Re: firewall SP2 is good?
- From: Jeff B <jbeardNo-Spam1185@xxxxxxxxxxxx>
- Date: Sun, 15 Jan 2006 15:04:39 -0800
Jason Edwards wrote:
"Jones" <ijones@xxxxxxxxxxxxxxxxxx> wrote in message news:ca8ks1tgkgdd8gbicjpjm4ggs42j5lsfik@xxxxxxxxxx
Hi, I use Win XP Pro and I use the SP2 firewall. I'd like to know if I can be calm, everything will be all right?
This is impossible to answer because we know nothing about you.
If you are a PC security expert then you may not have a lot to worry about. If you are a home user with your first PC and haven't touched a computer before, then it's probably a matter of days to first compromise, no matter what software (firewall or otherwise) is installed.
Security is not a matter of what software is installed or is in use on your PC. It is mostly a matter of whether the system administrator (I assume that's you) has sufficient experience and knowledge to make sure that the system is secure.
Which virus scanner do you have installed and is it up to date? And are you running XP pro with a limited user account or an administrator account?
the question is not the MS freebe wirewall, but some basics on security
there's three fundamental positions for security;
1) do nothing, openly trust everyone & experience everything
2) proactive: learn to AVOID problems so you don't have to waste time Correcting problems.
3) reactive: somewhat like pretending there's always a 'magic pill' to cure every illness. in this case, pretending there's an antivirus(AV) or fixit program that will repair/cure my poor system.
Items in (2) include hardware like a NAT router and hardware firewall.
These will avoid a large percentage of the problems the result in needing option (3) at all. The big exposure here is clicking on any/all email attachments. There is just no defense for a user that ignores guidance. if you're lucky, and have a reasonable AV, it may scan the file before opening it AND just be up-to-date enough to have a signature of the bug being delivered - - but then we never have 100% assurity, do we?
The other major exposure is the websites you visit - - opening your browser on a site is an open invitation to 'download whatever'. In this area, Java and ActiveX components are the major concerns.
when you implement: modem--router--firewall, you're need to scan with AV is greatly reduced and your experience is far more enjoyable.
setting High Security in your browser, and getting services to control or blacklist specific ActiveX components go a long way.
--- now that we're on the same page --- Identity theft is the BIG issue today. Theft requires three facilities; a) gaining access to the system b) finding the information to be stolen c) exporting the data to the intruder
a) is severely reduced by the above, but not 100% eliminated (consider file-shares and programs you download) b) the locations and files are not difficult to learn
c) this is where a good firewall shines.
Take the worst case problem, where a-b have been compromised, your last defense is the attempt to 'phone-home'. If you can thwart the attempt to open the outbound connection, then it matters little that a-b have occurred.
We all have our favorite programs and some take the view that Microsoft can do no wrong -- I don't care to debate myopia. The whole point is to
learn to invest some time in education, find some techniques you can use to reduce your risks, and
then be diligent in being DEFENSIVE and not REACTIVE.
-- --- Jeff B (remove the No-Spam to reply) .