firewall on budget ?

[Frank McCoy]

In alt.comp.hardware.pc-homebuilt "(e-mail address removed)"

you use forte free agent? where's the option in it to do that?
does it do it in plain text too? (though opening it in forte is cool
enough)

Groups -> Default Properties -> When to purge
Set both read and unread messages to:
Without bodies: When message is no longer available
With bodies: Never
Groups -> Default Properties -> What to purge
Clear all check-boxes under "When to purge" and "When to compact
databases" (Do your compacting manually. When files get big, it can
take a LONG time.)
Set the checkbox saying, "Ask before purging, compacting, or emptying
trash"

how many years have you done?!

About nine years, since 1998.
I LOST about five years before I realized Agent (or FreeAgent) was
tossing stuff more than so old. DAMN ;-{

I also lost somewhere between three and six months of stuff when a disk
crashed and my last backup had been months earlier. My own bloody
fault, but ....

I still weep sometimes about lost things.
A lot of the stuff I lost before '98 was stuff Google (then DejaNews)
hadn't started archiving. Damn, again.

Yes, I only archive TEXT; and I *do* delete anything I consider SPAM.

Even so, some of my archives go over 4 gigabytes (maximum file size) so
I have to save them off in separate directories to be accessed
separately. An annoyance; but I don't need things more than four years
old very often.

 

[Straight Talk]

Funny thing is that I mentioned it because of the poor ability of
Windows Firewall to protect users in the default mode that MS installs
users/windows on systems.

Funny thing is that I mentioned it because it's the cheapest, already in
place on most areas, method to implement to get the most protection
against one of the largest problems with Windows systems.

Talking about going 'round in circles....

 

[jameshanley39]

I think it gets a bit confusing if the same thread is in different
groups but the contents is a bit different. It means that if somebody
wants to see all the posts in the thread it's almost impossible.

If you really don't want to discuss this in csf as well as here, and
you only want to discuss it here, and I see why, then I'm happy to
start a new thread here, in
microsoft.public.windowsxp.security_admin.

I think that would satisfy both our sensibilities.

I might make a post there to say that we agreed that this subtopic/
outgrowth of the thread, is being discussed in a new thread of a
different name in microsoft.public.windowsxp.security_admin..

is that ok with you?

No.

Usenet 101:
- If you start a topic, start it in exactly ONE group (the one that is
most appropriate for the subject).
- If for some (good) reason you feel that a subject is on-topic in more
than one group, crosspost the OP to all of these groups, but set a
followup to ONE group (the one that is most appropriate for the
subject).
- Do not break a thread to start a new one about the same topic in
another (or the same) group.
- See also [1,2].

That way everyone will be able to follow the discussion, and it won't be
scattered across several groups or hierarchies.

[1]http://catb.org/~esr/faqs/smart-questions.html
[2]http://www.rfc-editor.org/rfc/rfc1855.txt

And because this is utterly off-topic here: f'up2poster (in case you're
not familiar with this: it's a request to do any further discussion in
private, by mail).

As I said. Your way makes it almost impossible for those that follow
the discussion by reading all posts in a thread.

I'd rather everybody benefits directly.
I could do private email, then post any solutions to the group

 

[jameshanley39]

And even at home I sit behind $4000 of firewall and security measures,
just like the secure networks I design. Having used and designed systems
for 30 years I've never once been compromised on any network that I've
maintained, not once.

We're talking about the ignorant masses, the ones that don't want a
clue, the ones that think that P2P software has no issues, the ones that
have never looked at the Windows Firewall panel for Exceptions, the ones
that think CD/USB drives, DVD/PDA/Cell, etc.. are not a threat to their
computers....

if alot of the advice you give here is for the ignorant masses, then
techie people reading comp.security.firewalls , following your
solutions, will have the solutions of the ignorant masses.

 

[Leythos]

if alot of the advice you give here is for the ignorant masses, then
techie people reading comp.security.firewalls , following your
solutions, will have the solutions of the ignorant masses.

Don't know much about Usenet do you?

In Usenet, since MS provided an easy, although broken means to access it
by the ignorant masses, you never really know who or the technical level
of who is asking questions or their level of experience. Unless the OP
explains in great detail about the problem and other information, you
generally need to start at the lower level and work your way up with
them.

In the case of a "Firewall on a Budget" subject, this would have been
posted by someone not very experienced with firewalls and someone that
was just starting to learn - in most cases.

Techie people often think they know a lot, but the good ones know they
don't know everything and will still read posts in order to see if they
might have missed something that could benefit them also. A techie
person will not follow advice that does not help them.

Since most techie people already have a firewall appliance or a NAT
appliance, they already have the solution for the ignorant masses, they
know what they can do with a NAT router, they know that they can, in
most cases, block outbound traffic, etc...

One last thing, I think it's rude to redirect a thread by setting the
Follow-Up to another group when the thread clearly is on-topic in the
groups it started with.

So, again, as we've all seen, the windows firewall is almost worthless
in the hands of the ignorant - we see them running as local admins,
installing software that puts holes in it, running p2p programs that put
holes in it, using File/Printer sharing on a single computer network,
disabling it when the install software tells them to disable it, not
even running with antivirus software in some cases - oh, and the pop-up
that tells them they are infected and to download this xxx program to
clean their system.....

ISP's have taken some small steps, like blocking outbound SMTP except
through their mail servers, blocking inbound SMTP/HTTP to their dynamic
networks, etc... it could be a lot better and it would be free.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Ansgar -59cobalt- Wiechers]

Usenet 101:
- If you start a topic, start it in exactly ONE group (the one that is
most appropriate for the subject).
- If for some (good) reason you feel that a subject is on-topic in more
than one group, crosspost the OP to all of these groups, but set a
followup to ONE group (the one that is most appropriate for the
subject).
- Do not break a thread to start a new one about the same topic in
another (or the same) group.
- See also [1,2].

That way everyone will be able to follow the discussion, and it won't be
scattered across several groups or hierarchies.

[1]http://catb.org/~esr/faqs/smart-questions.html
[2]http://www.rfc-editor.org/rfc/rfc1855.txt

And because this is utterly off-topic here: f'up2poster (in case you're
not familiar with this: it's a request to do any further discussion in
private, by mail).

As I said. Your way makes it almost impossible for those that follow
the discussion by reading all posts in a thread.

I'd rather everybody benefits directly.
I could do private email, then post any solutions to the group

*plonk*

cu
59cobalt

 

[jameshanley39]

A net of bots.


Most bots dial in themselves to receive commands from the controller.
NAT won't stop that.

that's what i said, but without words like 'dial in' (this isn't about
dial up). I know what you mean there.

Leythos didn't claim that NAT blocks all attacks.

you mentioned DDOS at the NAT device, (which i think leythos said
wouldn't affect the LAN part of it)

and you mentioned botnets, and one could mention other malicious
clients.

And leythos has mentioned some that it would block. I've seen for
myself a comp compromised to be a malicious smtp server.

The windows firewall blocks incoming but is easily compromised. A NAT
router blocks incoming but isn't so easily compromised. one could use
both.

do you have an argument against that?

 

[Guest]

comodo

 

[jameshanley39]

Don't know much about Usenet do you?

In Usenet, since MS provided an easy, although broken means to access
it by the ignorant masses, you never really know who or the technical
level of who is asking questions or their level of experience. Unless
the OP explains in great detail about the problem and other
information, you generally need to start at the lower level and work
your way up with them.

In the case of a "Firewall on a Budget" subject, this would have been
posted by someone not very experienced with firewalls and someone
that was just starting to learn - in most cases.

But in usenet, you don't write for just one person.

Techie people often think they know a lot, but the good ones know
they don't know everything and will still read posts in order to see
if they might have missed something that could benefit them also. A
techie person will not follow advice that does not help them.

Techie people like to know what the options are.

Maybe one other option will be of interest, maybe many will.

Since most techie people already have a firewall appliance or a NAT
appliance, they already have the solution for the ignorant masses,
they know what they can do with a NAT router, they know that they
can, in most cases, block outbound traffic, etc...

So now a firewall appliance is for the ignorant masses. I was of the
impression that maybe, when you wrote of a watchguard firewall
appliance, you had a higher view of it. What is your option above that?


I figured you're a techie that likes firewall appliances, since that's
the solution you write about, that and NAT Routers. I'm suprised you
called a firewall appliance a solution for the ignorant masses! You're
probably the person that made the term 'firewall appliance' popular in
this newsgroup.

I think, if one has servers, then your description of that firewall
appliance seems quite good.. means one can setup a (real) DMZ, and so
on. More appropriate than a mere NAT Router. i'd like to know what
other options are.. Then maybe people can judge if they'd be useful, it
may even inspire people to do something more interesting that makes use
of them.

One last thing, I think it's rude to redirect a thread by setting the
Follow-Up to another group when the thread clearly is on-topic in the
groups it started with.

I didn't do that.

So, again, as we've all seen, the windows firewall is almost
worthless in the hands of the ignorant - we see them running as local
admins, installing software that puts holes in it, running p2p
programs that put holes in it, using File/Printer sharing on a single
computer network, disabling it when the install software tells them
to disable it, not even running with antivirus software in some cases
- oh, and the pop-up that tells them they are infected and to
download this xxx program to clean their system.....

Well, typical end users call somebody to fix it. We know end users are
computer stupid. Most techies give them a NAT Router. And give
themselves a NAT Router, it's like 'the solution'. People have NAT
Routers without even knowing what the box is. They get broadband, they
get one.

Programs like ZA (people here seem to call them PFWs - i don't know who
coined that one). They also cause problems to end users that can't
google. Anti Virus software causes huge problems to end users that
can't search for free ones, small ones. And pay and find their computer
slowed down as norton or mcafee scans in the background. Anything can
cause a problem for end users. Even a person on the radio telling them
to get a virus checker. They do it themselves and they can install a
malicious program. And even malicious so-called anti-spyware
software. You shouldn't just be writing for end users. THere are many
people reading, many techies, or aspiring techies, people looking to
increase their knowledge.

ISP's have taken some small steps, like blocking outbound SMTP except
through their mail servers,

yep
and it'd save users from getting EMs from their ISP that they could be
DC'ed(disconnected), and save people from getting SPAM from those users.

 

[Leythos]

So now a firewall appliance is for the ignorant masses. I was of the
impression that maybe, when you wrote of a watchguard firewall
appliance, you had a higher view of it. What is your option above that?

Are you going to play games like this?

Do know full well what I've been talking about this entire thread, it
was not and is not directed at the tech/security types, and no one
reading the subject would think it was about upper level information.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Mr. Arnold]

Are you going to play games like this?

Yeah, the person is going to do just that, because it's a troll.

 

[Leythos]

Yeah, the person is going to do just that, because it's a troll.

Yep, sad to say, but that's the way it looks.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Guest]

Try this one
http://www.sunbelt-software.com/Home-Home-Office/Sunbelt-Personal-Firewall/

 

[Guest]

Try this one
http://www.sunbelt-software.com/Home-Home-Office/Sunbelt-Personal-Firewall/

 

[jameshanley39]

Are you going to play games like this?

Do know full well what I've been talking about this entire thread, it
was not and is not directed at the tech/security types, and no one
reading the subject ould think it was about upper level information.

I didn't just have in mind what you wrote in this thread. But anyhow.

I'm asking you then.

What you suggest that is directed at the tech/security types?

 

[Leythos]

I didn't just have in mind what you wrote in this thread. But anyhow.

I'm asking you then.

What you suggest that is directed at the tech/security types?

State a specific question, listing what you want to know, in detail that
a "techie" would and I'll answer it.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[jameshanley39]

State a specific question, listing what you want to know, in detail
that a "techie" would and I'll answer it.

well, i'm interested in an example of what you would consider a
techie's configuration.

I could give you some suggestions, but i'm sure yours are better than
mine. He's a techie, he may run an open web server, an open ftp
server, and he may want to access his computer himself with VNC.
Is that person one of the ignorant masses that you think should use a
NAT Router or Watchguard firewall appliance? Maybe to you, that person
is not a technical person.

I'm interested in an example of what you would call the configuration
of a technical person. Of course, people are different. I'm just asking
for an example.

You've given 2 examples of solutions for the ignorant masses.








--

 

[Leythos]

well, i'm interested in an example of what you would consider a
techie's configuration.

I could give you some suggestions, but i'm sure yours are better than
mine. He's a techie, he may run an open web server, an open ftp
server, and he may want to access his computer himself with VNC.
Is that person one of the ignorant masses that you think should use a
NAT Router or Watchguard firewall appliance? Maybe to you, that person
is not a technical person.

I'm interested in an example of what you would call the configuration
of a technical person. Of course, people are different. I'm just asking
for an example.

You've given 2 examples of solutions for the ignorant masses.

I've set the follow-up to comp.security.firewalls since the other groups
don't really fall into this - post your question in a thread in that
group, under a new subject, and I'm sure myself and others will answer
it.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)