Re: It seems every firewall is slagged as snake oil. So how should it be done?



Volker Birk <bumens@xxxxxxxxxxx> wrote in
news:gpga8dUk27L9@xxxxxxxxxxxxxx:

Rick <rsimon@xxxxxxxx> wrote:
Personal firewalls are one of those things that people love to argue
back and forth. Both sides have some validity to their views so the
argument goes on ad infinitum. Sort of like asking "which auto brand
is better, Ford, Chevy or Chrysler?"

You just don't understand.


Incorrect. I simply don't agree with you and your friends on the "extreme
anti-s/w firewall" side, nor the "GRC-ites" on the "extreme pro-s/w
firewall" side. There are pros and cons to running s/w based "firewalls".
IMHO - whether the overall result falls on the pro side or the con side
depends on a number of factors, including the knowledge/abilities of the
end user.

To maintain that every system should be hardened properly and should not
run a s/w based firewall is to ignore the fact that doing so is beyond
the abilities of a great many users. While it's very true in an "ivory
tower" sense, it is also the equivalent of tilting at windmills when it
comes to addressing the problems of the real world. Continuing to insist
that these novices have to learn how to do it "your way" smacks of
arrogance and disdain for those who are less knowledgeable than you.
While that may not be your intent, that IS the way you tend to come
across.

Likewise, to think that a software based firewall provides any large
amount of security is foolish. It is simply too easy to get around and
completely ignores the fact that such software can introduce other
problems of their own. Continuing to insist that such firewalls are a
crucial component of computer security shows a lack of in-depth knowledge
of the inherent problems of computer network security. They have their
uses, but those uses are far more limited and less effective than many
end users realize. A great many people have bought into a lot of the
marketing hype surrounding these "firewalls".

Now... I'll take my 2 cents back and bow out of your "discussion". I
wouldn't want to interfere with your endless argument...



--
Rick Simon rsimon@xxxxxxxx

Include "spam(trap)key" somewhere in the
body of any email to avoid spam filters.
.



Relevant Pages

  • [REVS] Bypassing Client Application Protection Techniques
    ... Get your security news from a reliable source. ... protection programs. ... * Kerio Personal Firewall 4.0 ... And we got actually nothing in the field of client application ...
    (Securiteam)
  • Re: Recycler security issues on IIS server
    ... > latest upates to the server. ... > like to see the server put behind our firewall, ... other software, install all patches, IISlockdown, URLscan, use the correct ... the procedures you follow may vary depending on your security needs. ...
    (microsoft.public.inetserver.iis.security)
  • Re:RE : suggestions on a good firewall
    ... Subject: RE: suggestions on a good firewall ... CheckPoint does! ... with a url-filtering server. ... IT Technical Security Officer ...
    (Security-Basics)
  • Why hasnt Symantec addressed nastier Messenger spoofs
    ... Norton / Symantec has been silent on whether Norton Internet Security ... DSL firewall will stop these kinds of pop-ups. ... major ISPs and broadband systems. ...
    (comp.security.misc)
  • Re: Service pack 2 (XP)
    ... I have a 'theory' that SP2 has a LOT to do with firewall and new browser ... besides those security features. ... The operative word is SPYWARE. ...
    (microsoft.public.windowsupdate)