Firewalls: Why we use them.

Discussion in 'privacy technology' started by SteveTX, Mar 22, 2008.

Thread Status:
Not open for further replies.
  1. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    I have a question for those here. Why do we use firewalls? For most, I think it is to keep unwanted traffic out. For some other, it is to keep traffic from leaving in addition.

    Can I solicit your opinions on what you use your firewall for? Are you also afraid of people on your home network attacking?
     
  2. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    I use a firewall coz I want to control what software contacts the net. The inbound protecton is secondary. I have learnt that even if you´re not stealthed or even have ports open there is no worries unless the software that operates through that open port has some security holes.
    Meaning that the bad guy can not do anything with simply a open port.
     
  3. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    1)For outbound detection\prevention primarily.
    2)I am on an 8 PC network between 2 homes. Different PCs are constantly introduced into it for various reasons. I trust the initial 8, it is the new ones I take precautions with.
    3)Last but not least, a second layer of defense for inbound. Needed or not.
     
  4. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    At home I have my NAT router and it's tweaked correctly and protected with a strong passphrase. One of the greatest weaknesses in many peoples PC security is in keeping the default passwords on their routers. I use a software firewall for outbound protection.

    Using my laptop on the road, I am concerned about inbound and outbound protection. If the hotel room has wired Internet access, I have my NAT-enabled travel router (smaller than a paperback book) in my bag that gives me a comfort level I wouldn't otherwise have.

    By the way, I disagree strongly with sukarof (post #2 above). Much damage can be done by being "wide open" on the web without inbound protection.
     
    Last edited: Mar 23, 2008
  5. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Maybe I should have added that of couse with a fully patched system. Future unknown threats I guess would be a motivation to have inbound protection. Since there is no harm in having inbound protection I´ll use it just for the sake of it.
    I am no expert so I dont know what could happen with "wide open" ports, I just refer to people who are more knowledgeable than me. You are probably one of them. What damage can be done on a system with the latest patches where you have open ports and no security holes in the software that uses those open ports? What can a hacker do with lets say port 48006 that for some reason shows open when checking with grc.com?

    when I turn off my inbound protection all of the ports that I check are closed and I guess that is the case for the most of us.
     
    Last edited: Mar 23, 2008
  6. Tunerz

    Tunerz Registered Member

    Joined:
    Jun 12, 2007
    Posts:
    96
    Location:
    Philippines
    1. To prevent most intrusions or control incoming traffic (inbound)
    2. To control applications that require internet usage (outbound)
     
  7. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    This has been extremely elucidating. Thanks for the comments. I now have an idea that could be very good.
     
  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,

    I use the firewalls:
    - To control and shape the traffic to my needs.
    - To control outbound for some apps that I don't wish to be able to do so.
    - To limit background noise inbound.

    Mrk
     
  9. wat0114

    wat0114 Guest

    My reasons pretty much mirror those of sukarof's and Mrk's, especially for outbound control, though I suspect I'm a little more paranoid than them :)
     
  10. Jim Verard

    Jim Verard Registered Member

    Joined:
    Jun 5, 2007
    Posts:
    205
    My reason:

    - To control outbound for some apps that I don't wish to be able to do so.

    I only use to control the xB Browser when it comes to Javascript and that sort of things that might send my true IP to the site connected. And to avoid unauthorized attempts from softwares that can do the same.
     
  11. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I only use inbound protection with a hardware firewall. Outbound protection is of no concern as I do not install promiscuously. If my trusted software needs access that is fine by me.
     
  12. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Same here.
     
  13. boonie

    boonie Registered Member

    Joined:
    Aug 5, 2007
    Posts:
    238
    Inbound only as well
     
  14. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
    If I could find a firewall that has outbound protection and
    absolutely no other issues, of any kind, with overall system
    configuration and security strategy, I'd probably use it. But I
    never have. Given my setup and personal experiences in over
    ten years on the Net, for me, at least, outbound protection by
    a firewall, considering the other security I run, is trivial.
    So no outbound firewalls here. Solid inbound firewalling is all
    that concerns me.
     
  15. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    How about 100% uninvited inbound blocked, and trivial TDI monitoring/blocking of outbound, with the installation being modular, portable, and with virtually no decrease?
     
  16. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
    I am neither a programmer, nor a Windows expert, so my understanding
    of TDI is very limited. If you mean monitoring of TCP/UDP in some way
    that detects an illicit outbound communication , not necessarily
    application-specific, I'm all for it. The rest sounds good. My interest is in
    firewalls being firewalls - light, fast, secure, rules-configurable, and nothing else.
     
    Last edited: Mar 25, 2008
  17. CircleGirl

    CircleGirl Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    61
    Location:
    Circle Campus
    Like going out into cold weather layers are essential--the same with a firewall-- it is an important layer along with AV and SBIE, which all together makes for good warm protection (metaphorically speaking).

    Somehow I think the metaphorical part is understood but I wanted to see if I could spell it without using the spell checker!
     
  18. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Hope ya don't suffocate under these layering,at least your OS has some room to breathe (metaphorically speaking) :D
     
  19. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    Why do we use software firewalls?

    because it provides another layer in your security setup, if you ever get a trojan
    on your pc your software firewall can prevent the trojan from accessing the internet causing further damage on your pc. this is what all the firewall leak tests are for.
     
  20. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    If people can't adjust the configuration to allow some unsolicited inbound traffic then you have something that (i) makes P2P almost impossible and (ii) will interfere with some online games.

    Also "trivial TDI" monitoring of outbound traffic won't cope well with even basic leaktests or malware using similar techniques.
     
Loading...
Thread Status:
Not open for further replies.