Avast WEBforum
Other => General Topics => Topic started by: Neron on May 05, 2006, 02:52:00 PM
-
Hi!
Just want to ask for an advise.I'm currently using the windows firewall.,but as we all now it doesn't protect outbound traffic.Zone alarm is extremely heavy for my computer(just 750MHz,256 ram.Segate firewall pro was much lighter but it was getting older(and was a bit heavy too).That's why I switched to windows firewall again.And no problems with it at all.I am very happy with it,but will gladly consider to change it with something better if it's not heavy and provides good protection.It should be easy to setup too.
Can you please give me a clue?Is there such firewall
Thank you
-
I assume you mean Sygate Pro firewall and not Seagate that make hard disks but ii don't think they make firewalls.
There are others, Comodo, Jetico, Sunbelt Kerio, etc.
See some firewall tests for comparison, some are freeware but many are paid for versions http://www.firewallleaktester.com/tests.php.
Check out the tests and see how they do there is no point in getting a light firewall if it doesn't provide adequate protection. Life is a compromise on protection and I suppose footprint/resource use. There are some firewalls that are utilised for gaming, etc. so should be light on resources, try a google search.
-
It should be easy to setup too.
Then Jetico is probably not the one you want. Its a very good firewall but not as easy as the others David mentioned.
M
Edit: Wulf recommended Filseclab Personal Firewall Professional in another thread as being very light on resources. I haven't tried it - if you do post again with your opinion.
-
On slower machines it is better to just use the XP Firewall. Make sure to install all the Windows Updates especially SP2 and just check the exceptions. The average person doesn't really need outbound protection and is better off making sure they have an update AV installed like Avast and realtime AntiSpyware protection like Windows Defender.
-
On slower machines it is better to just use the XP Firewall. Make sure to install all the Windows Updates especially SP2 and just check the exceptions. The average person doesn't really need outbound protection and is better off making sure they have an update AV installed like Avast and realtime AntiSpyware protection like Windows Defender.
Yes ,my experience tells me the same.
-
Windows firewall is fine until the computer is infected by a Trojan, in which event the Trojan will be able to connect out, and may be able to bring down the firewall completely, allowing more malware to connect in. Some Trojans can bore a hole in Windows firewall, meaning that even when the Trojan is removed from the computer, a hacker is left with a way into the computer.
A knowledgeable user can of course avoid getting Trojans on their system- by not opening email attachments, not downloading from crack sites or peer-to-peer networks, keeping browser and OS up to date etc. It is perhaps the average user who needs to use a third party firewall- the sort of person we see on the forum who manages to get infected with a Trojan.
With a little knowledge, a Firewall which controls outbound traffic can be a good idea. Certainly Windows firewall is too easy to bring down completely should a Trojan find its way onto a system.
I'm using Kerio with 256M ram with no problem
-
With an updated AV, you will not get a Trojan to begin with. I can always tell the people who actuall deal with end users in real life. The Windows XP Firewall is more than adequate for the average user. Third party firewalls require too much user interaction for most people and either one of two things happen, something legimate stops working because of it or people set the thrid party firewall to let everything connect without warning and it becomes irrelevant.
-
With an updated AV, you will not get a Trojan to begin with.
We see plenty of people here who get Trojans. There are plenty of Trojans that avast! does not detect. I'm sure other AV's miss Trojans too. The risk of getting a Trojan of course depends on the type of activity undertaken. If users want to download executables from risky sources, I can't make such a bold statement with any confidence.
I can always tell the people who actually deal with end users in real life.
Yes, it's true of course. We deal with real users who have such problems almost everyday on the forum.
-
Outbound protection is not a solution to Trojan Infection. And no you don't deal with real users in real life, you deal with people posting to a forum, which is why you don't realize you keep giving bad advice.
-
Mastertech, you are not the source of all wisdom.
-
The average user is much better off with the simple XP Firewall. There is just less to worry about. Any Trojan written well enough could bypass any firewall once it has system access. Zone Alarm for instance goes by application name. A trojan could easily call itself something like WindowsUpdates.exe and 99 out of 100 average users will let it access the Internet.
Especially on older systems the average user has no need for all the excess overhead from a 3rd party firewall when they really just need a basic Firewall such as the Windows XP one.
-
giving bad advice.
What moron would suggest windows defender on a system with limited resources.
Neron might have to get used to lots of idle time waiting for bills latest bungle to finish running him around.
for a moment there i thought you actually helped someone .
-
Yes please prove how Windows Defender hurts performance when it's system requirements are:
Pentium 233
64MB RAM
::)
But hey it is always better to shout out unsubstantiated claims because hating Microsoft is cool.
-
Here is more useful information:
Improvements in Windows Defender (Beta 2):
-Enhanced performance through a new scanning engine.
-Streamlined, simplified user interface and alerts.
-Improved control over programs on your computer using enhanced Software Explorer.
-Multiple language support with globalization and localization features.
-Protection technologies for all users, whether or not they have administrator rights on the computer.
-Support for assistive technology for individuals who have physical or cognitive difficulties, impairments, and disabilities.
-Support for Microsoft Windows XP Professional x64 Edition.
-Automatic cleaning according to your settings during regularly scheduled scans.
-
I don't know what Defender is like but MS Anti-Spyware used to consume a lot of resources when I was trying it out. (About two or three time more than my firewall.)
I think your MS plug is a bit off-topic as Neron asked for info about firewalls.
There is no such thing as an average user. All users are different and most can make up their own minds given good information.
-
sounds like bill wrote it himself
Thank god for independent opinions
At the moment, Windows Defender is still quite buggy. While the program still performs correctly and properly identifies / removes spyware, I would recommend not downloading and installing Windows Defender if the user doesn't want to deal with any of the known issues. Some common bugs which have been identified so far are as follows: (Keep in mind that these are only some of the issues I know of, and it is highly possible that some or all of these issues could be fixed by the time you read this.)
* The Windows Defender installer doesn't, in some cases, work with Windows which is running in a different language - other than English.
* Windows Update stumbles on installing the updated definitions by claiming to successfully have installed the updates, and then continuing afterward to pester the user about updates which are available for installation. This is a bit of a nuisance and a hard issue to put up with, in my opinion.
* The removal of some detected spyware-related P2P programs within Windows Defender may also result in the removal of the default folder for storing downloaded files. This essentially means that the user will need to back up his/her files which were downloaded from a P2P application before using Defender to abolish the existence of such P2P apps, or else the user risks loosing their downloaded files also.
Note that the list of other known issues with Windows Defender goes on, but those are a few of the major ones which I felt were the most appropriate to include in this article to assure future Windows Defender users understand the issues and bugs associated with the application. So don't be alarmed if Windows Defender doesn't update properly or doesn't run on your computer if it's default language isn't English.
The recommended minimum system requirements are as follows:
* Intel Pentium III Processor or higher (or AMD equivalent)
* Windows 2000 SP4 or Windows XP SP2 or Windows 2003 Server SP1
* 128 Megabytes of RAM (Random Access Memory)
* 20 Megabytes of free, available hard drive space
Full story http://www.pcmech.com/show/reviews/916/2/
-
Windows Defender even in Beta is perfectly safe to use. The issues mentioned are minor and do not cause performance issues with your system as has been claimed twice so far but not proven (as usual).
-
Why do you plug MS products so hard?
Do you work for them?
Why should we take your opinion as Gosple?
-
Windows Defender is an excellent AntiSpyware program that does some of the most important things the others do not. Or at least the free versions of other do not.
1. It autoupdates using Windows Update
2. It can schedule a scan
Updates are also very frequent which has forced Ad-aware to release more timely updates.
I am not plugging anything but recommending the best solutions.
Oh don't take my advice on performance, I would prefer to take yours or Cloussaus with Zero data to back any claim up. ::)
-
2 more observations:
If a product is made by, supported by an/or approved by Microsoft,
Mastertech usually recommends it.
FreewheelinFrank usually finds fault with it.
Pretty much down party lines only this isn't politics.....
In my personal experience, I've used Windows Defender since it was released.
It's continuously been improved and hasn't affected my systems performance.
It hasn't found anything on my system but then neither have any of the other scanners that I use.
-
sounds like bill wrote it himself
Thank god for independent opinions
At the moment, Windows Defender is still quite buggy. While the program still performs correctly and properly identifies / removes spyware, I would recommend not downloading and installing Windows Defender if the user doesn't want to deal with any of the known issues. Some common bugs which have been identified so far are as follows: (Keep in mind that these are only some of the issues I know of, and it is highly possible that some or all of these issues could be fixed by the time you read this.)
* The Windows Defender installer doesn't, in some cases, work with Windows which is running in a different language - other than English.
* Windows Update stumbles on installing the updated definitions by claiming to successfully have installed the updates, and then continuing afterward to pester the user about updates which are available for installation. This is a bit of a nuisance and a hard issue to put up with, in my opinion.
* The removal of some detected spyware-related P2P programs within Windows Defender may also result in the removal of the default folder for storing downloaded files. This essentially means that the user will need to back up his/her files which were downloaded from a P2P application before using Defender to abolish the existence of such P2P apps, or else the user risks loosing their downloaded files also.
Note that the list of other known issues with Windows Defender goes on, but those are a few of the major ones which I felt were the most appropriate to include in this article to assure future Windows Defender users understand the issues and bugs associated with the application. So don't be alarmed if Windows Defender doesn't update properly or doesn't run on your computer if it's default language isn't English.
The recommended minimum system requirements are as follows:
* Intel Pentium III Processor or higher (or AMD equivalent)
* Windows 2000 SP4 or Windows XP SP2 or Windows 2003 Server SP1
* 128 Megabytes of RAM (Random Access Memory)
* 20 Megabytes of free, available hard drive space
Full story http://www.pcmech.com/show/reviews/916/2/
This almost sounds like they are totally set against the programs unless you read the full story which they end as follows:
Conclusion
Overall, Windows Defender (Beta Two) looks to be a promising spyware removal and real time protection software from Microsoft. A few bugs and known issues make Windows Defender slightly intimidating, but it is still 'Beta' and under development. I would recommend trying out Windows Defender; who knows, maybe it will detect a strain of spyware hidden on your computer that no other AntiSpyware program detected. I give Windows Defender an 8.5/10 and I am very impressed with the highly detailed Software Explorer. Like I said, give Defender a try, maybe you will like it too.
Amazing what the whole story reveals.... :)
-
If a product is made by, supported by an/or approved by Microsoft, Mastertech usually recommends it. FreewheelinFrank usually finds fault with it.
That's just rubbish. Again you're accepting Mastertech's reduction of the discussion to a juvenile Firefox fanboy/MS hater level. The only MS product I have found fault with is IE, and I'm not alone in that: plenty of people have criticised it both on security and on standards compliance. MS Anti-Spyware was not a bad product when I tested it- it locks down Windows pretty well. Windows firewall is better than nothing, but there are other firewalls available that are more secure.
Please resist reducing the tone here with this nonsense.
-
Well FwF,
Also the MS firewall policy is incomprehensible. Read:
http://news.com.com/2100-7355_3-6065797.html
They only give you half a firewall by default in Vista, because the admins like to regulate traffic on a general basis, and not on an individual user basis, that is what big companies like. The common end-user is taken for a Mr-Ignorantus and for granted that way . "Use this computer, we know what is good for you (and apparently for us)".
We started to climb down to the way using your computer with your hands nicely tied behind your backs model for quite a time now.
Educating people to individuals that know why they do things or why the want things, is not a preferred model, which is a pity.
Sometimes I feel this is a way of devolution, the technique is getting more an more advanced, but the "naked ape" behind the keyboard is growing more and more helpless all the time.
polonus
-
Hi Polonus,
At least the inbound protection is turned on by default. When I bought this computer, there was no firewall running... :o
Fortunately I'd seen some good programs on the BBC World Service (Click Online) about computer security and knew that a firewall was a good idea- the last time I'd really used a computer was back in the days of Windows 3.1: the internet was just coming in but it was only a way for one professor in a university to talk to a professor in another university, in fact to send 'electronic mail' as it was called then.
I installed Norton Personal Firewall and it wasn't till about a year later that I read about Windows having its own firewall which you could turn on.
I've come across several people connected to the Net with no firewall on older systems- including a friend of mine who has a degree in computer engineering and worked in IBM networking for about ten years. :o
With a little bit of knowledge, people will be able to turn on the outbound traffic control. Of course it's not really useful unless you have some idea of what is trying to connect out. Some firewalls are better than others in this respect. Sygate was appalling- I saw messages that were totally meaningless to even a experienced computer user like myself. Zone Alarm is probably the best, giving the user non-technical information about the program that is trying to connect out. I believe the pay version even has a database of safe and dangerous programs- that's the sort of thing that outbound control needs if it is going to be useable by reasonably knowledgeable folks.
-
By all accounts a similar situation will occur with Vista and the new improved windows firewall, it will also have limited outbound protection, but that outbound protection will be disabled by default. This is to supposedly conform with the wishes of the large corporate customers who don't want it enabled by default. Why it simply can't be disabled in the corporate versions is beyond me.
-
Neron,
You have asked a question. You have received ALL kinds of different answers to your question. I am not going to tell or suggest to you what to do about the Windows Firewall vs. a free third party firewall. All I am going to tell you is that the majority of users of a pc probably use a third party firewall and turn off the Windows Firewall. I personally use a third party firewall. I don't have to prove anything to anyone because of stating what I do concerning a firewall. Use your own better sense of judgement on whether you want to stay the way you are or get a free third party firewall for better outgoing protection. :)
-
Hi Neal,
Good remark. This aside. Did you know that 33% of the people on the Internet use no protection at all. No firewall, no AV solution - nada. That is why we have the situation we have with all the botnets and such. Most of the people are one click away from malware, and this people who would be better off without computers are not one click away, they are sitting on it and spreading it without knowing it. What is done to protect these people? Non-Achievement All Around. You do not believe me, 77% of all the people with a virus scanner never uses them or update.
When they see something pop up, and they do not like it. You know what they do? They click it away. There is a long, long way to go. Wish everybody had installed free ZoneAlarm at least.
polonus
-
Thank you all for your answers.As I said before, windows firewall is not a bad firewall, and since I'm not having any problems with it and I don't access dangerous sites without being prepared(Firefox with scriptblocker,siteadvisor,dr.web antivirus link checker,Winpatrol ,restricted account and avast! of course) I don't really need to change it.I have tried ZA,Kerio,Sygate,Outpost,Lavasoft's firewall and I never really needed this extra protection that a third party firewall can provide.
Thank you again! :)
-
Hi Polonus,
I don't doubt what you are saying at all. I know that alot of the people as you say just "sit" on it and do nothing until after the fact. It's a shame but that's the way it goes. Oh well, all we can do is suggest to folks what they may want to use for protection. We can't force them to make a choice. Have a great day. :)
-
Your more than welcome Neron. Have a great day. :)
-
Hi Neron,
From what you tell us, I see you have made a solid evalution of what you need in the way of protection. You run minimal risks as they say. Thank you for your contribution to the dialogue, and surf safe, my friend. Naboj!
polonus
-
This explains in detail why for the most part outbound protection in Windows XP is not something to worry about and also why the XP Firewall is one of the best.
Windows Firewall: the best new security feature in Vista? (http://blogs.technet.com/jesper_johansson/archive/2006/05/01/426921.aspx)
It is interesting how some of the best security features in Windows receive either no attention, or get criticized for the strangest reasons. Case in point: Windows Firewall is one of the best firewalls out there, and yet much of the talk about it are complaints that outbound filtering is disabled by default. I believe there are a lot of incorrect assumptions and outright myths about outbound filtering, but more about those further down. Let's look at the positive side first.
I really like Windows Firewall in Windows XP Service Pack 2 (SP2). It is lightweight, centrally manageable, does the job well, is unintrusive, and does something very critical: it protects the system at boot. That last one is crucial; we have seen many systems in the past get infected during boot even with a firewall turned on.
Given all this, it is really unfortunate that all some people seem to be able to say is that, while the Windows Vista firewall "finally" provides outbound filtering, it is disabled by default (which is actually incorrect, see below for more details). This is then usually coupled with denigrating statements about how the Windows XP firewall does not provide outbound filtering and how this means nobody should use it.
Not only is the outbound filtering scenario that provides significant security value actually turned on by default in Windows Vista, but these claims also completely fail to account for a very simple engineering issue: any outbound host-based firewall filtering in Windows XP is really just meaningless as a security feature in my opinion. True, it stops some malware, today, but only because current malware has not been written to circumvent it. There simply are not enough environments that implement outbound rules for the mass market malware authors to need to worry about it. In an interactive attack the attacker can circumvent outbound filters at will. To see how, consider this.
Circumventing outbound host-based firewall filters can be accomplished in several ways, depending on the scenario of the actual attack. First, the vast majority of Windows XP users run as administrators, and any malware running as an administrator can disable the firewall entirely. Of course, even if the outbound filter requires interaction from the user to open a port, the malware can cause the user to be presented with a sufficiently enticing and comprehensible dialog, like this one, that explains that without clicking "Yes" they will not ever get to see the dancing pigs:
That article clearly explains what I am talking about.
The key problem is that most people think outbound host-based firewall filtering will keep a compromised asset from attacking other assets. This is impossible. Putting protective measures on a compromised asset and asking it not to compromise any other assets simply does not work. Protection belongs on the asset you are trying to protect, not the one you are trying to protect against! Asking the bad guys not to steal stuff after they have already broken into your house is unlikely to be nearly as effective as keeping them from breaking into the house in the first place.
Which is why it is important to tell people to simply enable the Windows XP Firewall and leave it at that. There is no reason to shove third party firewalls down an average users throat with some mystical promise that outbound protection can save them once their system is compromised.
-
The MS view on internet security:
...the vast majority of users are unable to make intelligent security decisions based on the information presented.
Thanks, MS, but **** you.
-
The MS view on internet security:
...the vast majority of users are unable to make intelligent security decisions based on the information presented.
Thanks, MS, but **** you.
Although not to your liking and probably not the the liking of many others (including me) it's unfortunately
a true statement.
Most of the people that use a computer aren't computer literate. They are users and not geeks and therefore have
no clue what's safe and what's not. Since once the door is opened through an incorrect decision, your computer is
compromised. Therefore, choice isn't always the best solution. IMHO
-
Rather than take that attitude I prefer to assume that computer users are intelligent enough to make decisions given good information.
That is what this forum is about: people can come here, get the information and views from both sides and make up their own minds.
I certainly resent some jumped-up computer technician coming here and saying 'I know what's best for you, do what I say.'
-
I certainly resent some jumped-up computer technician coming here and saying 'I know what's best for you, do what I say.'
Your statement referred to a comment made by MS I didn't know that you personal dislike of an individual
Tech was the reason for your post.
I guess soon this will be another post closed or deleted.
Lately I've seen nothing but arguments instead of discussions and there IS a difference.
-
Rather than take that attitude I prefer to assume that computer users are intelligent enough to make decisions given good information.
Unfortunately most are not. Let alone able to determine what is good information. If people were able to make good decisions regarding computer security there would be no need for these forums.
That is what this forum is about: people can come here, get the information and views from both sides and make up their own minds.
Which is why giving them accurate advice is important. Scaring them that if they don't have outbound protection on their firewall and the sky will start to fall is not it. I can always easily weed out those who do this for a living and those who do not by how practical the advice they give. The Windows XP firewall is an excellent solution for the average user. It provides solid protection and is unobtrusive.
I certainly resent some jumped-up computer technician coming here and saying 'I know what's best for you, do what I say.'
First of all I am not a computer technician, that was many years ago. I simply provide advice based on actual experience and factual information. I don't use some personal disdain for a company or product as an excuse to ignore the facts about it.
BTW Frank what do you do for a living?
The reason is I've been on "security" forums where I found out you had elementary school teachers giving computer advice but an employee of a well known AntiVirus company being denied the ability to provide security advice.
-
Rather than take that attitude I prefer to assume that computer users are intelligent enough to make decisions given good information.
Unfortunately most are not.
So you're saying most computer users are not intelligent enough to make decisions given good information?
I can always easily weed out those who do this for a living and those who do not by how practical the advice they give.
So you're saying that only those who give advice for a living are qualified to give advice?
Which is why it is important to tell people to simply enable the Windows XP Firewall and leave it at that.
So the only option you give is to follow your advice and tell people to use Windows firewall?
To put it mildly, I don't agree with any of your points.
-
So you're saying most computer users are not intelligent enough to make decisions given good information?
Most computer users do not listen and do not want to make decisions. They do the same stupid things over and over. Which is why I have determined that for the average user if something is not automatic they simply will not do it. Oh yes there are exceptions but I am talking about the majority. This is why Windows Update set to automatic, Windows Defender set to Automatic and Avast set to automatic is the best you can hope for.
So you're saying that only those who give advice for a living are qualified to give advice?
There are people in related fields qualified to give advice such as engineers ect... They usually have the same mind set for the information. But if your day to day job in no way seriously relates to computers than no I do not feel you are qualified to give anyone computer related advice.
So the only option you give is to follow your advice and tell people to use Windows firewall?
Do you even read ANYTHING I say? I am saying it is ok to recommend the Windows Firewall as a good solution for end users. It is not ok to just dump on it because of some unsubstantiated fear in relation to some anti-microsoft hatred. Firewalls such as Zonealarm are good recommendations for people who are control freaks, paranoid or obsessive about security. But it is not necessary for the average user. Do you have any idea how many tech calls to ISPs are due to misconfigured firewalls? All because someone scared them that the sky would fall unless they used a firewall with outbound protection. Are Firewalls with outbound protection more secure? Of course but like the article says it is not possible to make them invulnerable on XP. And for the average user they are completely unnecessary. The Windows XP Firewall is a good enough solution. The problem's facing everyone with security is not that everyone is running the Windows XP firewall and getting hacked all day long but the same they have always been.
1. Security Updates are never applied
2. No current updated AntiVirus program installed
3. No firewall running at all.
4, No current updated AntiSpyware program installed
Microsoft provides solutions for free to three of these problems.
-
Do you even read ANYTHING I say?
No, not anymore, but in this case I did.
Which is why it is important to tell people to simply enable the Windows XP Firewall and leave it at that.
You are clearly not saying that it is OK to recommend Windows firewall, but that we should do nothing else.
Windows firewall is fine on a clean system. But we see people here who have Trojans which have brought down Windows firewall. In cases like this, I wouldn't have any confidence that Windows firewall could ever be put up securely again. And a third-party firewall will enable victims to see what is connecting to the mother ship and usually block it, depending on the sophistication of outbound blocking.
I don't like to talk of the 'average user' but to let people make up their own minds, but hey, that's just me. They can worship at you alter if they want.
-
I am a tech for a ISP. We have dial up, DSL, Wireless etc. The majority of calls I get from MY customers with problems boils down to the fact they are ONLY using the built in Windows firewall and not a third party one instead. They also let their anti virus program expire, don't have multi-layered defenses. All the majority of them care about is just connecting to the Internet.
Gradually and slowly but surely some of them are willing to listen to security precautions they can take when they ask "why did this happen to my computer". The only proof I need is just the calls I receive 5 days a week from these customers and others who are not customers. This is real proof as it happens with each individual, not some statistical book I choose to write. When I mention programs they can use to help protect their computers it usually boils down to "freeware" for them including 3rd party firewalls as they say they cannot afford to buy a program.
So, as a working Tech for a ISP I don't see the so called "misconfigured" third party firewall problem you state. I also tell and show them how to set Windows updates to ONLY notify them of pending updates and not set it to Automatic. This way I explain to them they can read what the updates relating to security issues are and become better educated. The vast majority of these people agree with me that this for them is the BEST option to choose to receive update information ETC.
-
No, not anymore, but in this case I did.
That is your problem then.
You are clearly not saying that it is OK to recommend Windows firewall, but that we should do nothing else.
You exaggerate any chance you get. The problem is you don't recommend the Windows XP Firewall, you talk about it like your computer will overflow with viruses if people don't use outbound protection. Nonsense. Lack of outbound protection on someone's firewall is NOT the reason they get infected with a trojan ect...
Windows firewall is fine on a clean system. But we see people here who have Trojans which have brought down Windows firewall. In cases like this, I wouldn't have any confidence that Windows firewall could ever be put up securely again. And a third-party firewall will enable victims to see what is connecting to the mother ship and usually block it, depending on the sophistication of outbound blocking.
They didn't "bring it down" they added themselves to the exception list. So? I've seen trojans do this to Norton AntiViruses exception list too. Why can't they just unlock the ports they need through ZoneAlarm or Sygate? Once they have system access they can do all of this. You still don't get it. Take Zonealarm for instance. If a Virus infects Firefox.exe will people know it is infected and not let it connect to the internet? What kind of nonsense is this? Outbound protection only helps sometimes but it is impossible to guarantee that it will block everything no matter how sophisticated the outbound blocking if it has system access.
I don't like to talk of the 'average user' but to let people make up their own minds, but hey, that's just me. They can worship at you alter if they want.
Yeah I think we should start telling everyone to go buy Zonealarm Pro and max out the OS Firewall feature and have warnings popup every time you attempt to do anything on your computer. I haven't found a firewall yet that is user friendly enough to recommend to the average user outside the Windows XP firewall.
You still haven't answered the question of what you do for a living, which speaks for itself.
-
I am a tech for a ISP. We have dial up, DSL, Wireless etc. The majority of calls I get from MY customers with problems boils down to the fact they are ONLY using the built in Windows firewall and not a third party one instead. They also let their anti virus program expire, don't have multi-layered defenses. All the majority of them care about is just connecting to the Internet.
Yeah ok, how does only using the Windows XP Firewall prevent you from getting on the Internet? What kind of BS are you selling? I've seen the proof from Comcast the biggest software reason for non connectivity outside of infections are misconfigured firewalls.
Gradually and slowly but surely some of them are willing to listen to security precautions they can take when they ask "why did this happen to my computer". The only proof I need is just the calls I receive 5 days a week from these customers and others who are not customers. This is real proof as it happens with each individual, not some statistical book I choose to write. When I mention programs they can use to help protect their computers it usually boils down to "freeware" for them including 3rd party firewalls as they say they cannot afford to buy a program.
Please explain how the lack of a third party firewall had anything to do with their connectivity problem? Please.
So, as a working Tech for a ISP I don't see the so called "misconfigured" third party firewall problem you state. I also tell and show them how to set Windows updates to ONLY notify them of pending updates and not set it to Automatic. This way I explain to them they can read what the updates relating to security issues are and become better educated. The vast majority of these people agree with me that this for them is the BEST option to choose to receive update information ETC.
If any of my techs told any of my clients to disable Windows Auto updates they would be fired. Not to mention tell them that the reason they got an infection was due to the lack of a third party firewall when in reality they had an outdated AV program, no Antispyware protection and did not have all the security updates applied. I've spoken to many techs like you on the phone before who have no business giving bad advice to people.
Multilayed protection? You already listed the reasons people have problems, expired AV and security updates no being applied. Abusing the customers trust to scare them that if they had outbound protection on their firewall would have solved their problem is irresponsible.
-
As I said before, you are not the source of all wisdom- in fact a source more of heat than light, and I no longer have much interest in reading what you write.
Good luck in finding somebody to take the bait.
-
As I said before, you are not the source of all wisdom- in fact a source more of heat than light, and I no longer have much interest in reading what you write.
Good luck in finding somebody to take the bait.
So I take it you don't work with computers for a living, why am I not surprised.
-
First of all I stated the majority of calls I get from customers "With problems" etc. I did not say connectivity was the issue. Learn to comprehend in text what is put before you. Secondly I would not want to work for someone like you who spouts nothing but nonsense. Windows firewall cannot prevent one from connecting to the Internet since it doesn't offer "outbound" protection. I thought you might like to know this.
Once again nothing was mentioned by me stating that the lack of a third party firewall had anything to do with connection problems, read and comprehend what is there for you to read and quit trying to put words into my mouth that I haven't spoken.
I inform my customers when asked why their pc has problems that it is caused by a lack of layered defenses including the lack of a third party firewall.
-
First of all I stated the majority of calls I get from customers "With problems" etc. I did not say connectivity was the issue.
Which means the majority of your calls are due to infections, which have nothing to do with a lack of a third party firewall.
Secondly I would not want to work for someone like you who spouts nothing but nonsense.
Then please explain what I said that was nonsense.
Windows firewall cannot prevent one from connecting to the Internet since it doesn't offer "outbound" protection. I thought you might like to know this.
That is my point, it cannot. Thus it cannot be the cause of connectivity problems. Which means you are blaming infections on the lack of a third party firewall which is irresponsible. It is the lack of applied security updates, an updated AV, an updated Antispyware application and NO firewall which are responsible for infections. Though the end user is just as much to blame in most cases by manually installing crap.
I inform my customers when asked why their pc has problems that it is caused by a lack of layered defenses including the lack of a third party firewall.
If they had the Windows XP Firewall Sp2 installed then the Firewall had NOTHING to do with their problems.
-
Hi Neal,
It depends who takes the bait a pike or an eel. But lets make the discussion a bit more fundamental and more general.
Who actually is to blame for the situation at hand. We have come to a situation where one has to have layered protection to be secure, only a AV solution and FW cannot guarantee security for you. This can still be done completely free of charge, but you must know the way, and must be well advised. We have to admit that this is beyond the possibilities of the major public behind computers. They are only interested in fun and quick solutions, and they cannot see further than short-term benefits, because they are trained to look at things that way. I fear the situation we have is condoned for several reasons. And that is why we have all these non-educated users that form the bot-nets of to-day endangering other good-willing users on the Internet.
I have a secure computer for as much it could be made secure:
patched and updated, and all the multi-layered security on it is free. What did I have to do to achieve that? Go to this forum, read and learn from people that knew. The proof: not a single tracking cookie even in half a year.
But if I had to achieve the same situation with only MS provided software, it could be done, but I would have a much harder time.
Why do you think that Mastertech has to do all the explaining to turn a MS default OS into a more secure or secure OS. And then we are homing in on my point. They, whoever and I do not care a bit, are not interested enough about this. It is slightly better than it was, but if so we would have layered security NOW, we would have in-browser security and certificate-guaranteed security NOW. All this is possible, but only through third parties.
(siteadvisor, scriptblockers, siteblocking, hyperlink pre-scanning,
intrusion detection monitoring even against rootkits etc. etc).
And then we must think of those who profit from the situation we have: right, the adman, the spyware man, the spammer, and all those that profit from it, huge interests (read Ben Edelman to get to the core there: 6 big Media giants ruling). If everybody would install Adblock plus + Filterset GUpdater there would be a webmaster outcry all around. We have to live in this world, and I am a realist, but don't present things like they are not like with MS Firewall in Vista is the best they could come up with. ActiveX once also was the best they come up with. Be real about this, and tell it like it is.
polonus
PS I am a certified MS Approved Administer (803-902).
-
Hi Polonus,
Yes, I know what you are stating. I already stated in my post that I try to educated my customers to programs paid for or freeware for their benefit. You can understand what I wrote but obviously one individual doesn't or tries to twist the context of a spoken sentence by someone to suit his needs. I am very familiar with this sort of ploy he uses. Unfortunately he cannot get away with it when dealing with me verbally because it "seems" he doesn't have the capability to do so.
I stated what happens in the majority of calls I answer and what I do to help the people involved. Nothing more from me needs to be said about this. I stated once before that people reading certain posts here on the forum are intelligent enough to realize what is going on. You have a great day friend Polonus. :)
-
Do you really work on someone's computer and get all panicky when you do not see a third party firewall installed? ::)
Tracking cookies are nonsense and no cause for concern. But that is more to the point. I do tell it like it is and whether you like it or not the best free solutions, Microsoft already provides for free.
1. Windows Defender - the only free Automatic Updating AntiSpyware application.
2. Windows XP SP2 Firewall - already built into XP and lightweight will solid inbound protection.
3. IE7 - Includes AntiPhishing built-in.
The only thing else you need is a free AV = Avast.
-
neal,
What you do is scare people into believing that they need a third party firewall. I didn't twist anything you said, you simply avoid the issue and still have not responded to my last comments.
-
Hi Mastertech,
The best thing is a bit of humour here. What are known to be three limitless things? A. The Universe. B. The stupidity people could come up with. C. The number of flaws in M$ code.
Ha, ha, ha. You cannot deny it.
polonus
-
The number of flaws in M$ code.
You forgot to mention, the flaws in code aren't limited to M$.
The more a program is used or in this case abused, the more flaws will surface.
It's an unfortunate fundamental fact.
-
Hi Bob,
All code is vulnerable, because only recently they started coding with security at heart and not all. That is not easy to have the buffer overflows in mind, and the long integers, and the ways of expression that are secure or malicious. Microsoft had a lot of fingers in the code-pudding, and linked all that together in their code-soup. So they are entitled to more flaws. But jokes aside, yes there is an urgent need to look at this. Why do you think by the way I published the link for the data fuzzer online and recently the html mangler of Zalewski's. Funny thing there was that Micosoft did so bend the rules, that iIE was invulnerable to mangling, while all the alternates had to bite the dust. Some would have eaten their hats to the contrary. So you see, dear Bob, everything is not as it seems. Test, test, test, and then conclude. never take another's word for it. But I have to give credit to Avast's Great Webforum here, all that I have learned in computer security got an enormous boost from this great place. And I am grateful to those who have given me this opportunity.
polonus
-
Security is hardly a Microsoft Problem when you see Operating Systems like Ubuntu Linux with 172 (http://secunia.com/product/4491/) security advisories. CVE lists over 300 (http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ubuntu) entries. So what is their excuse? ???
I get security updates daily and by far the overwhelming majority are related to Linux.
-
So what is their excuse?
No excuse needed.
What one programmer can code, another one can crack it's the same whether it's
created by Microsoft or a Linux.
Neither of them have a monopoly. ;D
-
@ polonus
Thank you for bringing sense to the table.
@ masrtech
why are you so interested in FWF`s credentials? if you browse through the forums you will see them everywhere , providing help and advice to people who are in need.
College degrees are one thing but what FWF brings is far more valuable and earned over time . no self proclaimed expert there.
I stand by my opinion that windows defender would not last a week on Nerons PC as it would cripple its performance and furthermore english not being his first language i think opens him up to the bugs described earlier.
Surely imaging his hard disk would be a better option.
-
Thanks Cloussau!
Actually I am educated in IT to degree level. ;)
I'd been looking for the articles that made me doubt that Windows Firewall was to be trusted after an infection has been cleared up, and eventually found them:
http://www.spywareinfo.com/newsletter/archives/2005/oct27.php#winfirewall
http://www.pcworld.com/news/article/0,aid,122927,00.asp
Here's another worrying report I came across while searching:
http://www.spywareinfo.com/newsletter/archives/2005/mar13.php#firewall
http://habaneronetworks.com/viewArticle.php?ID=144
-
Hi FwF.
Who is blowing the horns now over the fact that people in Vista do have no further need of third party software like third party software firewalls and anti-spyware programs? Right, those that hope to gain leaps by it like the people behind "harmless adware" like Hotbar etc. Read this:
http://www.adwarereport.com/mt/archives/000150.html
They gain by another monopoly thrust forward by Microsoft (think the EU can renew their preliminary reports). That big AV is not involved, as I see it, is just a matter of time. Wait for the next round after Vista. But some parties aren't that afraid. They say MS Vista's inbuilt firewall is years behind development:
http://www.zdnet.com.au/news/security/soa/Zone_Labs_glee_at_hobbled_Vista_firewall/0,2000061744,39252346,00.htm
In the article it says that software has to be two years ahead of MS, else the software is out of the game. These are not my words, but it is saying something about developments.
polonus
-
Interesting info FWF. Thanks for posting it for us to share. :)
-
Hi malware fighters,
This is also an interesting link:
http://weblog.infoworld.com/securityadviser/archives/2006/01/microsofts_onec.html
So what for the default settings of the inbuilt Vista FW? All doors should be locked, there's only need for ventilation.
polonus
-
why are you so interested in FWF`s credentials? if you browse through the forums you will see them everywhere , providing help and advice to people who are in need.
College degrees are one thing but what FWF brings is far more valuable and earned over time . no self proclaimed expert there.
Posting in forums does not make you an expert or knowledgeable. Frank has proven on more than one ocassion to lack even the basic understanding of computer related concepts to provide accurate advice. He may BS some of you here but not anyone who really does this for a living So what is he so afraid of? Why not tell us all what you really do for a living.
I stand by my opinion that windows defender would not last a week on Nerons PC as it would cripple its performance and furthermore english not being his first language i think opens him up to the bugs described earlier.
Surely imaging his hard disk would be a better option.
Prove this. I am tired of these baseless irresponsible opinions. Either put up or shut up. Please prove to everyone here how Windows Defender would cripple a PCs performance or stop posting.
-
Thanks Cloussau!
Actually I am educated in IT to degree level. ;)
You wish. You don't even work in IT for all we know you drive a cab for a living.
http://www.spywareinfo.com/newsletter/archives/2005/oct27.php#winfirewall
Irrelevant a virus with system access can do this to any firewall wether it has outbound protection or not in XP.
http://www.pcworld.com/news/article/0,aid,122927,00.asp
Irrelevant it is patched.
http://www.spywareinfo.com/newsletter/archives/2005/mar13.php#firewall
This is the same post as the first link and the answer is the same.
http://habaneronetworks.com/viewArticle.php?ID=144
This is the same crap. Frank you can't even grasp simple concepts. Once something malicious has system access it can change any settings at will. That means your third party firewall you "think" is unbreakable. There is nothing special here.
-
I may not be psychic but I fear bananas are on the horizon and this thread is headed for the
garbage pile, like so many others....... :'(
-
MasterTech, I think it's time to chill out a bit.
This is not a place where personal assaults are tolerated.
I'd recommend you to read again the forum policy.
http://forum.avast.com/index.php?topic=6339.0
I hope that I won't need to say this again. >:(
-
MasterTech, I think it's time to chill out a bit.
This is not a place where personal assaults are tolerated.
I'd recommend you to read again the forum policy.
http://forum.avast.com/index.php?topic=6339.0
I hope that I won't need to say this again. >:(
Unfortunately it always takes Two or more to tango. >:(
-
Quote from: Cloussau on Today at 03:05:49 AM
I stand by my opinion that windows defender would not last a week on Nerons PC as it would cripple its performance and furthermore english not being his first language i think opens him up to the bugs described earlier.
Surely imaging his hard disk would be a better option.
Prove this. I am tired of these baseless irresponsible opinions. Either put up or shut up. Please prove to everyone here how Windows Defender would cripple a PCs performance or stop posting.
Mastertech I can assure you that I will never use all in one programs or programs that use too much system resources even if i had a faster computer and this is because there is always a way to avoid it(windows defender or even Norton and avast! for an example).
Why should I totally kill the system performance.I just don't need it.Not a single infection for more than 1 year.Only people who don't know how to protect and secure their PC's will install stuffs like that.
-
Unfortunately it always takes Two or more to tango.
I prefer the foxtrot. ;)
An interesting point fro the recent review of anti-virus software. One AV running with Windows firewall missed a Trojan which was able to disable the firewall:
It ignored several Trojans, one of which successfully disabled the Windows firewall, allowing potential attackers remote control of the system.
http://www.computershopper.co.uk/labs/220/anti-virus-exposed/products.html
Zone Alarm AV also missed some Trojans, but as it includes ZA firewall the story was different:
The anti-virus scanner missed four of our Trojans. But when one tried to contact the internet the firewall stopped it.
http://www.computershopper.co.uk/labs/220/anti-virus-exposed/products.html
This sort of result leads me to recommend a third party firewall,and I'll continue to do so on the forum. Whether anybody takes my advice is up to them.
As stated in the SpywareInfo newsletter, a good firewall should encrypt its settings so that they cannot be altered by malicious programs. This is very different to having settings stored in the registry. The fix for the problem mentioned seems to be forcing the display of exceptions in Windows firewall.
These sort of past (and present) weaknesses make me suspect that once an infection has occurred, it may never be possible to clean out every registry change made that might affect Windows firewall. I'm going to continue recommending a third-party firewall. Again, whether anybody takes my advice is up to them.
Now if you'll excuse me, I've got a fare waiting in the cab.
Where to gov'nor?
-
Hi FwF,
For the mo it seems ZA is not afraid of the Vista FW.
Read here: http://www.dslreports.com/shownews/73699
polonus
-
Why should I totally kill the system performance.
I highly doubt that this qualifies it as a system hog but it's your system and your choice
as it is with any program regardless of who's name is attached to it.... ;D ;D
(http://img283.imageshack.us/img283/3797/defender7jt.jpg)
-
Is this a thread hijack children ::)
-
***
Yeah ... about a couple of pages back by now. ::)
***
-
Hi!
Just want to ask for an advise.I'm currently using the windows firewall.,but as we all now it doesn't protect outbound traffic.Zone alarm is extremely heavy for my computer(just 750MHz,256 ram.Segate firewall pro was much lighter but it was getting older(and was a bit heavy too).That's why I switched to windows firewall again.And no problems with it at all.I am very happy with it,but will gladly consider to change it with something better if it's not heavy and provides good protection.It should be easy to setup too.
Can you please give me a clue?Is there such firewall
Thank you
Hello Neron, just to simply answer your first question, (I'm a plumber and don't know anything about computers ;D ) : I have a few computers and on one of them I use the windows firewall together with Winpatrol, just like you. It works just fine, never ever any infection and I trust the combination. On the other pc I use the Filseclab firewall. It is very lite on resources and easy to understand. So, it's your choice. I don't think it will make much of a difference though.
Good luck and hey, discussions are interesting as long as no personal offenses are being adressed to fellow members...
Bye,
Fast :)
-
I am still waiting on any remote proof of negative system performance using Windows Defender. It is now much more clear how these Myths are invented.
-
Locked.