Re: Vista FW outbound check
- From: "Kayman" <kayhkay~nospam~@gmail.com>
- Date: Mon, 23 Jul 2007 07:44:22 +0700
"Riccardo" <riccardo@xxxxxxxxx> wrote in message news:46a30c83$0$37200$4fafbaef@xxxxxxxxxxxxxxxxxxxxxx
You're welcome.
"Kayman" <kayhkay~nospam~@gmail.com> wrote in message news:f7ebo4$nci$1@xxxxxxxxxxxThanks a lot to you all for the useful suggestions.
Learn how to configure Vista Firewall to suit your computing habits.
Interesting/educational reading:
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
Scroll down to:
"Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe."
http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
"Outbound protection is security theater-it's a gimmick..."
"...the Windows firewall will provide the protection you need..."
Stay away from 'Phoney-Baloney' 3rd party PFW's - use your brain and filter
out the absurd advertisement hype created by these makers.
http://samspade.org/d/firewalls.html
"Personal Firewalls" are mostly snake-oil"
This is your prerogative. What are your technical reason arriving to your conclusion?
I read the Microsoft opinion on the subject and I disagree.
Sure, it gives that 'comfortable' feeling :)
I still would appreciate an optional display notification on outgoing packets, not just for Worm/Trojans etc but also to be able to know what happen to my computer when I run a program.
So you think, (remember the illusion bit?) :)
On my old XP box I used kerio FW and it was very instructive to see (and block) many unsolicited outgoing connections that legitimate programs make (not just to check for new version) but may be to stole my personal data or habits or who knows.
Won't happen (please do some more research on this).
I still hope Microsoft will include this option on SPx
Below are a couple of additional write-ups which you may also find interesting and educational.
BTW - I have yet to see reports challenging these views from the makers of PFW's (aka Phoney-Baloney Ware) :).
Please take some time to read this article by Bruce Schneier about why bad
security products tend to beat the good ones in the market place:
http://www.wired.com/politics/security/commentary/securitymatters/2007/04/securitymatters_0419
Some interesting extracts:
"Why are there so many bad security products out
there? Why do mediocre security products beat the good ones in the
marketplace?"
"In a market where the seller has more information about the product
than the buyer, bad products can drive the good ones out of the
market."
"In the late 1980s, there were more than a hundred competing firewall
products. The few that "won" weren't the most secure firewalls - they
were the ones that were easy to set up, easy to use, and didn't annoy
users too much. Because buyers couldn't base their buying decision on
the relative security merits, they based them on these other
criteria."
--
And an article by Jesper Johansson:
"There are several serious flaws in the reasoning that outbound,
host-based firewalls will actually stop attacks."
"Since there is no application isolation between applications running
within the same user context there is no real way to prevent this from
happening. Only by completely re-architecting Windows could this be
prevented, and even then, it would only truly work if everything we
know about computers, from the hardware on up, changed fundamentally."
http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx
Happy reading:)
.
- References:
- Vista FW outbound check
- From: news.tim.it
- Re: Vista FW outbound check
- From: Kayman
- Re: Vista FW outbound check
- From: Riccardo
- Vista FW outbound check
- Prev by Date: Re: Usenet allowed from work?
- Next by Date: Re: Why is MS listening
- Previous by thread: Re: Vista FW outbound check
- Next by thread: KPF 2.1.5: Catch-all rule complicates having firewall ask about incoming ssh
- Index(es):
Relevant Pages
|
