Is a firewall really needed?

Here's my question and I would like to hear anyone's comments on this...

If you use one of the best AV's around...kaspersky, bitdefender, nod...is it really necessary to pay for a firewall?

Yeah, the firewall installed with windows is horrible at detecting incoming/outgoing connections but it does do a good job of hiding your PC from hackers. Do you agree?

 

Hi
Windows XP Firewall does a very fine job at blocking inbound traffic. It does not pretend to block anything going out. I think it will be the case in Vista. Anyway, your presented case is biased, because if you surf with Windows fw enabled, then you're not naked at all! If you doubt that, then go to www.pcflank.com and run through the exploits test, once with Windows firewall enabled, and then without it. I believe you'll see the difference.

If you have the best AV and no firewall, any hacker could easily get on your system and sabotage your surf, if not your OS. If you're surfing on admin mode, well, your OS won't survive very long.

You don't have to pay for a firewall if you don't want to. Some free options are available and absolutely satisfying.

CAUTION: Please, don't you follow the ironic following advice. [Start of silly advice] If you feel like it, why not make a solid and complete backup of your system, then remove any personal info from your machine, remove any firewall, and finally go surf the web and see how long you can resist without reloading your backup. ? Let us now about your experience [End of silly advice and CAUTION]

Cheers

 

ok. good some feedback...anyone else?

IMO, storing personal info on your computer is pretty much pointless considering more trojans, backdoors are created each day then viruses. The question that I am really trying to have answered is if a paid firewall is really necessary? I run in admin mode all the time....have XP firewall and have never had a prob.

 

XP firewall is fine. The only reason to use anything else is if you desire or need to either block malware from calling out, or control legitimate apps more tightly, i.e. for example, allow your email program to access port 25 and 110 for mail but block it from using port 80, that sort of thing. Or perhaps you might want to keep Media Player from connecting to the MS servers and so on. Depends on what you need. But the XP firewall should keep inbound stuff under control otherwise.

 

thx kerodo...i agree

It just seems that people are a bit too paranoid about firewalls, especially on their personal pc's. And yeah...your previous post about my question being biased is absolutely true. I think that if your AV has a great scanning engine
than you really need not worry. Having backup programs like online scannners is a great backup...IE having BD has your primary AV and doing an online scan with kaspersy

 

Well, then you may thank this xp firewall !

 

Yes...as I said...it does a great job of hiding your PC from hackers.

 

I don't agree. At the minimum, one should have 1. inbound filtering (XPFirewall is fine), 2. complete sane backup of system and files (NortonGhost or Drive Image or True Image), 3. activity control (SSM or equivalent). Then one could even leave the AV's out. It may sound like anathema, but to me AV comes fourth. I don't say it's not important - simply that the other three items are even more important.

Again, your av wouldn't have done much good had it not first benefited from your firewall umbrella.

Cheers

 

Sounds like anathema...I'm not hiding FBI files on my puter!...just want to keep it secure and safe. Trojans don't delete files...viruses do

 

First of all, the frontier between trojans and viruses is very thin, and many malware programs are multifaceted.

Secondly, once a trojan has phoned home and brought its owner back on your computer, your system's sanity [at the very least] is gone, as already stated previously.

Third, you don't have to be a celebrity who's especially targeted for whatever reason. Automatic scanners delight in looking for "open" systems on the web, excelling at invading them at the very first opportunity. That's why firewalls are so important.

Fourth, theoretically an OS should be able to protect itself provided it is properly set up and configured, so the firewall wouldn't be needed to close and stealth ports since it would already be done by the OS itself. Needless to say, very few OS's [they should be found in opensource or related probably] are currently able to do that [maybe this will change with Vista - we'll see], so firewalls are welcome in most cases.

I like the combination I described above, i.e. complete backup as second line of defense (protecting not only from web dangers but also from theft or material flaws), behavior-blocking to prevent any modification of anything on the system without the user's willing permission, and of course firewall protection.

True, in most OS's cases, as in Windows, some additional scanners are needed to make sure the OS is sane to begin with, free of any malware or spyware or weakness. But it doesn't need to be real-time monitoring in my mind. Once done, the backup-and-restore philosophy takes over.

Finally, surfing in admin mode is unnecessary high risk - an old Linux secret which many Windows users still don't get.

To wrap this up, I'm not especially recommending my setup to newbies.* It's true that, for Windows users who don't spend any time on sites such as WildersSecurity, it's a good idea to have a silent firewall and AV. That's the very basic protection any system should have if not conducted by sufficiently experienced a user.

*I first got a glimpse at that way of using a computer in posts by a guy called Crockett, who, if I recall correctly, had learned it from a belgian security author called Bernard Fabrot. Once deeply understood and absorbed, I never departed from that philosophy ever again and have never looked back. I recently read that Steve Gibson (www.grc.com), who I believe knows "a few things" about computer and Internet security, also has his own way of doing without any av.
Cheers

 

Only problem with your approach (number 3 - activity control) is that most people won't know how to answer all the popups and questions and make the right choice every time. And if something bad really does occur, the odds are the user will allow it anyway. An AV approach covers most of the ground with ease of use. I have never used the number 3 type programs for more than an hour or two before they drove me out of my mind. AntiHook, SSM, all of them drive me crazy. I simply don't see the need for them either. So I would say stick with the AV first before using one of them.

I do however agree with your number 1 and 2. A router or the XP firewall or CHX to cover inbound is good. And a good backup/image of your system can save tons of time too.

 

Most users are windows based users...not linux (i wish but that will probably never happen)...anyway, over the last 2 years AV companies have focused mainly on trojan detection because this is the most dangerous prevalent threat that is outnumbering viruses as days go by. AV vendors have gained so much ground in trojan detection that companies like Diamondcs (used to offer TDS-3,one of the best AT's around) have stopped offering their products!

Stating that you need all these programs to protect your PC is just plain silly. I'd rather have a fast PC with 3 programs that sufficiently protect me than have those nonsense programs taking up 25-30 megs resource!
FYI...I'm a little bit more experienced than you think

BTW: Even firewalls are being tricked by trojans... http://www.internetnews.com/ent-news/article.php/7_529661

 

i just cant resist....dylanfan...your stuck back in the year 2000 where AV's were horrible at detecting trojans. The times have changed!
DO YOUR RESEARCH! http://www.virusbtn.com/index

 

Strange... Do you have any trouble understanding English without adding imaginary stuff to what you read, or do you simply like written tournaments ? You seem to constantly misunderstand or transform whatever other posters answer... Pity.

Agreed.

Computer security allows for more than one, unique, single approach. That's good... I understand very well everyone likes this or that way better. That's fine with me. Sure enough, I like the SSM approach: I restarted the computer after installing SSM, answered a couple of prompts, then instructed it to refuse anything that hadn't been allowed during this opening. That's it. No need to answer anything else after that. SSM has improved steadily and much over the past year. Also, it is designed to let users choose among different types of tweaking. It's also been the number one way I've ever known to defeat any leaktest, past or present, without any failure.

Cheers Kerodo

 

The problem with statements like this is that it assumes a trojan somehow gets installed and executes. I would start with the assumption that a trojan will not install/execute on my computer, therefore I don't worry that my firewall will be tricked.

---

 

hi Toby!

Previously, this question was discussed in the thread given below...

https://www.wilderssecurity.com/showthread.php?t=121933

have a look....may be you will get some idea.

 

Thx for the info eurekamind. I just joined this forum last night. Trying to read all this stuff takes time!

 

The firewall is the basic realtime protection needed. All other software just increases security. Noone wants you to force to use firewall, people just care about your security, because they would never even go on internet without a firewall. Yes, using security suite without firewall can be efective as long as you will be lucky and I hope, that you will have plenty luck.

By the way, if you set Firewall to block all, you do not need to allow or deny anything.

 

If that's what's happening, you've set up your process control improperly.

 

hi toby,

you can also use the Search option of the forum before putting any question.

Attached Image:
--------------------------------------------------------------------------


--------------------------------------------------------------------------

Already, this forum has a vast collection of solutions on diffterent topics.
If the answers are there in the forum, u will get it.

otherwise, always feel free to post your questions...

Wilders are always eager to help.

 

no, i don't think you need to pay, there are some good free FWs.

but, i don't think the two - AVs and FWs are related, because you could be using the best AV ever, but it will only be protecting your computer from malware AFAIK. whereas, the FW will be listening on the network. packets which are considered acceptable, normal packets and i suppose some not so acceptable ones too, can be used to find out everything needed to exploit your computer, and an AV would do nothing because of the protocols used. it wouldn't be the AV's fault, but, i suppose it's a weakness of the TCP/IP suite.

i think you should always assume hackers know your IP. for instant, you could visit a site maintained by a hacker, and your browser will give away your IP, OS, browser, plugins, if you are allowing java to run, are you accepting Activex etc etc.

even if you haven't come across a hacker's site, s/he could scan your PC from her PC. closed ports, which some port scan sites pass as safe, would let her know you are there with a reset packet. if you are 'stealthed', the scanner would say the port is being filtered and and the scan could go ahead anyway

then, a hacker could detect which OS you are running, which programs are running/listening on the network, then find a way to use this information to exploit known weaknesses in the software which the FW gave away.

it probably sounds abit paranoid, but i'm sure it's happened lots of times.

 

Hi Toby75

If you haven’t already noticed, you asked a question that seems to trigger gun shots off on wilders, questions like these are being posted all throughout different boards, and often here on wilders which gets debated and re-debated time and time again…

Is it necessary for one to buy a firewall for protection? Something somewhat difficult to answer for another, especially in groups like message boards where there are many people’s different perspectives as well as knowledge ranges to security in general. An argument occurs and blood pressure arises and people loose focus and proper state of mind.

Let’s start by answering this question; Are firewalls in general necessary, yes (unless you don’t do Internet)… Does anyone debate that?

If you running previous Windows to Windows XP that has built-In Firewall do one need a Firewall? yes… anyone debate that?

If you running Windows XP with built-In firewall and its not activated and you don’t care to activate it, is it necessary for a firewall? yes… anyone debate that?

Is it necessary to have an active firewall if you using Anti-Virus system? yes… anyone debate that?

If using Router with strong firewall filtering capability, is a software firewall necessary? Yea, no, maybe…
Always the software firewall and not a Router that normally provides Application Filtering and other security measures against outgoing threats…

Is a firewall the only line of defence against threats? No of course not… anyone debate that?

Is it necessary to pay for a firewall? Yea, no, maybe…
If you using XP built-In firewall, possibly not depending on your online habits and the extent of sensitive data stored on hard drives. If you don’t use XP built-In firewall (for whatever the reasons) you do have a good few strong freeware firewall choices.

The choice between various freeware software firewalls and between freeware vs. paid, paid vs. paid software firewalls will be normally based on products GUI, how it can handle itself, the interaction with the user, the simplicity, coverage, controls…. …. Anyways buying a requirement would be really the based on the user and their needs and their habits (and knowledge)…

 

Link to previous threads:

Is firewall needed if you have NAT
https://www.wilderssecurity.com/showthread.php?t=121681

Is firewall needed if AV is running
https://www.wilderssecurity.com/showthread.php?t=121933

Is firewall really necessary for home user
https://www.wilderssecurity.com/showthread.php?t=108460

and more...

I do not think it makes much sense to ask/argue about the similiar question again and again, other than a mean way to kill time.

 

Give me a break...I just recently joined this forum....now I know