Jump to content

Personal Firewall - Good Idea?


Recommended Posts

Posted

Personal firewall - good idea?

I have always used antivirus software and enabled default windows firewalls sometimes.

I am currently using NOD 32 which is good and fast antivirus software. the new version 3 has a kinder interface also:

http://www.eset.com/products/

Should I get the suite which includes a software firewall for an extra $20 per year? Or simply use the antivirus software?

Posted

Dont pay for things you can get for Free. Alot of hackers target these pay software more.(or so i was told) I use Avast as my antivirus and Zone Alarm for my firewall. But there are many out there.

Posted

Unless you are excessively paranoid, the built in windows firewall is quite adequate. There are some advantages to using 3rd party firewalls (like better monitoring of outbound traffic) but they also create their own problems.

Posted
Unless you are excessively paranoid, the built in windows firewall is quite adequate. There are some advantages to using 3rd party firewalls (like better monitoring of outbound traffic) but they also create their own problems.

This is exactly the type of information that I was looking for - thank you

Posted

Good idea?

Maybe. It's more a buzzword now since most people have no clue at all what a firewall actually does. You should have one since everybody else has one.

Let's have a look at the common setup for 99% of all internet connected computers. That 99% is on a private IP address, which means you cannot reach that computer directly from the internet. The router in front of it uses NAT, so any sessions originating from the internet stop there (unless you forwarded a specific port).

In a way, a router with NAT is the best firewall there is - nothing will be passed through besides answers on requests coming from your computer.

So what's left to do for the so called firewall on your computer?

Stopping unintentional traffic from your some malicious software that's already on your computer? Why didn't the firewall stop it before it even got onto your computer?

In my opinion a firewall on your pc is pretty useless, unless your computer has a public IP address. The built-in windows firewall is especially useless - where the hel_l can you configure packet inspection? The only thing one can configure is port numbers and ip ranges. Which is basically just filtering......

Posted
Stopping unintentional traffic from your some malicious software that's already on your computer? Why didn't the firewall stop it before it even got onto your computer?

Disingenous; a firewall isn't antivir and can hardly be expected to be ominscient; a user can always shoot himself in the foot despite the gun safety.

You'll find that expert users prefer to have a software firewall as well as hardware (router, NAT). If malware does get on your computer, the firewall will alert you when it tries outbound access. Also a firewall can block various "updaters" and other undesirable attempts to "call home" even by legit programs if you wish. Etc.

Some firewalls are more user friendly than others and aren't particularly onerous if you know a bit about what they are trying to do. Problem is that naive users just authorize access for everything without thinking, so defeating the purpose.

Posted
Some firewalls are more user friendly than others and aren't particularly onerous if you know a bit about what they are trying to do. Problem is that naive users just authorize access for everything without thinking, so defeating the purpose.

And that's exactly the point: the firewall becomes useless.

But at least you have one!

You'll find that expert users prefer to have a software firewall as well as hardware (router, NAT). If malware does get on your computer, the firewall will alert you when it tries outbound access. Also a firewall can block various "updaters" and other undesirable attempts to "call home" even by legit programs if you wish. Etc.

These are port filtering examples. No packet inspection or statefull inspection.

Will one of these firewalls stop spoofed traffic? E.g. bittorrent traffic disguising as webtraffic by using port 80. It's a trick played by many bittorrent clients to circumvent port filters. A firewall that looks beyond just the destination port will recognize the spoofed packet and block it.

Bittorrent is an example where a user configured the software to send this traffic. But there are several malware examples that use the same trick - port 80 is always open to allow websurfing without annoying popups from your firewall.

Posted
Some firewalls are more user friendly than others and aren't particularly onerous if you know a bit about what they are trying to do. Problem is that naive users just authorize access for everything without thinking, so defeating the purpose.

And that's exactly the point: the firewall becomes useless.

Except when it isn't useless, which is actually the real point. Anything of course can be defeated, nor is anything perfect from condoms to your NAT/router, which does little or nothing against outbound traffic anyway and wherein ports are often opened by users for specific applications and subsequently used by malware.

These are port filtering examples. No packet inspection or statefull inspection.

Yes, they are. But if you want packet inspection and stateful inspection, some firewalls are capable, e. g., SonicWALL. You can add on a packet inspector, too.

Will one of these firewalls stop spoofed traffic?

And will it mix the perfect martini? As you know, it's the job of anti-malware to detect programs that do the spoofing. But typically you do a few scans of your hard drives before you install a firewall to get rid of all the malware. The firewall then alerts you if a program has changed (maybe because it's become infected) or if a new program (which you should have scanned or can trust w/o scanning) attempts to access the net.

If you use a firewall, obviously you need to know how to use it, just as when you buy a chainsaw for the first time. As merely one tool in an arsenal of imperfect tools, it's worth having, along with antivir and anti-spyware and spam filters and popup blockers etc. Like countless numbers of knowledgeable users all of whom have a choice, I run a firewall and on occasion am glad I do. If it used a lot of resources and slowed down my computer dramatically, I might think twice; but since there's no perceptible slowdown, what's not to like?

Posted

"... As merely one tool in an arsenal of imperfect tools, it's worth having, along with antivirus and anti-spyware and spam filters and popup blockers etc. Like countless numbers of knowledgeable users all of whom have a choice, I run a firewall and on occasion am glad I do. If it used a lot of resources and slowed down my computer dramatically, I might think twice; but since there's no perceptible slowdown, what's not to like?"

A good point.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...