Jump to content
You are not logged in ▶️ Click to sign-up or login ×

Personal Firewall - Good Idea?

Sam125

By Sam125
in IT and Computers

 Share

Recommended Posts

Sam125 Senior Member

Sam125

Posted
Posted

Personal firewall - good idea?

I have always used antivirus software and enabled default windows firewalls sometimes.

I am currently using NOD 32 which is good and fast antivirus software. the new version 3 has a kinder interface also:

http://www.eset.com/products/

Should I get the suite which includes a software firewall for an extra $20 per year? Or simply use the antivirus software?

Link to comment
Share on other sites
Sam125 Senior Member

Sam125

Posted
  • Author
Posted
Unless you are excessively paranoid, the built in windows firewall is quite adequate. There are some advantages to using 3rd party firewalls (like better monitoring of outbound traffic) but they also create their own problems.

This is exactly the type of information that I was looking for - thank you

Link to comment
Share on other sites
Prasert Silver Member

Prasert

Posted
Posted

Good idea?

Maybe. It's more a buzzword now since most people have no clue at all what a firewall actually does. You should have one since everybody else has one.

Let's have a look at the common setup for 99% of all internet connected computers. That 99% is on a private IP address, which means you cannot reach that computer directly from the internet. The router in front of it uses NAT, so any sessions originating from the internet stop there (unless you forwarded a specific port).

In a way, a router with NAT is the best firewall there is - nothing will be passed through besides answers on requests coming from your computer.

So what's left to do for the so called firewall on your computer?

Stopping unintentional traffic from your some malicious software that's already on your computer? Why didn't the firewall stop it before it even got onto your computer?

In my opinion a firewall on your pc is pretty useless, unless your computer has a public IP address. The built-in windows firewall is especially useless - where the hel_l can you configure packet inspection? The only thing one can configure is port numbers and ip ranges. Which is basically just filtering......

Link to comment
Share on other sites
JSixpack Ruby Member

JSixpack

Posted
Posted
Stopping unintentional traffic from your some malicious software that's already on your computer? Why didn't the firewall stop it before it even got onto your computer?

Disingenous; a firewall isn't antivir and can hardly be expected to be ominscient; a user can always shoot himself in the foot despite the gun safety.

You'll find that expert users prefer to have a software firewall as well as hardware (router, NAT). If malware does get on your computer, the firewall will alert you when it tries outbound access. Also a firewall can block various "updaters" and other undesirable attempts to "call home" even by legit programs if you wish. Etc.

Some firewalls are more user friendly than others and aren't particularly onerous if you know a bit about what they are trying to do. Problem is that naive users just authorize access for everything without thinking, so defeating the purpose.

Link to comment
Share on other sites
Prasert Silver Member

Prasert

Posted
Posted
Some firewalls are more user friendly than others and aren't particularly onerous if you know a bit about what they are trying to do. Problem is that naive users just authorize access for everything without thinking, so defeating the purpose.

And that's exactly the point: the firewall becomes useless.

But at least you have one!

You'll find that expert users prefer to have a software firewall as well as hardware (router, NAT). If malware does get on your computer, the firewall will alert you when it tries outbound access. Also a firewall can block various "updaters" and other undesirable attempts to "call home" even by legit programs if you wish. Etc.

These are port filtering examples. No packet inspection or statefull inspection.

Will one of these firewalls stop spoofed traffic? E.g. bittorrent traffic disguising as webtraffic by using port 80. It's a trick played by many bittorrent clients to circumvent port filters. A firewall that looks beyond just the destination port will recognize the spoofed packet and block it.

Bittorrent is an example where a user configured the software to send this traffic. But there are several malware examples that use the same trick - port 80 is always open to allow websurfing without annoying popups from your firewall.

Link to comment
Share on other sites
JSixpack Ruby Member

JSixpack

Posted
Posted
Some firewalls are more user friendly than others and aren't particularly onerous if you know a bit about what they are trying to do. Problem is that naive users just authorize access for everything without thinking, so defeating the purpose.

And that's exactly the point: the firewall becomes useless.

Except when it isn't useless, which is actually the real point. Anything of course can be defeated, nor is anything perfect from condoms to your NAT/router, which does little or nothing against outbound traffic anyway and wherein ports are often opened by users for specific applications and subsequently used by malware.

These are port filtering examples. No packet inspection or statefull inspection.

Yes, they are. But if you want packet inspection and stateful inspection, some firewalls are capable, e. g., SonicWALL. You can add on a packet inspector, too.

Will one of these firewalls stop spoofed traffic?

And will it mix the perfect martini? As you know, it's the job of anti-malware to detect programs that do the spoofing. But typically you do a few scans of your hard drives before you install a firewall to get rid of all the malware. The firewall then alerts you if a program has changed (maybe because it's become infected) or if a new program (which you should have scanned or can trust w/o scanning) attempts to access the net.

If you use a firewall, obviously you need to know how to use it, just as when you buy a chainsaw for the first time. As merely one tool in an arsenal of imperfect tools, it's worth having, along with antivir and anti-spyware and spam filters and popup blockers etc. Like countless numbers of knowledgeable users all of whom have a choice, I run a firewall and on occasion am glad I do. If it used a lot of resources and slowed down my computer dramatically, I might think twice; but since there's no perceptible slowdown, what's not to like?

Link to comment
Share on other sites
Sam125 Senior Member

Sam125

Posted
  • Author
Posted

"... As merely one tool in an arsenal of imperfect tools, it's worth having, along with antivirus and anti-spyware and spam filters and popup blockers etc. Like countless numbers of knowledgeable users all of whom have a choice, I run a firewall and on occasion am glad I do. If it used a lot of resources and slowed down my computer dramatically, I might think twice; but since there's no perceptible slowdown, what's not to like?"

A good point.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.







×
×
  • Create New...