Firewall: Vista's inbuilt or something else

[n o s p a m p l e a s e]

I will soon have my new box loaded with Bill's Vista Home Premium. No
doubt Avast Home Edition is my preferred AV but regarding firewall I
am not sure whether I should keep Vista's default firewall or go in
for Comodo. I have heard Bill has improved inbuilt firewall in Vista.
What do you think will be the best choice?

 

[Translator English - French - Creole]

never trust windows period always choose something else, even if the
something else promises you to destroy your pc, trust me it's better than
what windows will do to it. i like mcafee but if you want comodo go right
ahead

--
Jonathan Perreault

Personnal Advice To You:
#1: Do Not Undermine Windows's Work, Or It'll Undermine You As A User.
#2: Torture Windows (Any) Now Before It Tortures You
#3: Windows Is Bad Enough In English, Why Get It In Another Language

Best Comments From Users:
No Matter The Problem Even With Linux, It's Microsoft's And Windows's Faults

A common mistake that people make when trying to design something completely
foolproof is to underestimate the ingenuity of complete fools.

 

[Spirit]

The Windows Firewall provides the security offered by any other software
firewall.
Some other firewalls might be easier to configure in very complex setups. If
you
need more security that Windows Firewall offers then get a hardware solution
and use Windows Firewall in conjuntion with the hardware.

 

[MICHAEL]

* n o s p a m p l e a s e:

I will soon have my new box loaded with Bill's Vista Home Premium. No
doubt Avast Home Edition is my preferred AV but regarding firewall I
am not sure whether I should keep Vista's default firewall or go in
for Comodo. I have heard Bill has improved inbuilt firewall in Vista.
What do you think will be the best choice?

Comodo's firewall is not Vista compatible.

Use a router with SPI and Vista's firewall.


-Michael

 

[Synapse Syndrome]

I will soon have my new box loaded with Bill's Vista Home Premium. No
doubt Avast Home Edition is my preferred AV but regarding firewall I
am not sure whether I should keep Vista's default firewall or go in
for Comodo. I have heard Bill has improved inbuilt firewall in Vista.
What do you think will be the best choice?

Vista's [or even XP's less advanced] and a NAT router is fine for me. I do
not understand the paranoia of people that always need to install third
party firewalls. I also only use the inbuilt firewall with Server 2003, as
well as the NAT router.

Yes, my IP address is in my X-Headers. Any hackers and welcome to have a
go!

ss.

 

[Mr. Arnold]

I will soon have my new box loaded with Bill's Vista Home Premium. No
doubt Avast Home Edition is my preferred AV but regarding firewall I
am not sure whether I should keep Vista's default firewall or go in
for Comodo. I have heard Bill has improved inbuilt firewall in Vista.
What do you think will be the best choice?

The Vista FW/packet filter complimented with IPsec. I have the AnalogX
rules enabled. Vista's FW along with IPsec is rock solid protection if the
machine is not behind a border device such as a router or FW appliance.

http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://support.microsoft.com/kb/813878
http://www.analogx.com/CONTENTS/articles/ipsec.htm
http://articles.techrepublic.com.com/5100-10877_11-6098592.html
http://www.vistahunt.com/windows-vista-two-way-firewall.html

 

[Leythos]

I will soon have my new box loaded with Bill's Vista Home Premium. No
doubt Avast Home Edition is my preferred AV but regarding firewall I
am not sure whether I should keep Vista's default firewall or go in
for Comodo. I have heard Bill has improved inbuilt firewall in Vista.
What do you think will be the best choice?

If you are a home user or very small business, then you want a NAT
Router as your first line of defense. This will block unsolicited
inbound connections to your PC.

Unless you allow guest computers or devices on your network, the windows
firewall is useless for the most part once you're behind a NAT device.

If you travel, make sure that you disable file/printer sharing and
almost every other network option when you leave your network. Windows
firewall may be enough while you travel as long as you've got all
patches, etc... You can buy small NAT travel routers if you want.

It's always best to stop the inbound at the border instead of the PC -
to many things allow/create exceptions in the firewall and you can screw
yourself if you don't pay close attention to them.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Leythos]

The Windows Firewall provides the security offered by any other software
firewall.

BULL CRAP - the windows firewall allows apps to configure it, most of
the other (third party) firewall applications don't. That makes them
MUCH better than the Windows Firewall.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Spirit]

I think your attitude is just about as wrong as your opinion is.... study up
a little
then speak....

 

[Leythos]

I think your attitude is just about as wrong as your opinion is.... study up
a little
then speak....

My job is to design secure installations for customers, private,
military, government, and none of them have been compromised in all
these years of following the ideal I posted.

It's that simple sonny - you can "think" you are right and that the
Windows firewall will protect you, but the fact is that most Windows
computers that are compromised have Windows Firewall enabled because
there is no reporting, no accounting, and users don't have any idea.

A simple NAT Router will protect you better than the Windows firewall.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Spirit]

Well I design Lans and Wans and have 20+ years experience with PC's
and even more with mainframes. And I did not say the Windows Firewall
was the end all of security. Specifically I said unless the questioner had
special needs the included firewall was as good as ANY software. If
more security is needed then a hardware solution should be looked at,
and NOT just a different software firewall.

And I don't think I am right, I know that I am right. It seems besides your
attitude your reading skills need a little work. Check my original message
to see your error.... an apology for your misunderstanding would be a class
act..... lets see...........

 

[Leythos]

Well I design Lans and Wans and have 20+ years experience with PC's
and even more with mainframes. And I did not say the Windows Firewall
was the end all of security. Specifically I said unless the questioner had
special needs the included firewall was as good as ANY software. If
more security is needed then a hardware solution should be looked at,
and NOT just a different software firewall.

And I don't think I am right, I know that I am right. It seems besides your
attitude your reading skills need a little work. Check my original message
to see your error.... an apology for your misunderstanding would be a class
act..... lets see..........

An apology for your lack of understand is not expected, based on your
lack of honor.

The windows firewall is crap, most always exposed by apps and vendors
that ship systems, and even exposed without the user having a clue.

Most third-party apps alert the user, have reporting/monitoring
functions, and while they are something that can be exploited (like
windows firewall) they offer better features and more chances for the
users to see if there is a problem than Windows Firewall does.

A hardware appliance IS needed with any home users network, even if it's
just 1 PC, it keeps the system safe while they start their systems,
while they rebuild them, while exploits in the OS are found and
repaired, etc.... The minimum should be a NAT Router, and with a NAT
router you have no need for the Windows firewall at all (in a home
setting).

So, again, the windows firewall is crap, has been crap, is easy to
exploit, provide little indication to the users....

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[NoStop]

An apology for your lack of understand is not expected, based on your
lack of honor.

The windows firewall is crap, most always exposed by apps and vendors
that ship systems, and even exposed without the user having a clue.

Most third-party apps alert the user, have reporting/monitoring
functions, and while they are something that can be exploited (like
windows firewall) they offer better features and more chances for the
users to see if there is a problem than Windows Firewall does.

A hardware appliance IS needed with any home users network, even if it's
just 1 PC, it keeps the system safe while they start their systems,
while they rebuild them, while exploits in the OS are found and
repaired, etc....

What a load of hogwash! A NAT router isn't going to do a fscking thing to
keep say XP SP1 safe! Even after SP2 is applied it is still vulnerable as
hell. Vista, the same. The prob is the MickeyMouse toy operating system.

Cheers.


--
Remove Vista Activation Completely ...
http://tinyurl.com/2w8qqo

Do you use Linux? Everytime you "google", you're using Linux.

Coming Soon! Ubuntu 7.10 ... New Features:
http://lunapark6.com/ubuntu-gutsy-gibbon-710-new-features.html

 

[The *Linux Pimp* Adam Albright]

What a load of hogwash! A NAT router isn't going to do a fscking thing to
keep say XP SP1 safe! Even after SP2 is applied it is still vulnerable as
hell. Vista, the same. The prob is the MickeyMouse toy operating system.

Cheers.

<You just proved to me that you are an ignorant fool, and you no more
know what you're talking about than the man a in the moon. The NAT
router's job is to stop unsolicited inbound traffic from reaching the
computer. A NAT router is an effective device that sits in front of the
machine. It doesn't matter if the O/S is MS, Linux or whatever. A NAT
router's job is NOT to protect an O/S. Its job is to protect a network
or single machine if that's the case from unsolicited inbound scans or
attacks from the Internet or to segregate or departmentalize networks in
a LAN environment.>

 

[dennis@home]

So, again, the windows firewall is crap, has been crap, is easy to
exploit, provide little indication to the users....

All software firewalls are cr@p.
The only military that would rely on them would be the salvation army so I
hope none of the stuff you have designed relies on them.
Application proxies are far better if you already know what you are going to
let your users do.

 

[Frank]

What a load of hogwash! A NAT router isn't going to do a fscking thing to
keep say XP SP1 safe! Even after SP2 is applied it is still vulnerable as
hell. Vista, the same. The prob is the MickeyMouse toy operating system.

Cheers.

You're so full of sh*t doris that your stench is starting to come thru
the Internet.
Frank

 

[Leythos]

What a load of hogwash! A NAT router isn't going to do a fscking thing to
keep say XP SP1 safe! Even after SP2 is applied it is still vulnerable as
hell. Vista, the same. The prob is the MickeyMouse toy operating system.

Nospam, what your comment shows is your ignorance of networking and
security and that you don't understand the threat base.

A NAT router WILL PROTECT users from the internet, more than Windows or
any installed firewall application - it will STOP UNSOLICITED TRAFFIC
BEFORE IT REACHES THE PC - that means that thing like the SQL Slammer
can't reach the PC to exploit the MSDE installed by MS Office Prof on
machines where the user doesn't know about it - in fact, most IP based
exploits are rendered useless.

I've personally had thousands of Windows systems all over the country,
behind a proper firewall solution, and even in India, and not a single
compromise, and that's not counting the hundreds of Windows based web
servers that we've managed without compromise....

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Spirit]

Well I pity your customers.... I bet they have to repeat themselves over and
over.....
The question was mostly about SOFTWARE firewalls and not only did I answer
it, I suggested the possible need for a hardware solution. Your rudeness is
definitely
a highpoint for you,,, enjoy.

 

[Leythos]

Well I pity your customers.... I bet they have to repeat themselves over and
over.....
The question was mostly about SOFTWARE firewalls and not only did I answer
it, I suggested the possible need for a hardware solution. Your rudeness is
definitely
a highpoint for you,,, enjoy.

Yea, I see, you reply in a snotty, childish manner and when you get it
back you act like you didn't do it.

FACT: A software firewall is always bad when the users control it on the
same machine that they use for work.

FACT: A simple NAT router provides MORE protection than Windows firewall
even things about providing and does it better and with less chance of
the user screwing ANYTHING up, not to mention that it lessens the load
on the computer.

FACT: Firewalls running on workstations that are also used by users are
not certified by any testing authority.

FACT: You can dispute it all you want, but you would be wrong.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Spirit]

Check your 1st message for "snotty behavior" and you are
preaching to the choir without bothering to read the sermon.

LOL