Re: Hardware vs Software

From: N. Miller (nsm_at_blackhole.aosake.net)
Date: 04/21/04


Date: Wed, 21 Apr 2004 02:57:07 -0700

In article <1a3c01c426fa$cdf12930$a601280a@phx.gbl>,
anonymous@discussions.microsoft.com says...

> Why is it whenever people on this NG ask about what they
> should do to protect themselves from the evils rampant on
> the Internet, everyone always responds with "install NIS"
> or "install ZoneAlarm"? Always install, install, install!

> Personally, I have always been an advocate of the "less
> software = more stable system" school of thought, and
> would *much* rather have a router hooked up between me and
> my cable modem to protect me than any software installed
> on my machine. I don't have any firewall software -- not
> even any anti-virus software -- and I've never had any
> problems whatsoever as long as I'm plugged into my
> precious router.

> Considering you can pick up a four-port router for about
> the same amount of money as NIS, why do more people not
> consider this an option? (Admittedly, ZoneAlarm is free,
> but then you have ZoneAlarm on your computer, always
> asking you if Site A is safe or if Popup B should be
> allowed.)

The typical user of MS-ware does not know how to lock down MSIE and MSOE
against exploits. Even with the current patches, if the security settings of
these programs is set too low, bad things will happen. MSIE is safest with
all but the most trustworthy sites left to the "Internet" zone, and that
zone set for scripting to either prompt for action, or be disabled. Alas,
either way, many sites will present the user with a wad of pop ups, either
requesting permission to run script (if the security setting is "Prompt"),
or warning that the security settings prevent scripts from running, and the
site may not display properly. Most users will just notch their security
settings down until those warnings are not presented. Those users are the
ones always asking about how their browser start page got changed.

MSOE has its own security issues. A properly designed email message can
exploit weakness, both in the client, and the user, and induce the running
of malware, causing a viral or Trojan infection.

All of the above will happen, even if a router is in place. A NAT router is
not a firewall, though the NAT process generally has a comparable effect as
a firewall device.

Using a combination of anti virus, firewall, and other prophylactic software
can make the Internet safer for users of MSFT products, which are often
installed with exploitable defaults.

And, in my case, running an MTA with ports punched through the router, the
personal firewall software gives me an extra point at which to deny abusers
access to my MTA. And the MTA can invoke an AV Policy on demand, so scanning
of email for viruses is practical for me.

All of which does not negate the fact that a careful user can surf the
Internet safely without FW and AV software. I suspect that the typical home
user just doesn't know enough geeky stuff to do so.

-- 
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint


Relevant Pages

  • Re: Routers Firewall
    ... > indicates that it has firewall technology, then the router doesn't have a ... What your router does have is NAT. ... ZA is a fine product which will protect a computer ... Port 80 is the WEB access port and port 21 is the FTP ...
    (comp.security.firewalls)
  • Re: Need Firewall?
    ... I recently purchased a Linksys wireless router to have a wireless ... firewall like Comodo or ZoneAlarm anymore? ... NAT-capable routers do nothing to protect the user from him/herself (or ... it is incumbent upon each and every computer user to learn ...
    (microsoft.public.windowsxp.general)
  • Re: Firewall Suggestions
    ... > 2) The Linksys router is good for protecting from an attack from the ... But the router is useless on the LAN side. ... for the entire LAN plus a software firewall is just overkill. ... BlackIce will protect even if IPhave been accepted ...
    (comp.security.firewalls)
  • Re: How well does the Windows Vista Firewall work?
    ... Since you sound like one of the more knowledgeable people can you please tell me if my firewall is already on or if it needs to be activated on my router? ... I have Verizon Fios and the router they gave me is an Actiontec MI424-WR Ver. ... I can't see how those spywares can be legal for a company to do. ... It won't protect you from spyware. ...
    (microsoft.public.windows.vista.general)
  • Re: How well does the Windows Vista Firewall work?
    ... I have Verizon Fios and the router ... can't see how those spywares can be legal for a company to do. ... A router and its firewall makes your computer "invisible" to ... It won't protect you from spyware. ...
    (microsoft.public.windows.vista.general)