Re: Enable firewall to ignore ping requests

From: Tim (
Date: 11/28/04

  • Next message: John McGaw: "Re: Scanner&Burner"
    Date: Sun, 28 Nov 2004 11:58:01 -0000

    Thanks everybody for your help, I didnt mean it to spark such a debate.

    "Karl Levinson, mvp" <> wrote in message
    > "Mr. Kurtz" <MisterKurtz@TheCentralStation> wrote in message
    > news:ebbwNL80EHA.3236@TK2MSFTNGP15.phx.gbl...
    >> > Or, you can install free firewalls like,
    >> > or
    >> > These have more functionality than the Windows
    >> firewall,
    >> > and will give you a lot more information about mystery executables on
    > your
    >> > system [I think the XP firewall tells you pretty much nothing about
    >> these.].
    >> > But they may take more effort to maintain. For example, if you end up
    >> > blocking something important, you have to look at the logs and figure
    > out
    >> > what needs to be unblocked.
    >> To the OP:
    >> Take the extra time to learn how to use Kerio, ZoneAlarm, or Sygate. Any
    > of
    >> thse is far superior to the XP firewall. You would be well served.
    > That's *much* easier said than done. Many people get frustrated and give
    > up. And if your firewall is configured to prompt the user whether or not
    > to
    > allow a particular communication, eventually the user will allow herself
    > to
    > become compromised... so prompting firewalls are not always reliable
    > security.
    >> With regard to this particular post:
    >> References to "blocking something important" smacks of FUD; particularly
    >> after agreeing with the assesment of Gibson's "scare tactics".
    > I disagree completely. I think my statement was pretty fair and accurate.
    > It's not FUD to say that firewalls can easily be misconfigured by
    > inexperienced users, with unwanted results. Anyone reading this newsgroup
    > regularly knows this happens quite frequently. It's strange to think I'm
    > contributing to FUD about firewalls given that I regularly recommend them.
    > But I used to be one of those techies who would recommend them to everyone
    > without caveats, until I installed one on a friend's computer and had
    > absolutely miserable results. And for what it's worth, I hold a
    > Checkpoint
    > Firewall-1 CCSA certification, so I know a little bit about how to
    > configure
    > firewalls.
    > So now I'm much more cautious about recommending firewalls to novices
    > without caveats. And pretty much anyone asking advice about how to find
    > and
    > configure a host-based firewall is a firewall novice.
    > And note that security is *NOT* about being most secure. The most secure
    > solution is often the wrong one. Security is about managing risk to an
    > acceptable level, with the end goal being saving time and money and
    > enhancing functionality. Given this, the XP firewall is sometimes the
    > right
    > solution, because with less functionality, it makes novice users
    > reasonably
    > secure while breaking less and taking less time to administer. I use both
    > Kerio and Sygate on my machines, but only because I can support them
    > myself
    > pretty easily.

  • Next message: John McGaw: "Re: Scanner&Burner"