Re: Win xp sp2 firewall



Gerald Vogt wrote:
Leythos wrote:

My experience has been that if I suggest ZA/ZAP, that the users tend to
fall into two groups - those that don't have a clue and never will and
those that start learning and actually question every little pop-up. Those


The problem with all the PFWs I have seen: they don't really want the user to learn. The messages are far too short with far too little explanation that you cannot really understand them.

Any messages from an application/program to a end-user are not meant to hold the user's hand.

Usually you will not find a applicable tutorial with the message... This makes even many of those you are willing to learn think they will never be able to comprehend what is going on nor be able to protect the computer or themselves. Therefore they will soon believe that PFWs are mandatory on a computer..

You do know that there is more to a PFW or a personal packet filter other than application control. Yeah know, it's most important job is to stop unsolicited inbound traffic/packets from reaching the machine. It's a machine level packet filter.

A computer with a direct connection to the Internet (no router between the computer and the modem) for the average job blow home user running a NT based O/S is imperative.

running XP SP2 firewall never question anything as they are almost never
asked about anything, never see what is happening, never know about the
holes already in their firewall.


The Microsoft wizards as well as the software I have installed always mentioned during the setup that ports will be opened in the firewall. I would say if people "never know" about this they either did not read the texts on the screen or they installed questionable software which does not warn them about this. If they install questionable software all security is relative anyway...

If they installed questionable software and not know what it's doing, then it's their fault. The buck stops with them.


In every case where I've visited a person using just the XP firewall, they
were compromised unless they also had a NAT/Firewall appliance.


You should visit me. Strange enough, all the people I have visited using the XP firewall never got compromised.

They were lucky.

But that's maybe because they were brainless before using the PFW and never got a clue what was going on. After I have removed the garbage from their computer (formatting...) which got through despite all PFWs I explained them how PFW works and how effective they are and about the XP firewall.

What did you explain that a firewall or packet filter's main job is to stop unsolicited inbound traffic from reaching the machine? That's its job. Its job is not to be stopping malware. A FW is not a malware solution, although its in the solution for PFW(s).

Now they use the XP firewall only and they are fine and careful. But, O.K., I suppose it helped to loose all data for once and to have someone explain it to them (which only took 30 minutes or so...)

Being fine and careful applies to anything. It doesn't make a difference as to what solution is being used.


In all but one case where I've visited people using ZA/ZAP or other PFW
(not Windows XP SP2 FW), they've all been uncompromised and that includes
the people with several computers and no NAT router.


You and I know very different people...

There just *clueless* home users that will mess-up, if given the chance and at the drop of a hat. Nothing is going to save them no matter what they got running.
.



Relevant Pages

  • Re: Win xp sp2 firewall
    ... The Microsoft wizards as well as the software I have installed always mentioned during the setup that ports will be opened in the firewall. ... I would say if people "never know" about this they either did not read the texts on the screen or they installed questionable software which does not warn them about this. ... But that's maybe because they were brainless before using the PFW and never got a clue what was going on. ... After I have removed the garbage from their computer which got through despite all PFWs I explained them how PFW works and how effective they are and about the XP firewall. ...
    (comp.security.firewalls)
  • Re: Firewall =?ISO-8859-15?Q?f=FCr_Netbook=3F?=
    ... "Windows Firewall" bezeichnet wird und nicht in einen Topf mit PFWs geworfen ... Software drauf, was Sicherheit verspricht, und es nicht halten kann ... Der Benutzer soll also erst einmal an ... Firewalls", die man eigentlich als Firewall bezeichnen sollte. ...
    (microsoft.public.de.german.windowsxp.networking)
  • Re: Are there any firewall software that block programs from running?
    ... inside norton firewall you manually configure access rules for ... If it is running all the PFWs I know detect ... anti-virus prevents malware from starting. ... You can prevent normal users from installing software ...
    (comp.security.firewalls)
  • Re: Zone Alarm und emule
    ... man wird höchstens auf die korrekte Definiton von Firewall ... worden. ... D.h. nicht, dass PFWs toll sind, sondern nur, dass sie Gegenstand der ... Prev by Date: ...
    (de.comp.security.firewall)
  • Re: guidance sought
    ... and not a "Personal Firewall". ... testing - where personal firewalls protected home computers and WindowsXP ... didn't take into account system infected because a personal firewall ... Which is exactly what PFWs do. ...
    (comp.security.firewalls)