s/w firewalls...something better?

So;

I've loaded Comodo Personal Firewall v2.0. And you know what? My PC is
more secure, admin costs have gone down, my children respect their
teachers again and I no longer have dandruff.

And I thought ZA was good.

I'll write something up on CPFv2 soon but wanted to post this link
http://www.fefe.de/pffaq/. In essence, it says that personal firewalls
are not in the least bit necessary. And, in fact, we're rubes for using
them. It's the usual argument but got me to re-examine the whole s/w
firewall thing, yet again.

Which leads me to dingens.org/index.html.en. This is a proggie that
renders NT-based OS' more secure by shutting down unneeded services.
The source code is available for anaylsis and the whole thing is based
on Torsten Mann's work available here: www.ntsvcfg.de/ntsvcfg_eng.html

I figure I'll play w/these resources for a bit. Maybe hop over to the
firewall newsgroup and see what's up. If I can put together a decent
argument for not needing a firewall, I'll post here.

fwiw,
-Craig

On Tue, 28 Mar 2006 23:22:18 GMT, Craig <netburgherAT@gmail.com>
wrote:

>So;
>
>I've loaded Comodo Personal Firewall v2.0. And you know what? My PC is
>more secure, admin costs have gone down, my children respect their
>teachers again and I no longer have dandruff.
>
>And I thought ZA was good.
>
>I'll write something up on CPFv2 soon but wanted to post this link
>http://www.fefe.de/pffaq/. In essence, it says that personal firewalls
>are not in the least bit necessary. And, in fact, we're rubes for using
>them. It's the usual argument but got me to re-examine the whole s/w
>firewall thing, yet again.
>
>Which leads me to dingens.org/index.html.en. This is a proggie that
>renders NT-based OS' more secure by shutting down unneeded services.
>The source code is available for anaylsis and the whole thing is based
>on Torsten Mann's work available here: www.ntsvcfg.de/ntsvcfg_eng.html
>
>I figure I'll play w/these resources for a bit. Maybe hop over to the
>firewall newsgroup and see what's up. If I can put together a decent
>argument for not needing a firewall, I'll post here.

Depends on your circumstances. Your header suggests you're a Windows
user but it doesn't tell me which version. I also don't know whether
or not you use wideband or dialup. I also don't know if you're a
single PC home user or if you use a LAN with multiple PCs.

I'll tell you that those German anti-firewall fanatics are dangerous
because they don't consider some crap that happens. Let's take a
simple case of a single PC home user of Win 98. It's a very simple
matter in that case to disable unwanted servers and thus close all
internet ports. What they don't tell you is that the Windows Update
(WU) Trojan will undo your work and leave you sitting there wide
open to take hits. So at least keep the install file of a software
firewall on backup so it can be installed immediately after installing
Windows and going online to the WU Trojan.

Not that I'm a sw fw fanatic. Quite to the contrary, I've seen too
many users take hits because their fw caused difficulties and they
went online without it for "just a short time".

The best bet for anyone is to invest in a external router/fw which is
"always there" and can be depended on to block unsolicited incoming.

Art

http://home.epix.net/~artnpeg

Art wrote:
> On Tue, 28 Mar 2006 23:22:18 GMT, Craig <netburgherAT@gmail.com>
> wrote:
>
>> So;
>>
>> I've loaded Comodo Personal Firewall v2.0. And you know what? My PC is
>> more secure, admin costs have gone down, my children respect their
>> teachers again and I no longer have dandruff.
>>
>> And I thought ZA was good.
>>
>> I'll write something up on CPFv2 soon but wanted to post this link
>> http://www.fefe.de/pffaq/. In essence, it says that personal firewalls
>> are not in the least bit necessary. And, in fact, we're rubes for using
>> them. It's the usual argument but got me to re-examine the whole s/w
>> firewall thing, yet again.
>>
>> Which leads me to dingens.org/index.html.en. This is a proggie that
>> renders NT-based OS' more secure by shutting down unneeded services.
>> The source code is available for anaylsis and the whole thing is based
>> on Torsten Mann's work available here: www.ntsvcfg.de/ntsvcfg_eng.html
>>
>> I figure I'll play w/these resources for a bit. Maybe hop over to the
>> firewall newsgroup and see what's up. If I can put together a decent
>> argument for not needing a firewall, I'll post here.
>
> Depends on your circumstances. Your header suggests you're a Windows
> user but it doesn't tell me which version. I also don't know whether
> or not you use wideband or dialup. I also don't know if you're a
> single PC home user or if you use a LAN with multiple PCs.
>
> I'll tell you that those German anti-firewall fanatics are dangerous
> because they don't consider some crap that happens. Let's take a
> simple case of a single PC home user of Win 98. It's a very simple
> matter in that case to disable unwanted servers and thus close all
> internet ports. What they don't tell you is that the Windows Update
> (WU) Trojan will undo your work and leave you sitting there wide
> open to take hits. So at least keep the install file of a software
> firewall on backup so it can be installed immediately after installing
> Windows and going online to the WU Trojan.
>
> Not that I'm a sw fw fanatic. Quite to the contrary, I've seen too
> many users take hits because their fw caused difficulties and they
> went online without it for "just a short time".
>
> The best bet for anyone is to invest in a external router/fw which is
> "always there" and can be depended on to block unsolicited incoming.
>
> Art
>
> http://home.epix.net/~artnpeg

McAfee firewall is the best. You wouldn't believe what tries to sneak
in on port 80.

> McAfee firewall is the best.
youre funnnnyyyyyyy

On Wed, 29 Mar 2006 10:39:09 +0800, "Dave Turner" <1@2.3> wrote:

>>> McAfee firewall is the best.
>>youre funnnnyyyyyyy
>>

and WAY off topic!!
--
The Seabat

Art <null@zilch.com> wrote in news:lukj22li6hrod6tog01ake6ucuv0k3f09a@
4ax.com:

> Your header suggests you're a Windows
> user but it doesn't tell me which version.

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12)
Gecko/20050915

From Craig's header, Windows NT 5.0 = Windows 2000

On Wed, 29 Mar 2006 06:10:13 GMT, bambam <97hk66302@sneakemail.com>
wrote:

>Art <null@zilch.com> wrote in news:lukj22li6hrod6tog01ake6ucuv0k3f09a@
>4ax.com:
>
>> Your header suggests you're a Windows
>> user but it doesn't tell me which version.
>
>User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12)
>Gecko/20050915
>
>From Craig's header, Windows NT 5.0 = Windows 2000

Yep, I overlooked that. He might be interested in my article on
"hardening" Win 2K here:

http://home.epix.net/~artnpeg/Win2KPro.html

On this OS, nothing really serious happened during a Windows
Update in my experience. But without a firewall of some sort, it
can be risky ... someone might install a service and not check
out the consquences, leaving some port open.

Art

http://home.epix.net/~artnpeg

Art wrote:
> On Tue, 28 Mar 2006 23:22:18 GMT, Craig <netburgherAT@gmail.com>
> wrote:
>
In another thread, I asked about a util to remove OE from W98SE.

IIRC, maybe over a year ago, you mentioned to me a program to do this. It worked fine
then. Can't find it now.

Do you recall what it was and a link?

TIA

Mike Sa

On Wed, 29 Mar 2006 08:13:13 -0800, ms <ms@nospam.com> wrote:

>Art wrote:
>> On Tue, 28 Mar 2006 23:22:18 GMT, Craig <netburgherAT@gmail.com>
>> wrote:
>>
>In another thread, I asked about a util to remove OE from W98SE.
>
>IIRC, maybe over a year ago, you mentioned to me a program to do this. It worked fine
>then. Can't find it now.
>
>Do you recall what it was and a link?

I already responded in a different thread. I never used any OE
remover, just IERadicator.

Art

http://home.epix.net/~artnpeg

Art wrote:
> On Tue, 28 Mar 2006 23:22:18 GMT, Craig <netburgherAT@gmail.com>
> wrote:
>
>
>>If I can put together a decent
>>argument for not needing a firewall, I'll post here.
>
>
> Depends on your circumstances.

Sorry 'bout that. Win5.0 on a LAN/router/firewall. Also on LAN: NAS, 3
other PC's, 2 printers. Connected to Internet via adsl.
>
> The best bet for anyone is to invest in a external router/fw which is
> "always there" and can be depended on to block unsolicited incoming.
>
> Art

Art;

Thanks for taking time to respond. Ya, as you see, I've the h/w
firewall. That's why I am even thinking about tossing the s/w firewall.
The other thing that's propelling me is fatigue.

I'm tired of having to place my faith in closed-source projects that
have to do with /security/, of all topics.

So, I appreciate the warning (ie dangerous Germans <g>) and the
reference to your article. If you have a resource to recommend which
discusses security wrt servers & ports in the context of Winderz and/or
*nix, I'd be much obliged.

-Craig