Re: Do I really NEED a firewall??
From: Eirik Seim (eirik_at_mi.uib.no)
Date: 02/10/04
- Next message: optikl: "Re: Zonealarm and LinkSys DSL/Cable Router"
- Previous message: FromTheRafters: "Re: Opera Browser"
- In reply to:(deleted message) Leythos: "Re: Do I really NEED a firewall??"
- Next in thread: Bent Mathiesen: "Re: Do I really NEED a firewall??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 10 Feb 2004 02:26:49 GMT
On Tue, 10 Feb 2004 00:01:36 GMT, Leythos wrote:
> In article <slrnc2g4qe.mh8.eirik@kain.mi.uib.no>, eirik@mi.uib.no
> says...
> > Call me a retarded hacker all you want, but I don't agree that personal
> > firewalls are as vital as many people apparently think they are.
> > I do believe part of why they are so popular is exactly the paranoia-
> > syndrome; some guy installs ZoneAlarm just to see what it is and
> > ZoneAlarm tells him 10-15 times a day that someone is cracking into
> > his computer. Uh-oh! But he never noticed, nor had any trouble with
> > this before! He knows nothing of computers, but he will still
> > recommend ZoneAlarm to all his friends to make sure they're safe.
>
> I won't call you retarded,
Thank you, as english is not my primary language I take that as a
compliment :)
> but I will say that you must not have much
> experience with computers connected to the internet.
I don't agree, but I think I understand your point of view.
> We support a large number of corporations and end up supporting the
> CEO's and such home systems too. I've seen systems with no firewall,
> connected fresh from dell, on a cable modem for 2 hours, infected with 3
> back-doors, two dialers, and over 50 types of spyware.
I've seen systems beeing broken into before they are finished
installing the operating system (which is why we got a small
cheap NAT-firewall-thing to protect systems before they are
patched). The default install from Dell is not suitable for
anything, I remember they used to ship with some remote control
agent running wide open... But the problem here is services
running by default (or by stupidity/incompetence, or combinations).
My experience is mostly from relatively open university networks,
where every machine connected needs to be more or less a bastion
host, because in most cases there are no central firewall. In
my opinion the important things are 1) current operating system
with latest patches, 2) sane configuration, and 3) packet filter
(centrally administered, not locally) to restrict access to the
networks who need to reach you i.e. incoming. In that order.
If no network services are listening at all, a firewall will add
very little to a proper configured and current system. If you
need to run services for remote administration or whatever, a
firewall will add a lot if it can be configured to only allow
certain addresses/nets.
> As an IT director I run Tiny on my laptops when I travel, this protects
> me in the hotel and in any network I connect to. I've seen lots of
> probes, lots of probes from infected machines, and even seen networks
> where there was nothing happening that bothered me.
...probes for vulnerabilities that don't exist on your laptop,
as you are smart enough to stay up to date with security patches,
and I wouldnt be surprised if you looked into what services you
bind to say your WiFi connection in a hotel either. But anyways,
laptops are special cases as you connect to networks you don't
control... And they're not always online, so they might not get
the patches as soon as regular workstations. I know I use a local
packet filter on my laptop, and I would recommend something similar
to others.
I'm not on a crusade to put ZoneAlarm out of business, I just hope
people would focus more on the importance of applying patches. And
if resources (money or human) needs to be spent, get a real tool or
training for patch management before considering some "personal"
firewall. I don't want another Slammer-worm.
- Eirik
-- New and exciting signature!
- Next message: optikl: "Re: Zonealarm and LinkSys DSL/Cable Router"
- Previous message: FromTheRafters: "Re: Opera Browser"
- In reply to:(deleted message) Leythos: "Re: Do I really NEED a firewall??"
- Next in thread: Bent Mathiesen: "Re: Do I really NEED a firewall??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
