Re: Broadband and security question
- From: Dan <spamyou@xxxxxxxx>
- Date: Thu, 28 Sep 2006 00:06:07 -0600
Leythos wrote:
In article <e3xcfEh4GHA.3444@xxxxxxxxxxxxxxxxxxxx>, spamyou@xxxxxxxx says...cquirke (MVP Windows shell/user) wrote:On Mon, 25 Sep 2006 19:35:49 -0600, Dan <spamyou@xxxxxxxx> wrote:So do you think the software firewall is a waste if a user is behind a NAT router?
So Chris, I guess you really do not like Zone Alarm Professional and is it because it is too bloated or what is the reason? Thanks in advance for your replies.I was thinking that it's exactly the kind of pervasive add-on you're
trying to avoid. I've used/troubleshot the free ZA since it started
out as the only free firewall ("what's a firewall?") in the early
Win9x days, and with every new version of Windows, came hassles and
the search for "really, *this* version works" fixes.
Problems included blockage of LAN file and print sharing, tangles with
System Restore, constant writes to the file system that would cause
Scandisk and Defrag to continuously restart, bunfights with resident
av (especially CA's eTrust) and side-effects of its attachment
awareness. In the end, I just thought "I don't need the hassle".
When I do use a 3rd-party firewall, as is mandatory for Win2000, I've
been using Kerio. I've heard good things about Outpost, but I haven't
used it. Personally, I'd rather use a router to hide the systems from
direct access and use XP SP2's firewall, than hope for better
protection from a third-party firewall (esp. if no router protection)
If you are reasonably sure you know what you are doing, a NAT router will be all that you need in most home user cases. They block inbound traffic, so, nothing reaches your computer unless you invite it to reach your computer - that means that as long as you don't download/install some malware, external users can't directly reach your computer.
If you are the type that visits questionable sites, or doesn't patch their computer, or downloads files for the fun of it, then nothing you install or hardware will protect you.
All installable personal firewall solutions can be compromised on a Windows box when you run as a local administrator, some PFW's provide reporting and real-time traffic displays, but you should never count on a PFW to fully protect you, you really need to monitor the logs in that NAT Router to be sure what your network is doing.
Thanks Leythos for your reply. I will continue to use the NAT router and monitor it from time to time. I will use Zone Alarm Professional as well. I look forward to testing the Windows Vista Firewall soon by connecting directly into the modem and see what hits the Vista operating system receives and the blocking ability with just the Vista software firewall and no hardware protection. I did this for a few months with XP Professional Service Pack 2 and the majority of hits came from China and they also had the strongest hack attempts. <grin>
.
- References:
- Broadband and security question
- From: Dudley Henriques
- Re: Broadband and security question
- From: Dan
- Re: Broadband and security question
- From: cquirke (MVP Windows shell/user)
- Re: Broadband and security question
- From: Dan
- Re: Broadband and security question
- From: cquirke (MVP Windows shell/user)
- Re: Broadband and security question
- From: Dan
- Broadband and security question
- Prev by Date: Re: DNS calls to Ukraine destinations
- Next by Date: Re: DNS calls to Ukraine destinations
- Previous by thread: Re: Broadband and security question
- Next by thread: Re: Broadband and security question
- Index(es):
Relevant Pages
|
