Re: Question re Malware

From: John Doue (notwobe_at_yahoo.com)
Date: 11/14/04 

Date: Sun, 14 Nov 2004 11:44:41 -0500

Bruce Chambers wrote:
> Yes, it can.
>
> If you use a router with NAT, it's still a very good idea to use a
> 3rd party software firewall. Like WinXP's built-in firewall,
> NAT-capable routers do _nothing_ to protect the user from him/herself
> (or any "curious," over-confident teenagers in the home). Again --
> and I cannot emphasize this enough -- almost all spyware and many
> Trojans and worms are downloaded and installed deliberately (albeit
> without understanding the consequences) by the user. So a software
> firewall, such as Sygate or ZoneAlarm, that can detect and warn the
> user of unauthorized out-going traffic is an important element of
> protecting one's privacy and security. (Remember: Most antivirus
> applications do not even scan for or protect you from adware/spyware,
> because, after all, you've installed them yourself, so you must want
> them there, right?)
>
> I use both a router with NAT and Sygate Personal Firewall, even
> though I generally know better than to install scumware. When it
> comes to computer security and protecting my privacy, I prefer the old
> "belt and suspenders" approach. In the professional IT community,
> this is also known as a "layered defense." Basically, it comes down
> to never, ever "putting all of your eggs in one basket."
>
>
Could not agree more with what you said. It is indispensible to have a
firewall prevent any outgoing unauthorized traffic. Furthermore, I want
to control the way some programs access the Internet. Some MS programs,
among others, like to access the Internet. Most often, they offer an
option to disable that access but the corresponding setting is often
less than obvious to find.

Basically, I want to control what my machine does and its communications
with the outside world. Therefore, on ZA, I use the "ask" setting for
programs that may have a - more or less - valid reason to access the
Internet. Remember, if you let a program access the Internet, it does
mean also that you let your machine download information. Communicating
with the Internet cannot be a one way street. 

-- 
John Doue

Relevant Pages

  • Re: Using a Linksys router, should I also use Zonealarm? Internet Acceptable Use Policy
    ... my browser's access to the Internet is restricted. ... I thought it was the company's firewall extending a slap on my ... > public internet to access corporate network. ... > NAT is Network Address Translation. ...
    (microsoft.public.security)
  • Re: Whats the difference between NAT and a FIREWALL?
    ... NAT is network address translation: basically a router that routes between ... company/home users) get on the internet with just one public IP address from ... A firewall is any router that has rules on it that filter ... A proxy server is a server that acts as a router, but at a higher level on ...
    (comp.security.firewalls)
  • Re: Please Help me to block the hackers
    ... It's typical to use a firewall and NAT with private IP address ranges. ... NAT device in order to reach the internet. ...
    (microsoft.public.security)
  • Re: any suggestion for a good hardware firewall
    ... have had 4 or 5 computers on the public internet for quite some time.. ... I'm not clear on how to configurea firewall for this network situation. ... has a need for 5 IP or he would have already used a simple NAT device to ... want a cheap firewall appliance ...
    (comp.security.firewalls)
  • Re: avast
    ... > Just did a clean installation of xp pro sp1 and download 'avast anti ... Did you firewall before connecting to the internet? ... Internet and patch with the critical updates? ... Why you should use a computer firewall.. ...
    (microsoft.public.windowsxp.general)