Firewall Necessity

[Spiderman]

I have a wireless local network connecting 2 PC's and sharing a broadband
connection. The host is running Windows XP...the other PC is running Windows
ME. When I turn on the XP built-in firewall on the broadband NIC, the other
PC loses it's shared Internet connection. Without the firewall on the NIC,
the internet connection is shared just fine. My real question is: is a
firewall REALLY necessary? I already run anti-virus, what REAL protection
does a firewall provide? I never used one prior to XP...and never had a
problem, besides it slows down the connection. Just curious what the experts
think...

 

[Jym]

Ask the people who go infected with the blaster worm if they turn their
firewall on now. Jym

 

[Joshua Sparks]

I think that one point should be made here. Although XP does come with a
firewall for Network Connections, I also use another firewall for added
protection. Is this doubling up really necessary? I'm perfectly willing to
give up a bit of bandwidth speed for the assurance of knowing that my
machine is protected.

 

[Guest]

I have the same question as you. I had a firewall and was still infected by the blaster worm and welchia. It was enabled too. The firewall causes way too many problems. Good luck and maybe someone can convince us the necessity of a firewall even if you have an anti-virus program installed
Stylint

----- Jym wrote: ----

Ask the people who go infected with the blaster worm if they turn thei
firewall on now. Jy

 

[Spiderman]

Wouldn't an anti-virus program such as Norton detected the blaster worm b4
it could even get installed?

 

[Spiderman]

What does it actually protect against though? I know that it prevents access
to certain TCP/IP ports...but why does that matter if your PC is virus free?
Can you give me some examples of the types of damage that can be done to a
virus-free PC that a firewall can prevent? I've done lots of research and
really can't find the answer.

 

[Bruce Chambers]

Greetings --

Given today's widely-publicized and well-known hostile Internet
environment, only a fool or a masochist would go on-line without both
a firewall and antivirus protection. People really shouldn't need to
be told to use a firewall, no more than they should need to be told
not to stick their hands into an open flame.


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Bruce Chambers]

Greetings --

Antivirus applications can only protect a computer from known
threats. When something new comes along, it often takes the antivirus
companies days to provide a solution. NAV, for example, did not
provide protection from Blaster until well after several hundred
machines had been infected.

Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Bruce Chambers]

Greetings --

WinXP's built-in firewall, in particular, is not designed to be
used on internal LAN connections. The _only_ connection on which you
should have ICF enabled is the direct connection to the Internet.

Internet Firewalls Can Prevent Browsing and File Sharing
http://support.microsoft.com/default.aspx?scid=kb;EN-US;298804


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Bruce Chambers]

Greetings --

WinXP's built-in firewall is fine at stopping incoming attacks, and
hiding your ports from probes. It doesn't give you any alarms to tell
you that it is working, though. What WinXP also does not do, is
protect you from any Trojans or spyware that you might download and
install inadvertently. It doesn't monitor out-going traffic at all,
much less block (or at least ask you about) the bad or the
questionable out-going packets.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even Symantec's Norton
Personal Firewall is superior by far, although it does take a heavier
toll of system performance then do ZoneAlarm or Sygate. It's been
several years since I've been tempted to try McAfee products. Their
quality seemed to take a steep nose-dive after they were acquired by
Network Associates.

But, no, you shouldn't run both firewalls. Running two or more
software firewalls simultaneously is unnecessary and can sometimes
cause conflicts, possibly negating the protection of both. In any
event, having two firewalls running simultaneously is most certainly
an unnecessary drain on system resources.


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Spiderman]

It WAS only on the direction internet connection...and that's when the LAN
pc won't browse.

 

[Spiderman]

How did those PC's get infected in the first place? And how would a firewall
have prevented it since it was most likely a result of user error (i.e.
opening a file attachment). Sure, the firewall might limit the damage AFTER
the infection...but if you keep your PC virus-free (which I always do), then
what's the point? I've been online for over 10 years and have never been
infected by a virus, mainly due to the fact I don't open unknown attachments
or programs. I guess I'll never find the answer as to why we really need a
firewall....just like we'll never know why invading Iraq will stop terrorism

 

[Tom]

Is a firewall really necessary ? Let's take a comparison. When you fly, one
person controls your ticket, another check if you have a bomb in your
pocket. The first one is the firewall, he controls if you can access the PC,
while the second one is the antivirus and controls if you have a virus in
your pocket. A little bit oversimplified but I hope this could help you to
understand why you need both protections.

Tom

 

[Jym]

You have all these companies selling antivirus software around the world to
companies and individuals . It's a multi-million dollar business. Are we all
stupid and paying for something that is unnecessary ? Jym

I have the same question as you. I had a firewall and was still infected

by the blaster worm and welchia. It was enabled too. The firewall causes way
too many problems. Good luck and maybe someone can convince us the necessity
of a firewall even if you have an anti-virus program installed.

 

[jch]

Is a firewall really necessary ? Let's take a comparison. When you fly, one
person controls your ticket, another check if you have a bomb in your
pocket. The first one is the firewall, he controls if you can access the PC,
while the second one is the antivirus and controls if you have a virus in
your pocket. A little bit oversimplified but I hope this could help you to
understand why you need both protections.

Tom

Let's see a ticket in one pocket and bomb in my other pocket or is that a
virus. Yep. Clear as mud.

My 2 cents:
Day-zero attacks can't be stopped by an AV program which hasn't been updated
to stop the new virus. Only safe computing will save you there. A firewall
won't stop a virus from installing on your machine. It will stop external
attacks and attempts internally to secretly go out on the net thus
minimizing damage after a virus enters your PC and installs itself. I don't
use a firewall - just a NAT router, AV program and I run Ad-Aware a couple
of times a week. I can't imagine why you need more than that.

 

[Jupiter Jones [MVP]]

If you got Blaster.
Your firewall was ineffective.
Whether it was disabled or broken I do not know.
A properly configured firewall stops Blaster as well as many others
that anti virus is not designed to stop.
You also did not have the computer properly patched.
A Critical Update released a few weeks before Blaster appeared
protected computers from Blaster.
That is two problems with the security of your computer.
Whether you recognized them or not, the problems were there.
What else is missing:
http://www3.telus.net/dandemar/security.htm

--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar/

I have the same question as you. I had a firewall and was still

infected by the blaster worm and welchia. It was enabled too. The
firewall causes way too many problems. Good luck and maybe someone can
convince us the necessity of a firewall even if you have an anti-virus
program installed.

 

[Jupiter Jones [MVP]]

You are living in the past.
What worked a few years ago explains all to well why so many now get
infected.
The crooks who create this junk have adapted to the changing
technology and so must we if we desire to own our computers.
Otherwise the crooks will own the computers.

Blaster has nothing to do with attachments.
Blaster is on infected computers searching for an unprotected
computer.
That is why many times someone posts thinking Windows XP had Blaster
from the factory.
Within seconds of connecting the network cable (no surfing necessary)
Blaster comes to the unprotected computer and the computer is infected
before you have time to enable the firewall.
This is a very common scenario.

Antivirus is no longer enough:
http://www3.telus.net/dandemar/security.htm

 

[Spiderman]

However, as soon as these bugs are found Microsoft issues a security fix
which is automatically installed by Windows anyway (if so configured). Not
to mention, the firewalls themselves can have bugs that are abused by the
crooks...not to mention unintentional bugs that "screw up" your system (such
as with my ICS problem). Anyway, your logic sounds similar to George
Junior's for invading Iraq...and I just don't get it. I think I'll keep the
firewall (and paranoia) down, and trust that the "evil doers" will be dealt
with by the proper authorities!

 

[Spiderman]

Doesn't make sense...how can someone "access" (as you put it) your PC if it
doesn't have a firewall. Wouldn't your PC need to be running services that
allow that kind of access, namely, viruses and user-error mistakes? I guess
it just seems like the perception is being sold that not running a firewall
is the equivalent of leaving your doors open....but the way I see it is,
it's more like the shades on the window aren't closed...so what if some
strangers can look in and see you bent over picking up fruit loops? Can
anyone give me an actual example of an outside attack on a non-virus
infected PC that causes ACTUAL damage or theft to the PC...and how that
damage/theft would have been prevented by a firewall? Please, an actual
technical example is preferred, no "Bush style" terror progaganda

 

[Spiderman]

However, if you installed the Critical Update (which should be done
automatically if so configured) then you would have been protected and
didn't need the firewall anyway...so again I ask, why are millions of
computers wastings millions of computer-hours running firewall programs when
they could be running something like SETI@Home or a cancer-curing program.
Seems like a waste of computation to me....