Re: Free AV

From: Bigbruva (Richardh_at_dontusethis.ws)
Date: 09/21/05 

Date: Wed, 21 Sep 2005 09:40:49 -0700

Thanks for the reply Tom

I agree that this is typically the complaint leveled at Windows Firewall
(WF), however, as "dangerous" outgoing traffic would have to come from
malware already installed (or trying to install) on the computer the AV and
AS real-time detection should already handle this.
Now, I am a believer in "Defense In Depth" especially for business
environments, however, in the home environment, this has to be tempered as
the multilayered approach adds complexity. In my experience your average
home user, when presented with a number of popup's stating something like
"App X needs to access the Internet. Do you wish to allow this (Y/N)?", will
click "Yes". Whereas if their AV program clearly states they have been
infected with Malware they are far more likely to pay attention and fix the
problem or get help.

I am not saying that monitoring outgoing traffic is a bad thing. I am simply
pointing out that for users who do not understand (and don't want to
understand) the complexities of firewall communications, WF with up to date
AV and AS protection is a good enough solution IMO.

The trouble is thanks to recommendations from technical people in forums
like this a groundswell of "WF is Cr*p" is building and that is simple not
the case. Can you get better? Yes...but does your average "non-technical"
user need go through the complexity (or cost) of getting a better personal
firewall? In my opinion, probably not.

If they "want" better protection they should, typically, get one that is
integrated into a complete protection suite (like the Silver Medal option)
rather than a single standalone firewall application as this will make the
whole process simpler to setup and maintain.

Only those really serious about the security would need the full "best of
breed" setup and at this point they should expect to pay for it, Ferrari's
aren't free either ;-)

Sorry if this sounds like a soapbox delivery but I have been watching this
anti-WF sentiment build for some time and just wanted to try and add a
little balance to the discussion.

BB

"Tom Pepper Willett" <tompepper@mvps.invalid> wrote in message
news:OupsdlpvFHA.2132@TK2MSFTNGP15.phx.gbl...
>I think many people recommend an alternative firewall because the Windows
> Firewall is one way..inbound only, and people think you should also have
> outbound.
>
> Tom
>
> "Bigbruva" <Richardh@dontusethis.ws> wrote in message
> news:uYXZY%23kvFHA.2212@TK2MSFTNGP15.phx.gbl...
> | Hi Subtratam, as you are an MVP, I am interested that you recommend
> | replacing the Windows Firewall. I hear this a lot, from many sources,
> and
> | understand the issues about its limitations when compared to a fully
> | featured firewall solution. My question is, do you have any specific
> | examples of attacks that have successfully bypassed an active Windows
> | Firewall? (Note: 897663 doesn't count as no attack has used this)
> |
> | I don't want to start a firestorm, I am simply interested to understand
> why
> | Windows Firewall has such a bad reputation. If you will forgive the
> analogy,
> | it may not be a "Ferrari F40" but it is a good "BMW Mini" and, IMHO,
> most
> | people don't need Ferrari's (especially people like my Mum and Dad ;-)
> |
> | If a user is really "interested" in PC security or is looking to share
> | Internet services then I agree they should upgrade to a more featured
> | product, hence the reason the "Silver Medal" solution
> | (www.windowsdefender.com/silver_protection.htm) does this. However, if
> you
> | are looking for a simple "set it, forget it" tool to improve your
> systems
> | security with the minimum complexity, I stick by my recommendation of
> | Windows Firewall, unless I have missed a security vulnerability
> somewhere
> of
> | course, in which case I'll update the "Bronze Medal" solution on the
> site.
> |
> | Thanks in advance
> |
> | BB
> |
> | "Subratam" <Subratam@discussions.microsoft.com> wrote in message
> | news:E942F0B4-780E-4BF5-BD09-EC7AAE356F8D@microsoft.com...
> | > Just a few points here if I may say :) , Avast , Etrust , AVG are real
> | > quality free AntiViruses of which I will also suggest to go for Avast.
> | > Regarding Firewall , I dont recommend Windows firewall rather
> disabling
> it
> | > and go for much better and free firewall like Sygate . Kerio is
> | > discontinueing its free firewall service
> | > http://forums.kerio.com/index.php?t=msg&th=7040 and most others giving
> | > free
> | > "trials" . Zonealarm is good ... but IMO , it uses a lot of resources
> .
> | > Prevx
> | > is a good tool to be tried out too which provides layered protection.
> | >
> | > Regards
> | > --
> | > Microsoft MVP Windows-Security 2005
> | >
> | >
> | > "Jim Macklin" wrote:
> | >
> | >> ZA seems to be much easier to configure for permissions than
> | >> XPs firewall, maybe that because I began using ZA years ago,
> | >> before XP was released.
> | >>
> | >> BTW, just did an ZA update to 6.0.667.000 and noticed a
> | >> problem with the popup message window. The Allow and deny
> | >> buttons are aligned such that the deny button is only
> | >> partially visible at the right edge of the window. This is
> | >> on both my W98 and XP computer. The download was done on
> | >> each computer. I have sent ZLabs a notice (w screen cap).
> | >>
> | >>
> | >> --
> | >> The people think the Constitution protects their rights;
> | >> But government sees it as an obstacle to be overcome.
> | >> some support
> | >> http://www.usdoj.gov/olc/secondamendment2.htm
> | >>
> | >>
> | >>
> | >> "Bigbruva" <Richardh@dontusethis.ws> wrote in message
> | >> news:uj$CuPduFHA.444@TK2MSFTNGP15.phx.gbl...
> | >> |I agree that Zone Alarm is a great product, in fact the
> | >> Gold version of this
> | >> | guide will use Zone Alarm Pro - once I get the time to
> | >> finish the guide!
> | >> |
> | >> | However the aim of the Bronze setup was to make the
> | >> installation and
> | >> | configurations as simple as possible and, as the, Windows
> | >> Firewall is part
> | >> | of SP2 (which most home users will have installed) this
> | >> was the easiest to
> | >> | setup. For the majority of home users the Windows Firewall
> | >> is sufficient
> | >> | IMO, even if it's features are rather limited.
> | >> |
> | >> | BB
> | >> |
> | >> |
> | >> | "Jim Macklin" <p51mustang[threeX12]@xxxhotmail.calm> wrote
> | >> in message
> | >> | news:%23vB2sPVuFHA.2568@TK2MSFTNGP15.phx.gbl...
> | >> | > AVAST works well, as does As-Aware SE, but the free Zone
> | >> | > Alarm firewall is more functional than the Windows
> | >> firewall
> | >> | > since it monitors in and outbound traffic and has a much
> | >> | > easier interface.
> | >> | >
> | >> | >
> | >> | > --
> | >> | > The people think the Constitution protects their rights;
> | >> | > But government sees it as an obstacle to be overcome.
> | >> | > some support
> | >> | > http://www.usdoj.gov/olc/secondamendment2.htm
> | >> | >
> | >> | >
> | >> | >
> | >> | > "Bigbruva" <Richardh@dontusethis.ws> wrote in message
> | >> | > news:OhEMB%23UuFHA.2212@TK2MSFTNGP15.phx.gbl...
> | >> | > | Hi Catamount
> | >> | > |
> | >> | > | I have a step-by-step guide for a free Antivirus and
> | >> | > Anti-spyware setup on
> | >> | > | my site at:
> | >> | > |
> | >> | > | http://www.windowsdefender.com/bronze_protection.htm
> | >> | > |
> | >> | > | This setup uses Avast!, Ad-Aware SE Personal, and
> | >> Windows
> | >> | > Firewall.
> | >> | > |
> | >> | > | HTH
> | >> | > |
> | >> | > | BB
> | >> | > |
> | >> | > | "Catamount" <Nope@spam.no> wrote in message
> | >> | > | news:%23%238n0AJuFHA.3188@TK2MSFTNGP14.phx.gbl...
> | >> | > | >I am looking for a list of free antivirus and
> | >> firewall
> | >> | > software. I am
> | >> | > | >trying to create a list for a project to get people
> | >> who
> | >> | > don't have the
> | >> | > | >money for the high end AV software to still get
> | >> | > protection. Anyone wanna
> | >> | > | >help little-ole-me?
> | >> | > |
> | >> | > |
> | >> | >
> | >> | >
> | >> |
> | >> |
> | >>
> | >>
> | >>
> |
> |
>
>