Re: Firewall Stealth Mode?



Leythos wrote:

1) I've claimed that I've seen MANY systems protected for a LONG TIME by
NAT appliances and even Personal Firewall solutions.

Which I don't believe you, as such systems are rare.

2) I've stated that I trust a NAT Appliance over the PFW or Windows
Firewall for most home user solutions.

And still didn't tell any serious reason.

3) I've stated that I've seen a non-technical, typical home user
computer, were the user ran as a local admin, protected by ZAP for more
than a year with no detectable malware on their machine.

Just as above, such cases are rare.

A) You claim that NAT Appliances don't offer protection

I claimed that any protection offered by NAT Appliances is pretty
unreliable, partitially coincidencal and rarely needed at all.

B) You claim that PFW solutions don't offer protection

As above, but just worse. PFWs do make a safe computer vulnerable in
first place.

C) You have shown some examples where unknown NAT devices have been
proven to be exploitable for specific cases

And claimed that this is usually the case, which I think is clear to
almost any reasonably thinking, technically experienced person.

D) You claim to have tested NAT solutions and that they don't protect
users/networks

reliably, the way you claimed protection.

E) You can't provide any data on vendor, part number, firmware, test,
result for any of the devices that have failed since you say you don't
track ones that have failed.

I named you some. But I can easily catch up by recording in future,
catching documentation from peers, ...

So, if I said I was using NAT Appliance XYZ, Firmware PDQ, you could not
with any hope, tell me that the device has or doesn't have exploits.

Educational guess: It does have exploits.

There are masses of others, like me, that have found the protection that
NAT Appliances offer, still have uncompromised networks and systems, and
use them every day for business and home use....

I've become pretty resistant to such stupidity and ignorance. I really
don't want to know what is actually going on there without your knowledge.

I personally use a Firewall Appliance, not to be confused with a NAT
Appliance, to protect my home and my business, along with very strict
settings on stations, in order to protect my home and my office. Never
had a compromised system at home or in my office, never had a client
compromised....

And I claim that you're not even able to estimate this correctly. And
that, even if it was actually as good as it looks, it would be a total
overkill, unreliable and and sometimes disturbing.
.