Re: ZoneAlarm Pro vs Outpost Pro?
From: Jason Edwards (none1_at_invalid.invalid)
Date: 10/11/05
- Next message: Volker Birk: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Previous message: Volker Birk: "Re: ICMP Type 8 Echo Request packet security concerns"
- In reply to: Volker Birk: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Next in thread: Volker Birk: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Reply: Volker Birk: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Reply: Quaestor: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 11 Oct 2005 11:45:42 +0100
"Volker Birk" <bumens@dingens.org> wrote in message
news:434a6b9f@news.uni-ulm.de...
> Jason Edwards <none1@invalid.invalid> wrote:
> > But you are coming across (to me) as someone who believes that another
> > person is stupid and ignorant for the simple reason that they don't
agree
> > with you.
>
> No. This is not the reason, why I'm thinking so.
>
> First there is a difference between opinions and facts.
>
> To discuss facts is completely useless. To discuss opinions is
interesting,
> and sometimes two people with different opinions will not come together,
but
> both learning from a discussion.
>
> "This is not a real firewall!!!11!!11" is not a fact. But it is not a
> well expressed opinion, too, because when I'm asking "why do you think so"
> and there is no reason at all, then it's just stupidity.
I see no reason why the Windows firewall shouldn't be called a real
firewall, as software firewalls go. The main argument against using it seems
to be lack of outbound control.
Most of us here are aware of how personal firewall outbound control can be
easily bypassed but it is still going to work in cases were malware is not
sufficiently sophisticated and non-malware applications have no reason to
want to work around the software firewall. Does that make a software
firewall with outbound control worth having? And does it depend on whether
the user is sufficiently educated to understand the limitations of the
personal firewall?
Personal firewall software can be a useful quick way to see what non-malware
applications are making outbound connections to. I do not doubt for a second
that malware can bypass a personal firewall and allow control of a PC
without the user being aware, but what is wrong with an experienced user
using a personal firewall to monitor non-malware applications? If there is
nothing wrong with this then it is wrong to conclude that no-one should ever
use personal firewall software and it is wrong to tell everyone who comes
here that they should just use the Windows firewall when you don't know who
you're giving the advice to.
Personal firewall software can also be educational for those who wish to be
educated. It can help an educable user increase their knowledge to the level
where they will easily understand the configuration of a proper external
firewall box when they come to use one.
My own preference for a firewall is a properly configured external box, but
this just isn't going to happen in the case of the average home Windows
user.
>
> And, no, "you would know this if you would know anything about
> security!!11!!" is not a reason at all, too.
I agree that giving reasons like "you would know this if you knew anything
about security" is not a good way to have a technical discussion.
>
> To deny facts is ignorance. It is ignorance to deny, that the Windows
> firewall just ist a configuration tool for Windows' kernel packet filter.
>
> It's just a fact. So why arguing on it?
>
> "It is bad!!!!!11!!!111" is not a well expressed opinion, though. When
> I'm asking, "why do you think so", and there are no reasons at all, then
> it's just stupidity, too.
>
> "I don't like that the Windows-Firewall is dropping every TCP SYN in
> the default configuration, and not sending RST" is an argument for the
> opinion "I like Kerio more than the Windows-Firewall", for example.
Well Microsoft do have to keep their customers happy, and most of them are
likely to believe certain web sites which tell them that they are not secure
unless they are stealth. If I were Microsoft I would find it easier to keep
these people happy by using stealth instead of trying to explain why sending
RST is a better idea.
>
> "I like Kerio more than the Windows-Firewall" is an opinion then.
I don't use kerio or any personal firewall. I come across zonealarm a lot
and sometimes have to configure it for people who would think I'm nuts if I
suggest they would be better off without it.
>
> "Kerio's packet filter is much easier to customize than the one of the
> Windows-Firewall" would be another reason for this opinion.
>
> I don't have this opinion, but I could accept, if someone would argue
> like that, and would tell me his opinion.
>
> "Because" is not enough for a reason - this needs an addition. ;-)
>
> In comp.security.* I'd like to talk based on facts, and expressing
> opinions and concepts.
>
> What "Leythos" is babbling here, is on the niveau of a regulars' table
> chat.
Calling people liars and accusing them of babbling or whatever is not a good
way to have a technical discussion in my opinion.
If you do this then you have only yourself to blame if you don't get the
clear and precise discussion you wanted.
Jason
>
> Yours,
> VB.
> --
> "Ich bin ein freier Mensch und werde jetzt von meinen Freiheitsrechten
> Gebrauch machen - und zwar ausgiebig - natürlich nur in dem Rahmen, den
> Otto Schily mir noch zur Verfügung stellt."
> Wolfgang Clement am 10.10.05 als Noch-Superminister
- Next message: Volker Birk: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Previous message: Volker Birk: "Re: ICMP Type 8 Echo Request packet security concerns"
- In reply to: Volker Birk: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Next in thread: Volker Birk: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Reply: Volker Birk: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Reply: Quaestor: "Re: ZoneAlarm Pro vs Outpost Pro?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
