are you using Microsoft software when it is so bad? The SP2 firewall
is working very well and seems to be very good implemented and
efficient. Again, as Microsoft this one time limited itself instead of
putting zillions of beta-state features into the firewall it seems as
if they did this thing right. Paketfilters are not that difficult to
implement...
>> that is possible and not making false statements about some
>> super-miracle-security that is simply impossible.
>
> I'd guess it's because they don't want to go to court?
You don't get it.
> I still don't understand your rationale for not wanting to use a
> software firewall that can at least catch *most* bad stuff trying to
> call out, as opposed to using NO firewall [1], that of course cannot
> catch *anything* trying to call out.
I don't have anything that "calls out". I select the software I install
carefully. And I don't rely on something that gives me something,
sometimes but I won't notice when it goes utterly wrong anyway.
All the PFW makers do exactly what Microsoft usually does and did not do
with the SP2 FW (and the packet filter in W2K as well): they put
zillions of features into it making people believe that they are
perfectly safe just by installing some software, by making them believe
that they are absolutely safe.
Haven't you read the other thread with the attack against a computer
that crashes the PFW? The SP2 FW does not crash because it does not
interact with the user and asks them about accesses people don't know
about and does not inform about "attacks" on ports where nothing is
listening anyway. All those pop-ups are just there to convince people
that there PFW is protecting them so well while it is basically just
telling them that there was a connection attempt to something that is
not where anyway, thus they were safe anyway.
The PFW can crash and leaves the computer vulnerable. It can be turned
off by the user when it is convenient or some software does not work for
some reason. (Isn't that a frequent thing to do? Some software does not
work so let's see if it is working when I turn the FW off...) It is much
more complex to configure and maintain (oops, the pop-up for the
"printer spooler" which some people answer with "always deny" because it
popped up in the middle of something else and no printing does not
work...) PFW itself are vulnerable as the series of worms for NIS have
shown.
Bottom line: you add a extremely complex, feature-loaded thing into your
system, that messes badly with it, often makes problems that require it
to turn off, some don't even uninstall properly. Security is not solved
by adding complexity. That is basic security wisdom. Good security
solutions are simple. That way you can verify that it does what it
supposed to due. PFW are totally different...
So what benefit has something that catches some "bad stuff" of my DVD
burner that I installed instead of looking for something else. How many
programs do you have that still "call out" although you can configure
them not to? And what are you blocking anyway? Check for updates? Maybe
you block it and won't even know about an important security update
which ...
> You surely have strange ideas, which I would not recommend to anyone.
That is not an idea but a very well working concept. Your mistrust in
Microsoft is a extremely strange idea of yours as you still want to use
Microsoft software. The like driving a car that you don't trust and
therefore you go to a garage that promises things that they cannot keep
anyway. It is much more important to keep your system up-to-date with
current updates but you don't take that so seriously as it seems if I
see that you are using TB 0.9.
Why do you think that some security product is so much better and safer
than Microsoft software? What makes you think that there are no bugs in
there? What makes you believe that add magnitudes of complexity to a
system will make it more secure?
> [1. Windows firewall is nearly in this category.]
The Windows firewall does what a firewall is supposed to do, and exactly
that, without zillions of gadgets and flashy things... And you don't
even need it if you have a stand-alone PC, shutdown all services that
open ports.
Gerald
- Next message: Gerald Vogt: "Re: Avast or Zone Alarm using proxy server?"
- Previous message: Colin B.: "Re: IE 7.0"
- In reply to: Beauregard T. Shagnasty: "Re: Avast or Zone Alarm using proxy server?"
- Next in thread: Beauregard T. Shagnasty: "Re: Avast or Zone Alarm using proxy server?"
- Reply: Beauregard T. Shagnasty: "Re: Avast or Zone Alarm using proxy server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
