Windows firewall debate

[DJS0302]

Everyone keeps talking about how the built in Windows firewall only protects
you from incoming traffic but does nothing to secure outgoing traffic. Why
would someone need to block outgoing traffic? If a firewall protects you from
incoming traffic and you're not stupid enough to ever download a virus why
would you need to secure your outgoing traffic if you already know there's
nothing malicious on your computer?

 

[Rick \Nutcase\ Rogers]

Hi,

*If* that were always the case, then you're right: No one would need a
firewall to detect unauthorized outgoing traffic. Problem is, the world
doesn't work that way for most people. The outbound detection can help
detect trojans, malware, etc. which are usually present on virtually every
system I ever worked on.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org

 

[Albert]

I never downlaod a virus, I run a firewall on my router and one on my
computeer and my ****ing windows Xp has a virus almost every other day.

I had a trojan sending over 300megs a day to a irc chat room out for three
weeks before I found it.

Firewalls, anti-virus programs, doesn't matter, if you use windows you
might as well grab you ankles and take it hot and dry...

 

[peter]

Its not only virus that try to use your internet connection.
how about that lovely program that you swear by because it speeds up your
downloads...but at 2AM when your in bed it sends all the websites you visited
that day to some database.Or that email from a good friend who unknowingly sends
you this little piece of code that dials itself out at 3AM and sends itself to
every one in your address book??
Wouldn't it be nice if you knew when your computer was online and off line???
peter

 

[Ed H]

Can we get a list somewhere of what is legit and what are trojans, malware
etc., that are trying to get out. My firewall will often ask about a certain
program accessing the internet or wanting to act as a server but I never
recognize what the program is.

 

[Guest]

I think Rick needs to find a better clientelle or needs to give his clients
more tools. There simply isn't any need to have a firewall for outgoing
traffic if you know how to keep your machine clean and even if you don't it's
a simple matter of installing some basic free tools to prevent
spyware\adware. XP is my first OS and I was a complete computer virgin when I
got it nearly 3 years ago. Since then I have always had the firewall enabled
and quickly learned how easy it is to prevent spyware\adware. To date 0
viruses 0 spyware 0 adware and 0 outgoing unauthorized traffic and all
because of 1 firewall and that's XP's. {]:~)

 

[barry]

i got a switch that turns off the internet connection so
nothing can get out ,,even if a windows update changes
settings for something.there was one that tried to make my
system a server and contact web routers, firewall cut the
connection and another windows update patched it.....unless
of course the computer grew arms to flip the switch to on...

 

[Mike]

how dumb you are

 

[Rock]

Can we get a list somewhere of what is legit and what are trojans, malware
etc., that are trying to get out. My firewall will often ask about a certain
program accessing the internet or wanting to act as a server but I never
recognize what the program is.

Google is your friend. There is no such all encompassing list.

 

[Edward W. Thompson]

Congratulations! You clearly are in a class well above us ordinary mortals.
Now for us people who are so much more dumb than you a firewall that
monitors and protects against both inbound and out bound traffic is a
requirement. Do you have a problem with that?

 

[Ron AG]

We need a firewall which protect us from people like u

 

[Plato]

Everyone keeps talking about how the built in Windows firewall only protects
you from incoming traffic but does nothing to secure outgoing traffic. Why
would someone need to block outgoing traffic? If a firewall protects you from
incoming traffic and you're not stupid enough to ever download a virus why
would you need to secure your outgoing traffic if you already know there's
nothing malicious on your computer?

Correct. If you dont install shitware on you pc you dont need the
outgoing thing.

 

[Rick \Nutcase\ Rogers]

Hi Ed,

Unless you initiated the activity, then chances are it is unwanted. Keep in
mind also that activity can be initiated by autoupdate routines, and
file-swapping programs (the familiar "act as a server" bit). There can be no
definitive list of trojans, as many assume random names. The best thing to
do is simply google the filename that is trying to get out, and see what it
is that is making the request.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org

 

[Rick \Nutcase\ Rogers]

I can give clients (I don't pick them, they pick me) all the tools in the
world, but if they don't use them they are sort of useless, don't you think?
I install Adaware and spyware blaster on virtually every system I work on.
If no AV is present, I install AVG and set it to autoupdate. Yet still they
get infected, loaded with spyware, and generally bogged down with unwanted
crap.

The problem, if it is a problem, is that people just want the system to run
and do their work, play games, or spend their time in chat. They do not want
to spend time configuring, updating, etc. Nor do they want to follow the
basic rules of not opening attachments without scanning, or not clicking
willy-nilly on every offer of "L0wer your morgage" [sic]. Even after showing
clients how to update and run Adaware, the system will come back to me all
buggered up three months later and no ones bothered running it since the
last time I did. You can't save people from themselves.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org

 

[DJS0302]

Correct. If you dont install shitware on you pc you dont need the

outgoing thing.

I've had a Windows computer for over seven years and in that time I have never
received any type of virus, worm, trojan, spyware, etc. I've also never used an
antivirus. You would think that with all the warnings people would learn to be
more diligent when it comes to clicking on unknown links. I think there should
be a law. Each computer operator would be allowed to accidentally download and
run ONE malicious virus on their computer. If they download a second virus
then they should be fined $100. If they do it a third time then their computer
should be permanently disconnected from the internet.

 

[RonK]

You must be a politician with ideas like that !!

I've had a Windows computer for over seven years and in that time I have
never
received any type of virus, worm, trojan, spyware, etc. I've also never
used an
antivirus. You would think that with all the warnings people would learn
to be
more diligent when it comes to clicking on unknown links. I think there
should
be a law. Each computer operator would be allowed to accidentally
download and
run ONE malicious virus on their computer. If they download a second
virus
then they should be fined $100. If they do it a third time then their
computer
should be permanently disconnected from the internet.

 

[Ken Blake]

In

There simply isn't any need to have a firewall
for outgoing traffic if you know how to keep your machine clean
and
even if you don't it's a simple matter of installing some basic
free
tools to prevent spyware\adware.

I've replied to this erroneous assertion of yours before, but
lest anyone believe what you say, I'll repeat my answer:

You are willing to make the assumption that what you to do to
keep your computer clean of spyware\adware is perfect. I am never
willing to make that assumption, so I prefer the belt *and*
suspenders approach.

That's especially true, since there are adequate freeware
programs that provide that extra protection. That way I have the
belt and add the suspenders for free.

You may do whatever you think best for your own computer, but
that's irresponsible advice to give others.

 

[root]

Everyone keeps talking about how the built in Windows firewall only protects
you from incoming traffic but does nothing to secure outgoing traffic. Why
would someone need to block outgoing traffic?

With a good virus checker and intelligent computing practices, one doesn't
need outgoing checking....hmmm did MS decide that or was it just me? Why do
both belt and suspenders when the suspenders cause additional compatibility
and maintenance hassles.....hmmm did MS decide that or was it just me?

If a firewall protects you from
incoming traffic and you're not stupid enough to ever download a virus why
would you need to secure your outgoing traffic if you already know there's
nothing malicious on your computer?

Yup.

 

[root]

In


I've replied to this erroneous assertion of yours before, but
lest anyone believe what you say, I'll repeat my answer:

You are willing to make the assumption that what you to do to
keep your computer clean of spyware\adware is perfect. I am never
willing to make that assumption, so I prefer the belt *and*
suspenders approach.

That's especially true, since there are adequate freeware
programs that provide that extra protection. That way I have the
belt and add the suspenders for free.

NO, not free. The installation and care and feeding of each extra OS
support app is significant.

You may do whatever you think best for your own computer, but
that's irresponsible advice to give others.

Just NO!

 

[Rick \Nutcase\ Rogers]

What about those of us that intentionally release a virus on out system so
that we can learn how it works and how to clean it?

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org