Re: XP's Firewall
- From: Dan <spamyou@xxxxxxxx>
- Date: Mon, 28 Aug 2006 01:57:31 -0600
B. Nice wrote:
On Sun, 27 Aug 2006 20:59:30 -0700, "Kerry Brown"
<kerry@xxxxxxxxxxxxxxxxxxx*a*m> wrote:
B. Nice wrote:
<snipped>
I can shut down network services in less than 5 minutes. Obviously not<more snipped>
rubbish.
You are technically correct. Shutting down network services is fairly easy if you know what you are doing and it will give you as similar protection to running a firewall.
That's true.
It is not good advice for most people.
That's your opinion.
I'm guessing less than 10% of Windows users would know how to do this.
I'm guessing that approx. 92% of all guesses involving percentages are
simply wrong ;-)
However, you do have a point. Simply because is is not the
conventional wisdom being taught - and there is no money in it for
software vendors making a living from peoples lack of knowledge. But
if users are skilled enough to properly configure a personal firewall
and understand how it works, they are also skilled enough to shut down
services and understand the implications.
In the event they did do this without messing up their computer their computer would be an island unto itself, no printer sharing, no file sharing, etc..
True to some extent. But if they don't need that stuff, disabling the
services is, from a security standpoint, the preferred option.
That said, you _can_ actually disable the network services and still
do file- and printersharing by using a network protocol different from
TCP/IP for you LAN. Again a very good solution from a security
standpoint.
The vast majority of users neither want nor need to do this. They are far better off with a firewall.
And I disagree to that opinion. They are far better off by getting in
contact with someone who understands to properly configure their
machine and eventually their network. Someone who is'nt somehow in it
for the money.
We can debate the merits of which firewall which was how this thread started but a firewall is needed for most people.
Depending on the circumstances, a packet filter of some kind is
needed, yes.
Your method of protection is simply not workable for most people
That would imply that most people do file- and printersharing. I'm not
convinced whether that is true. At least not for home users.
and very poor advice for the non technically inclined who may find this thread through various search engines.
Don't worry about that. The thread will drown in links advicing you to
install a personal firewall. Not least from the software vendors
making a living from it. And you think that the non technically
inclined should be better off with a personal firewall? - I disagree -
with the windows firewall as an exception.
I believe in providing different views and letting people decide for
themselves. I don't believe in providing conventional wisdom only -
which is why I find debates like these useful.
I would say that everyone is in agreement that a multi-layered approach is the best idea for security. So far we have determined that includes a hardware firewall, a software firewall and disabling unneeded services to help harden a computer's defenses.
.
- Follow-Ups:
- Re: XP's Firewall
- From: B . Nice
- Re: XP's Firewall
- References:
- XP's Firewall
- From: B.W.
- Re: XP's Firewall
- From: RJK
- Re: XP's Firewall
- From: B . Nice
- Re: XP's Firewall
- From: RJK
- Re: XP's Firewall
- From: B . Nice
- Re: XP's Firewall
- From: Kerry Brown
- Re: XP's Firewall
- From: B . Nice
- XP's Firewall
- Prev by Date: Re: XP's Firewall
- Next by Date: Re: XP's Firewall
- Previous by thread: Re: XP's Firewall
- Next by thread: Re: XP's Firewall
- Index(es):
Relevant Pages
|
