Loss of HTTP connectivity going out

[the wharf rat]

A firewall must have at least two network interfaces. One interface must

If the computer was running a host based firewall, then the computer
would have two network interface cards in it with one facing the WAN and

Ummm, well. that's...wrong... If you run a host based packet
filter like iptables or windows firewall you've certainly got a firewall.
One interface isn't a nic, though, it's the API to the operating system.

To be pedantic, the network boundary is located AT the lan
interface rather than "between" two interfaces.

Now what you DON'T have is a robust security architecture but
that's another discussion

 

[Jim]

Sorry, I haven't been monitoring the thread and just now saw
your question.

It's now three weeks since uninstalling Zonealarm and the http
connections are still up. I'm getting more and more convinced
that Zonealarm was the problem. I'm very sure we've never gone
three weeks before without loss of HTTP connectivity.

As to firewalls, I have two. There is a firewall in the WiFi
router that my wife connects through to the Internet, and there
is the built-in Windows firewall.

Neither one provides the protection that Zonealarm provided
against malware on the computer connecting outward, but they
do provide good protection against incoming threats - which
are the most dangerous I think.

Alan

I use Comodo Pro ( free ) which gives outbound protection .

 

[Planters]

Ummm, well. that's...wrong... If you run a host based packet
filter like iptables or windows firewall you've certainly got a firewall.
One interface isn't a nic, though, it's the API to the operating system.

You can call it anything you want, something like ZA or even Windows
firewall are just packet filters, and they are not firewall technology,
in the traditional sense. And NIC(s) allow traffic to and from the
device such as a computer connected to a network.

To be pedantic, the network boundary is located AT the lan
interface rather than "between" two interfaces.

I disagree.

Now what you DON'T have is a robust security architecture but
that's another discussion

What is being talked about is firewall technology, and ZA and Windows FW
are just packet filters not firewalls, which again you can call them
anything you like. I won't, and they are just packet filters protecting
the machine at the machine level.

 

[the wharf rat]

You can call it anything you want, something like ZA or even Windows
firewall are just packet filters, and they are not firewall technology,

Sure they are. In fact, I just checked the Big Yellow Book
and on page 467 it specifically discusses host-based or "personal"
firewalls as part of a defense-in-depth security architecture. So
there. lol

Why ISN'T a host based packet filter a firewall? There's
no reason even a hardware firewall needs two interfaces. Look at
Sonicwall for instance.

What is being talked about is firewall technology, and ZA and Windows FW
are just packet filters not firewalls, which again you can call them
anything you like. I won't, and they are just packet filters protecting
the machine at the machine level.

Oh, horseshit. What's a PIX? Just a packet filter... With
a clumsy CLI to boot

 

[Planters]

Sure they are. In fact, I just checked the Big Yellow Book
and on page 467 it specifically discusses host-based or "personal"
firewalls as part of a defense-in-depth security architecture. So
there. lol

Your definition of a firewall and my definition of a firewall do not
concur and they never will.

http://www.more.net/technical/netserv/tcpip/firewalls/

Why ISN'T a host based packet filter a firewall? There's
no reason even a hardware firewall needs two interfaces. Look at
Sonicwall for instance.

It's because of the definition of what a firewall is whether it be
hardware based or software based solution and what your definition is
really doesn't count to me.

Oh, horseshit. What's a PIX? Just a packet filter... With
a clumsy CLI to boot

Was there a need for you to cuss? I have never liked or respected you in
the first place.

Therefore, don't bother to post again as I will not be reading it or
responding to you.

You should have been locked-up at birth.

 

[the wharf rat]

http://www.more.net/technical/netserv/tcpip/firewalls/

Oh, I see. This part *definitely* rules out a host based
solution as a firewall:

"There is no single agreed-upon definition for a network firewall.
In recent years, many definitions have been developed and used."

And this part just puts the final nail in the coffin:

"Firewalls can be composed of a single router, multiple routers,
a single host system or multiple hosts running firewall software, hardware
appliances specifically designed to provide firewall services, or any
combination thereof. They vary greatly in design, functionality, architecture,
and cost."

Look, if you're hung up on the "trusted/untrusted network" stuff
think of it this way: for a host based firewall the trusted network is
the.local.host.ip/255.255.255.255 and the untrusted network is *everything*
*else*.


Gotta learn to see the forest through all those trees, pal.

what your definition is really doesn't count to me.

It's not *my* definition. It's Tipton & Henry's definition.

Was there a need for you to cuss? I have never liked or respected you in
the first place.

Now I'm hurt.

Oh, excuse me, I meant "now I'm ****ing hurt".

You should have been locked-up at birth.

Why? Because I actually know something about what I'm talking
about? May Ghu, the great, preserve me from know it all 15 year olds.

 

[Addison Steele]

the wharf rat wrote:

Was there a need for you to cuss? I have never liked or respected you in
the first place.

GEEZ! You're complaining about CUSSING? YOU?

BWAAAAAAAAAAAAAAAAHAHAHAHAHAHAHAHAHAHAHAHAHA!!!!

Some of the most vile, disgusting language I've ever SEEN in a public
newsgroup has come from you!

 

[Planters]

GEEZ! You're complaining about CUSSING? YOU?

BWAAAAAAAAAAAAAAAAHAHAHAHAHAHAHAHAHAHAHAHAHA!!!!

Some of the most vile, disgusting language I've ever SEEN in a public
newsgroup has come from you!

Shut-up and die while you're at it.

 

[Planters]

GEEZ! You're complaining about CUSSING? YOU?

BWAAAAAAAAAAAAAAAAHAHAHAHAHAHAHAHAHAHAHAHAHA!!!!

Some of the most vile, disgusting language I've ever SEEN in a public
newsgroup has come from you!

This is not a public place you moron. It's the Internet you moron
cyber-space. It doesn't count a thing.

 

[+Bob+]

This is not a public place you moron. It's the Internet you moron
cyber-space. It doesn't count a thing.

He wrote "public newsgroup". Which part of that phrase do you have
difficulty comprehending?

Perhaps if you were paying attention in your Jr. High classes you'd
have better reading comprehension skills.