Drunkard's Walk Forums
Firewall question - Printable Version

+- Drunkard's Walk Forums (http://www.accessdenied-rms.net/forums)
+-- Forum: General (http://www.accessdenied-rms.net/forums/forumdisplay.php?fid=1)
+--- Forum: General Chatter (http://www.accessdenied-rms.net/forums/forumdisplay.php?fid=2)
+--- Thread: Firewall question (/showthread.php?tid=9521)



Firewall question - Stephen Mann - 11-24-2008

My mother's gotten a new computer (Vista, if you're curious), and I'm setting up her anti-virus, spam, and adware protections. Is the firewall that
comes with Vista good enough to sit alone, or should I download and install another one?

Steve Mann



- Wiregeek - 11-25-2008

an additional firewall wouldn't be a bad idea, IMO - very little Vista experience here, though
"No can brain today. Want cheezeburger."
From NGE: Nobody Dies, by Gregg Landsman
http://www.fanfiction.net/s/5579457/1/NGE_Nobody_Dies



- Sofaspud - 11-25-2008

It depends, really. If she's using WiFi, then you want a stronger firewall.

If she's using a cable connected to router (like your average home broadband user), then in all honesty the Vista firewall is more than sufficient.
Nothing's going to get to her computer that a firewall would stop _anyway_, so, yeah.

--sofaspud
--"Listening to your kid is the audio equivalent of a Salvador Dali painting, Spud." --OpMegs


- Wiregeek - 11-25-2008

http://www.daylife.com/photo/06Oj8Mdd8Z6Ks

there is such a thing as too effective a firewall..
"No can brain today. Want cheezeburger."
From NGE: Nobody Dies, by Gregg Landsman
http://www.fanfiction.net/s/5579457/1/NGE_Nobody_Dies



- Ankhani - 11-25-2008

Poor sot must have had Windows set to 'Maximum' ....

Anyway, I use ZoneAlarm for my Firewall, so I can't really speak as to the strength/effectiveness of the Windows Firewall. If you are using a Router in
addition to your Modem, though, I don't think there'd be much of a problem. I'd not advise against getting extra, but I can't really think
you'd really need it with a router and intelligent user.
---

The Master said: "It is all in vain! I have never yet seen a man who can perceive his own faults and bring the charge home against himself."

>Analects: Book V, Chaper XXVI


A blurb about Firewalls - paladindythe - 11-25-2008

Well, a Firewall's job is to stop unsolicited traffic to your computer. That is, a firewall stops communication attempts that start from outside of the
firewalled network. Windows firewall does this just as well as any other's. (In fact, a home router does this already, unless you deliberately disable
it--if you have an IP address like 192.168.xxx.xxx, that means you're in a private network, and pretty much guaranteed to be behind a firewall.

What these other products bring to the table is the ability to track the traffic leaving your computer--to catch malware trying to communicate out. Now, if
you're on (public, unsecured, WEP secured) Wi-Fi, pretty much anyone who wanted to who is also using the same Wi-Fi can snoop what you're doing on the
net. Best defense here is a VPN tunnel to a proxy (like Hotspot Shield, for example). For home Wi-Fi, WPA (and WPA2) security is the only one that really
protects your network from others 'wardriving' and using your network. Of course, they are only as strong as your password.

Oh, if you're at home, and using ethernet cables, or a WPA protected Wi-Fi, 3rd party firewalls can be rather overprotective to certain
applications--Scype, Bittorrent, Good old Fire Sharing, streaming media, etc. Rather like the security guards stopping (and detaining) the pizza delivery guy,
because they weren't informed he was coming.


- Wiregeek - 11-25-2008

that there is a wonderful mispelling - and I'm glad I don't have any computers allowed to do 'Fire Sharing'!

good argument regarding firewalls, though.

the tinfoil hat answer to that would be that the firewall/router itself is going to have vulnerabilities, so you should have a software firewall to back it up
- this is less far-fetched than it appears at first glance.

Modern reputable software firewalls play nice a LOT better than they did 5 years ago - but life isn't perfect yet.
"No can brain today. Want cheezeburger."
From NGE: Nobody Dies, by Gregg Landsman
http://www.fanfiction.net/s/5579457/1/NGE_Nobody_Dies



- Dragonflight - 11-25-2008

I wonder if the melted laptop was one of the Dells with the bad battery. Tongue

Tinfoil... Heh. Reminds me of something I heard a year ago. About how paranoid people would tinfoil their basement to protect against snooping by
"spies".

Well I discovered last year from a friend of mine in the RCMP that all that tinfoil actually acts as a waveguide. It makes it easier to listen in, if that was your intent.

I still don't like softwalls. Essentially in order to stop a malicious attempt, the connect request has to actually connect to the physical end before its
denied. And I don't want malicious software that close to my computer if I can help it. I'll throw a router between me and the internet every time.
---
Those who fear the darkness have never seen what the light can do.


Security in general rather then specific - Rev Dark - 11-25-2008

The first question is what your parent does with the computer.

Protection should be in line with what it is protecting.

If the computer is being used for occasional surfing, a few games, etc. Then the VISTA firewall is sufficient.

If banking/commerce takes place on it, the firewall might be sufficient when backed up by other controls (strong anti-virus/patch management)

The second question, how much time are you planning to spend supporting it? The more level of security, the higher the level of oversite required.

Tinfoil is not ideal for tempest;

Seriously, the best thing you can do is teach the user how to be safe on the internet, as it is the warm, fleshy, squirty thing that exists between the chair
and the keyboard that is responsible for most security issues. If you want to spend time protecting your mother's.... assets, your time is best spent on
training her in how to safely use a computer.

Shayne


Thanks for the info, guys - Stephen Mann - 11-26-2008

I've read your responses to my mother and her fears are relieved. Thanks.

That's the worst part of being the tech-geek son of a tech-ignorant parent. She trusts my word on most things, but her new baby? "Maybe you should ask
some of your techie friends..."

grumble, grumble....

Steve