Firewalls 1

[jmtjet]

Is a firewall really necessary? I've tried 4, and had problems with everyone of them. I'm not running a business or have military secrets stored on my harddrive. What else can a firewall protect me from that good anti-virus software can't? Thanks.

PS: I'm on cable.

 

[karmic]

Keep in mind that everywhere you go on the internet is stored on your local machine. Do you bank online? have email accounts? Any private information on your system that you wouldn't want anyone to see??? It's all at risk...

Are you willing to accept the violation of personal privacy if/when you get hacked? It doesn't feel very good. Would you mind if your pc is ever used to attack another machine on the internet?

Just some small things to think about... A hardware firewall is definitely worth the investment but there are free software firewalls on the net...

Either way, good luck... ~ The day I think I know it all, i'm changing careers ~

 

[jmtjet]

To date I've had Zone Alarm(twice)Norton(twice)Jammer(paid for) and Outpost(free) I've had some kind of a problem with each one. I have Outpost right now, but thinking about going back to norton. What would a hardware firewall consist of? Thanks for your reply.

 

[cdogg]

The term "hardware" firewall is a bit misleading. Routers are a good example. They use NAT (Network Address Translation) to provide a way for your computer to appear hidden. This is really "software" not "hardware", though most are talking about the router itself, not the technology (just trying to clear up some confusion)


When you connect to the internet over broadband (DSL/Cable), you are assigned an IP address. If you have a router, the IP address is assigned to it instead of your pc. In turn, your pc is given a local address in the 192.168.*.* range that cannot be directly accessed from the internet.

So if an intrusion occurs, they have to first take control of your router to be able to even see your pc. This adds some valued security, especially when used in conjunction with a software firewall. I always recommend using both if you want the best security for a home/small business environment. Without a firewall, an antivirus program is not enough. Many intrusions today include spyware, which isn't necessarily tracked by antivirus utilities, even if their up-to-date. Spyware/Trojans conceal themselves as normal apps that access the internet. Only a firewall will monitor these access requests.

Just my 2¢


~cdogg

"The secret to creativity is knowing how to hide your sources."
- A. Einstein

 

[jmtjet]

Thanks for your imput CDOGG, the problem I'm having now is that I keep getting an error in my events veiwer stating that OutPost Service service has terminated unexpectedly. I get this all the time. The error code is 7031. Any ideas on that one?

 

[cdogg]

Sorry, I'm not familiar with Outpost. Have you tried their website or emailing their support? It also wouldn't hurt to do a google search on the part of the error message in quotes. ~cdogg

"The secret to creativity is knowing how to hide your sources."
- A. Einstein

 

[gcobb]

My thoughts are this: If you are faster than dialup you are a target for any 15 year old with a port scanner or worse. I highly recommend using a firewall. I use Zone Alarm (Read up on this at

http://www.grc.com).

It keeps trojans from coming in AND going out, whereas others such as Blackice don't. It's simple and good for the average user. If you are having that much trouble from so many programs I'd just about start looking elsewhere.

 

[NickFerrar]

As a minimum I would use a combination of a NAT 'firewall' (as described by cdogg above) and an up-to-date anti-virus program.

With this set up you have pretty good security in-bound (with NAT it's like having all ports blocked unless you are doing specific port-forwarding), it's not quite as bullet-proof as it first seems but it will defeat 99% of script-kiddies. The AV software provides you with out-bound defence against Trojans as the NAT router won't stop any outbound traffic, so a Trojan running on your PC would have access to connect back to a host on the Internet to pass keystroke log files to etc.

Personally I use a router with some basic firewalling functionality. Most of the inbound security still comes from NAT but it provides for DoS protection and also allows ports to be specifically blocked. As you can also block outbound ports you can close off ranges of ports if you know you won't need them (this is can lead to problems as software such as on-line games usually require a vast range of ports to be open for it to work correctly). It also allows sylogging so I can check on traffic. I still run an up-to-date AV scanner though for Trojan protection.

I used to run Zone Alarm before getting the firewall/router and I quite liked it, the only major problem I had was when I got a Trojan that specifically targetted Zone Alarm - it actually disabled it although the ZA icon was still in the systray. I'd gotten lax on AV scanning so the Trojan had free reign on my system for 2 weeks until I re-scanned and found it. I just didn't like the lack of control you get with Zone Alarm.

 

[cdogg]

I agree that you should use a router (w/NAT) and run an up-to-date antivirus program. However, don't assume that all trojans and spyware will be detected by your antivirus software. You still need a software firewall to monitor outgoing connections. Your antivirus utility is not enough.

Nick,
In your case, when a trojan specifically targeted Zonealarm, it would be preferred to use Zonealarm pro or set a password so that the attack wouldn't be successful. Zonelarm and other firewalls are not meant to be replacements for your AV scanner. They should work together.

If you have these, you should be OK for "home" security:

1) Router w/ NAT
2) Software firewall
3) AV scanner

- occasionally run Ad-aware 6.0 or Spybot as well


~cdogg

"The secret to creativity is knowing how to hide your sources."
- A. Einstein