s/w firewalls...something better?

[Craig]

So;

I've loaded Comodo Personal Firewall v2.0. And you know what? My PC is
more secure, admin costs have gone down, my children respect their
teachers again and I no longer have dandruff.

And I thought ZA was good.

I'll write something up on CPFv2 soon but wanted to post this link
http://www.fefe.de/pffaq/. In essence, it says that personal firewalls
are not in the least bit necessary. And, in fact, we're rubes for using
them. It's the usual argument but got me to re-examine the whole s/w
firewall thing, yet again.

Which leads me to dingens.org/index.html.en. This is a proggie that
renders NT-based OS' more secure by shutting down unneeded services.
The source code is available for anaylsis and the whole thing is based
on Torsten Mann's work available here: www.ntsvcfg.de/ntsvcfg_eng.html

I figure I'll play w/these resources for a bit. Maybe hop over to the
firewall newsgroup and see what's up. If I can put together a decent
argument for not needing a firewall, I'll post here.

fwiw,
-Craig

 

[Art]

So;

I've loaded Comodo Personal Firewall v2.0. And you know what? My PC is
more secure, admin costs have gone down, my children respect their
teachers again and I no longer have dandruff.

And I thought ZA was good.

I'll write something up on CPFv2 soon but wanted to post this link
http://www.fefe.de/pffaq/. In essence, it says that personal firewalls
are not in the least bit necessary. And, in fact, we're rubes for using
them. It's the usual argument but got me to re-examine the whole s/w
firewall thing, yet again.

Which leads me to dingens.org/index.html.en. This is a proggie that
renders NT-based OS' more secure by shutting down unneeded services.
The source code is available for anaylsis and the whole thing is based
on Torsten Mann's work available here: www.ntsvcfg.de/ntsvcfg_eng.html

I figure I'll play w/these resources for a bit. Maybe hop over to the
firewall newsgroup and see what's up. If I can put together a decent
argument for not needing a firewall, I'll post here.

Depends on your circumstances. Your header suggests you're a Windows
user but it doesn't tell me which version. I also don't know whether
or not you use wideband or dialup. I also don't know if you're a
single PC home user or if you use a LAN with multiple PCs.

I'll tell you that those German anti-firewall fanatics are dangerous
because they don't consider some crap that happens. Let's take a
simple case of a single PC home user of Win 98. It's a very simple
matter in that case to disable unwanted servers and thus close all
internet ports. What they don't tell you is that the Windows Update
(WU) Trojan will undo your work and leave you sitting there wide
open to take hits. So at least keep the install file of a software
firewall on backup so it can be installed immediately after installing
Windows and going online to the WU Trojan.

Not that I'm a sw fw fanatic. Quite to the contrary, I've seen too
many users take hits because their fw caused difficulties and they
went online without it for "just a short time".

The best bet for anyone is to invest in a external router/fw which is
"always there" and can be depended on to block unsolicited incoming.

Art

http://home.epix.net/~artnpeg

 

[jb]

Depends on your circumstances. Your header suggests you're a Windows
user but it doesn't tell me which version. I also don't know whether
or not you use wideband or dialup. I also don't know if you're a
single PC home user or if you use a LAN with multiple PCs.

I'll tell you that those German anti-firewall fanatics are dangerous
because they don't consider some crap that happens. Let's take a
simple case of a single PC home user of Win 98. It's a very simple
matter in that case to disable unwanted servers and thus close all
internet ports. What they don't tell you is that the Windows Update
(WU) Trojan will undo your work and leave you sitting there wide
open to take hits. So at least keep the install file of a software
firewall on backup so it can be installed immediately after installing
Windows and going online to the WU Trojan.

Not that I'm a sw fw fanatic. Quite to the contrary, I've seen too
many users take hits because their fw caused difficulties and they
went online without it for "just a short time".

The best bet for anyone is to invest in a external router/fw which is
"always there" and can be depended on to block unsolicited incoming.

Art

http://home.epix.net/~artnpeg

McAfee firewall is the best. You wouldn't believe what tries to sneak
in on port 80.

 

[Dave Turner]

McAfee firewall is the best.
youre funnnnyyyyyyy

 

[The Seabat]

and WAY off topic!!

 

[bambam]

Your header suggests you're a Windows
user but it doesn't tell me which version.

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12)
Gecko/20050915

From Craig's header, Windows NT 5.0 = Windows 2000

 

[Art]

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12)
Gecko/20050915

From Craig's header, Windows NT 5.0 = Windows 2000

Yep, I overlooked that. He might be interested in my article on
"hardening" Win 2K here:

http://home.epix.net/~artnpeg/Win2KPro.html

On this OS, nothing really serious happened during a Windows
Update in my experience. But without a firewall of some sort, it
can be risky ... someone might install a service and not check
out the consquences, leaving some port open.

Art

http://home.epix.net/~artnpeg

 

[ms]

In another thread, I asked about a util to remove OE from W98SE.

IIRC, maybe over a year ago, you mentioned to me a program to do this. It worked fine
then. Can't find it now.

Do you recall what it was and a link?

TIA

Mike Sa

 

[Art]

In another thread, I asked about a util to remove OE from W98SE.

IIRC, maybe over a year ago, you mentioned to me a program to do this. It worked fine
then. Can't find it now.

Do you recall what it was and a link?

I already responded in a different thread. I never used any OE
remover, just IERadicator.

Art

http://home.epix.net/~artnpeg

 

[Craig]

Depends on your circumstances.

Sorry 'bout that. Win5.0 on a LAN/router/firewall. Also on LAN: NAS, 3
other PC's, 2 printers. Connected to Internet via adsl.

The best bet for anyone is to invest in a external router/fw which is
"always there" and can be depended on to block unsolicited incoming.

Art

Art;

Thanks for taking time to respond. Ya, as you see, I've the h/w
firewall. That's why I am even thinking about tossing the s/w firewall.
The other thing that's propelling me is fatigue.

I'm tired of having to place my faith in closed-source projects that
have to do with /security/, of all topics.

So, I appreciate the warning (ie dangerous Germans <g>) and the
reference to your article. If you have a resource to recommend which
discusses security wrt servers & ports in the context of Winderz and/or
*nix, I'd be much obliged.

-Craig

 

[Art]

Sorry 'bout that. Win5.0 on a LAN/router/firewall. Also on LAN: NAS, 3
other PC's, 2 printers. Connected to Internet via adsl.

Oh, well then I can't help you since I've never used file/printer
sharing. Don't want or need it. I have two PCs sharing the same DSL
service. I'm using a Linksys wireless router/fw for the purpose.

Thanks for taking time to respond. Ya, as you see, I've the h/w
firewall. That's why I am even thinking about tossing the s/w firewall.
The other thing that's propelling me is fatigue.

I'm tired of having to place my faith in closed-source projects that
have to do with /security/, of all topics.

So, I appreciate the warning (ie dangerous Germans <g>) and the
reference to your article.

That's a long story. Back when I first started with a single Win 98 PC
I went around and asked the newbie questions about the need for a
firewall. I kinda thought one isn't required if all ports are closed,
but I hadn't yet read a book on TCP/IP, and I wasn't sure. The
overwhelming amount of poor advice, misinformation, ignorance, and
just plain BS that I found on the subject was mind boggling Anyway,
I ran '98 and later 'ME for years without any kind of fw, and I found
myself dong just what "that group of Germans" has been doing for
the last year or so ... spreading their anti-fw line beyond the
boundaries of German language usenet. So when I joke about them
and their zeal, it applies to what I used to do as well I found
them refreshing at first, but as I pointed out, their advice can be
dangerous to average users who don't know the pitfalls and what
to watch out for.

If you have a resource to recommend which
discusses security wrt servers & ports in the context of Winderz and/or
*nix, I'd be much obliged.

Sorry, I can't help you with that. The foundation is a good text book
on TCP/IP which will point you to appropriate RFCs and other
references. Other than that, I find Google is my friend

Art

http://home.epix.net/~artnpeg

 

[Al Klein]

Art wrote:

McAfee firewall is the best. You wouldn't believe what tries to sneak
in on port 80.

With a router running a good firewall? Or did you skip that part of
Art's post?