|
Posted by Bigbruva on September 27, 2005, 2:45 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Thanks Subratam this is good information, so the recommendation is more to
do with the Anti-malware applications abilities to detect new attacks, which
would then leave the firewall as the only line of defense to trap an new
outgoing malware call, than it is a problem with Windows Firewall directly.
This is just the reasoned and logical information that gets lost in the
"Windows Firewall is cr*p" type comments I see so often.
I also agree that it is only a matter of time before Microsoft step up to
the mark and fix this issue in one care product, or another ;-)
BB
> Hi Bigbruva :) ,
>
> Windows Firewall does not restrict outgoing traffic from your computer or
> restrict applications from using your Internet connection. This means that
> if
> you have a virus , Windows Firewall will allow your applications to send
> data
> to the Internet without your permission.
> To rely completely on the SP2 firewall, you'd need to be absolutely
> certain
> that your computer harbors no intruders already-no unknown programs
> downloaded earlier that might be dialing out, no viruses, worms or
> Trojans.
> In that case, blocking inbound traffic would be enough. The problem is
> that
> spyware is developing faster than any one program can catch it. So the
> chances of starting with and maintaining an absolutely intruder-free
> computer
> are not very great.
> The best firewalls not only block incoming traffic, but monitor Internet
> activity initiated from your computer as well. This enables them to catch
> intruders that have been planted in your computer, trying to pass personal
> information and files to a Web site. This provides an extra margin of
> safety .
> Saying that , Microsoft already been aware of it and they are not sitting
> quietly.
>
> Regards
> --
> Microsoft MVP Windows-Security 2005
>
>
> "Bigbruva" wrote:
>
>> Hi Subtratam, as you are an MVP, I am interested that you recommend
>> replacing the Windows Firewall. I hear this a lot, from many sources, and
>> understand the issues about its limitations when compared to a fully
>> featured firewall solution. My question is, do you have any specific
>> examples of attacks that have successfully bypassed an active Windows
>> Firewall? (Note: 897663 doesn't count as no attack has used this)
>>
>> I don't want to start a firestorm, I am simply interested to understand
>> why
>> Windows Firewall has such a bad reputation. If you will forgive the
>> analogy,
>> it may not be a "Ferrari F40" but it is a good "BMW Mini" and, IMHO, most
>> people don't need Ferrari's (especially people like my Mum and Dad ;-)
>>
>> If a user is really "interested" in PC security or is looking to share
>> Internet services then I agree they should upgrade to a more featured
>> product, hence the reason the "Silver Medal" solution
>> (www.windowsdefender.com/silver_protection.htm) does this. However, if
>> you
>> are looking for a simple "set it, forget it" tool to improve your systems
>> security with the minimum complexity, I stick by my recommendation of
>> Windows Firewall, unless I have missed a security vulnerability somewhere
>> of
>> course, in which case I'll update the "Bronze Medal" solution on the
>> site.
>>
>> Thanks in advance
>>
>> BB
>>
>> > Just a few points here if I may say :) , Avast , Etrust , AVG are real
>> > quality free AntiViruses of which I will also suggest to go for Avast.
>> > Regarding Firewall , I dont recommend Windows firewall rather disabling
>> > it
>> > and go for much better and free firewall like Sygate . Kerio is
>> > discontinueing its free firewall service
>> > http://forums.kerio.com/index.php?t=msg&th=7040 and most others giving
>> > free
>> > "trials" . Zonealarm is good ... but IMO , it uses a lot of resources .
>> > Prevx
>> > is a good tool to be tried out too which provides layered protection.
>> >
>> > Regards
>> > --
>> > Microsoft MVP Windows-Security 2005
>> >
>> >
>> > "Jim Macklin" wrote:
>> >
>> >> ZA seems to be much easier to configure for permissions than
>> >> XPs firewall, maybe that because I began using ZA years ago,
>> >> before XP was released.
>> >>
>> >> BTW, just did an ZA update to 6.0.667.000 and noticed a
>> >> problem with the popup message window. The Allow and deny
>> >> buttons are aligned such that the deny button is only
>> >> partially visible at the right edge of the window. This is
>> >> on both my W98 and XP computer. The download was done on
>> >> each computer. I have sent ZLabs a notice (w screen cap).
>> >>
>> >>
>> >> --
>> >> The people think the Constitution protects their rights;
>> >> But government sees it as an obstacle to be overcome.
>> >> some support
>> >> http://www.usdoj.gov/olc/secondamendment2.htm
>> >>
>> >>
>> >>
>> >> |I agree that Zone Alarm is a great product, in fact the
>> >> Gold version of this
>> >> | guide will use Zone Alarm Pro - once I get the time to
>> >> finish the guide!
>> >> |
>> >> | However the aim of the Bronze setup was to make the
>> >> installation and
>> >> | configurations as simple as possible and, as the, Windows
>> >> Firewall is part
>> >> | of SP2 (which most home users will have installed) this
>> >> was the easiest to
>> >> | setup. For the majority of home users the Windows Firewall
>> >> is sufficient
>> >> | IMO, even if it's features are rather limited.
>> >> |
>> >> | BB
>> >> |
>> >> |
>> >> in message
>> >> | > AVAST works well, as does As-Aware SE, but the free Zone
>> >> | > Alarm firewall is more functional than the Windows
>> >> firewall
>> >> | > since it monitors in and outbound traffic and has a much
>> >> | > easier interface.
>> >> | >
>> >> | >
>> >> | > --
>> >> | > The people think the Constitution protects their rights;
>> >> | > But government sees it as an obstacle to be overcome.
>> >> | > some support
>> >> | > http://www.usdoj.gov/olc/secondamendment2.htm
>> >> | >
>> >> | >
>> >> | >
>> >> | > | Hi Catamount
>> >> | > |
>> >> | > | I have a step-by-step guide for a free Antivirus and
>> >> | > Anti-spyware setup on
>> >> | > | my site at:
>> >> | > |
>> >> | > | http://www.windowsdefender.com/bronze_protection.htm
>> >> | > |
>> >> | > | This setup uses Avast!, Ad-Aware SE Personal, and
>> >> Windows
>> >> | > Firewall.
>> >> | > |
>> >> | > | HTH
>> >> | > |
>> >> | > | BB
>> >> | > |
>> >> | > | >I am looking for a list of free antivirus and
>> >> firewall
>> >> | > software. I am
>> >> | > | >trying to create a list for a project to get people
>> >> who
>> >> | > don't have the
>> >> | > | >money for the high end AV software to still get
>> >> | > protection. Anyone wanna
>> >> | > | >help little-ole-me?
>> >> | > |
>> >> | > |
>> >> | >
>> >> | >
>> >> |
>> >> |
>> >>
>> >>
>> >>
>>
>>
>>
| 
XML site map