Re: Enable firewall to ignore ping requests
From: Tim (noanswer_at_hotmail.com)
Date: Sun, 28 Nov 2004 11:58:01 -0000
Thanks everybody for your help, I didnt mean it to spark such a debate.
"Karl Levinson, mvp" <firstname.lastname@example.org> wrote in message
> "Mr. Kurtz" <MisterKurtz@TheCentralStation> wrote in message
>> > Or, you can install free firewalls like www.kerio.com, www.sygate.com
>> > or
>> > www.zonealarm.com These have more functionality than the Windows
>> > and will give you a lot more information about mystery executables on
>> > system [I think the XP firewall tells you pretty much nothing about
>> > But they may take more effort to maintain. For example, if you end up
>> > blocking something important, you have to look at the logs and figure
>> > what needs to be unblocked.
>> To the OP:
>> Take the extra time to learn how to use Kerio, ZoneAlarm, or Sygate. Any
>> thse is far superior to the XP firewall. You would be well served.
> That's *much* easier said than done. Many people get frustrated and give
> up. And if your firewall is configured to prompt the user whether or not
> allow a particular communication, eventually the user will allow herself
> become compromised... so prompting firewalls are not always reliable
>> With regard to this particular post:
>> References to "blocking something important" smacks of FUD; particularly
>> after agreeing with the assesment of Gibson's "scare tactics".
> I disagree completely. I think my statement was pretty fair and accurate.
> It's not FUD to say that firewalls can easily be misconfigured by
> inexperienced users, with unwanted results. Anyone reading this newsgroup
> regularly knows this happens quite frequently. It's strange to think I'm
> contributing to FUD about firewalls given that I regularly recommend them.
> But I used to be one of those techies who would recommend them to everyone
> without caveats, until I installed one on a friend's computer and had
> absolutely miserable results. And for what it's worth, I hold a
> Firewall-1 CCSA certification, so I know a little bit about how to
> So now I'm much more cautious about recommending firewalls to novices
> without caveats. And pretty much anyone asking advice about how to find
> configure a host-based firewall is a firewall novice.
> And note that security is *NOT* about being most secure. The most secure
> solution is often the wrong one. Security is about managing risk to an
> acceptable level, with the end goal being saving time and money and
> enhancing functionality. Given this, the XP firewall is sometimes the
> solution, because with less functionality, it makes novice users
> secure while breaking less and taking less time to administer. I use both
> Kerio and Sygate on my machines, but only because I can support them
> pretty easily.