Why home firewall software is a leaky dike

Discussion in 'other firewalls' started by ronjor, Aug 24, 2006.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,798
    Location:
    Texas
    Article
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    From same article:
    :thumb: :thumb: :thumb:
     
  3. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Well that's well know what is written in this article.
    Resuming you can say, that the security on your PC is as good as you know what you are doing. Bad configuration, not following standard security measures, missknowledge can do more harm than good.

    Lets put Internet Explorer in 'Trusted Zone' and everything will go ok :) And this buy the way is the risk of so called 'one-click' firewalls.
     
  4. trickyricky

    trickyricky Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    475
    Location:
    London, UK
    From that article:

    Now, we all know that a good security model is a layered one, as the article does indeed suggest. So which particular layer prevents software making unwanted calls home? Oh yes, the personal firewall. A router/firewall appliance cannot do this alone, as it stands.

    I suppose then that a leaky dike is to be preferred to no dike at all...
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,046
    Location:
    The Netherlands
    I believe software-based firewalls have become a lot better the last couple of years, at least it´s better than nothing. And if I´m correct, HIPS can also be used to fight against malware trying to bypasss the firewall, just look at all those leaktests.
     
  6. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    Very interesting article.

    .

    I guess the best recommendation is to know where you are surfing and make your PC act like a hermit. :D
     
  7. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Yep I picked that up as well.

    Router firewall here but I still use a software firewall to stop MS programs phoning home.
     
  8. thatman

    thatman Registered Member

    Joined:
    Jun 21, 2006
    Posts:
    15
    Location:
    Russia
    there are few facts only words
     
  9. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Good article. Well here is my thoughts.

    Good points are made nevertheless, my software personal firewall double checks that my NAT Router firewall is working correctly. No incoming attacks. A silent hard drive, when not in use. So it is best to have redundancy. :) I hate turning the PC on and off. Takes to long to come up even under the best of circumstances.

    My desktop firewall is a gate keeper for the most part. Trusted programs are given full or partial access. Everything else :shifty: :thumbd: .

    One (weak) link in the chain of PC security and I would agree not the most important. But even the weakest link will hold fast and not necessarily break. By far the best is to keep crapware off your machine with other security programs or secondary built in components in the firewall as in the suites.

    If one is behind a hardware firewall blocking only incoming then there is no need to panic. As my firewall is set to be manually turned on after the occassional reboot. I have been without my software firewall on for as long as a week. Whoops I forgot to turn it on. o_O :oops: With no ill effects. :thumb:

    Still I think I'll keep my Out Post Pro as long as it doesn't chew up too much resources. ;)
     
  10. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Since this article is meant for beginners, there are good points like to control emails, javascripts, to check auto configuration rules and to use additional software like AV.
     
Loading...
Thread Status:
Not open for further replies.