Re: Best free firewall software

zzy wrote:


Well, I care about firewalling because I don't want any malware getting into my machine.

That's a good motivation, but that's not really the way malware travels. The vast majority is carried in e-mail attachments and Active-X or Java code on bad websites. Your best defense against viruses and worms is:

a) Use a browser that *doesn't* run Active-X. You are already doing that. Be careful about allowing javascript to run except from sites you really trust (like your bank).

b) Spam filter. A lot of the bad e-mail attachments arrive as spam.

c) Be careful of e-mail attachments even if they are from friends or relatives. Their system may have been compromised and that email from Mom might actually contain a virus as an attachment.

d) Use a good anti-virus scanner. I don't know if any of them are any better than any others, but I haven't seen much evidence that the ones you pay for are any better than the free ones. I personally use AVG. Scan (c), above, before you open it. And for god's sake, let the AV *phone* *home*!! New viruses are discovered every day and that's the only way to keep your protection current.

It's not trivial to me to disable "any unwanted service" -- I've disabled one or another from time to time and later discovered that it's essential to some application. I've found it difficult and very time consuming to find out exactly what each service does, and I certainly don't know which might be "vulnerable" services. There are currently 104 services running on my machine. I'd love to disable unnecessary ones, but determining which are truly in that category isn't easy for me. How many do you think I'd have to disable to make my machine reasonably secure?

Go to www.dingens.org and use Volker's nice little program.


And I'm not willing to run as a restricted user. I'll have to do the best I can as Administrator.


As long as you understand that you're locking the doors and leaving all your windows wide open. I mean this most sincerely; if *all* you did was run as limited without doing anything else, you would be safer than doing everything else and running as Administrator. You are totally undermining all your other efforts. At the very least, restrict yourself to a limited account when you're using Internet applications.


It sounds like you're recommending removing the firewall and protecting myself by restricting my ability to use my computer by shutting down services and running as a limited user. Or am I misinterpreting what you're suggesting?

Running as limited really isn't that restricting. I have a grand total of one program (MSMoney 2001) that won't run for some stupid reason as limited. For that, I just right click and choose "Run As..." and run that *one* program as Admin. I don't even have to switch users.


So far, around 6 years with DSL and the computer on all day every day, running as Administrator, and with only a software firewall for about 3 of those years, I haven't gotten a single virus, worm, or trojan (that scans or activity have revealed) and only some relatively benign adware. I know this doesn't mean I'm safe from all attacks, but it's been adequate for me so far. I'd like to do what I can to keep at least this level of protection in the future or improve it, but I'm not willing to restrict the usability of my machine for the sake of being pure or to establish an unneeded level of protection. Learning to use tools like NMap looks like a way to help me improve what I've got and hopefully spot and close weak points before someone else does. So I'll keep working at it. Thanks for the pointer.


I ran as Administrator using Norton Internet Security Suite for about 3 years, too. Full package, paid for the subscription every year. One night I'm doing a bit of housekeeping -- clearing out old files, defragging, etc. I run the Disk Cleanup tool to clear out old Internet files and other crap. It asks me if I want to delete unused Win 98 files.

When I originally installed XP it was an upgrade and I chose to keep the old files because I wasn't sure if I wanted to use XP. At that point I knew I was going to stick with it and I had been curious about how to best clean out the old stuff and reclaim the disk space. So I clicked OK.

A few minutes later I looked back up at the screen and my icons were disappearing! I clicked cancel but it was too late. *Everything* was *gone*. It had started with my data files, then the program directories, and finally the system files. By the time I saw something weird was happening I had only about 50 MB left out of over 10 GB on my disk. I lost everything. The OS and programs were easy to re-install but I lost about two years worth of digital photos that I can never replace.

I'll never be able to prove it, but the only thing I can figure is that a trojan replaced my disk cleanup utility and NIS was totally clueless. So I'm not a big fan of Norton, I'm not a big fan of "Internet Security" suites, and I *am* a big fan of regular backups. :) And if I had been running as limited user I don't believe any of that could have happened.

--

Rod
.