Avast or Zone Alarm using proxy server?

Discussion in 'Computer Security' started by Zak, Feb 13, 2005.

  1. Zak

    Gerald Vogt Guest

    You already have "odd programs" on your computer. Why don't you fix that
    problem and get rid of the "odd programs"? Wouldn't that be the right
    approach. You seem to fix symptoms instead of fixing the cause. If you
    have malware on your computer, it is just to late. Hoping that your ZA
    does prevent contact to the outside for these programs is just not
    really solving the problem.
    Again, ZA may does stop something, but it is usually not the bad guy who
    manages it anyway.
    Have you ever tried to circumvent it? This, too, is pretty easy to
    circumvent depending on the firewall in place. And in particular teens
    (as you mentioned your daughter) are extremely creative and quick to
    learn how to do it as experiences from PCs in youth centres show.

    Gerald
     
    Gerald Vogt, Feb 15, 2005
    #21
    1. Advertisements

  2. Zak

    Martin Guest

    But it seems that your "odd programs" would mean anything more than just
    Windows! How many people out there are happy to run only Windows, no extra
    programs, no games, nothing loaded 'just for fun', just so you can be 100%
    sure that the Windows Firewall will work OK? What planet are you on? I am
    not stupid enough to load something on that is nothing more that malware or
    spyware, but that doesn't mean that I want to allow open access to
    everything else loaded on my damn computer! Not unless *I* say it is OK!
    Unless Windows is the *only* thing loaded, it seems to me that the Windows
    Firewall is a little out of its depth...

    Let me see, you really want me to trust Microsoft Windows to provide a
    security solution for problems that usually result because of faults in,
    umm, well, Microsoft Windows?????? Hmm......

    Windows XP SP2 Firewall provides an excellent firewall for newcomers until
    they install something better. It is better than nothing at all, and for
    some 'dial up' users that do not much on the internet, maybe 5 minutes every
    few days to get mail, then I guess it is all you would need or want. Yes,
    and excellent Firewall for those people..

    The rest of us simply like a little more protection and extras, like warning
    if *any* mail program tries to e-mail more than (x) number of messages at
    once (i.e. like a virus may try), or warning if something new is trying to
    gain access to the internet (yes, maybe not fool proof but still a lot more
    that WFW offers)...
    So what makes you believe that Windows Firewall would be any different?
    Let's see, how many security issues have resulted due to exploits of faults
    in Windows over the years??? It seems that almost all of our problems would
    be solved by not using Windows, but you want us to accept that Windows can
    supply the very best Firewall available??? HAHAHA!!!
    Well, like anything these days it is impossible to stop everything, isn't
    it. A burglar alarm only makes noise, and deadlocks only means a burglar
    will find another way in. A combination of measures helps to prevent
    problems, which is why I don't rely solely on ZA to provide all my security,
    but it is also why I would NOT rely solely on Windows Firewall to provide
    firewall services!

    Let us agree to disagree, shall we? No doubt everyone has their own beliefs
    and preferences......
     
    Martin, Feb 15, 2005
    #22
    1. Advertisements

  3. Zak

    Gerald Vogt Guest

    The only thing you can say is to install something or not. If you say it
    is not O.K. you may or may not block something and the software can
    still easily communicate without you even noticing. A PFW cannot do what
    you want.
    No, believe me, it is perfectly fine and does not uses have the
    processor speed as other PFW do for doing little not much more than the
    SP2 firewall except annoying people with pop-ups that most people don't
    understand and more or less randomly answer, reporting "attacks" on
    ports where no process is listening and actually making DoS attacks
    really effective, a.s.o....
    If that is your problem, then you should not use Microsoft Windows.
    Microsoft does a whole lot of stupid things and Windows is a security
    nightmare. But at least in this respect they did a good job and provide
    the security (meaning real security) that is possible and not making
    false statements about some super-miracle-security that is simply
    impossible. How many people out there are surprised and wonder how it is
    possible that their computer was infected and private data was stolen
    although they were running AV, PFW and everything else? You want
    something that blocks data unless you say its OK. And I just tell you
    that the PFW you are using does a very bad job about it if it comes down
    to it. If you rely on it, you will loose in the end...
    Like the "Microsoft Subsystem" or what is it's name? Printer Spooler? Do
    you always know what component it is? Do you actually verify the
    executable that tries to access the internet? An software author can
    write any name into the version information of its program and can name
    the exe whatever it wants to. So if a pop-up comes up that ask whether
    or not to allow access to "Microsoft Internet Explorer", do you know
    what it is? The program is called "IEXPLORE.EXE" and tries to access
    port 80 somewhere...

    You want protection because you want to prevent a virus that is running
    on your system to send e-mails. The problem is however that you have the
    virus already. In that moment, you already lost control of your
    computer. The virus just has to deactivate your PFW and nothing is
    blocked or detected.

    The important thing is to prevent the infection in the first place. But
    why would you bother about that if you know that you have your PFW that
    "prevents" the virus from talking to the internet?
    O.K. If you don't trust the operating system you are using it is your
    own fault. It is your assumption that the Windows Firewall is flawed,
    too. But first: the Windows IP stack is pretty stable and seems to be
    free of flaws. So IP itself does not seem to be the problem. And
    although Microsoft usual policy is to go for the amount of features
    instead of its quality, this one time they actually did it the way how
    good design should be: keep it simple and do it right. The firewall is
    extremely fast and does not mess with your whole Windows systems like
    some many PFWs do causing more problems than helping. It does what a
    firewall is supposed to do: it blocks incoming traffic. That is all it
    can do and that is what it does. It is well integrated into the system
    and it is not easy to circumvent unless you are only using the
    Administrator account. With SP2 FW a virus, if you catch one cannot
    establish a server on your computer which can be contacted from the
    internet. With your PFW a virus can fool the PFW or turn it off and then
    it is really free to do whatever it wants.

    So if you have problems trusting Windows, don't use it. It is weird to
    see how you rely on third-party software to make Windows secure and how
    you believe so steadfast in the perfection of that third-party software
    compared to the flawed Microsoft Windows implementation. Why do you
    believe someone you promises you 100% security when you know it is
    impossible?
    But you still rely first on software to provide your security instead of
    taking your own responsibilty. With the SP2 firewall it is easy to make
    a Windows machine secure in the way that it won't get infected just by
    being connected to the internet. It does this job and it does it
    perfectly. Anything beyond that is your responsibilty because in the end
    you run the software, you browse dubious web sites or you open
    junk-mails in your bugged Outlook Express. Why do you use OE? Aren't
    there much more secure alternatives out there? Your PFW makes you think
    you don't have to worry because it protects you. It just like you buy a
    car with the newest safety technology, 20 airbags, ABS, EPS, XAS, and
    whatever else they may invent and you believe you are absolutely safe.
    It goes even further, because the company that sells you all that stuff
    tells you that with all these things you won't have an accident any more
    and you just go for it...

    Without your PFW you know that you have to be careful and you have - in
    my opinion - a proper sense of the dangers and threats in the internet.
    You just don't walk into a strange neighborhood. That's common sense,
    isn't it? Why is the internet so much different??

    Gerald
     
    Gerald Vogt, Feb 15, 2005
    #23
  4. We agree on that.
    I'd guess it's because they don't want to go to court?

    I still don't understand your rationale for not wanting to use a
    software firewall that can at least catch *most* bad stuff trying to
    call out, as opposed to using NO firewall [1], that of course cannot
    catch *anything* trying to call out.

    You surely have strange ideas, which I would not recommend to anyone.

    [1. Windows firewall is nearly in this category.]
     
    Beauregard T. Shagnasty, Feb 15, 2005
    #24
  5. Zak

    bassbag Guest

    I know it works because the firewall intercepts it.Try downloading
    secretary calender from here...
    http://sixfiles.com/dbase/business-home/pims-calendars/page3/go.php
    Much freeware here and seems a respected site.Howver that particualr
    programme is loaded with windropper small.Using jottis online virus
    scanner ,not all avs detect it.Kav does ,nod does.A few others dont.A
    firewall (obviously set correctly) with outgoing application filtering
    does.If you download and install that innocuous programme you will get
    infected without even knowing it using xps firewall(and if your av doesnt
    detect it).I know it works because the firewall stops the application.Yes
    firewalls have been circumvented , but xps lack of application control
    just leaves the door wide open.
    me
     
    bassbag, Feb 15, 2005
    #25
  6. Zak

    Gerald Vogt Guest

    Why are you using Microsoft software when it is so bad? The SP2 firewall
    is working very well and seems to be very good implemented and
    efficient. Again, as Microsoft this one time limited itself instead of
    putting zillions of beta-state features into the firewall it seems as
    if they did this thing right. Paketfilters are not that difficult to
    implement...
    You don't get it.
    I don't have anything that "calls out". I select the software I install
    carefully. And I don't rely on something that gives me something,
    sometimes but I won't notice when it goes utterly wrong anyway.

    All the PFW makers do exactly what Microsoft usually does and did not do
    with the SP2 FW (and the packet filter in W2K as well): they put
    zillions of features into it making people believe that they are
    perfectly safe just by installing some software, by making them believe
    that they are absolutely safe.

    Haven't you read the other thread with the attack against a computer
    that crashes the PFW? The SP2 FW does not crash because it does not
    interact with the user and asks them about accesses people don't know
    about and does not inform about "attacks" on ports where nothing is
    listening anyway. All those pop-ups are just there to convince people
    that there PFW is protecting them so well while it is basically just
    telling them that there was a connection attempt to something that is
    not where anyway, thus they were safe anyway.

    The PFW can crash and leaves the computer vulnerable. It can be turned
    off by the user when it is convenient or some software does not work for
    some reason. (Isn't that a frequent thing to do? Some software does not
    work so let's see if it is working when I turn the FW off...) It is much
    more complex to configure and maintain (oops, the pop-up for the
    "printer spooler" which some people answer with "always deny" because it
    popped up in the middle of something else and no printing does not
    work...) PFW itself are vulnerable as the series of worms for NIS have
    shown.

    Bottom line: you add a extremely complex, feature-loaded thing into your
    system, that messes badly with it, often makes problems that require it
    to turn off, some don't even uninstall properly. Security is not solved
    by adding complexity. That is basic security wisdom. Good security
    solutions are simple. That way you can verify that it does what it
    supposed to due. PFW are totally different...

    So what benefit has something that catches some "bad stuff" of my DVD
    burner that I installed instead of looking for something else. How many
    programs do you have that still "call out" although you can configure
    them not to? And what are you blocking anyway? Check for updates? Maybe
    you block it and won't even know about an important security update
    which ...
    That is not an idea but a very well working concept. Your mistrust in
    Microsoft is a extremely strange idea of yours as you still want to use
    Microsoft software. The like driving a car that you don't trust and
    therefore you go to a garage that promises things that they cannot keep
    anyway. It is much more important to keep your system up-to-date with
    current updates but you don't take that so seriously as it seems if I
    see that you are using TB 0.9.

    Why do you think that some security product is so much better and safer
    than Microsoft software? What makes you think that there are no bugs in
    there? What makes you believe that add magnitudes of complexity to a
    system will make it more secure?
    The Windows firewall does what a firewall is supposed to do, and exactly
    that, without zillions of gadgets and flashy things... And you don't
    even need it if you have a stand-alone PC, shutdown all services that
    open ports.

    Gerald
     
    Gerald Vogt, Feb 15, 2005
    #26
  7. Zak

    Gerald Vogt Guest

    You don't just install a software because it "seems a respected site".
    This is just the problem. If you want to install freeware you check
    forums, usenet groups other places and look for people that are using it
    and confirm where they have it from. If you read the comments for that
    software you will see that it contains a trojan.

    Only because you see a "respected house" even in a "respected
    neigborhood" does not mean that there is nothing illegal or dangerous
    behind the doors. But with your PFW and AV software you just get
    careless because you think you are invulnerable against anything.
    No. You have seen a pop-up and you hope that the firewall did actually
    stopped it. You don't know what it actually did to your system. You
    don't know if it, while you were reading the pop-up, actually tunneled
    information out through Internet Explorer. You don't know what it
    actually modified on your system and where it might have changed
    something. You don't know if there is something waiting in the
    background for the moment when you even turn off your PFW because some
    other program you use does not work together with your PFW. You don't
    know. That is the point: your computer is compromised because of you
    downloading software. The pop-up makes you think that "you know" and
    that you prevented something bad. You prevented something, maybe, but
    you don't know anything. And that is the problem: you think you know
    although you don't. If, in a month from now, your ISP gives you an angry
    call and has disconnected you from its network because you were relaying
    spam mails you just wonder, why and how, because you PFW did stop the
    trojan from talking to the outside while in reality it may have made a
    few other changes for later...

    The outgoing pop-ups may be nice to learn but as part of security
    software people quickly depend on it and believe it completely. If you
    really want to know what is going over the wire, get a network sniffer.
    That gives you the truth about what is going on. If you just want to
    know what application does send data out, there are other non-intrusive
    programs available that log you with outgoing connections and you can
    learn that way...

    Gerald

    Gerald
     
    Gerald Vogt, Feb 15, 2005
    #27
  8. Because I develop applications with Visual FoxPro. No other reason.

    Why are you using it?

    <snip rest>

    Would you mind giving us your Microsoft employee number?
     
    Beauregard T. Shagnasty, Feb 16, 2005
    #28
  9. What are you going to do wiht his Microsoft Employee Number ?? Are you
    stupid ?? Do you think anyone is stupoid enough to give that to you ??
    Jerk.
     
    Hank Sniadoch, Feb 16, 2005
    #29
  10. Zak

    Gerald Vogt Guest

    You don't need internet to do that. And there are other languages.

    Gerald
     
    Gerald Vogt, Feb 16, 2005
    #30
  11. Zak

    Martin Guest

    I think it is Bill Gates' alias...

    I don't know why more people haven't realised that Windows XP SP2 Firewall
    is the ultimate solution to their problems! Just unload all other software,
    other than Windows, and hey-presto - no more problems!! (or could that be
    because it doesn't tell you anyway??)

    One question - the OP stated in that last reply:

    "I don't have anything that "calls out"."

    And, how exactly can you know that, for sure, 100%, no doubts, when nothing
    will warn you about it trying to call?? I have installed several Microsoft
    items that have immediately tried to connect to the internet, before they
    are even installed. Am I to believe that I shouldn't have trusted Microsoft
    either??????? If I was using only the Windows Firewall I also would not
    have known they had connected, and would presume that they didn't! At least
    ZA allowed me to choose if it could connect, just as it does anytime IE or
    OE (or anything else configured for 'net access) is changed in any way (even
    updates).

    Ahh, why are we bothering? This guy will argue with us no matter what we
    say or do, so what's the point???
     
    Martin, Feb 16, 2005
    #31
  12. You missed the humor there, Hank.
     
    Beauregard T. Shagnasty, Feb 16, 2005
    #32
  13. Not when the employer says "use FoxPro."
     
    Beauregard T. Shagnasty, Feb 16, 2005
    #33
  14. Agreed. I just hope anyone reading along sees enough of our replies to
    not heed Gerald's advice.
     
    Beauregard T. Shagnasty, Feb 16, 2005
    #34
  15. Zak

    Gerald Vogt Guest

    Because there are companies that try to sell software that you don't
    need. I never said to unload software other than Windows. I said do not
    install software that you don't trust and in particular do not rely on
    other software to protect you from the software you installed before. Go
    to a university and ask security researchers. This system is flawed and
    can never properly work. Many people have reported infections although
    they had all this nice PFW and AV running. Some computers have been
    infected just because they were running PFW/AV that was exploited.

    You cannot make a system more secure by just adding additional
    complexity and trying to achieve something that is impossible to
    completely achieve. Accept your responsibilty for your actions instead
    of relying on others to fix the problems you cause. Don't use software
    that you don't trust. Accept that software that you install and wants to
    talk to the internet will do so. Learn how to use and in particular
    configure your computer. Why spending $$ on a software to block traffic
    that you could just as well prevent just by configuring your application
    properly? All the PFW wants to do is to make you believe that with it
    you are perfectly safe so why bother... (This is called risk
    compensation. Just like the studies that show that people driving on
    their bicycle with helmet generally drive faster and more risky.)

    And to get back to your initial question: you just don't read that much
    about people having problems with the SP2 firewall. You just read about
    people having problems with PFWs or that have been infected in spite of
    the running PFW. You don't usually read that much about what does not
    make problems in particular if it is free and not big promoted. Just two
    days ago I received a recommendation for the IT department of the
    Technical University of Munich telling people to favour the SP2 FW
    instead of some other PFW because all those PFWs just deeply impact your
    Windows system and cause all kinds of problems without any real
    benefits. Instead a proper code of practice for the use of the internet
    is better.

    Just look at you: you are using Microsoft Outlook Express
    6.00.2900.2180. This is not the lastest updated version of OE. This is
    exactly what frequently happens who rely on their PFW and AV: why should
    they bother with updates when they are so well protected by their PFW??
    If I want to know sure for 100% then I use something that gives me
    exactly this 100% certainty: use a network sniffer on the wire between
    the computer and the internet. Or if you have a router in between let it
    log the outgoing traffic. Then I do know 100% for sure. Your PFW may or
    may not report something...
    What items?
    How do you know that it does not do something else, too, like collecting
    information about you? If you don't have your outgoing filter you should
    be aware of your risks. If you want software not to talk to the
    internet, do not connect the computer to the internet. Then you can be
    100% sure.
    Again, your conclusion is wrong. You deduct from the fact that you get
    pop-ups that allow you to choose that this works each and every time.
    There is the flaw. This is incorrect but unfortunately exactly the
    effect of people using PFWs.
    Arguments are the point of any discussion. If you don't want to discuss
    I don't know why you argue...

    Gerald
     
    Gerald Vogt, Feb 16, 2005
    #35
  16. Zak

    Gerald Vogt Guest

    Well, I hope that anyone reading this sees that thinking a software is
    the solution to all their computer security problems and that with that
    software they don't have to worry about anything anymore is utterly wrong.

    Gerald
     
    Gerald Vogt, Feb 16, 2005
    #36
  17. Zak

    Martin Guest

    [SNIP]
    Well, there's my point! Everything here is set for auto-update and even
    that doesn't work properly!!!!!
     
    Martin, Feb 16, 2005
    #37
  18. Zak

    Gerald Vogt Guest

    Exactly! Because you don't want to care about it. You just want to do
    anything you want and somebody or something else should prevent any evil...

    Gerald
     
    Gerald Vogt, Feb 16, 2005
    #38
  19. Zak

    James Egan Guest

    On the contrary he's mentioned quite a few valid points and is largely
    correct. Don't try and make him out to be some kind of whacko (which
    he clearly isn't) to try and gain the upper hand in your losing
    argument.


    Jim.
     
    James Egan, Feb 16, 2005
    #39
  20. Zak

    bassbag Guest

    Ahh rite....my car has one driver air bag ,my neighbours has 4.I havent
    crashed yet nor has he ,so i dont know wehther theyll work or not.I
    wonder why he forked out for a car with all those extra airbags when he
    doesnt even know if theyll work.Of course if he leaves it in the garage
    and dont go anywhere ,drive on roads that he doesnt know , he shouldnt
    have to worry at all .By the way i have several sniffers.Its a bit late
    looking at the sniffer log and seeing the horse after its bolted.But then
    again ...how do i reallllyy know that my sniffers working correctly.It
    seems rather strange you condemn an application firewall because of the
    possible mess it might make on a system and then recommend a sniffer .I
    guess if microsoft upgrade thier firewall to application filtering too in
    the near future you will be in a right quandry.
    me
     
    bassbag, Feb 16, 2005
    #40
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.