Re: Is additional firewall necessary?



freesailor wrote:
Juergen Nieveler wrote:
Super Lemon <fruit@xxxxxxxxxxxxxx> wrote:

Xp fw only protects you from incoming packets.
Just like any other software packet filter running on the same machine.

If the malware is active on your machine, it can deactivate any
"Desktop Firewall".

Sorry, all this "outgoing traffic checking with desktop firewalls is
useless or detrimental" is *plain bullshit*.

Yes, a *well written* malware already installed on the PC *COULD*
deactivate any desktop firewall, but by not using such a firewall you
open the door even to *simpler malware written by kids* ...

That objection excepted against desktop firewalls applies exactly to
antivirus software, too.
The "strange" thing is that nobody goes around blabbing about
"antivirus software is useless"! :-D

Don't underestimate stupidity.

I know of some very comp savvy people who refuses to run with any anti-anything
and claim to never had an infection of any kind. Ok, if you say so. But I think
it is foolish for them to suggest that others can safely surf with only common
sense and safe-hex ideas.

Admitting that a well-written malicious application could circumvent
security software is no excuse for taking any care at all (yes, there
is the additional "false sense of security" bullshit, when the
expression is inappropriately used ...).

FUD flows in both directions unfortunately.

Moreover, using a (real) desktop firewall allows you to be alerted when
not-malware applications try to connect with outside, letting you the
option to deny this (you can think at many circumstances for it, some
legitimate, some much less but ...).

My advice: turn off the much-limited Windows XP SP2 firewall and
install a good desktop firewall.

In certain circumstance yes. But it is better than nothing.

ZoneAlarm is quite easy to configure and use and in recent releases I
haven't found any incompatibility with any other software nor any
detectable loss in performances.

The earlier versions frustrated some because of all the "useless" alerts they
would get.

Maybe other desktop firewalls, like Kerio or Sygate, could be as much
as good or even better.

freesailor

.



Relevant Pages

  • Re: Is additional firewall necessary?
    ... If the malware is active on your machine, it can deactivate any ... all this "outgoing traffic checking with desktop firewalls is ... Now you're really showing what's really plain bullshit. ...
    (comp.security.misc)
  • Re: Is additional firewall necessary?
    ... If the malware is active on your machine, it can deactivate any ... all this "outgoing traffic checking with desktop firewalls is ... security software is no excuse for taking any care at all (yes, ...
    (comp.security.misc)
  • Re: Is additional firewall necessary?
    ... Local security software, such as desktop firewalls and antivirus ... installing just software you are sure is not malware ... to the system and vulnerabilities. ...
    (comp.security.misc)