Personal firewall "snake oil???"

Discussion in 'other firewalls' started by Chuck57, Sep 4, 2002.

Thread Status:
Not open for further replies.
  1. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I was just at a site that said it. Personal Firewalls are "snake oil," and really aren't worth the trouble.

    I agree with the site that the ideal firewall is probably an old box running linux or bsd, with my computers connected through it. But to say that the firewall I and many others have on our machines is garbage and not worth the nuisance of false warnings is a bit much. Mine has stopped only a couple of legitimate attempts in the past year, but one is too many. The site? SamSpade.org.
     
  2. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hi Chuck. You know theres no end to the number of people out there that are always trying to impress others with their "superior" knowlege.
    I haven't read what you are talking about, but have seen many like it. The truth is, firewalls are not perfect. Many leave a lot to be desired. There are ways for very good profesionals to get around almost any firewall. Firewalls can do more harm than good if they are improperly configured, yet give a false sense of security.
    But, for the average surfer that takes the time to hunt down a good firewall and learns how to configure it properly, it will offer protection against trojans and other malware that can and sometimes does get on peoples computers.
    I look at my firewall as a backup system, a final layer in my defenses. It offers excellent protection against the thousands of script kiddies out there that are bent on mischief. The professional is not going to mess with me. I have nothing they want. As for using my computer for a DDoS attack, well, my firewall stops that, :).
    I see people all the time saying no need for AVs, no need for ATs, no need for firewalls. They are quick to say how long they have surfed and never had a problem. I've seen whats on some of their computers slowing them down and causing crashes that they just accept. He he.
    If it were easy to show pictures on this board I would show you a copy of my attack detection log showing connection attempts and scans. It doesnt beep at me. :)
    I think I'll just keep using my old worthless firewall.
     
  3. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Thanks for the reply, root

    My wife and I never had firewalls until a year and a half ago when we networked our computers. Then, figuring that one or the other of us would be online almost all day, we thought it a good idea.

    An added impetus was a friend who, in his second childhood, spends hours after work in various online game sites. He lost his hard drive twice to viruses within a six month period. That's when we decided to firewall.

    My wife does graphic arts work with several websites and has had a couple of legitimate attacks. I've had one while snooping a hacker site where I had no business being to begin with. The firewall stopped all of them cold. Wouldn't be without it.
     
  4. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    To save (another) rehash of this topic, you might want to read through the rather long thread at http://www.dslreports.com/forum/remark,4098641~root=security,1~mode=flat.

    That web page is rather old now (must be getting on for almost two years, at this point). At any rate the DSLR Security Forum thread referenced above provides some background and links to other sources of exactly what precipitated this outburst.

    Everything exists in a context; this page should just drive that point home.
     
  5. Just playing through...

    I think those posts over at that forum got out of hand and you should know we evaluate post here in a professional manner. No outbusts are necessay no matter who is driving on the range..

    This is a gentlemen's sport..a full basket of balls is 2 Euros...you may use your woods or a 9 iron. Do not swing them at the person who wrote the article.

    You must also post the time it took you to get to this green.


    thus...

    It took 0.231 seconds to load this page. :rolleyes: :rolleyes:

    FOOOOOOOOOOOOOOOORE
     
  6. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Really. Reading anything about security that is from an article that is more than two weeks old is ancient history. The entire game has changed since then. :D

    DSL Reports Security forum is an interesting place. Lots of good people there and lots of good information. The board is run well, I think and the occasional riot is usually quelled rather quickly.
    There is currently another very long thread running on firewalls right now and can be found right here.
     
  7. Ok sorry..I do not associate with those people they are brutal sometimes. :doubt: :doubt:
     
  8. NetWatchman

    NetWatchman Security Expert

    Joined:
    Jul 24, 2002
    Posts:
    31
    I called samspade's owner on the statements he makes about firewalls.

    We both agree that current Firewalls do an extremely poor job of differentiating between real attacks and false positives. However, I think it's extremely irresponsible to use that fact to effectively discourage people from using them.

    Novice firewall users definitely shouldn't take action against any firewall event unless they REALLY know how to interpret it (I've now looked at over 60MM firewall events and I still haven't completely figured it out yet).

    Regardless, I'd feel much safer if every Internet user was behind a firewall of some type...even if it was just NAT. IMHO, 90% of users have no business having a *direct* Internet connection...their presence is what make this such a hostile and dangerous place...it's like a parking lot where everybody leaves their keys in the ignition.
     
  9. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I don't know about the direct connection. We only have dial-up available out here in the sticks where we live. That's why we're networked. Her megabytes of graphics that she was loading onto her sites was cutting seriously into my time online.

    Personally, with my xp machine and it's built in firewall, and my Sygate Pro, we feel safer. Her computer is networked through my box.
     
Loading...
Thread Status:
Not open for further replies.