Re: It seems every firewall is slagged as snake oil. So how should it be done?

Volker Birk <bumens@xxxxxxxxxxx> wrote in

Rick <rsimon@xxxxxxxx> wrote:
Personal firewalls are one of those things that people love to argue
back and forth. Both sides have some validity to their views so the
argument goes on ad infinitum. Sort of like asking "which auto brand
is better, Ford, Chevy or Chrysler?"

You just don't understand.

Incorrect. I simply don't agree with you and your friends on the "extreme
anti-s/w firewall" side, nor the "GRC-ites" on the "extreme pro-s/w
firewall" side. There are pros and cons to running s/w based "firewalls".
IMHO - whether the overall result falls on the pro side or the con side
depends on a number of factors, including the knowledge/abilities of the
end user.

To maintain that every system should be hardened properly and should not
run a s/w based firewall is to ignore the fact that doing so is beyond
the abilities of a great many users. While it's very true in an "ivory
tower" sense, it is also the equivalent of tilting at windmills when it
comes to addressing the problems of the real world. Continuing to insist
that these novices have to learn how to do it "your way" smacks of
arrogance and disdain for those who are less knowledgeable than you.
While that may not be your intent, that IS the way you tend to come

Likewise, to think that a software based firewall provides any large
amount of security is foolish. It is simply too easy to get around and
completely ignores the fact that such software can introduce other
problems of their own. Continuing to insist that such firewalls are a
crucial component of computer security shows a lack of in-depth knowledge
of the inherent problems of computer network security. They have their
uses, but those uses are far more limited and less effective than many
end users realize. A great many people have bought into a lot of the
marketing hype surrounding these "firewalls".

Now... I'll take my 2 cents back and bow out of your "discussion". I
wouldn't want to interfere with your endless argument...

Rick Simon rsimon@xxxxxxxx

Include "spam(trap)key" somewhere in the
body of any email to avoid spam filters.