Vista Firewall

[AliceZ]

We have just received a new notebook with Vista Premium sp1 installed. Is the
Windows Firewall sufficient to protect incoming/outgoing information?
Some people have told us Yes; others have said No.

We are senior citizens and very unfamiliar with computers and firewalls, etc.
If the Windows Firewall is not sufficient, is there a FREE firewall that
someone could suggest to use as a substitute firewall? One that would be easy
to install and configure, as we don't know anything about firewalls, etc.
Thanks for any assistance.
Alice

We are using Verizon DSL that is connected to our desktop which has WinXP.
We are using modem/router and the notebook is connected wirelessly (I believe
that is what it is called) to it.

 

[Mick Murphy]

Windows Firewall is what you need for your computers.

If you were to get a 3rd party Firewall, you would be asked whether to
"allow, disallow, this time only, all the time, etc", for any internet
actions that your Programs initiate..

As you have said, you want something that is easy to use, and works!
Windows Firewall "knows" the answers.

 

[oscar]

Windows firewall is sufficient for the average user. The main (but not only)
cause of malware being able to by-pass the firewall is the user. To minimize
malware do not download anything on the internet that is free such as free
wallpaper, free music, free greeting cards, free calendars, free games, free
anything. Yes, there are some free shareware programs that are safe to
download, but only users who have an above average knowledge and experience
with computers should ever consider downloading such software. And never ever
open any email or email attachments in which you, the user, do not know from
where it came. Never.

Other than that, safe surfing and enjoy your computer.

-
oscar

....Right click is your very good friend...

 

[Mr. Arnold]

We have just received a new notebook with Vista Premium sp1 installed. Is the
Windows Firewall sufficient to protect incoming/outgoing information?
Some people have told us Yes; others have said No.

We are senior citizens and very unfamiliar with computers and firewalls, etc.
If the Windows Firewall is not sufficient, is there a FREE firewall that
someone could suggest to use as a substitute firewall? One that would be easy
to install and configure, as we don't know anything about firewalls, etc.
Thanks for any assistance.
Alice

We are using Verizon DSL that is connected to our desktop which has WinXP.
We are using modem/router and the notebook is connected wirelessly (I believe
that is what it is called) to it.

Just use the Vista FW and use safe computing, as prevention goes a long
way.

http://www.claymania.com/safe-hex.html

I would suggest not using MS products for email and Internet, like
Windows mail or IE. Neither one of them are bad, but you should find
alternatives like Firefox and Thunderbird -- both are free.

 

[Bruce Chambers]

We have just received a new notebook with Vista Premium sp1 installed. Is the
Windows Firewall sufficient to protect incoming/outgoing information?
Some people have told us Yes; others have said No.

The correct ansswer would be "Yes."

We are senior citizens and very unfamiliar with computers and firewalls, etc.
If the Windows Firewall is not sufficient, is there a FREE firewall that
someone could suggest to use as a substitute firewall? One that would be easy
to install and configure, as we don't know anything about firewalls, etc.
Thanks for any assistance.
Alice

We are using Verizon DSL that is connected to our desktop which has WinXP.
We are using modem/router and the notebook is connected wirelessly (I believe
that is what it is called) to it.

Vista's built-in firewall is perfectly adequate for most people.
While it's not quite up to the ease-of-use standards of Kerio or
ZoneAlarm, it has been noticeably improved over WinXP's version.

There are two interfaces for Vistas built-in firewall:

1) A simplified one accessed through the Control Panel that is the only
one most people see. To further supplement this view, Sphinx's Vista
Firewall Control http://sphinx-soft.com/Vista/) is a piece of freeware
that makes the Vista Firewall much more easily manageable to the average
user.

2) And the more advanced "Windows Firewall with Advanced Security
(WF.msc), accessed via the Start Menu's Administrative Tools folder, for
the experienced user who wants more granular control.


--

Bruce Chambers

Help us help you:


http://support.microsoft.com/default.aspx/kb/555375

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand Russell

The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot

 

[Flight]

Just use the Vista FW and use safe computing, as prevention goes a long
way.

http://www.claymania.com/safe-hex.html

I would suggest not using MS products for email and Internet, like Windows
mail or IE. Neither one of them are bad, but you should find alternatives
like Firefox and Thunderbird -- both are free.

This is completely crap! It is proven that both are NOT safer, and Firefox
does not handle correctly severa websites! So let those people decide for
themselves, please!

 

[Flight]

The correct ansswer would be "Yes."




Vista's built-in firewall is perfectly adequate for most people. While
it's not quite up to the ease-of-use standards of Kerio or ZoneAlarm, it
has been noticeably improved over WinXP's version.

There are two interfaces for Vistas built-in firewall:

1) A simplified one accessed through the Control Panel that is the only
one most people see. To further supplement this view, Sphinx's Vista
Firewall Control http://sphinx-soft.com/Vista/) is a piece of freeware
that makes the Vista Firewall much more easily manageable to the average
user.

2) And the more advanced "Windows Firewall with Advanced Security
(WF.msc), accessed via the Start Menu's Administrative Tools folder, for
the experienced user who wants more granular control.


--

Bruce Chambers

Help us help you:


http://support.microsoft.com/default.aspx/kb/555375

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand
Russell

The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot

ZoneAlarm can produce irritant errors, as Windows Firewall does not. It is
much better to let people start with Windows firewall and much, much later,
when they know about the basics, they CAN decide to start using something
else. But third party software always has a risk in it, as the built-in
software does not.

People, you are very safe with Windows firewall, so don't bother.

 

[Kayman]

We have just received a new notebook with Vista Premium sp1 installed. Is the
Windows Firewall sufficient to protect incoming/outgoing information?
Some people have told us Yes; others have said No.

Educational Reading:
Managing the Windows Vista Firewall
http://technet.microsoft.com/en-us/magazine/cc510323.aspx

Please listen what the real experts have to say about 3rd party software
firewalls (PFW) in relation to Internet Security:

On August 07, 2007, the software engineers/programmers of Sunbelt Software
(the makers of Sunbelt Personal Firewall) have raised reservations about
the usefulness of outbound protection provided by personal firewalls (PFW)
in cases where malware has already executed and describe it as a
*questionable* basis on which to build a *security* assessment.

Furthermore, during a interview with Leo Laporte (August 16, 2007), Steve
Gibson, of Gibson Research Corporation said that he has given up
updating his *'Firewall Leak Test'* application because he found it
essentially worthless to continue and admitted a software-based firewall
(PFW) is kind of *pointless* to employ.

Also, a pointed response from Jesper M. Johansson to (denigrating)
statements about how the WindowsXP firewall does not provide outbound
filtering (May 01, 2006).

Any outbound host-based firewall filtering in WindowsXP is really just
meaningless as a *security*...]
[unquote]
--and--
in TechNet Magazine (June 2008).

....outbound filtering will stop the worm from infecting other systems or
will stop the attacker from communicating out. This is *not* true.
[unquote]

Jesper M. Johansson
Senior Security Strategist in the Security Technology Unit at MSFT and is a
Software Architect working on security software and is a contributing
editor to TechNet Magazine. He holds a PhD in Management Information
Systems, has more than 20 years experience in security, and is a Microsoft
MVP in Enterprise Security.
Jesper's Blog
http://msinfluentials.com/blogs/jesper/default.aspx

And finally, a rational appraisal by Steve Riley concerning *security*
related 3rd party software applications (August 06, 2008).

Steve Riley [MSFT Senior Security Strategist]
(e-mail address removed)
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com

In general, it's a bad idea to use third-party "replacements" for critical
parts of the operating system. While I'll never claim that our software is
bug-free, I feel pretty certain that some shady no-charge download that
tries to replace or improve on some aspect of the security subsystem hasn't
gone through any kind of testing like we do: the SDL, automated fuzz and
penetration testing, and threat modeling. My advice: *stay away from stuff
like this.*
[unquote]

Please be guided accordingly.

 

[Root Kit]

This is completely crap!

Not really.

It is proven that both are NOT safer,

Not really.

and Firefox does not handle correctly severa websites!

That's true. Like ActiveX rich sites and so forth...

So let those people decide for themselves, please!

I see nothing being forced on anyone here.

However, unless you're running Vista and can run IE in protected mode,
I would recommend a different browser (anything except IE and browsers
that build on IE) at any time for security reasons.

 

[Root Kit]

ZoneAlarm can produce irritant errors, as Windows Firewall does not.

Of course ZA produces irritant errors. That's what it's designed to
do. In fact, ZA is an error in itself.

It is much better to let people start with Windows firewall and much, much later,
when they know about the basics, they CAN decide to start using something
else.

Agreed. Having folks who have no clue about networking messing around
with 3rd party firewalls is a very bad idea.

But third party software always has a risk in it, as the built-in
software does not.

Agreed. More software => increase in complexity => reduction in
security.

People, you are very safe with Windows firewall, so don't bother.

Well, they are pretty safe against outside threats. No firewall
(windows or other) will protect them against themselves.

 

[Mr. Arnold]

This is completely crap! It is proven that both are NOT safer, and Firefox
does not handle correctly severa websites! So let those people decide for
themselves, please!

FF and TB are not the only solutions out there but there are more bullet
proof that IE and WM, if one doesn't know how to configure them security.

I don't see you coming up with anything, other than, you flying of into
left field like a rabid dog. I considered that OpenDNS junk you tossed out
there *crap* and a complete waste of time and money, but if you think that
security blanket gives you that warm and fussy feeling, that's you. But did
I
get in your face with a bunch of BS, becuase you posted?

I do see why you have a nym of Flight, because you seem like you'll fly off
the handle at the drop of a hat.

 

[Root Kit]

We have just received a new notebook with Vista Premium sp1 installed.
Congratulations.

Is the Windows Firewall sufficient to protect incoming/outgoing information?
Some people have told us Yes; others have said No.

The Windows Firewall does a decent job in protecting from incoming
threats (which is the main purpose of a host based packet filter which
is in fact what it is).

It doesn't do much to prevent outgoing information in the normal
understanding of "outbound application control" which is in fact a
clever design choice - because preventing bad code allowed to run from
sending data out is an impossible task and preventing good code from
sending data out is unnecessary since you should never run programs
you don't trust.

We are senior citizens and very unfamiliar with computers and firewalls, etc.

Stick to safe hex and be skeptical like in any other aspects of life.
If something sounds too good to be true - it most likely is.

If the Windows Firewall is not sufficient, is there a FREE firewall that
someone could suggest to use as a substitute firewall? One that would be easy
to install and configure, as we don't know anything about firewalls, etc.

Since you don't know anything about firewalls and networks - stick to
the windows firewall and instead be careful about what you do. Don't
install or run all kinds of software from dubious sources.

Thanks for any assistance.
Alice

We are using Verizon DSL that is connected to our desktop which has WinXP.
We are using modem/router and the notebook is connected wirelessly (I believe
that is what it is called) to it.

In that case it's very important that you have made the most basic
security configurations on your router and that you use strong
encryption for your wireless.

On your router, you should at least:
* Change the default password
* make sure WAN administration is turned off
* make sure UPnP is turned off

For your wireless connection you should be using WPA encryption.

If you don't know how to do this, get help from someone who does..

 

[Paul Montgomery]

On Fri, 22 Aug 2008 04:12:16 -0400, "Mr. Arnold" <MR.

I do see why you have a nym of Flight, because you seem like you'll fly off
the handle at the drop of a hat.

Speaking of one's nym, here's a list "Mr. Arnold" has used in the past
2 weeks:

The Bee (his newest)
Anti on Chicken Little(s)
Junk Yard Dog
Little Mad Dog
The Lone Ranger
The Lone Ranger1
The Lone Ranger2
Paul Montgomery
Paul Montgomery 9000
General Paul Montgomery
General Paul Montgomery1
General Paul Montgomery2
General Paul Montgomery3
General Paul Montgomery4
General Paul Montgomery5
General Paul Montgomery6
General Paul Montgomery7

There should be some good opportunitiy for psychoanalysis in that
list.

 

[Paul Montgomery]

Paul Montgomery wrote:

I am Paul Montgomery that got my feelings hurt, because I opened my
mouth trying to tell someone what I was going to do.

So, I am off in other NG(s)spreading my goodwill

I am mad, insane, and I am old -- help

Looks like you're beyond help!

Although, I am all of those things and everything seems normal to me...

Mark

 

[Flight]

FF and TB are not the only solutions out there but there are more bullet
proof that IE and WM, if one doesn't know how to configure them security.

I don't see you coming up with anything, other than, you flying of into
left field like a rabid dog. I considered that OpenDNS junk you tossed out
there *crap* and a complete waste of time and money, but if you think that
security blanket gives you that warm and fussy feeling, that's you. But
did I
get in your face with a bunch of BS, becuase you posted?

I do see why you have a nym of Flight, because you seem like you'll fly
off the handle at the drop of a hat.

If you think FF and TB are more secure than IE and WM, then think again!
Just visit some sites dealing with security and you will learn about bad
security risks in for instance FF 3. And you will learn that there are now
more security holes in FF than in IE. Your language shows two things: lack
of thourough knowledge about what is playing on in security land, and a lack
of decency. So I will not react any longer on your idiot postings.

 

[Flight]

Paul Montgomery wrote:

I am Paul Montgomery that got my feelings hurt, because I opened my mouth
trying to tell someone what I was going to do.

So, I am off in other NG(s)spreading my goodwill



Looks like you're beyond help!

Although, I am all of those things and everything seems normal to me...

Mark

Leave him, Mark. He has not a millimeter decency in his body. Looks like one
of those students, still visiting school and thinks that they know
everything better than people, working in the field with those things.

 

[Flight]

Of course ZA produces irritant errors. That's what it's designed to
do. In fact, ZA is an error in itself.


Agreed. Having folks who have no clue about networking messing around
with 3rd party firewalls is a very bad idea.


Agreed. More software => increase in complexity => reduction in
security.


Well, they are pretty safe against outside threats. No firewall
(windows or other) will protect them against themselves.

I completely agree with you. I couldn't have said it better. Thanks.

 

[Flight]

The Windows Firewall does a decent job in protecting from incoming
threats (which is the main purpose of a host based packet filter which
is in fact what it is).

It doesn't do much to prevent outgoing information in the normal
understanding of "outbound application control" which is in fact a
clever design choice - because preventing bad code allowed to run from
sending data out is an impossible task and preventing good code from
sending data out is unnecessary since you should never run programs
you don't trust.


Stick to safe hex and be skeptical like in any other aspects of life.
If something sounds too good to be true - it most likely is.


Since you don't know anything about firewalls and networks - stick to
the windows firewall and instead be careful about what you do. Don't
install or run all kinds of software from dubious sources.


In that case it's very important that you have made the most basic
security configurations on your router and that you use strong
encryption for your wireless.

On your router, you should at least:
* Change the default password
* make sure WAN administration is turned off
* make sure UPnP is turned off

For your wireless connection you should be using WPA encryption.

If you don't know how to do this, get help from someone who does..

I second that.

 

[Paul Montgomery]

Leave him, Mark. He has not a millimeter decency in his body. Looks like one
of those students, still visiting school and thinks that they know
everything better than people, working in the field with those things.

Both posts sucked you in and came from the person using these names:

Mr. Arnold
The Bee (his newest)
Anti on Chicken Little(s)
Junk Yard Dog
Little Mad Dog
The Lone Ranger
The Lone Ranger1
The Lone Ranger2
Paul Montgomery 9000
General Paul Montgomery
General Paul Montgomery1
General Paul Montgomery2
General Paul Montgomery3
General Paul Montgomery4
General Paul Montgomery5
General Paul Montgomery6
General Paul Montgomery7

 

[Paul Montgomery]

So I will not react any longer on your
idiot postings.

You tell him. That way, he won't have to be bothered with you again.