I don't need no stinking firewall

Hi Woodward:

I am one of the guys who does endless posts about FW's must be a hobby of mine

Do you need one? This is a question only you can answer and IMH long winded opinion, it depends entirely on your personal www risk profile. Do you buy things on line? Do you do on line banking? If you do I recommend a solid 2 way FW. The need for outbound is a privacy or id theft issue. This crime is growing.

Have you secured this connection from piggybacking? Changed the default user id and psw?

Thing is, none of know we have never been infected unless one of our flawed tools/scanners picks it up or we have our id's stolen and the bank account is drained.

I agree with most of the answers you got here particularly Paranoid2000.

As others have said, you aleady have H/W FW and a S/W FW win FW. So the issue is outbound for you, yes or no on a FW with outbound function.

HIPS well yes, a must have if you have any concern about what runs on your PC.

Good luck!

 

LOL. I can certainly understand why you would say this.

 

You probably don't need one. But newbies will need one since they are long standing programs on PCs since the Pentium I (no, my 486 PC does not have a firewall and probably never will).

 

Hey ccsito how have you been? I just want to tell aigle that you are definitely someone that unlike me, truly sticks with their security set up. LOL.

 

Hi ccsito:

Just curious, your own setup (not the 486) has a 2 way FW, ZA. Yet your thought for woodward is "probably don't need one".

What is the rationale for that view?

When does a user need one and not need a FW by FW I mean a 2 way SW FW?

See ya

 

OT but i see there is a tendency going on to unlayering and slimming down their security with i guess is related to a more growing understanding of what is really and essentially needed.

 

Hi Wordward (or is it duke1959? LOL). Been OK here. The main reason why I don't change is because I don't want to get my system all tangled up with rewrites over and over again on the hard drive. I have NEVER experienced a hard drive crash (even with systems dating from the early 1990's) and I don't want to push my luck. LOL

 

Hi Esclander,

My different opinion regarding not using a firewall to Woodward (while still using one myself) is that if you have added an arsenal of security applications that you feel has adequately protected your system without the use of a software firewall, then you might not need one if you are able to control the input and output data streams of your system on your own using the other applications. Personally, I haven't tried to employ a myriad of "super" security applications on my PCs, so I still need a program that will control the data traffic on my systems.

When you do you need or don't need a 2 way firewall? It all depends on the user and what you do on the PC. People can get by "naked" by surfing online and may or may not get infected. I can surf on my 486 PC that has an outdated AV program with no firewall. Is it infected? Who knows? System still boots and runs, so I guess I can't lose sleep about it. It is better to have software that will provide some kind of hindrance to the crap that is pervading the WWW. A firewall is one of those hindrances, but the need and the employment of that program depends on the user's online experience and his/her ability to set it up properly.

 

Hi ccsito:

Thanks for taking the time to repy.

I think you are right to say IF the user can control the in/out on their PC.

The only applications I can think of (now there is a real limitation!) that can do that are:

1) H/W FW's and 2 way S/W FW's
2) HIPS
3) VM's

Hi Woodward: as the OP'er please remind us which of these you have ?

I think you only have number 1, 75% covered off because you lack an outbound S/W F/W and thus cannot know if applications are sending packets from your PC to unknown sites, these are commonly called call home applications.

On HIPS you mentioned TF but I'm not sure you have it installed. I have heard 3rd hand only that it calls home itself! But would need to verify it.

VM's it is unclear what if anything you have on that.

 

Yes it's also duke1959. LOL. Well there's something to be said about installing and uninstalling so many programs like I have over the years, as I had to replace my Hard Drive in my 4 year old Sony VAOI last year. Gotta end this addiction before i need another one huh? LOL. Take care ccsito.

 

Hey Escalader. I am currently behind a wireless Linksys SPI firewall, using AVG Pro 7.5 (a free Giveaway from last year)

SuperAntiSpyware Pro. ( a gift from someone in the forum)

And Mamutu. (a GiveAwayOfTheDay freebie)

I also have an Online Armor Personal license someone gave me, but it's not installed. I was waiting until the next release (hopefully a non explorer crash release) to install it, so I may go back to using a FW after all. You were right aigle. LOL. Anyway if a firewall runs light and doesn't interfere with boot times, browser speed, or conflict with other programs then great. However, I question if potential problems one may have using a software firewall is worth the protection it actually offers?

 

Hi Wordward:

Not to belabour a point but if we substitite any security software product for S/W F/W like HIPS for example you could say the same thing. Is it worth it?

If users care/worry about outbound information leaving their PC's without expicit approval they need an effective outbound FW. Is it worth it?

In this world of www the answer for this user is YES.

 

Hi,

Does your 3rd hand party perhaps meant:

"ThreatFire Secure Community to aid in identifying suspect files and threats. When ThreatFire observes suspect behavior on a PC, the event information is automatically reported to PC Tools for analysis through a secure and anonymous connection"

 

Hi De Hollander:

Yes, that seems highly likely on the face of it! But you have peaked my curiousity so even though I don't use TF myself I will ask him for more information and report back.

 

If i recally correctly, the movie is "Treasures of the Sierra Madre" with Bogart, et al.

 

And you are correct. 1948 it was.

 

As solcroft said you have a firewall, your router. Mamutu will alert you on suspicious outbound traffic. Next version of AVG (next release will also provide you with linkscanner's containement of you browser and provide you with a surfguard). So I think you will be fine.

As for not being infected last time. Duke1959/Wordward uses to change security faster than a fashion model clothes. So I would not contribute this to your current setup.

Regards Kees

 

LOL. So true.

 

In regards to the issue of ThreatFire's outbound communication, a FW program that I use (ZAP) on several systems repeatedly was detecting and blocking unauthorized outbound data sent by TF to various remote internet servers. This was happening even though I supposedly had manually configured the TF program settings to restrict this type of behavior. TF had both the automatic updating and community reporting turned off so the exact reason why there there seemed to be automatic outbound data sent from the TF program to remote sites is unknown.

Although this "phoning home" type of behavior is disturbing I have no reason to suspect it as malicious behavior by TF at this time. Besides disabling TF's updating and community settings I have my FW now configured to automatically deny any unauthorized TF outbound communication. I would suggest that if anyone is worried about this issue but wants to continue to use TF then they should deny or restrict TF's automatic outbound communication by similarly configuring their FW rules. Of course you can temporarily allow TF to have the required outbound connection for times when you want to manually update the TF program for the latest version updates.

 

I know of some people that use the outbound protection of firewalls to protect their "safe" programs from upgrading if they are patched or cracked.

There is a big change that these "patched" programs turn into trial-mode again when upgrading.

I know this is not common to say on this forum. But i think this is also well known information.

This doesn't mean that i'm thinking that your using any cracked software !

You just asked for a resaon to use outbound protection.

 

Well, it really doesn't matter if a software is cracked or not, this is not a proper way to stop it from updating. A firewall should never be used to amend this! Automatic updates should be stopped from within a software itself instead. If this cannot be done, then such software is considered a spyware and should not be used.

 

Hi Seer:

Right!

BTW, there is the recent post in this thread regarding ThreatFire as an apparent example of this inability to turn off this connecting out with no known reason. The poster had turned off the updates and the setting sharing yet the SW continued to connect out.

https://www.wilderssecurity.com/showpost.php?p=1219308&postcount=44

What is you view of that one?

 

This is a very simplistic approach to the automatic update problem. If the software doesn't have an option to disable updates, it doesn't mean it's an evil software, it may just be a poorly designed one. While I do agree with you that this kind of software should be avoided, this doesn't mean that you can't continue to use it if you really want that, and "disable" it's update using a firewall...

 

Unfortunatelly you need an outbound control because you may execute(with or without your knowledge) a trojan(not yet recognoized by your anti**) that may steal your router login info and use them to disable your hardware SPI .Unfortunatelly 2-3 months ago something like this happened exacly with Linksys WRT54 family that has been reported to expose such a vulnerability.A simple firewall with outbound "reactivity" will help you to block a trojanlike behaviour on the spot.
SPI firewall is firewall and you are already using it )

 

I've been without both AV and FW (only been using Windows Firewall) for the last 7 years and I've never ever been infected (I've scanned with online scanners every now and then)... so you sure as hell don't need these third-party softwares if you know what you're doing. The only reason why I actually got an AV-software was because my girlfriend moved in and I don't trust her when it comes to her browsing skills.