(OT) Does anyone like Windows Firewall?

[Kevin P Kitching]

How about Black Ice Defender? Not free, but better than zone alarm. It automatically blocks intrusions PERMANENTLY!

Also, does your DSL provider assign static ir dynamic IP addressing? If it's dynamic, rebooting your PC will cause a new IP address to be used, helping thwart any post scanners. (they may still be looking for ports on your 'old' IP address).

As for viruses... these are now common via e-mail and some web pages!

Check if your provider has anti-virus software checking mail through their servers - they should!

Kevin

I have just recently acquired full time DSL and have been advised
to get a firewall in addition to my Norton Antiviris software. I
found that my Windows XT Pro has a firewall builtin. All I have to
do is enable it.
Anyone have any suggestions as to how good this is? Thanks. PatiO.

I run three or four computers at home, two printers on a print
server, and recently added wireless for a laptop. The only
protections I have are the NAT inherent in the router, and the
Norton Antivirus that screens my incoming E-mail. I've been
running this setup for two years and never had a virus get through.

--
Kevin P Kitching

 

[uk101]

Hi,

Zonealarm is the best software firewal.l It is freee for home use single user is free. XP's firewall is a joke and should not be used. Black ice is not bad but not quite up to Zone alarms levels.

http://www.zonealarm.com

Wireless networks are less secure than the internet & each PC attached should be firewall'ed The problems is the secure supplied with firewall is far to easy to hack.
Alex

Also, does your DSL provider assign static ir dynamic IP
addressing? If it's dynamic, rebooting your PC will cause a new IP
address to be used, helping thwart any post scanners. (they may
still be looking for ports on your 'old' IP address).

As for viruses... these are now common via e-mail and some web pages!

Check if your provider has anti-virus software checking mail
through their servers - they should!

Kevin

I have just recently acquired full time DSL and have been advised
to get a firewall in addition to my Norton Antiviris software. I
found that my Windows XT Pro has a firewall builtin. All I have to
do is enable it.
Anyone have any suggestions as to how good this is? Thanks. PatiO.

I run three or four computers at home, two printers on a print
server, and recently added wireless for a laptop. The only
protections I have are the NAT inherent in the router, and the
Norton Antivirus that screens my incoming E-mail. I've been
running this setup for two years and never had a virus get through.

--
Kevin P Kitching

 

[Kevin P Kitching]

Hi Alex,

I tried ZoneAlarm and it did not stop as much as BlackIce did. It's personal preference. I think the vendors renamed their product to Network Ice and it now includes a facility to stop unathorised access to applications if another network user access your PC. This is something that ZoneAlarm douesn't do.

Kevin

http://www.zonealarm.com

Wireless networks are less secure than the internet & each PC
attached should be firewall'ed The problems is the secure supplied
with firewall is far to easy to hack.
Alex

Also, does your DSL provider assign static ir dynamic IP
addressing? If it's dynamic, rebooting your PC will cause a new IP
address to be used, helping thwart any post scanners. (they may
still be looking for ports on your 'old' IP address).

As for viruses... these are now common via e-mail and some web pages!

Check if your provider has anti-virus software checking mail
through their servers - they should!

Kevin

I have just recently acquired full time DSL and have been advised
to get a firewall in addition to my Norton Antiviris software. I
found that my Windows XT Pro has a firewall builtin. All I have to
do is enable it.
Anyone have any suggestions as to how good this is? Thanks. PatiO.

I run three or four computers at home, two printers on a print
server, and recently added wireless for a laptop. The only
protections I have are the NAT inherent in the router, and the
Norton Antivirus that screens my incoming E-mail. I've been
running this setup for two years and never had a virus get through.

--
Kevin P Kitching

--
Kevin P Kitching

 

[GodSpeaks]

Declan: you can't bash Microsoft software for having bugs and then
at the same time tell people not to pick up fixes. This is
unreasonable.

I didn't say don't do updates, I just said do not allow it to be done automatically. Personally, I want full control over my computer, that, after all, is what the P in Personal Computer stands for. The computer belongs to me, not microsoft, and I do not want them putting stuff on my computer, or worse, installing something without my knowledge.

That is also why I advocate a backup system, be it a drive image or whatever. As you might guess, I would never use system restore. I think it's just more problems courtesy of Billy-Bob Gates.

By uising a disk image, I KNOW exactly what the state of the system is, at backup. Do you have any idea of the state of system restore?

But to use, or not use, system restore is a personal call. Making a backup, though, is a must, regardless of how you do it.

Declan

 

[GodSpeaks]

Great thinking... most - if not all - of the recent worms/virii
designed to attack Microsoft systems were preventable if only
people had applied updates.

Actually, most, if not all, could have been prevented by common sense (don't use Outlook (Express) and don't open email attachments) AND a GOOD firewall.

Declan

 

[David Race]

Great thinking... most - if not all - of the recent worms/virii
designed to attack Microsoft systems were preventable if only
people had applied updates.

Actually, most, if not all, could have been prevented by common
sense (don't use Outlook (Express) and don't open email
attachments) AND a GOOD firewall.

Declan

Yeah, good job there aren't exploits that use malformed URLs, vulnerabilities in services or any number of other vectors.

I agree that many, many attcks require that the user run the payload but keeping software up to date is not only a sensible thing to do to protect yourself but, frankly, an obligation one has to the rest of the Internet commuity.

daveR

 

[rwzeitgeist]

Thanks, all. I've enabled the firewall. ... But it scared the hell out of
me because this PC is my whole business life. PatiO.

Step back a moment and think about the cost of a successful intrusion. If your PC is your "...whole business life" I suspect the cost of an intrusion would be pretty high. Your primary evaluation criteria for your security solution seems to be cost of the protection. I wouldn't consider cost the more important criteria when choosing protection for my critical business data.

I strongly recommend you change your evaluation criteria, placing protection quality above cost. I would consider a router running NAT the absolute minimum needed by anyone with an Internet connection of any sort. Given Microsoft's repeated security vulnerabilities, I do not trust their solution.

Some years ago I purchased a dedicated firewall box for a few hundred dollars, and I've been extremely pleased with the result. The box is also a router, but that's a side effect of implementing the security function. What I see in the logs is pretty scary. One of my criteria was that the solution carry certification from the International Computer Security Association ( http://www.icsalabs.com/ ). Such certification indicates the vendor is serious about security, IMHO, as well as providing some level of assurance that the product works as intended. The ICSA Web site contains a list of firewall produts that passed ICSA's certification tests, including test reports of some products.

Like good virus protection software, my firewall vendor provides periodic updates to protect against new threats.

As it happens, my firewall configuration is not running NAT, although it can. As others have mentioned, NAT is not a security solution. You really want something that, at a minimum, does stateful packet inspection.

Good protection is very inexpensive relative to the cost of a failure. Buy good protection, not cheap protection.

Bob

 

[uk102]

Hi,

I'm not sure what you mean by it's didn't stop as much. Zonealarm allows you to select what passes & what does not.

The reason I suggest that Zonealarm over ICE is that Zonealarms controls inward & Outward traffic. Unless ICE has been update it's prevents Inward bound traffic Only. This leaves you wide open should an application, worm or virus get on your PC and decide to send docs, emails card numbers out.
Alex

Ice is easier to use and a few people use both!
Alex

I tried ZoneAlarm and it did not stop as much as BlackIce did.
It's personal preference. I think the vendors renamed their
product to Network Ice and it now includes a facility to stop
unathorised access to applications if another network user access
your PC. This is something that ZoneAlarm douesn't do.

Kevin

http://www.zonealarm.com

Wireless networks are less secure than the internet & each PC
attached should be firewall'ed The problems is the secure supplied
with firewall is far to easy to hack.
Alex

Also, does your DSL provider assign static ir dynamic IP
addressing? If it's dynamic, rebooting your PC will cause a new IP
address to be used, helping thwart any post scanners. (they may
still be looking for ports on your 'old' IP address).

As for viruses... these are now common via e-mail and some web pages!

Check if your provider has anti-virus software checking mail
through their servers - they should!

Kevin

I have just recently acquired full time DSL and have been advised
to get a firewall in addition to my Norton Antiviris software. I
found that my Windows XT Pro has a firewall builtin. All I have to
do is enable it.
Anyone have any suggestions as to how good this is? Thanks. PatiO.

I run three or four computers at home, two printers on a print
server, and recently added wireless for a laptop. The only
protections I have are the NAT inherent in the router, and the
Norton Antivirus that screens my incoming E-mail. I've been
running this setup for two years and never had a virus get through.

--
Kevin P Kitching

--
Kevin P Kitching

 

[GodSpeaks]

Great thinking... most - if not all - of the recent worms/virii
designed to attack Microsoft systems were preventable if only
people had applied updates.

Actually, most, if not all, could have been prevented by common
sense (don't use Outlook (Express) and don't open email
attachments) AND a GOOD firewall.

Ohhh, I forgot a really big one - Microsoft's Address Book (don't use, that is).

Declan

Yeah, good job there aren't exploits that use malformed URLs,
vulnerabilities in services or any number of other vectors.

I agree that many, many attcks require that the user run the
payload but keeping software up to date is not only a sensible
thing to do to protect yourself but, frankly, an obligation one has
to the rest of the Internet commuity.

daveR

If you are running a server, then I agree 1000%, but then you would probably be running Linux anyway

But for Joe Shmo, sitting at his desk, a good firewall is probably sufficient (and a good heap of common sense). After all, who can keep up with the endless stream of patches that come out of Redmond. It is more than difficult enough for most IT professionals to keep up with the micro$oft patch works, but for the common shmo, it's too much to ask.

And what is Joe Shmo going to do when M$'s auto install/update feature scwers over his machine and makes it unusable? Will M$ accept responsibility? Or send someone out to help fix it? I think not.

So apply appropriate patches/fixes, but do it yourself manually, and be very aware of what it is you are doing AND make a backup (drive image) BEFORE proceeding.

Declan

 

[PatiO]

AND make a backup
(drive image) BEFORE proceeding

Thanks for the good info. And... What's the best way to do a backup of the 'drive image'? I guess I'm just one of those Joe Shmos. Too busy taking pictures and stuff to really learn my PC stuff. PatiO.

 

[GodSpeaks]

Thanks for the good info. And... What's the best way to do a
backup of the 'drive image'? I guess I'm just one of those Joe
Shmos. Too busy taking pictures and stuff to really learn my PC
stuff. PatiO.

There are a number of programs out there that do this. Personally, I use PowerQuest's Drive Image.

What the program will do is make a "snapshot" of everything on your partition and put it into a compressed file. If something really bad happens, then you can reload the image and get back to the state you were when you made the image. It does require you to run the program from DOS, not from within windows. During installation you are given the option of making a boot disk for this purpose.

If your image is going to be very large (say > 700MB), you have the option of breaking it up into smaller chunks. That way you can burn your images to CDR and store them away in a safe place for future use. It also frees up that much space on your disk.

This actually works best if you have your (probably) large hard disk partitioned into multiple partitions.

The old school (before windows) was:
Make a partition for your OS
Make a partition for your programs, and
Make a partition for your data.

By keeping all three separate, it greatly simplified the task of making backups, as you would really only need to backup your data.

But windows changed all that by dropping bits and pieces of installed programs all over your hard disk without even asking you. So now you must also backup the OS partition.

Don't really need to backup programs as you can always reload those if need be.

There are other programs out there, in addition to PowerQuest. I think Symantec has one, as does Paragon.

I have heard there are some that do not require you to boot into DOS to make the image, but most (I think) do. Has something to do with windows not liking you to try and copy a file it is actually using.

Installing M$ patches aside, it is just good practice to make backups of your OS AND data, as you never know when a nasty could happen to your hard disk.

Hope that helps some.
Declan

 

[uk102]

Hi,

You could backup the partition, but it's kind of normal to backup your documents and important. This relies on you making sure you have kept coies of you aplications and being able to rebuild your system. A partition backup would require loads of DVD's, 20 4.7gig DVD for my system. I would never get round to doing a partition backup.

I backup all my photos as projects. Documents about once a month.

One thing to watch with you email system is the preview option. It's worth turning off!

I have stopped using Outlook as it seams many virus are wriitten for it. I started using Eudora which can be downloads & used free of charge.
Alex

AND make a backup
(drive image) BEFORE proceeding

Thanks for the good info. And... What's the best way to do a
backup of the 'drive image'? I guess I'm just one of those Joe
Shmos. Too busy taking pictures and stuff to really learn my PC
stuff. PatiO.

 

[Joe Wilson]

the last virus didn't need any sort of user interaction to do harm. No opening of email attachments, no going to an unknown URL, etc. A system that wasn't updated for critical patches or one that wasn't behind a firewall was vulnerable. If Windows XP firewall was enabled, it wouldn't have been able to do anything to users machines.

Actually, most, if not all, could have been prevented by common
sense (don't use Outlook (Express) and don't open email
attachments) AND a GOOD firewall.

Declan

--
http://www.joesimages.com

 

[uk101]

Hi,

You are correct to a limited point. The worm I think you ref. to MSBlast which recently hit(A lot of water under the brigde sinse then). It did scan random IP address & infect PC's.

One method employed to remove msblast, was release another worm that infected PC's in the same way. This worm caused the PC to download the Fixes from Microsoft. There are loads of people out there who never worked out what was happening and had their PC fixed by a Virus/Worm.

The more recent Sobig is a mass mail worm. This has a .pif or .scr file attachment. It spoof emails from your address book to your contacts. You friends (or ex friends) will recieve an email from say something about a movie. Open and you infected!
Alex

Actually, most, if not all, could have been prevented by common
sense (don't use Outlook (Express) and don't open email
attachments) AND a GOOD firewall.

Declan

--
http://www.joesimages.com

 

[Joe Wilson]

How am I correct to a limited point?

One method employed to remove msblast, was release another worm
that infected PC's in the same way. This worm caused the PC to
download the Fixes from Microsoft. There are loads of people out
there who never worked out what was happening and had their PC
fixed by a Virus/Worm.

The more recent Sobig is a mass mail worm. This has a .pif or .scr
file attachment. It spoof emails from your address book to your
contacts. You friends (or ex friends) will recieve an email from
say something about a movie. Open and you infected!
Alex

Actually, most, if not all, could have been prevented by common
sense (don't use Outlook (Express) and don't open email
attachments) AND a GOOD firewall.

Declan

--
http://www.joesimages.com

--
http://www.joesimages.com

 

[uk101]

Hi,
The last big one was Sobig which was mail based virus!
Alex

One method employed to remove msblast, was release another worm
that infected PC's in the same way. This worm caused the PC to
download the Fixes from Microsoft. There are loads of people out
there who never worked out what was happening and had their PC
fixed by a Virus/Worm.

The more recent Sobig is a mass mail worm. This has a .pif or .scr
file attachment. It spoof emails from your address book to your
contacts. You friends (or ex friends) will recieve an email from
say something about a movie. Open and you infected!
Alex

Actually, most, if not all, could have been prevented by common
sense (don't use Outlook (Express) and don't open email
attachments) AND a GOOD firewall.

Declan

--
http://www.joesimages.com

--
http://www.joesimages.com

 

[Joe Wilson]

fine, but my point was that you don't necessarily have to do anything to get infected...if you don't have a firewall and don't have the latest updates and virus scanner, you are vulnerable...even if you are careful about what you open via email.

One method employed to remove msblast, was release another worm
that infected PC's in the same way. This worm caused the PC to
download the Fixes from Microsoft. There are loads of people out
there who never worked out what was happening and had their PC
fixed by a Virus/Worm.

The more recent Sobig is a mass mail worm. This has a .pif or .scr
file attachment. It spoof emails from your address book to your
contacts. You friends (or ex friends) will recieve an email from
say something about a movie. Open and you infected!
Alex

Actually, most, if not all, could have been prevented by common
sense (don't use Outlook (Express) and don't open email
attachments) AND a GOOD firewall.

Declan

--
http://www.joesimages.com

--
http://www.joesimages.com

--
http://www.joesimages.com

 

[ummagumma]

uhm no they are not. s/w firewall's blow. besides your comment implies how naive you realy are if you think that's an adequate solution.

get a h/w based firewall & router combo for

Ask any script kiddie how effective software firewalls are. I said
at the very least re:NAT. I did not identify it as a totally secure
solution, genius.

--
A Canadian in the US-EH.

 

[Joe Wilson]

So, how are they not? Give some details. If you are going to call someone naive, you should back up your statement.

A software based firewall would have prevented anyone from getting the msblast virus.

get a h/w based firewall & router combo for

Ask any script kiddie how effective software firewalls are. I said
at the very least re:NAT. I did not identify it as a totally secure
solution, genius.

--
A Canadian in the US-EH.

--
http://www.joesimages.com

 

[ummagumma]

not worth my time or effort to educate someone on this (for free). however, my billable rate is US$300/hour.

if you feel that your pc is adequate with a s/w based firewall i'm happy for you.

A software based firewall would have prevented anyone from getting
the msblast virus.

get a h/w based firewall & router combo for

Ask any script kiddie how effective software firewalls are. I said
at the very least re:NAT. I did not identify it as a totally secure
solution, genius.

--
A Canadian in the US-EH.

--
http://www.joesimages.com

--
A Canadian in the US-EH.