Re: System Restore Keeping Only One Restore Point

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

On Sat, 24 May 2008 09:14:09 -0300, Vincent wrote:

Kayman wrote:

http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
"Outbound protection is security theater—it’s a gimmick that only gives the
impression of improving your security without doing anything that actually
does improve your security."

<snipped childish over-emotive and misinformed rant>


Go to...
http://www.sunbelt-software.com/Home-Home-Office/Sunbelt-Personal-Firewall/

....and follow all the hype created by Sunbelt's *Marketing Department*.

[quote]
Still use the free Windows XP firewall?
Unfortunately, this gives you a false sense of security. It only protects
incoming traffic. But outgoing traffic, with your credit card info, social
security number, bank accounts, passwords and other confidential
information is not protected. The WinXP firewall will let it all go out.
But... SPF will block that data if you buy the FULL version! You absolutely
need a better, commercial-grade firewall.
[/quote]

Then read in...
Windows Personal Firewall Analysis
http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php#firewalls-ratings

....a more realistic view which obviously was drafted by the head of
Sunbelt's *Operations Department*.

Sunbelt Software - the vendor of Sunbelt Kerio Personal Firewall

2007-08-07: Here is the response we have received from this vendor:

[quote]
Sunbelt Software is committed to providing the strongest possible security
products to its customers, and we will be working to correct demonstrable
issues in the Sunbelt Personal Firewall. Users can expect these and other
continuing enhancements for the Sunbelt Personal Firewall in the near
future.

However, we have some reservations about personal firewall "leak testing"
in general. While we appreciate and support the unique value of independent
security testing, we are admittedly skeptical as to just how meaningful
these leak tests really are, especially as they reflect real-world
environments.

The key assumption of "leak testing" -- namely, that it is somehow useful
to measure the outbound protection provided by personal firewalls in cases
where malware has already executed on the test box -- strikes us as a
questionable basis on which to build a security assessment. Today's malware
is so malicious and cleverly designed that it is often safest to regard PCs
as so thoroughly compromised that nothing on the box can be trusted once
the malware executes. In short, "leak testing" starts after the game is
already lost, as the malware has already gotten past the inbound firewall
protection.

Moreover, "leak testing" is predicated on the further assumption that
personal firewalls should warn users about outbound connections even when
the involved code components are not demonstrably malicious or suspicious
(as is the case with the simulator programs used for "leak testing"). In
fact, this kind of program design risks pop-up fatigue in users,
effectively lowering the overall security of the system -- the reason
developers are increasingly shunning this design for security applications.

Finally, leak testing typically relies on simulator programs, the use of
which is widely discredited among respected anti-malware researchers -- and
for good reason. Simulators simply cannot approximate the actual behavior
of real malware in real world conditions. Furthermore, when simulators are
used for anti-malware testing, the testing process is almost unavoidably
tailored to fit the limitations of simulator instead of the complexity of
real world conditions. What gets lost is a sense for how the tested
products actually perform against live, kicking malware that exhibits
behavior too complex to be captured in narrowly designed simulators.
[/quote]

This (realistic) admission couldn't be more refreshing!

This is pretty eye-opening as well:

Firewall LeakTesting.
Excerpts:
Leo Laporte: "So the leaktest is kind of pointless."
Steve Gibson: "Well,yes,...
Leo: "So are you saying that there's no point in doing a leaktest anymore?"
Steve: "Well, it's why I have not taken the trouble to update mine, because
you..."
Leo: "You can't test enough".
Steve: "Well, yeah.
Leo: "Right. Very interesting stuff. I guess that - my sense is, if you
can't test for leaks, a software-based firewall is kind of essentially
worthless."

Read and/or listen to the entire conversation and be "educated" :)
http://www.grc.com/sn/SN-105.htm

Have a wonderful day, Vincent.
.

Relevant Pages

  • Re: Why do I need a software firewall?
    ... > seeking protection when they are also able to manage that personal ... If a "Personal Firewall" is used as an IDS from people who know what ... this has nothing to do with security, ... >> This is just nonsense. ...
    (comp.security.misc)
  • Re: Still need to patch?
    ... > We have personal firewall on all laptops and the laptops run Automatic ... > I do get the point though, too much security is never a bad thing. ... This server is most likely accessible from ...
    (comp.security.firewalls)
  • Re: Zone Alarm
    ... >keep me informed on security issues. ... >> Personal firewall software is generally a good, ... >> making your computer secure enough and/or more secure ... >basically, if your just a home user zone alarm is ideal, ...
    (microsoft.public.security)
  • Re: Zone Alarm
    ... Security is ever changing. ... > for users of all skill levels to secure their computers. ... > a few known vulnerabilities to personal firewall software. ... There are so many un-secure computers out there, most hackers ...
    (microsoft.public.security)
  • Re: Internet security on "hotspots"
    ... Network Security Engineer ... visiting HTTPS sites so, she doesn't need encryption'. ... then a VPN wasn't needed. ... personal firewall can be a dangerous venture. ...
    (Focus-Microsoft)