Zonealarm

[Guest DDW]

"Flight" <jPUNTvoorbeeld@gmailPUNTcom> wrote:

<span style="color:blue">

>I wouldn't advise Avast. It is not so safe. </span>

 

When asked whose ass he pulled that one out of, he replied:

<span style="color:blue">

>Look at the test results from many antivirustesters.</span>

 

Didn't cite any, because there aren't any that call Avast "not so

safe".

 

DDW

--

Reply via this group only

All email will be rejected

[Guest jhnlmn]

I cannot figure out what that built-in Vista FW is good for.

All incoming connections are blocked by the router anyway,

and, I heard, that software FW are not as secure as hardware.

But what I really need is control over outgoing connections.

I hate when applications connect to the Web behind my back,

gobble up my net bandwidth, report on my usage patterns,

download and install upgrades without my approval, etc.

So, I used ZoneAlarm for years, but, alas, it is not available

on Vista 64. For now I switched to Comodo. It is much harder

to configure, but appears to be more flexible.

 

 

--

jhnlmn

[Guest FromTheRafters]

"jhnlmn" <guest@unknown-email.com> wrote in message

news:521a1a20fea2789effd702b9bd29aa98@nntp-gateway.com...<span style="color:blue">

>

> I cannot figure out what that built-in Vista FW is good for.

> All incoming connections are blocked by the router anyway,

> and, I heard, that software FW are not as secure as hardware.</span>

 

Makes sense for a laptop - where you might not

always be behind your router - or I suppose

a desktop setup when your router isn't yours

anymore due to intrusion.

<span style="color:blue">

> But what I really need is control over outgoing connections.</span>

 

More a want than a need. Outgoing connections come

from software already executing on the machine you

are "protecting" - this is not really a firewall's function.

[Guest jhnlmn]

<span style="color:blue">

> when your router isn't yours anymore due to intrusion.</span>

 

Well, if they managed to hijack your router, then all is lost

and software FW will not help either (neither built-in nor third

party).

 

But, as I already said, my problem is not with viruses

(the last time I had a real damage from a virus was back in 92),

but with "legitimate" software, such as Acrobat reader,

Media player and many others, which connect to Internet

behind my back without my permission and send who-knows-what

about me to their headquarters. For that reason I never run

a PC without outgoing firewall, which significantly improves

my network connection speed by blocking unwanted connections. It would

be nice if MS will build outgoing FW

into the Windows and protect it from being disabled

the same way as MS protects Vista internal modules from

being overwritten. Until then I have to rely on third party solutions.

 

 

--

jhnlmn

[Guest FromTheRafters]

"jhnlmn" <guest@unknown-email.com> wrote in message

news:34401be2b7dd8a265f05befca5e6926c@nntp-gateway.com...<span style="color:blue">

><span style="color:green">

>> when your router isn't yours anymore due to intrusion.</span>

>

> Well, if they managed to hijack your router, then all is lost

> and software FW will not help either (neither built-in nor third

> party).</span>

 

Why do you say that? Just because they have your

router does not mean they have your computer too.

That's a good part of what makes a router a firewall.

<span style="color:blue">

> But, as I already said, my problem is not with viruses</span>

 

Of course not, we were talking about the usefulness of

Windows Firewall if a real firewall in the form of a

router was also used. Viruses are not really a firewall

issue - but a network worm may well be thwarted by

the presence of the Windows Firewall in case you find

yourself no longer shielded by the router or other true

firewall appliance.

<span style="color:blue">

> (the last time I had a real damage from a virus was back in 92),

> but with "legitimate" software, such as Acrobat reader,

> Media player and many others, which connect to Internet

> behind my back without my permission and send who-knows-what

> about me to their headquarters.</span>

 

Hmmm...okay... yeah, some people are real sensitive

about that sort of thing.

 

[snip]

[Guest jhnlmn]

<span style="color:blue"><span style="color:green"><span style="color:darkred">

> > > >

> > > Well, if they managed to hijack your router, then all is lost

> > > and software FW will not help either (neither built-in nor third

> > > party). > > Why do you say that? Just because they have your</span></span>

> router does not mean they have your computer too.

> That's a good part of what makes a router a firewall.

> </span>

Well, I am not an expert. My thought was that in order to

reconfigure my router someone should get access to the

password, which is only possible by hijacking my PC

or getting a physical access to both. But if they hijacked

my PC, then they also compromised my software firewall

as well, which is much easier to do than to record a password

for the router. Of course, I ignored the fact that a router

may be buggy and intruder may take advantage of it.

But I didn't hear so far about intruders attacking home

routers, while there is endless stream of attacks on home PCs.<span style="color:blue">

>

> Of course not, we were talking about the usefulness of

> Windows Firewall if a real firewall in the form of a

> router was also used.

> </span>

The original question was whether one still needs a third party

firewall in Vista. So, I just tried to explain why I still need one.

<span style="color:blue">

>

> Hmmm...okay... yeah, some people are real sensitive

> about that sort of thing.

> </span>

I guess that most of the people simply not aware why their

PCs (and Web browsers) keep slowing down to a crawl.

I have dozens of programs installed and most of them are trying

to check for updates and download huge files behind my back,

install them and reboot my PC - all the time interfering with

my work. I just cannot use PC without an outgoing firewall anymore.

 

 

--

jhnlmn

[Guest FromTheRafters]

"jhnlmn" <guest@unknown-email.com> wrote in message

news:28e6f9f1411b084de8e1b080c4c2c37c@nntp-gateway.com...<span style="color:blue">

><span style="color:green"><span style="color:darkred">

>> > > >

>> > > Well, if they managed to hijack your router, then all is lost

>> > > and software FW will not help either (neither built-in nor third

>> > > party). > > Why do you say that? Just because they have your</span>

>> router does not mean they have your computer too.

>> That's a good part of what makes a router a firewall.

>></span>

> Well, I am not an expert. My thought was that in order to

> reconfigure my router someone should get access to the

> password, which is only possible by hijacking my PC</span>

 

Generally, routers still have the default user and password.

 

Mine was user and user.

My neighbors was (okay..still is) user and admin.

 

http://www.routerpasswords.com/

<span style="color:blue">

> or getting a physical access to both. But if they hijacked

> my PC, then they also compromised my software firewall

> as well, which is much easier to do than to record a password

> for the router. Of course, I ignored the fact that a router

> may be buggy and intruder may take advantage of it.

> But I didn't hear so far about intruders attacking home

> routers, while there is endless stream of attacks on home PCs.<span style="color:green">

>>

>> Of course not, we were talking about the usefulness of

>> Windows Firewall if a real firewall in the form of a

>> router was also used.

>></span>

> The original question was whether one still needs a third party

> firewall in Vista. So, I just tried to explain why I still need one.</span>

 

I was refering to your first contribution, not the original

post for the thread,

 

You said in part:

 

"I cannot figure out what that built-in Vista FW is good for.

All incoming connections are blocked by the router anyway,

and, I heard, that software FW are not as secure as hardware."

 

Which is correct.

 

What the software firewall is good for is when you find

yourself not behind a real firewall for whatever reasons.

<span style="color:blue"><span style="color:green">

>> Hmmm...okay... yeah, some people are real sensitive

>> about that sort of thing.

>></span>

> I guess that most of the people simply not aware why their

> PCs (and Web browsers) keep slowing down to a crawl.

> I have dozens of programs installed and most of them are trying

> to check for updates and download huge files behind my back,

> install them and reboot my PC - all the time interfering with

> my work. I just cannot use PC without an outgoing firewall anymore.</span>

 

Outbound sniffing and filtering would be better applied in an

environment that is not the same environment as that that is

being "protected" by such filtering. It goes for inbound too.

 

As you said - "...software FW are not as secure as hardware."

 

Application control and internet access control are nice, but

are not a good security move because malware will be written

to tunnel within the programs that are allowed access. Your

filter software won't alert to them and you will think it is not

happening. So - you will end up in the same situation with the

added overhead of the filtering software running and finding

nothing.

[Guest jhnlmn]

<span style="color:blue">

>

> Generally, routers still have the default user and password.

> OK, I agree, if someone is so lazy and don't bother to </span>

change the router password, then built-in Vista FW would give some

protection.

<span style="color:blue">

>

> Application control and internet access control are nice, but

> are not a good security move because malware will be written

> to tunnel within the programs that are allowed access.

> But who said that app control and FW are for security only?</span>

I already wrote that my biggest problem is not with viruses

but with "legitimate" apps, such as Acrobat, WMP, iTunes, etc,

which manage to slow down my PC and Web connection

almost to a halt. Luckily, these apps are not so devious

and do not perform any tunneling.

<span style="color:blue">

>

> So - you will end up in the same situation with the

> added overhead of the filtering software running and finding

> nothing.I admit that I didn't ran any formal benchmarking,</span>

but my feeling is that my PC is running faster with an outbound

FW - at least CPU and network activity indicators do go down

each time I block a third party app from connecting.

 

 

--

jhnlmn

[Guest FromTheRafters]

"jhnlmn" <guest@unknown-email.com> wrote in message

news:70730a171ea4274724267046147d4783@nntp-gateway.com...<span style="color:blue">

><span style="color:green">

>>

>> Generally, routers still have the default user and password.

>> OK, I agree, if someone is so lazy and don't bother to</span>

> change the router password, then built-in Vista FW would give some

> protection.</span>

 

My broadband cable provider's setup instructions make no

mention of passwords or usernames. I believe that to be the

normal situation. If so, there are many people out there that

fit into your "so lazy" category. I suppose those laptop users

that are too lazy to drag around their personal router/firewall

could also benefit from what you call "built-in Vista FW"?

<span style="color:blue"><span style="color:green">

>> Application control and internet access control are nice, but

>> are not a good security move because malware will be written

>> to tunnel within the programs that are allowed access.</span></span>

<span style="color:blue">

> But who said that app control and FW are for security only?</span>

 

Nobody, why do you ask? I will say that firewalls are for

security and not just 'nice to have' functionality. The features

that became associated with firewalls have become computer

hosted applications that attempt to mimic true firewalls. The

features are okay, but shouldn't be confused with what a real

firewall is.

<span style="color:blue">

> I already wrote that my biggest problem is not with viruses</span>

 

Again, viruses are not addressed by firewalls. Lets not talk

about viruses. I did mention malware though - I suppose that

having unwanted actions by legitimate programs monitored is

a good enough reason for such features as internet access

control. You may not want consent.exe to access the internet

just as you are typing your credentials into the box. But it is

not a firewall thing. It's like saying one word processor is

better than another because it plays music while you type.

<span style="color:blue">

> but with "legitimate" apps, such as Acrobat, WMP, iTunes, etc,

> which manage to slow down my PC and Web connection

> almost to a halt. Luckily, these apps are not so devious

> and do not perform any tunneling.</span>

 

By all means use outbound filtering - especially when you feel

such benefit from it. But it is a shame to have to trade the FW

that came with Vista away just because of that feature. What

Zonealarm should do is make an outbound filtering application

that isn't glued to their firewall so that users can keep the

Windows Firewall and have the features from Zonealarm

if they value them.

<span style="color:blue"><span style="color:green">

>> So - you will end up in the same situation with the

>> added overhead of the filtering software running and finding

>> nothing.</span></span>

<span style="color:blue">

> I admit that I didn't ran any formal benchmarking,

> but my feeling is that my PC is running faster with an outbound

> FW - at least CPU and network activity indicators do go down

> each time I block a third party app from connecting.</span>

 

A feeling is good enough for me - benchmarking is overrated. style_emoticons/)

 

If you can set your router firewall up for logging, see how often

Zonealarm phones home. Does it phone home more often than

the major offender of your legitimate irritations? Block one -

send two of its own?