Re: Do I still need a software firewall?
From: Duane Arnold (notme_at_notme.com)
Date: 10/19/03
- Next message: \: "Re: firewall problems"
- Previous message: GuitarMan: "Re: Netgear or D-Link Cable/DSL router?"
- In reply to: Wolfgang Kueter: "Re: Do I still need a software firewall?"
- Next in thread: Wolfgang Kueter: "Re: Do I still need a software firewall?"
- Reply: Wolfgang Kueter: "Re: Do I still need a software firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 19 Oct 2003 21:23:52 GMT
Wolfgang Kueter <wolfgang@shconnect.de> wrote in
news:bmuod2$en6$2@news.shlink.de:
> Duane Arnold wrote:
>
>
>> And I'll say that BlackIce is doing its job and is allowing me to
>> control what is and what is not to run on the machine that includes
>> running and communicating out too. Bottom line here is if any malware
>> hits the machine that BI doesn't know about, it will alert. Then I
>> will use my common sense from that point. I am always on top of what
>> is running on the machines and communicating out.
>
> So, if you are 'on top what is running on your machines' what do you
> need BlackIce for? What does it tell that netstat doens't tell you?
BlackIce will tell me the name of the exe, dll, ocx, etc, etc that is
trying to use SVChost.exe, IEplorer.exe, explorer.exe, MSN.exe (I have
disabled MSN) or others on its behalf to communicate out and stop it and
not that it's SVCHost.exe or others that are trying to communicate out.
That's those programs such as SVChost.exe job to communicate on the
network or out to the Internet. It's what is trying to use them if the
machine has been compromised. And for me BI controls that nicely, if a
compromising program has made it that far.
BI also gives me the ability to use something like Gator with its ability
provide a user-id and password for the many Websites that I use that
require a user to login, which I allow Gator to run on the machines on my
network, but I tell BI not to allow it to communicate on the network,
preventing the spying. I also tell BI to allow svchost.exe to run but not
to communicate on the network.
Of course, one has to know what he or she is doing to use BI effectively
with Application and Communication control, but it has done it's job for
me in controlling malware. If something hits the machine and BI doesn't
know about it, BI is going to stop it and alert.
>
> By adding code to the system, you add complexity to the system, you
> increase the possibilities for errors and decrease security.
>
> KISS (keep it small and simple) is the principle to follow in
> security.
I'll agree the simpler the better. But for me, I keep it simple by using
a router, BI, AV, and an O/S such as an NT based O/S that can protect
itself. I also leaned how to lock down Outlook, OE, and IE so as not to
be concerned in those areas.
As you know nothing is 100% hack proof, but I do the best that I can to
prevent it.
Duane :)
- Next message: \: "Re: firewall problems"
- Previous message: GuitarMan: "Re: Netgear or D-Link Cable/DSL router?"
- In reply to: Wolfgang Kueter: "Re: Do I still need a software firewall?"
- Next in thread: Wolfgang Kueter: "Re: Do I still need a software firewall?"
- Reply: Wolfgang Kueter: "Re: Do I still need a software firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
