Psicop
More human than human
Premium
join:2005-12-21
| reply to Bubba17
Re: Just dunno what firewall to use...Which one you use?
I have only two machines in my network (behind a D-Link router), mine and my wife's. My wife is using only the XP's FW and things have been good since I set up both boxes at the end of november last year. I am using Comodo in mine but the fear of uninstalling and making a mess in Windows registry is far too great to be ignored. Hence, I decided to keep Comodo, but honestly I don't need it. I am planning to run a Linux distro (thing that I have been postponing since mid last year) sooner or later; actually, whenever I get the time to do that. But...I procrastinate a lot when it comes to major computer maintenance.
Bubba, just use XP FW, is more than enough as long as you are behind a solid router. |
|
Bubba17
Less is More
Premium
join:2006-09-21
| reply to goodchefro
said by goodchefro  :So if it is blocking incoming (that's exactly its purpose), how would the purported "Bill" be able to get inside your "house" and "phone home"? Exactly. Via safe surf habits, w/security apps in backup, what "goes out" is whatever you desire/allow.
--
HN7000s|H1(127W)-1110mhz|.98m-2w|Pro+|3.0ghz dual-core|3gig-ram|BFG7800GT-OC-256MB|XP-SP2
"Fast is fine, but accuracy is everything." -- Wyatt Earp |
|
Bubba17
Less is More
Premium
join:2006-09-21
1 edit | reply to appleAday
said by appleAday :
Isn't there a problem or some flaw that makes it unsafe running the Xp firewall for dialup users?
In the thread CJ linked to, "El Cheapo Router Challenge", it was mentioned that this vulnerability was corrected with a patch from MS.
edit: ok, so I'm the 5th to state this .. maybe the poster of the question required additional re-reinforcement.
--
HN7000s|H1(127W)-1110mhz|.98m-2w|Pro+|3.0ghz dual-core|3gig-ram|BFG7800GT-OC-256MB|XP-SP2
"Fast is fine, but accuracy is everything." -- Wyatt Earp |
|
Bubba17
Less is More
Premium
join:2006-09-21
| reply to CalamityJane
Very much appreciate you providing the "Challenge" link. A great read. You're running XP's FW alone or with router?
I recently, as I'd threatened in another thread, bought XP Pro (full) w/SP2, replacing Media edition. Nuked the drive, a complete fresh install. With XP's FW activated and capturing activity to a log, upon re-establishing my satellite link (I also had AV, AS and BOC active) .. I, gingerly, over a period of 3-4 days, drained MS updates and re-installed other software. At no point did I notice anything strange or feel threatened. Course, too, I'm NAT'd from the NOC on satellite. Just recently, prior to reading the linked thread, I installed Comodo Pro. Though I've not had any trouble with Comodo .. I now ponder it's removal and using XP's FW exclusively. What do you think?
--
HN7000s|H1(127W)-1110mhz|.98m-2w|Pro+|3.0ghz dual-core|3gig-ram|BFG7800GT-OC-256MB|XP-SP2
"Fast is fine, but accuracy is everything." -- Wyatt Earp |
|
goodchefro
join:2007-02-21
Macomb, IL
 ·Logonix Corporation
2 edits | reply to Mele20
When people run out of viable methods of forcing their opinions onto others who disagree regarding an issue, they always resort to cheap shots that either target grammar, the person itself, or fabricated inflammatory adjectives.
That's the true definition of a troll.
I'm glad we had this character revealing argument. The content of your last post shows indeed who's the real troll. Thanks for the clarification.
Good riddance.
Edit:
By the way, that was really funny coming from someone who edits typos... |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
1 edit | reply to goodchefro
I can't read choppy, poorly constructed sentences. Please construct a proper argument into a paragraph where you do not intersperse my comments.
I don't think you understand much about firewalls or about ProcessGuard. I also have no idea what you are blathering on about the difference between dialup and broadband in relation to a software firewall or the use of ProcessGuard. You do not need a software firewall with broadband if you have a router but you still need PG or something to control what calls out and when and to protect all your processes, to protect against rootkits, etc. I too have no intention of letting Billy stick his nose in my business. IE is programmed to periodically start without the user's permission to go to WU. The only thing that will stop that is something to override Billy's desire to spy on you and force WGA down your throat. It is a simple concept to understand why I use PG and XP firewall on dialup and PG and a router on broadband but you can't seem to grasp the concept.
I'm beginning to think you may be a troll since you seem to deliberately be misunderstanding and attempting to inflame. I won't respond further and am removing this thread from my followed list.
edited for typo
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"
»www.msfirefox.com/ |
|
batterup
I Can Not Tell A Lie.
Premium
join:2003-02-06
Netcong, NJ
clubs:
·Verizon Online DSL
| reply to goodchefro
said by goodchefro :What paying broadband has anything to do with the "next to useless" firewall? Probably is an East Coast thing... Let us recap; you said you don't mind Bill using your broadband for his use. I do. |
|
goodchefro
join:2007-02-21
Macomb, IL
·Logonix Corporation
1 edit | reply to Mele20
said by Mele20 :Well, I would never use just the XP firewall (except in situations as I explained in my earlier post) as it IS an insufficient firewall.
I am not sure if anyone argued YET pro using JUST the XP firewall. Twisting words to undermine someone's opinion is a pretty easy endeavor... said by Mele20 :
I use my router to keep stuff from getting in.
Remember that you personally brought about the dial-up firewalled connection. I am using a router as well, with my dsl, but that's beside the point. said by mele2- :
To keep stuff from getting out when I don't want it to, I use ProcessGuard.
Well, reverting back to firewalled dial-up connection? A mélange in a discussion is very unproductive. said by Mele20 :
Most folks will use a software firewall for the same purpose but they can't use the XP firewall because it lacks this important functionality so it is insufficent unless you combine it with something like ProcessGuard to control what gets out.
So, I guess you're still talking about dial-up connection. Well, while on firewalled dial-up I never had programs running "on their own" without my permission, as u argued about some WUpdate or IE, so I am not sure where from you get the "insufficiency" factor. Administration Tools are designed exactly to control what services/programs/activeX controls are running. Maybe that "insufficiency" factor of XP FW comes probably from: said by Mele20 :
]I think some posters here are just mouthing off to mouth off
I agree with you. said by Mele20 :
...because I find it very difficult to believe that any person serious about computer security doesn't care what gets out and when.
A serious person about her/his computer security can suffice with less than you might think, as gesc put it simply...you gotta know what you're doing. I still don't perceive the "insufficency" or "next to useless" argument as a standing one. Maybe just as ... own opinion bravado. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to Psicop
Well, I would never use just the XP firewall (except in situations as I explained in my earlier post) as it IS an insufficient firewall. I use my router to keep stuff from getting in. To keep stuff from getting out when I don't want it to, I use ProcessGuard. Most folks will use a software firewall for the same purpose but they can't use the XP firewall because it lacks this important functionality so it is insufficent unless you combine it with something like ProcessGuard to control what gets out.
I think some posters here are just mouthing off to mouth off because I find it very difficult to believe that any person serious about computer security doesn't care what gets out and when.
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"
»www.msfirefox.com/ |
|
Psicop
More human than human
Premium
join:2005-12-21
| reply to wiener_bur
Well, guys chill out. One thing is being security conscious and smart about how things work in this business. And other thing is being a paranoid.
I repeat again, Windows XP firewall together with a router is more than enough. And even a serious router is more than enough as well, but hey! a dumbo even with a $10,000 Cisco router will allow T0rn rootkit to flush a computer running EnGarde Secure Linux.  |
|
goodchefro
join:2007-02-21
Macomb, IL
·Logonix Corporation
1 edit | reply to batterup
What paying broadband has anything to do with the "next to useless" firewall? Probably is an East Coast thing...
I'm glad that at least one of us is indeed offended by a contrary opinion, so the "anonym" poster can rest assured that his "observation" at least hit a target...no matter that it wasn't the intended one.
If you have a checking account you don't question the bank teller why s/he has access to your account... |
|
batterup
I Can Not Tell A Lie.
Premium
join:2003-02-06
Netcong, NJ
clubs:
·Verizon Online DSL
| reply to goodchefro
said by goodchefro : If Bill wants to "phone home" a picture of me reading the news on the potty, so be it. Really? That is odd, you are one in a million. Does Bill pay for your broadband? He doesn't pay for mine. |
|
goodchefro
join:2007-02-21
Macomb, IL
·Logonix Corporation
| reply to Mele20
said by Mele20 : I have to come out from behind the router for a short while, or on my backup dialup account, the XP firewall is sufficient because I also have ProcessGuard to control my applications. I'm sorry, but I wasn't offended and I don't have a problem with how people decorate their homes, for example having a piano on the ceiling...
If the "anonym" person wants to read again, he might see that I was arguing, as a matter of fact, the sufficiency of the very highlighted item, unlike the other poster who considers that the item's "value" is..."next to useless".
Since when commenting an opinion (not a person) is interpreted as "being offended"? 
One should get offended when someone talks about their big nose, or about their chafed face let's say, but not when a point of view (either flawed or not) is discussed. |
|
jsimmons3
join:2006-04-17
San Antonio, TX
| reply to webhead
In the links posted by CalamityJane, Linklogger says the problems with the XP firewall for dial up users was fixed with an update from MS. So I'm assuming you shouldn't use the XP firewall to protect yourself after you first install Windows XP (e.g. after a reformat) because you won't have the fix till you get the updates and you can't get the updates till you've got the fix, kind of a catch 22. So before you reformat or reinstall Windows I would download another firewall and save it to a cd, thumbdrive, or whatever that you can install and use while you get your Windows updates. After your done you can uninstall that firewall and use the XP firewall again and you should be ok then. Well, most normal people who are that well-informed about the XP firewall would simply unplug the network cable from their machine before re-installing XP and setting up other (better) firewall software. Of course, if you have a decent hardware firewall, there's no problem now, is there? |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to ttdowning
I agree. I don't even let IE start without my express permission. It started up one time, all on its own, and took itself over to Windows Update site (which I don't use as I get each patch individually from MS Download site) and was trying to download WGA when I finally stopped it. I didn't stop it at first partly because my mouth was hanging open in amazement that Microsoft would program IE like that and secondly because I wanted to see exactly what it was up to before I stopped it. I immediately tied it down on a short leash using Process Guard because I don't ordinarily use a software firewall. I only use one if I have to come out from behind the router for a short while, or on my backup dialup account, and the XP firewall is sufficient because I also have ProcessGuard to control my applications.
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"
»www.msfirefox.com/ |
|
ttdowning
@niuhi.com
| reply to wiener_bur
@ goodchefro
Not that I'm trying to argue with you, but some people do give a rats behind what programs try to access the net, and while you don't seem to, some people value their privacy and don't want ANYTHING accessing the net behind their back.
I for one don't want any programs accessing the net without my full permission and this should be everyone's right to decide. I'm glad I can block "so called" legitimate programs from phoning home, and if that offends some people, too bad, that's their problem. |
|
goodchefro
join:2007-02-21
Macomb, IL
·Logonix Corporation
1 edit | reply to batterup
said by batterup :There is allot of software that one installs that does things one might not want it to do. Windows for one. I'm still not sure why u think the Windows FW is "next to useless".
Like gesc said, if one is that dumb to click on anything and everything to download, then probably the firwall is indeed worthless.
On the other hand, what's wrong with GWA or any other LEGITIMATE Msoft software "phoning home"? If you don't have anything to hide and your version is legitimate, then what's the problem?
I like legit things and if the "phoning home" helps keeping that Microsoft "safe" environment, I don't give a rat's behind what LEGIT program phones home.
I never got a virus or an infection by using the dial-up firewalled connection. If Bill wants to "phone home" a picture of me reading the news on the potty, so be it.
As long as the W firewall does its job to keep mischievous stuff outside the door, it is useful.
But that's just my opinion. |
|
batterup
I Can Not Tell A Lie.
Premium
join:2003-02-06
Netcong, NJ
clubs:
·Verizon Online DSL
| reply to Psicop
said by Psicop :The reason why everyone bashed XP's firewall is simply due to the lack of outbound protection, but if you know what you're doing then this FW is enough. You would be surprised at the number of times Windows phones home. If it were not for outbound protection one would never know the number of times WGA phones home. One would not know that WMP11 wants to connect to Akiemia when nothing was requested from them. One would be surprised at the number of times legitimate programs want to phone home.
I may know what I am doing but what harm does outbound protection do? Doesn't Vista have outbound protection? Network engineers know what they are doing yet they have $5,000.00 hardware/software firewalls. |
|
webhead
@zmk.fr
 from:
jaykaykay
| reply to wiener_bur
In the links posted by CalamityJane, Linklogger says the problems with the XP firewall for dial up users was fixed with an update from MS. So I'm assuming you shouldn't use the XP firewall to protect yourself after you first install Windows XP (e.g. after a reformat) because you won't have the fix till you get the updates and you can't get the updates till you've got the fix, kind of a catch 22. So before you reformat or reinstall Windows I would download another firewall and save it to a cd, thumbdrive, or whatever that you can install and use while you get your Windows updates. After your done you can uninstall that firewall and use the XP firewall again and you should be ok then. |
|
markopoleo
join:2003-04-02
Bonne Terre, MO | reply to jsimmons3
Hardware router/switch only I recommend. The next piece of security is the hardest to get, reason and common sense when using the internet. That fails lots of people for some reason. |
|
