Re: Firewall Question
From: Chuck (none_at_example.net)
Date: 01/24/05
- Next message: Richard G. Harper: "Re: Anyway to log wireless network drops?"
- Previous message: Rod Nizer: "Extender Networking Question"
- In reply to:(deleted message) Leythos: "Re: Firewall Question"
- Next in thread: Chuck: "Re: Firewall Question"
- Messages sorted by: [ date ] [ thread ]
Date: 24 Jan 2005 17:40:04 -0600
On Mon, 24 Jan 2005 22:21:31 GMT, Leythos <void@nowhere.lan> wrote:
>In article <qsjav0902ii0p04njgshk75tdtkqo6td23@4ax.com>,
>none@example.net says...
>> When it comes to protection from hostile incoming network traffic, Windows
>> Firewall will protect as well as any third party firewall.
>
>Sandra and Chuck - the above has not been proven by any reputable means
>that I've read to date.
>
>If you have Cable or DSL and have ANY computer system you should install
>a simple NAT router (Linksys, D-Link, NetGear) to protect your computer
>(s) as a first line of defense.
>
>A NAT box will block inbound connections from the internet BEFORE they
>reach you computers and any security flaws that may still exist in
>Windows (or any other OS). The router also reduces the need for your
>computer to do anything to protect you - meaning that it's not running a
>firewall rejecting thousands of connections per day.
>
>A NAT box will also, depending on the version, allow you to block
>outbound port connections - such as blocking outbound to destination
>ports 135~139 and 455 and to 1026/1027. Those features can help slow the
>spread of worms around the net if your machine does get compromised.
>
>As for the Windows Firewall - and don't get me wrong, I have more than
>20 Windows computers in my home - why would you trust XP SP2 Firewall to
>save you when nothing put out to date as secured anyones computers
>against attacks. At least wait for CERT to review and rule on it's
>protection ability, wait until simple interactions with the desktop
>can't disable or punch holes through it......
>
>A router is a great first barrier, you can still run SP2 Firewall, but
>the router will be there in case you screw up and compromise the
>Firewall.
Thank you Mark, for pointing out what I omitted to mention - that a dedicated,
external NAT router is better protection, against incoming threats, than a
personal firewall installed on the computer that it's protecting. I was focused
on explaining the functional difference between Windows Firewall, and third
party products like McAfee Firewall.
Sandra, Mark is right - a dedicated external device like a NAT router is
preferable to a personal firewall on your computer - McAfee or Windows Firewall.
Here's hoping that your cable modem has an Ethernet port, not a USB port.
Your personal firewall (MPF, WF, or whatever) is only as strong as the computer
(and operating system) that it runs on. If you surf to a website with malicious
code, and your browser downloads that code, your personal firewall on your
computer could be compromised. If you're also protected by an external NAT
router, the chances for your browser compromising your defenses is greatly
reduced.
His second, implied point is also worth considering. I would instinctively
trust McAfee Firewall more than Windows Firewall, as an inner layer of
protection also.
Just please don't stop there. You still need anti-virus and anti-spyware
protection. Solely depending upon MPF to alert you when spyware is installed,
by expecting MPF to detect spyware based upon unexpected outgoing traffic, is
not good security. That's like depending upon the cops to tell you when your
kids are malfunctioning. Keep track of your kids, and your computer, by layered
defenses, and by activity monitoring.
-- Cheers, Chuck Paranoia comes from experience - and is not necessarily a bad thing. My email is AT DOT actual address pchuck sonic net.
- Next message: Richard G. Harper: "Re: Anyway to log wireless network drops?"
- Previous message: Rod Nizer: "Extender Networking Question"
- In reply to:(deleted message) Leythos: "Re: Firewall Question"
- Next in thread: Chuck: "Re: Firewall Question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
