how-to block ads
|
SomerZ
@pipex.com
| So how exactly does this work in the real world?
Real world scenario:
I'm reasonably computer literate. I can't program professionally, but I can do a dab hand at most end-user tasks, I can install, backup and manage my WinXP PC, I'm on DSL, I've put the latest Zone Alarm on with AVG, and configured their options reasonably well. This is the limits of my capabilities at present.
Zone alarm worries me - too often some anonymous part of the Windows OS (eg "application layer gateway") seems to be asking to access the internet, and I dont know what program is trying to use it, or if thats always legitimate, or not. Since I'm running a whole load of internet-accessing programs, its impossible to tell what program is making the request, or why.
So I decided to try a different firewall for a bit. I tried some of the better known software firewalls. I dont want to name names, because this post isnt about pros and cons "which one to use", its the princiople of it all.
I gave up.
Rules upon rules, none of which I understand. Port mapping to run mIRC DCC, which I vaguely understand, but cant configure mIRC and wouldnt have a clue how to configure a proper firewall. I looked at this plethora of information (I was using Tiny firewall at this point having tried to understand 4 others) and just gave up.
It seems that to use a professional firewall requires specialist knowledge. I'm back on Zone Alarm. I dont know if Im secure or not. What I do know is,. I dont have a choice. I just dont have the technical understanding or ability to learn how to manage any of the others I tried. I know which programs are allowed on the net, but ports, rules, packets, protocols... god knows, they all use different ones, and I spent a month trying to understand it all.
If I can't (and although I'm an amateur I am likely to be far more skilled than 60% of computer end-users) what hope have the majority of us got?
Analogy: imagine that to run an anti virus program, you bought the basic engine, and some basic heuristics rules, and then had to fine tune the heuristics rules yourself.
Never mind the ciscos and pix and smc and stateful packet inspection. If you cant use it, you cant configure it, you dont understand it... then these are pointless to argue over except for knowledgeable professionals.
Comments on the real world scenario, for people who dont have the time, or capability, to get a qualification in understanding rules ports protocols and the net connections used by each and every program on the net.
(Typical programs include ICQ, mirc, trillian, Yahoo IM, emule, skype, MS windows, file sharing, internet connection sharing, email, winows media encoder, http, https, ftp, game clients, livejournal clients, winamp cddb clients, norton liveupdate, remote desktop, remote assistance, ... you get the idea... like how many users are going to know what settings to use for all the programs out there?)
So.....
What exactly is best practice for everyday folk who wish to be responsible and ensure their machines are safe, and who either don't understand, cant understand, or feel they dont want to have to study and understand any of this at a technical level? | |
ghost16825
Use security metrics
Premium
join:2003-08-26 | Re: So how exactly does this work in the real worl
Don't worry, I'm creating a website just for you - which of these common applications need what and when. This is quite a large project for me, so don't expect it to be finished soon, but I'm working on it. | |
SomerZ
@pipex.com | reply to SomerZ
Re: So how exactly does this work in the real world?
Thanks 
Is there a URL so it can be seen as it develops, or is it more likely to be "design in the background and then put online when its mostly done"? | |
ghost16825
Use security metrics
Premium
join:2003-08-26 | Re: So how exactly does this work in the real worl
"put online when its mostly done" | |
|
