Re: Firewall yes, but where?

From: Jose Maria Lopez Hernandez (
Date: 02/20/05

  • Next message: Ken Knecht: "LAN problem with TPF"
    Date: Sun, 20 Feb 2005 23:47:56 +0100

    Duane Arnold wrote:
    > Where are you coming up with that? The PFW solutions do have a feature
    > called App. Control that can be fooled. However, the PFW is a software FW
    > solution geared to protect the O/S and its services and programs along with
    > other non O/S programs from attack just like any other FW solution in the
    > traditional sense of stopping unsolicited inbound traffic to the machine
    > and some have the ability to stop outbound like any other FW. It's just
    > that some PFW solutions have extra features incorporated in them trying to
    > protect the user from themselves, which is useless in a lot of cases.

    First: Did you read the Phrack Magazine article I was talking about?
    Maybe it make you see the PFW in another manner.
    Second: PFW are no real firewalls. They usually don't stop packets by
    their caracteristics or are stateful, they only control which programs
    can send or receive packets. That can be called anything but a firewall.
    Third: A real firewall has some specific characteristics that make
    it more secure than a PFW. They are stateful. They have control over
    the connections made and the ones received that are corresponding to
    them. They can change characteristics of the packets and connections.
    I could be talking about this ad-finitum.

    Conclusion: A Personal Firewall it's a *Personal* Firewall, and a
    Real Firewall it's a *Real* Firewall. They are different things,
    they work in a different way and they serve for different things.

    > There would be no way I would take my laptop and connect it to another
    > network other than my own without out a PFW solution enabled on the machine
    > - a wired or wireless network at that.

    Of course. And I use a Personal Firewall, Sygate Personal Firewall with
    my XP, but if you need a firewall for a production system with a LAN of
    computers it's far better to have a firewall box, software or hardware,
    than having Personal Firewalls on the desktop computers.

    And for the OP case, best solution it's having both, a firewall in
    the router and a free personal firewall as the Sygate one in the

    > Duane :)


    Jose Maria Lopez Hernandez
    Director Tecnico de bgSEC
    bgSEC Seguridad y Consultoria de Sistemas Informaticos
    The only people for me are the mad ones -- the ones who are mad to live,
    mad to talk, mad to be saved, desirous of everything at the same time,
    the ones who never yawn or say a commonplace thing, but burn, burn, burn
    like fabulous yellow Roman candles.
                     -- Jack Kerouac, "On the Road"

  • Next message: Ken Knecht: "LAN problem with TPF"

    Relevant Pages

    • Re: Online Arrmor
      ... to her by a PFW? ... In most modern firewalls, rules are learned for what should be ... the personal firewall tells her. ...
    • Re: Can I protect myself against network attacks?
      ... > can peacefully coexist with a PFW. ... > because there are effects from the attack; ... after it disabled the firewall. ... listening and the IP stack would just drop packets for any port. ...
    • Re: Can I protect myself against network attacks?
      ... I consider the SP2 PFW "half a firewall", and many I've read say it ... or listening in, and no virus or trojans from a system scan via KAV. ... After all, the attacks did ...
    • Re: Why you should use a firewall on Win98
      ... > filtering firewall or indeed any firewall, ... If you like the outbound firewall you can use it. ... With a PFW it's all there and nobody ... message the warning that there is a phising e-mail in my Trashbin once ...
    • Re: Use XP Firewall with Router & Firewall?
      ... > easily cut off all internet access, ... > the XP firewall to block outbound traffic is zero-it doesn't attempt it. ... there are better tools instead of a PFW. ... control get something that controls applications and prevents software ...