Firewall

[Plato]

I have seen many posts of users running multiple AV and firewall products.

so?

 

[Fuzzy Logic]

I certainly don't recommend relying on technology instead of your head.
For those who have the experience and skills to know what they're doing,
using your head to protect you is an extremely valuable thing to do.

But the opposite--relying solely on your head and not using
technological tools available to you--is even more dangerous. That's for
two reasons:

1. The vast majority of computer users have nowhere near the skill and
experience to protect themselves without technological skills, and they
never will. They flat out *need* these tools; without them, they are
guaranteed to get themselves into trouble. Giving advice to the general
public not to use such tools is just irresponsible.

2. There is a very small minority of users who may be able to protect
themselves without software tools. But, to repeat myself, even for them,
relying on their heads to protect them is nothing short of
foolhardy.First, such reliance is completely unnecessary; the software
tools are easily accessible, easy to use, and in many cases free.
Second, and most important, no matter how careful we are, how smart we
are, or how much we know we are imperfect. It's *always" possible to
slip up when you're tired after a long hard day at the office, when
you've just had an argument with your spouse, when you've had a little
too much wine with dinner, etc. Or even when none of those are true.

Education goes much farther than some tool that the user also doesn't
understand (but they've heard they should have it).

Give a man a fish; you have fed him for today.
Teach a man to fish; and you have fed him for a lifetime
-Author unknown

I would argue that an uneducated user are just as likely to get into
trouble with the tools installed (maybe even more so because they now
think they are safe) as they would be without them.

One of my favourite cartoons (permission granted from author to use):

http://www.arc.ab.ca/staff/erkamp/security.jpg

We are telling people they need a firewall, AV software, ant-spyware
software, etc. but not telling them the whole story. I believe we are
doing a great disservice by not teaching them the basics FIRST.

The basics are:

Keep your software up to date
Avoid untrusted web sites (porn, hacker or cracked software sites)
Don't open unsolicited attachments
Don't say yes to something you don't understand (or as Nancy says...Just
Say NO).

It's not that hard....really!

I realize I'm being a bit facetious but only a bit.

 

[Ken Blake, MVP]

We are telling people they need a firewall, AV software, ant-spyware
software, etc. but not telling them the whole story. I believe we are
doing a great disservice by not teaching them the basics FIRST.

The basics are:

Keep your software up to date
Avoid untrusted web sites (porn, hacker or cracked software sites)
Don't open unsolicited attachments
Don't say yes to something you don't understand (or as Nancy
says...Just Say NO).

It's not that hard....really!

I realize I'm being a bit facetious but only a bit.

I have no quarrel with your basics. I agree with them. My only disagreement
is that it's foolhardy to rely on them alone. Just as it's wrong to rely
solely on software, it's wrong to rely solely on what you call the "basics."

 

[Dusty]

This is where the madness begins. Why just one free firewall..surely two
will be better...the same for AV software, spyware blockers etc. Not only
are you adding another level of complexity but new software that must be
maintained and may introduce new vulnerabilities.

How do you block access to your open ports then? By your reasoning all I
have to do is be sensible about opening email and keep my system clean and
maintained. But zonealarm blocks at least 8 or 10 attempts to probe ports
every day.
Dusty

 

[Fuzzy Logic]

How do you block access to your open ports then? By your reasoning all I
have to do is be sensible about opening email and keep my system clean and
maintained. But zonealarm blocks at least 8 or 10 attempts to probe ports
every day.
Dusty

My original reply was to the Windows 98 newsgroup. Windows 98 by default has
no open ports. As for XP you should disable all unnecessary services and use
the built in firewall. Probing ports and getting access to your machine are
two different things.