Firewall question - Printable Version +- Drunkard's Walk Forums (http://www.accessdenied-rms.net/forums) +-- Forum: General (http://www.accessdenied-rms.net/forums/forumdisplay.php?fid=1) +--- Forum: General Chatter (http://www.accessdenied-rms.net/forums/forumdisplay.php?fid=2) +--- Thread: Firewall question (/showthread.php?tid=9521) |
Firewall question - Stephen Mann - 11-24-2008 My mother's gotten a new computer (Vista, if you're curious), and I'm setting up her anti-virus, spam, and adware protections. Is the firewall that comes with Vista good enough to sit alone, or should I download and install another one? Steve Mann - Wiregeek - 11-25-2008 an additional firewall wouldn't be a bad idea, IMO - very little Vista experience here, though "No can brain today. Want cheezeburger." From NGE: Nobody Dies, by Gregg Landsman http://www.fanfiction.net/s/5579457/1/NGE_Nobody_Dies - Sofaspud - 11-25-2008 It depends, really. If she's using WiFi, then you want a stronger firewall. If she's using a cable connected to router (like your average home broadband user), then in all honesty the Vista firewall is more than sufficient. Nothing's going to get to her computer that a firewall would stop _anyway_, so, yeah. --sofaspud --"Listening to your kid is the audio equivalent of a Salvador Dali painting, Spud." --OpMegs - Wiregeek - 11-25-2008 http://www.daylife.com/photo/06Oj8Mdd8Z6Ks there is such a thing as too effective a firewall.. "No can brain today. Want cheezeburger." From NGE: Nobody Dies, by Gregg Landsman http://www.fanfiction.net/s/5579457/1/NGE_Nobody_Dies - Ankhani - 11-25-2008 Poor sot must have had Windows set to 'Maximum' .... Anyway, I use ZoneAlarm for my Firewall, so I can't really speak as to the strength/effectiveness of the Windows Firewall. If you are using a Router in addition to your Modem, though, I don't think there'd be much of a problem. I'd not advise against getting extra, but I can't really think you'd really need it with a router and intelligent user. --- The Master said: "It is all in vain! I have never yet seen a man who can perceive his own faults and bring the charge home against himself." >Analects: Book V, Chaper XXVI A blurb about Firewalls - paladindythe - 11-25-2008 Well, a Firewall's job is to stop unsolicited traffic to your computer. That is, a firewall stops communication attempts that start from outside of the firewalled network. Windows firewall does this just as well as any other's. (In fact, a home router does this already, unless you deliberately disable it--if you have an IP address like 192.168.xxx.xxx, that means you're in a private network, and pretty much guaranteed to be behind a firewall. What these other products bring to the table is the ability to track the traffic leaving your computer--to catch malware trying to communicate out. Now, if you're on (public, unsecured, WEP secured) Wi-Fi, pretty much anyone who wanted to who is also using the same Wi-Fi can snoop what you're doing on the net. Best defense here is a VPN tunnel to a proxy (like Hotspot Shield, for example). For home Wi-Fi, WPA (and WPA2) security is the only one that really protects your network from others 'wardriving' and using your network. Of course, they are only as strong as your password. Oh, if you're at home, and using ethernet cables, or a WPA protected Wi-Fi, 3rd party firewalls can be rather overprotective to certain applications--Scype, Bittorrent, Good old Fire Sharing, streaming media, etc. Rather like the security guards stopping (and detaining) the pizza delivery guy, because they weren't informed he was coming. - Wiregeek - 11-25-2008 that there is a wonderful mispelling - and I'm glad I don't have any computers allowed to do 'Fire Sharing'! good argument regarding firewalls, though. the tinfoil hat answer to that would be that the firewall/router itself is going to have vulnerabilities, so you should have a software firewall to back it up - this is less far-fetched than it appears at first glance. Modern reputable software firewalls play nice a LOT better than they did 5 years ago - but life isn't perfect yet. "No can brain today. Want cheezeburger." From NGE: Nobody Dies, by Gregg Landsman http://www.fanfiction.net/s/5579457/1/NGE_Nobody_Dies - Dragonflight - 11-25-2008 I wonder if the melted laptop was one of the Dells with the bad battery. Tinfoil... Heh. Reminds me of something I heard a year ago. About how paranoid people would tinfoil their basement to protect against snooping by "spies". Well I discovered last year from a friend of mine in the RCMP that all that tinfoil actually acts as a waveguide. It makes it easier to listen in, if that was your intent. I still don't like softwalls. Essentially in order to stop a malicious attempt, the connect request has to actually connect to the physical end before its denied. And I don't want malicious software that close to my computer if I can help it. I'll throw a router between me and the internet every time. --- Those who fear the darkness have never seen what the light can do. Security in general rather then specific - Rev Dark - 11-25-2008 The first question is what your parent does with the computer. Protection should be in line with what it is protecting. If the computer is being used for occasional surfing, a few games, etc. Then the VISTA firewall is sufficient. If banking/commerce takes place on it, the firewall might be sufficient when backed up by other controls (strong anti-virus/patch management) The second question, how much time are you planning to spend supporting it? The more level of security, the higher the level of oversite required. Tinfoil is not ideal for tempest; Seriously, the best thing you can do is teach the user how to be safe on the internet, as it is the warm, fleshy, squirty thing that exists between the chair and the keyboard that is responsible for most security issues. If you want to spend time protecting your mother's.... assets, your time is best spent on training her in how to safely use a computer. Shayne Thanks for the info, guys - Stephen Mann - 11-26-2008 I've read your responses to my mother and her fears are relieved. Thanks. That's the worst part of being the tech-geek son of a tech-ignorant parent. She trusts my word on most things, but her new baby? "Maybe you should ask some of your techie friends..." grumble, grumble.... Steve |