M
Mike Dymond
Hi:
Which Firewall is best for Vista?
Norton?
Zone Alarm?
Windows?
Other?
All opinions appreciated.
Mike
Which Firewall is best for Vista?
Norton?
Zone Alarm?
Windows?
Other?
All opinions appreciated.
Mike
Hi:
Which Firewall is best for Vista?
Norton?
Zone Alarm?
Windows?
Other?
All opinions appreciated.
Mike said:Hi:
Which Firewall is best for Vista?
Norton?
Zone Alarm?
Windows?
Windows?
Mike Dymond said:Hi:
Which Firewall is best for Vista?
Norton?
Zone Alarm?
Windows?
Other?
All opinions appreciated.
Actually many of the new Vista firewalls are able to actively protect at
boot time.
I'm pretty sure Symantec, Zone, and McAfee are doing this. Others
can 'non-actively' protect as well by usually just blocking everything with
exceptions for some basic ports like dhcp and dns.
Mike Dymond said:Hi:
Which Firewall is best for Vista?
Norton?
Zone Alarm?
Windows?
Other?
All opinions appreciated.
David Beder said:Actually many of the new Vista firewalls are able to actively protect at
boot time. I'm pretty sure Symantec, Zone, and McAfee are doing this.
Others can 'non-actively' protect as well by usually just blocking
everything with exceptions for some basic ports like dhcp and dns.
David Beder said:At the time of this article's authoring, the statement might have been
accurate. The software packages which are making use of the boot-time
interfaces with the new Vista tcpip stack might have still been in Beta
stages.
I'm not certain the statement was completely true for XP, but there's room
for symantic differences on what's a firewall and what's an IDS. eg, I
think Black Ice was able to protect during boot-time, though not
necessarily at the exact second we'd consider boot-time as beginning.
David Beder said:Agreed, nothing is going to be bullet proof and host firewalls are just an
extra layer of protection. Every year the industry innovates, so even if
there wasn't boot-time support before, you're going to start seeing it
more as time goes by.
There might also be differences in what various products are willing to
block outbound during boot, so Gator might still make it out during that
time simply because the firewall isn't in a position to recognize that
it's not a connection that should be allowed from svchost. Give them a
couple more years and they'll eventually solve this too.
As for WFP/BFE, WFP is integrated into the tcpip stack so can't be removed
from play. If BFE is knocked out, WFP is left in its last-known state. If
BFE is blocked from ever starting up, then the system is essentially left
in boot-time forever. (Note, if it's disabled by an administrator like
through the services control panel, then WFP won't invoke any boot-time or
post-boot-time policy and firewalls will have to move below or above the
tcpip stack to inspect packets.)
Depending on how firewalls invoke WFP, their policy could survive having
their service knocked out.
Mr. Arnold said:I am not certain that WFP and BEF are bullet proof protection due to the
fact that BEF is a service. I have not tested it, but if that BEF service
is knocked out, and I don't see why malware couldn't knock out that BEF
service, then it's over.
Robert Moir said:Of course if malware can "knock out" the service that means that the
malware is running locally on the target computer does it not? If it's
already in your base, haxoring your computer anyway, then I might suggest
boot time firewall protection is the least of the worries you will have.
There might also be differences in what various products are willing to
block outbound during boot, so Gator might still make it out during that
time simply because the firewall isn't in a position to recognize that it's
not a connection that should be allowed from svchost.
Give them a couple more years and they'll eventually solve this too.
As for WFP/BFE, WFP is integrated into the tcpip stack so can't be removed
from play. If BFE is knocked out, WFP is left in its last-known state.
If BFE is blocked from ever starting up, then the system is essentially
left in boot-time forever.
On the 'net, *everyone* can hear you scream---------- ----- ---- --- -- - - - -
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.