Mospaw
3 days to go . . .
Hawaiian Jellyfish
join:2001-01-08
The Pacific | Call me paranoid...
...but I like to know which programs are tyring to get out, as well as limiting any outside connections.
I vote for both ways.
If you're going to run it, you may as well get all the protection you can. |
|
Cam
Premium
join:2003-01-25
Luther, OK
clubs: | Ok, you are paranoid...
but I agree. Just because I am paranoid, that doesn't mean someone isn't out to get me. |
|
Mospaw
3 days to go . . .
Hawaiian Jellyfish
join:2001-01-08
The Pacific
 ·Cox HSI
Host:
Road Warriors, Not..
All Things Macintosh
Automotive
| Very very true.
I've never had a virus, trojan or any other malware at home. My machines are well protected and my users (Mrs. Mospaw and me) are well educated.
Would this be the same without the hardware routers and software firewall? Perhaps. But for the effort and cost, they're both very good insurance.
Of course, a counter argument can be made. To use an analogy: I live in Florida. I keep a banana in my ear. We don't have any penguins. It's obviously the banana in my ear keeping penguins away. |
|
Da Geek Kid
join:2003-10-11
Mclean, VA
| power of mgmt
Consider it b/w mgmt... 
Also, when a worm pops up... you'd keep it in house and won't infect yer neighbors... That's a good thing...
Also you ought to know what's running in your Corp. network....
Unless you work fer RIwaaaateva and MPwho then run Kazaa,etc  inhouse... |
|
AMDUSER
Premium
join:2003-05-28
Earth
clubs: | reply to Cam
Re: Call me paranoid...
I agree.
Just because because I'd rather find out from the firewall that someone is out to get me[trying to break in], then have the system get compromised. |
|
Denjin
join:2001-01-18
Schaumburg, IL
| bidirectional...
I'm not used to even hearing this term. Any network firewall is just a firewall. By definition it can control traffic both ways.
I guess they are talkin about the crappy software 'firewalls' people install? I think the only reason Microsoft made it just control stuff one way is for simplicity to the end user.
--
Ningen wa, ningen da. |
|
Matt
Take me down to the paradise city
Premium
join:2003-07-20
Jamestown, NC
 ·North State Commun..
| Honestly....
They are generally pointless for the majority of users.
I mean, how many people know WTH svchost.exe is and why it's trying to access the internet.
The general computer populace doesn't understand outbound protection, what needs it and what doesn't.
--
TripOnThis.net Administrator
"Security by obscurity is no security at all. Don't believe the hype." (c) MntlCase |
|
MarkyD
Premium
join:2002-08-20
Oklahoma City, OK
clubs:
·Cox HSI
| said by Matt  :
They are generally pointless for the majority of users.
I mean, how many people know WTH svchost.exe is and why it's trying to access the internet.
The general computer populace doesn't understand outbound protection, what needs it and what doesn't.
True. My mother calls me often asking "what is xxxx.exe and should I allow it to access the internet?"
Then, I got her a Mac.
--
HyperJoe 2004 |
|
woody7
Premium
join:2000-10-13
Torrance, CA | Hmmmmmmmmmm....
Maybe the "end user" awareness is improving....I get a lot of "Starbucks cards" for cleaning up messed up computers....I don't do it for free, cause if they feel a little "pain" it helps in the awareness...JMT
--
BlooMe |
|
exocet_cm
In memory of dadkins
Premium
join:2003-03-23
New Orleans, LA
clubs: 
·Cox HSI
·Suddenlink
 ·Cingular Wireless
·AT&T Southeast
·Charter Pipeline
| reply to MarkyD
Re: Honestly....
quote:
True. My mother calls me often asking "what is xxxx.exe and should I allow it to access the internet?"
Then, I got her a Mac.
LOL! That's awesome! 
--
I know that God is real, but I don't think He created this vast universe just for us.
Seti@Home & Seti@Boinc |
|
lefty1
join:2002-10-25
Clay, NY
| Call me paranoid, too
I can't believe this question is even being seriously asked. A firewall won't necessarily stop malware from getting on your computer, but a software firewall, such as Zone Alarm, can keep a trojan from phoning home.
It's true that most people won't know the difference between svchost.exe and mxtarget.dll, but does that mean no one should have the opportunity to make that decision?
Only a true internet moron would opt for uni-directional protection. |
|
Jason Levine
Premium
join:2001-07-13
USA
| reply to Matt
Re: Honestly....
said by Matt :
They are generally pointless for the majority of users.
I mean, how many people know WTH svchost.exe is and why it's trying to access the internet.
The general computer populace doesn't understand outbound protection, what needs it and what doesn't.
Let's assume that we have two identical clueless users whose PCs are infected by viruses/spyware/trojan/whatever that is trying to connect out to either spread itself or phone home. The user without outbound protection will always let the malicious app connect out. The user with the outbound protection at least has a 50% chance of blocking it (Yes/No). And if the "do you want to let it connect to the Internet" question is phrased right, they might get scared enough to click No or at least ask a PC expert.
--
-Jason Levine
http://www.jasons-toolbox.com/
http://www.PCQandA.com/
http://www.urateit.com/ |
|
yock
TFTC
Premium
join:2000-11-21
Fairfield, OH
| reply to Denjin
Re: bidirectional...
said by Denjin :
I'm not used to even hearing this term. Any network firewall is just a firewall. By definition it can control traffic both ways.
I guess they are talkin about the crappy software 'firewalls' people install? I think the only reason Microsoft made it just control stuff one way is for simplicity to the end user.
Ease of use does not equal security. Egress filtering is of paramount importance to control the spread of malware and to ensure your privacy online. Given the choice, I'll toss away ease of use and read the damn instructions.
--
Statistical correlation need not imply causation.
Technical Nirvana |
|
Matt
Take me down to the paradise city
Premium
join:2003-07-20
Jamestown, NC
·North State Commun..
| reply to Jason Levine
Re: Honestly....
said by Jason Levine :
The user with the outbound protection at least has a 50% chance of blocking it (Yes/No). And if the "do you want to let it connect to the Internet" question is phrased right, they might get scared enough to click No or at least ask a PC expert.
Very True, but the majority of users are simply going to remember, "When I say no, things don't work." and are conditioned to say yes.
--
TripOnThis.net Administrator
"Security by obscurity is no security at all. Don't believe the hype." (c) MntlCase |
|
ahulett
Life Without Walls
Premium
join:2003-02-02
Bellevue, WA
| Both Ways.
Saying an inbound-only firewall is sufficient is like saying a customs check is only needed for those entering a country, and those leaving it are free to enter neighboring countries unchecked. An inbound firewall is ineffective against viruses/trojans/malware on CDs, floppies and USB memory devices, and items slipping by email defenses.
You need security checks both ways.
--
Aaron Hulett | Trojan Analyst | Mischel Internet Security |
|
IamZed
Premium
join:2001-01-10
Dayton, OH
| Interesting idea
Still, I thought it was an interesting thread in security when I read it last night. Mosesr was requesting if and outbound only application to complement the XP SP2 firewall existed, as well as wether outbound was overkill. I side with the “There is no such thing as overkill” crowd, but an outbound only app was an interesting question.
--
Relax |
|
Denjin
join:2001-01-18
Schaumburg, IL
| reply to yock
Re: bidirectional...
I know that, just conjecture by me on why Microsoft did it.
said by yock :
said by Denjin :
I'm not used to even hearing this term. Any network firewall is just a firewall. By definition it can control traffic both ways.
I guess they are talkin about the crappy software 'firewalls' people install? I think the only reason Microsoft made it just control stuff one way is for simplicity to the end user.
Ease of use does not equal security. Egress filtering is of paramount importance to control the spread of malware and to ensure your privacy online. Given the choice, I'll toss away ease of use and read the damn instructions.
--
Ningen wa, ningen da. |
|
B
Premium,MVM
join:2000-10-28 | reply to IamZed
Re: Interesting idea
Yes, there has been at least one, called "ZoneAlarm". No, I'm not being clueless -- please see my response in that thread.
-- B
--
In a realm outside causality and function |
|
raydog1
Feel Secure
Premium
join:2003-07-10
La Vergne, TN
| Here's a kick in the pants. . .
Two nights ago, there was an update to Snapstream Media's Beyond TV3. For those who don't know, this is an application that essentially gives your computer Tivo-like capabilities, allowing you to record tv shows on your pc, use time-shifting, etc.
This was a major update and those of us in the BTV3 community have been waiting a long time for some of the new features offered by this update. Even better it was free to those of us who purchase the previous version.
One of the new features is an enhanced error-reporting capability. I know this because I saw it in action the moment after installation. A little yellow triangle with an exclamation appeared in the task tray. After clicking on it, I get a window that says something like,
"Beyond TV3 installation has detected vsmon.exe. This may be a component of the Zonealarm firewall. There have been memory leaks reported with this firewall while Beyond TV3 is running. We recommend using the Windows XP firewall."
It's incompatibilities like this that turn people away from firewalls. Kerio had similar problems with Nero's InCD. I've installed ZA on friends' PCs or recommended them. Most of the time, they get uninstalled very quickly because they can be very annoying to the average user. Especially when they start getting errors or the BSOD when there is a conflict with another application.
Face it. If you're a member of this forum, then you probably have a software firewall or you're knowledgable enough to manage without one. But, the average user is rarely going to use one. Most people don't even use an up-to-date antivirus app.  |
|
jdmurray
Premium
join:2001-03-02
Huntington Beach, CA
clubs: | reply to MarkyD
Re: Honestly....
I take it that her Mac doesn't have a software firewall installed and that's how you got her off your back? |
|
