Is Firewall essential in this case?

Discussion in 'Computer Security' started by Dickie Peters, Jan 22, 2007.

  1. Is a software firewall such as Zone Alarm essential for added
    protection if I am already using the XP firewall, AVG antivirus (free)
    and have a wired router (D-link-524)? Will it offer me any additional
    protection? If so, is there a better free firewall than Zone alarm?

    Dickie Peters, Jan 22, 2007
    1. Advertisements

  2. Dickie Peters

    Todd H. Guest

    Zone alarm is pretty solid.

    THe added protection you'd get from it vs the existing solutions is
    notification of outbound internet access attempts from applications.
    How big a deal that is, is debateable.
    Todd H., Jan 22, 2007
    1. Advertisements

  3. Dickie Peters

    Notan Guest

    You may just have opened a huge can of worms, and on that note...
    Notan, Jan 22, 2007
  4. No. Independent of scenario.
    Eh... how should ZoneAlarm achieve such a thing?
    Virus scanners don't provide protection.
    And a router normally doesn't either.
    No. Again: How should it?
    ZoneAlarm is no firewall. Anyway, where is your firewall? And why do you
    need one?
    Sebastian Gottschalk, Jan 22, 2007
  5. Dickie Peters

    Wraeth Guest

    It seems to me as though you don't know exactly what a firewall does...
    It may be an idea for you to do some research (search 'firewall' in
    google, for example) to find out what it does. As for whether you are
    adequately protected, what you need to keep in mind is that different
    firewalls suit different people. It depends on your technological
    knowledge, what sort of control you would like, etc.

    Do some research, then 'shop around' for a firewall that suits you. Try
    some different ones to see what they're like, and settle down with the
    one you like.

    A friend of mine made a page for a company he worked for explaining it all:

    See if that helps clear the situation for you.

    Wraeth, Jan 22, 2007
  6. Personally, I recommend using Comodo since it offer good outbound
    Your router provide some sort of inbound protection (although it is not
    a hardware firewall theoritically)
    Computer experts recommend users to use both hardware firewall and
    software firewall to offer additional protection.

    For more information about PC internet security,please visit my
    There are a lot of links to websites about basic knowledge of PC
    internet security.

    The website of Wraeth's friend is excellent. Good Job,Wraeth !
    greenandwhitefr, Jan 22, 2007
  7. Well, sadly just in your reality.
    Where are the computer experts? You only referenced CERT, who are experts
    in telling how the users stay out of problems longer (but without any
    security) while staying dump so the have less trouble.

    Beside that, they don't make any such recommendation.
    Someone who has a clue about security would never ever go there, since just
    the name obviously implies nonsense.
    Well, why don't you provide any? I can only see advertisement for
    superfluos software, made by fools with no technical competence, not
    providing and real knowledge.
    Sebastian Gottschalk, Jan 22, 2007
  8. Thank you for your comments,Sebastian Gottschalk.
    greenandwhitefr, Jan 22, 2007
  9. Dickie Peters

    Todd H. Guest

    Sebbastian, why are you such a sad, negative, asshole?

    Just asking. You seem like a reasonably intelligent guy and would have
    quite a bit to offer the world if you weren't so often such a
    beligerent twat to well-meaning folks.

    Best Regards,
    Todd H., Jan 22, 2007
  10. Todd H. wrote:
    Eh... actually I'm trying to be exactly well-meaning. I didn't call him
    stupid or anything else, I just pointed out that he should check his
    opinion against some hard reality facts. And as such, he should
    recommending things that he doesn't have any fu^W fine clue about.

    And of course it would be nice if outbound protection could work in some
    serious way. But for obvious reasons it doesn't and won't ever.
    Sebastian Gottschalk, Jan 22, 2007
  11. Dickie Peters

    Todd H. Guest

    For the obvious-impaired, can you highlight these reasons?

    I'm still of the opinion that the outbound protection in software
    firewalls is better than not having it at all, but I'm curious to know
    the reasons behind your stance that it's worthless.
    Todd H., Jan 22, 2007
  12. - Turing-completeness of malware
    - interprocess communication
    - programs' configuration data are writeable by everyone
    Not using software firewalls doesn't mean not having protection. And the
    argument is generally wrong, since such software introduces complexity and
    therefore insecurity, also as proven by the real world.
    Obviously: It isn't reliable to any point, thus doesn't provide any
    security. It's an intrusion detection mechanism at best, and even then
    worthless due to the decrease of security by the implementation.
    Sebastian Gottschalk, Jan 22, 2007
  13. Dickie Peters

    Zilbandy Guest

    A lock on your front door is worthless if someone really wants to
    break into your house... but I bet you have one, anyway. Why?
    Zilbandy, Jan 22, 2007
  14. Ok, apparently my initial post has caused some debate here. I posted
    here because you know much more than I do, so let me clarify my

    Like everyone else, I want to prevent any hackers from attacking my
    machine. I want to block those attacks, but at the same time I would
    like to prevent anything that should not be on my computer, such as
    malware, from sending out my personal information or whatever.

    Being on disability, I cannot afford a lot of expensive software. With
    that, can someone offer me the basics of what I should have installed
    to offer me as much protection, both incoming and outgoing, as
    possible? My OS is XP if that helps.

    Thanks in advance for your help.
    Dickie Peters, Jan 22, 2007
  15. Dickie Peters

    B. Nice Guest

    If properly configured, your router should provide adequate protection
    from connection attempts from the outside.
    Don't expect to be able to control malware. Only reasonable
    countermeassure is to keep it off your machine.
    Security does'nt have to cost you anything.
    IMHO security is not about installing as much "protection" as
    possible. It is more about installing and running only software of
    decent quality from sources you trust, keeping it updated and using
    your brain.

    In other words, there are some technical counter-meassures you can and
    should take. The rest (the major part) is more or less up to you.

    Feel free to visit my site for further inspiration:
    B. Nice, Jan 22, 2007
  16. A front door isn't supposed to provide any security, but rather is a demand
    from your insurance company.

    That's why really important stuff is usually kept in a safe, not leaving
    the "protection" to just a simple front door.

    Beside that, you're drawing strange comparisons between analogue and
    digital worlds. There is no equivalent of "more force/energy/power" in
    digital world, and all possibilities are enumerable.
    Sebastian Gottschalk, Jan 22, 2007
  17. There is no need to block anything that should trivially fail anyway.
    This doesn't work, no matter how much you want it.

    The real solution is to simply not run any malware in first place. This is
    what you should focus on.
    Stop thinking in terms of installing more software would help.

    Competent usage helps. Secure configuration helps. Using non-vulnerable
    software helps. No software could replace that.
    Sebastian Gottschalk, Jan 22, 2007
  18. Or not. Just visiting a website containing a simple image reference


    and there your port 135/TCP gets forwarded without any hesitation. Not to
    mention other classes of protocol helpers, as well as simple usage of NAT
    itself. You could embed a flash applet which connects back to the server
    with source port 135, thus opens such a connection, disconnects, and then
    waits some time if someone starts a vulnerable DCE-RPC daemon - if not,
    connect again all 5 minutes to refresh the NAT state.

    If the router contains a packet filter, then the proper configuration of
    this part could provide such a protection.

    Unless then, a router should be regarded as transparent. You know, even RFC
    2993 tells you so.
    Sebastian Gottschalk, Jan 22, 2007
  19. Dickie Peters

    Wraeth Guest


    It seems to me that you have some strong opinions on the subject of
    computer security. But perhaps you should think about how you word your
    opinions before you send them off.

    The idea of groups such as this is to /discuss/ computer security and to
    provide /assistance/ to people who ask for it. You are simply trying to
    prove to everyone that you are better because you know about it, and
    everyone else deserves nothing more that to be looked down upon.

    The concept of providing assistance, especially to people who wish to
    learn, is to provide constructive criticism, not to say "I know how it
    works, so do it my way or else you may as well not do it at all." I can
    see that you do indeed know about computer security, and you can provide
    a wealth of information, as well as to identify potential threats; but
    that does not mean that someone who offers a suggestion that does not
    cover that threat is incompetent and deserves only your contempt.

    Instead of saying "No, your wrong because of this. Do it my way - /it/
    works", perhaps something more along the lines of "Yes, that will cover
    those threats, but will still leave open this vulnerability. This should
    cover it as well", and be open to further suggestions that are perhaps
    easier to manage/implement, instead of saying "my way works, so use it".

    Different solutions are suitable for different people. Your way might
    work, but others can as well, and may sit better with the people who use it.

    Knowledge /is/ power.
    Wisdom is knowing how to use it.

    Wraeth, Jan 23, 2007
  20. Dickie Peters

    Wraeth Guest


    This site my friend made is aimed towards explaining computer security
    for the not-precisely-computer-literate staff of a school he worked at,
    and explains everything on the assumption that you have only a basic
    knowledge of computers (basic point-and-click skills, basic knowledge of
    the Internet). It may not be exactly what you need, but as well as
    giving a basic overview of computer security, it points you to several
    resources, and tells you how you can learn more - either about security,
    or how to protect yourself.

    Have a look and that should help you out.

    Cheers, and good luck
    Wraeth, Jan 23, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.