Avast or Zone Alarm using proxy server?

[Gerald Vogt]

Many firewalls have component control which would notify of a programme
trying to use or piggyback another programme to connect out,and also

How do you know it works? Have you tried it? It has been circumvented.
And again, it is easy for a software you are running to deactivate the
firewall the same way you would do manually.

loopback (localhost) that can be enabled or disabled (apart from sygate i
believe)I dont believe xps firewalls can offer the extra protection.

What is protection for you? Protection is there where it protects me
against the bad. What I usually get it protection against the "good"
programs I installed and wanted anyway while the bad guy can circumvent
the mechanisms. So doesn't actually the PFW fail for exactly its main
purpose to protect against the bad guy??

Gerald

 

[Martin]

Again: it is easy to circumvent. Your PFW does not stop _all_ programs
talking to the net without asking first. It does stop those which kindly
agree to be cooperative and do simply use the windows IP stack for
communication. If the program does use other ways of communication (e.g.
your web browser) your PFW won't block nor notify because I assume that
your PFW is configured to allow outgoing web browser traffic. Programs can
also simply deactivate the PFW for a while and send out data anyway.

Again: There is no way to filter _all_ outgoing traffic on the computer
you are running. The only thing to do that would be some external device.

Gerald

BUT, ZA still does more than Windows FW. Sorry, I have to agree with
Lars-Erik here.. I have previously used Windows SP2 Firewall only and
still encountered problems with things getting in, odd programs accessing
the 'net, etc. Switching to ZA Pro solved all that and more. I know you
can never be 100% sure of stopping everything, but ZA sems to stop more than
WFW ever did...

I also like the fact that when setup correctly ZA lets you 'control' what
programs have internet access whereas Windows FW just lets them loose!!

Sorry, but what I've found from experience on our 3 computers, and with a
daughter that spends more time on the internet than she does talking to her
family!!!

 

[Gerald Vogt]

BUT, ZA still does more than Windows FW. Sorry, I have to agree with
Lars-Erik here.. I have previously used Windows SP2 Firewall only and
still encountered problems with things getting in, odd programs accessing
the 'net, etc. Switching to ZA Pro solved all that and more. I know you

You already have "odd programs" on your computer. Why don't you fix that
problem and get rid of the "odd programs"? Wouldn't that be the right
approach. You seem to fix symptoms instead of fixing the cause. If you
have malware on your computer, it is just to late. Hoping that your ZA
does prevent contact to the outside for these programs is just not
really solving the problem.

can never be 100% sure of stopping everything, but ZA sems to stop more than
WFW ever did...

Again, ZA may does stop something, but it is usually not the bad guy who
manages it anyway.

I also like the fact that when setup correctly ZA lets you 'control' what
programs have internet access whereas Windows FW just lets them loose!!

Have you ever tried to circumvent it? This, too, is pretty easy to
circumvent depending on the firewall in place. And in particular teens
(as you mentioned your daughter) are extremely creative and quick to
learn how to do it as experiences from PCs in youth centres show.

Gerald

 

[Martin]

You already have "odd programs" on your computer. Why don't you fix that
problem and get rid of the "odd programs"? Wouldn't that be the right
approach. You seem to fix symptoms instead of fixing the cause. If you
have malware on your computer, it is just to late. Hoping that your ZA
does prevent contact to the outside for these programs is just not really
solving the problem.

But it seems that your "odd programs" would mean anything more than just
Windows! How many people out there are happy to run only Windows, no extra
programs, no games, nothing loaded 'just for fun', just so you can be 100%
sure that the Windows Firewall will work OK? What planet are you on? I am
not stupid enough to load something on that is nothing more that malware or
spyware, but that doesn't mean that I want to allow open access to
everything else loaded on my damn computer! Not unless *I* say it is OK!
Unless Windows is the *only* thing loaded, it seems to me that the Windows
Firewall is a little out of its depth...

Let me see, you really want me to trust Microsoft Windows to provide a
security solution for problems that usually result because of faults in,
umm, well, Microsoft Windows?????? Hmm......

Windows XP SP2 Firewall provides an excellent firewall for newcomers until
they install something better. It is better than nothing at all, and for
some 'dial up' users that do not much on the internet, maybe 5 minutes every
few days to get mail, then I guess it is all you would need or want. Yes,
and excellent Firewall for those people..

The rest of us simply like a little more protection and extras, like warning
if *any* mail program tries to e-mail more than (x) number of messages at
once (i.e. like a virus may try), or warning if something new is trying to
gain access to the internet (yes, maybe not fool proof but still a lot more
that WFW offers)...

Again, ZA may does stop something, but it is usually not the bad guy who
manages it anyway.

So what makes you believe that Windows Firewall would be any different?
Let's see, how many security issues have resulted due to exploits of faults
in Windows over the years??? It seems that almost all of our problems would
be solved by not using Windows, but you want us to accept that Windows can
supply the very best Firewall available??? HAHAHA!!!

Have you ever tried to circumvent it? This, too, is pretty easy to
circumvent depending on the firewall in place. And in particular teens (as
you mentioned your daughter) are extremely creative and quick to learn how
to do it as experiences from PCs in youth centres show.

Gerald

Well, like anything these days it is impossible to stop everything, isn't
it. A burglar alarm only makes noise, and deadlocks only means a burglar
will find another way in. A combination of measures helps to prevent
problems, which is why I don't rely solely on ZA to provide all my security,
but it is also why I would NOT rely solely on Windows Firewall to provide
firewall services!

Let us agree to disagree, shall we? No doubt everyone has their own beliefs
and preferences......

 

[Gerald Vogt]

everything else loaded on my damn computer! Not unless *I* say it is OK!

The only thing you can say is to install something or not. If you say it
is not O.K. you may or may not block something and the software can
still easily communicate without you even noticing. A PFW cannot do what
you want.

Unless Windows is the *only* thing loaded, it seems to me that the Windows
Firewall is a little out of its depth...

No, believe me, it is perfectly fine and does not uses have the
processor speed as other PFW do for doing little not much more than the
SP2 firewall except annoying people with pop-ups that most people don't
understand and more or less randomly answer, reporting "attacks" on
ports where no process is listening and actually making DoS attacks
really effective, a.s.o....

Let me see, you really want me to trust Microsoft Windows to provide a
security solution for problems that usually result because of faults in,
umm, well, Microsoft Windows?????? Hmm......

If that is your problem, then you should not use Microsoft Windows.
Microsoft does a whole lot of stupid things and Windows is a security
nightmare. But at least in this respect they did a good job and provide
the security (meaning real security) that is possible and not making
false statements about some super-miracle-security that is simply
impossible. How many people out there are surprised and wonder how it is
possible that their computer was infected and private data was stolen
although they were running AV, PFW and everything else? You want
something that blocks data unless you say its OK. And I just tell you
that the PFW you are using does a very bad job about it if it comes down
to it. If you rely on it, you will loose in the end...

The rest of us simply like a little more protection and extras, like warning
if *any* mail program tries to e-mail more than (x) number of messages at
once (i.e. like a virus may try), or warning if something new is trying to
gain access to the internet (yes, maybe not fool proof but still a lot more
that WFW offers)...

Like the "Microsoft Subsystem" or what is it's name? Printer Spooler? Do
you always know what component it is? Do you actually verify the
executable that tries to access the internet? An software author can
write any name into the version information of its program and can name
the exe whatever it wants to. So if a pop-up comes up that ask whether
or not to allow access to "Microsoft Internet Explorer", do you know
what it is? The program is called "IEXPLORE.EXE" and tries to access
port 80 somewhere...

You want protection because you want to prevent a virus that is running
on your system to send e-mails. The problem is however that you have the
virus already. In that moment, you already lost control of your
computer. The virus just has to deactivate your PFW and nothing is
blocked or detected.

The important thing is to prevent the infection in the first place. But
why would you bother about that if you know that you have your PFW that
"prevents" the virus from talking to the internet?

So what makes you believe that Windows Firewall would be any different?
Let's see, how many security issues have resulted due to exploits of faults
in Windows over the years??? It seems that almost all of our problems would
be solved by not using Windows, but you want us to accept that Windows can
supply the very best Firewall available??? HAHAHA!!!

O.K. If you don't trust the operating system you are using it is your
own fault. It is your assumption that the Windows Firewall is flawed,
too. But first: the Windows IP stack is pretty stable and seems to be
free of flaws. So IP itself does not seem to be the problem. And
although Microsoft usual policy is to go for the amount of features
instead of its quality, this one time they actually did it the way how
good design should be: keep it simple and do it right. The firewall is
extremely fast and does not mess with your whole Windows systems like
some many PFWs do causing more problems than helping. It does what a
firewall is supposed to do: it blocks incoming traffic. That is all it
can do and that is what it does. It is well integrated into the system
and it is not easy to circumvent unless you are only using the
Administrator account. With SP2 FW a virus, if you catch one cannot
establish a server on your computer which can be contacted from the
internet. With your PFW a virus can fool the PFW or turn it off and then
it is really free to do whatever it wants.

So if you have problems trusting Windows, don't use it. It is weird to
see how you rely on third-party software to make Windows secure and how
you believe so steadfast in the perfection of that third-party software
compared to the flawed Microsoft Windows implementation. Why do you
believe someone you promises you 100% security when you know it is
impossible?

Well, like anything these days it is impossible to stop everything, isn't
it. A burglar alarm only makes noise, and deadlocks only means a burglar
will find another way in. A combination of measures helps to prevent
problems, which is why I don't rely solely on ZA to provide all my security,
but it is also why I would NOT rely solely on Windows Firewall to provide
firewall services!

But you still rely first on software to provide your security instead of
taking your own responsibilty. With the SP2 firewall it is easy to make
a Windows machine secure in the way that it won't get infected just by
being connected to the internet. It does this job and it does it
perfectly. Anything beyond that is your responsibilty because in the end
you run the software, you browse dubious web sites or you open
junk-mails in your bugged Outlook Express. Why do you use OE? Aren't
there much more secure alternatives out there? Your PFW makes you think
you don't have to worry because it protects you. It just like you buy a
car with the newest safety technology, 20 airbags, ABS, EPS, XAS, and
whatever else they may invent and you believe you are absolutely safe.
It goes even further, because the company that sells you all that stuff
tells you that with all these things you won't have an accident any more
and you just go for it...

Without your PFW you know that you have to be careful and you have - in
my opinion - a proper sense of the dangers and threats in the internet.
You just don't walk into a strange neighborhood. That's common sense,
isn't it? Why is the internet so much different??

Gerald

 

[Beauregard T. Shagnasty]

Microsoft does a whole lot of stupid things and Windows is a
security nightmare.

We agree on that.

But at least in this respect they did a good job and provide the
security (meaning real security)

that is possible and not making false statements about some
super-miracle-security that is simply impossible.

I'd guess it's because they don't want to go to court?

I still don't understand your rationale for not wanting to use a
software firewall that can at least catch *most* bad stuff trying to
call out, as opposed to using NO firewall [1], that of course cannot
catch *anything* trying to call out.

You surely have strange ideas, which I would not recommend to anyone.

[1. Windows firewall is nearly in this category.]

 

[bassbag]

How do you know it works? Have you tried it? It has been circumvented.
And again, it is easy for a software you are running to deactivate the
firewall the same way you would do manually.

I know it works because the firewall intercepts it.Try downloading
secretary calender from here...
http://sixfiles.com/dbase/business-home/pims-calendars/page3/go.php
Much freeware here and seems a respected site.Howver that particualr
programme is loaded with windropper small.Using jottis online virus
scanner ,not all avs detect it.Kav does ,nod does.A few others dont.A
firewall (obviously set correctly) with outgoing application filtering
does.If you download and install that innocuous programme you will get
infected without even knowing it using xps firewall(and if your av doesnt
detect it).I know it works because the firewall stops the application.Yes
firewalls have been circumvented , but xps lack of application control
just leaves the door wide open.
me

 

[Gerald Vogt]

<LOL!!!> Joke Of The Week!

Why are you using Microsoft software when it is so bad? The SP2 firewall
is working very well and seems to be very good implemented and
efficient. Again, as Microsoft this one time limited itself instead of
putting zillions of beta-state features into the firewall it seems as
if they did this thing right. Paketfilters are not that difficult to
implement...

I'd guess it's because they don't want to go to court?

You don't get it.

I still don't understand your rationale for not wanting to use a
software firewall that can at least catch *most* bad stuff trying to
call out, as opposed to using NO firewall [1], that of course cannot
catch *anything* trying to call out.

I don't have anything that "calls out". I select the software I install
carefully. And I don't rely on something that gives me something,
sometimes but I won't notice when it goes utterly wrong anyway.

All the PFW makers do exactly what Microsoft usually does and did not do
with the SP2 FW (and the packet filter in W2K as well): they put
zillions of features into it making people believe that they are
perfectly safe just by installing some software, by making them believe
that they are absolutely safe.

Haven't you read the other thread with the attack against a computer
that crashes the PFW? The SP2 FW does not crash because it does not
interact with the user and asks them about accesses people don't know
about and does not inform about "attacks" on ports where nothing is
listening anyway. All those pop-ups are just there to convince people
that there PFW is protecting them so well while it is basically just
telling them that there was a connection attempt to something that is
not where anyway, thus they were safe anyway.

The PFW can crash and leaves the computer vulnerable. It can be turned
off by the user when it is convenient or some software does not work for
some reason. (Isn't that a frequent thing to do? Some software does not
work so let's see if it is working when I turn the FW off...) It is much
more complex to configure and maintain (oops, the pop-up for the
"printer spooler" which some people answer with "always deny" because it
popped up in the middle of something else and no printing does not
work...) PFW itself are vulnerable as the series of worms for NIS have
shown.

Bottom line: you add a extremely complex, feature-loaded thing into your
system, that messes badly with it, often makes problems that require it
to turn off, some don't even uninstall properly. Security is not solved
by adding complexity. That is basic security wisdom. Good security
solutions are simple. That way you can verify that it does what it
supposed to due. PFW are totally different...

So what benefit has something that catches some "bad stuff" of my DVD
burner that I installed instead of looking for something else. How many
programs do you have that still "call out" although you can configure
them not to? And what are you blocking anyway? Check for updates? Maybe
you block it and won't even know about an important security update
which ...

You surely have strange ideas, which I would not recommend to anyone.

That is not an idea but a very well working concept. Your mistrust in
Microsoft is a extremely strange idea of yours as you still want to use
Microsoft software. The like driving a car that you don't trust and
therefore you go to a garage that promises things that they cannot keep
anyway. It is much more important to keep your system up-to-date with
current updates but you don't take that so seriously as it seems if I
see that you are using TB 0.9.

Why do you think that some security product is so much better and safer
than Microsoft software? What makes you think that there are no bugs in
there? What makes you believe that add magnitudes of complexity to a
system will make it more secure?

[1. Windows firewall is nearly in this category.]

The Windows firewall does what a firewall is supposed to do, and exactly
that, without zillions of gadgets and flashy things... And you don't
even need it if you have a stand-alone PC, shutdown all services that
open ports.

Gerald

 

[Gerald Vogt]

Much freeware here and seems a respected site.Howver that particualr
programme is loaded with windropper small.Using jottis online virus

You don't just install a software because it "seems a respected site".
This is just the problem. If you want to install freeware you check
forums, usenet groups other places and look for people that are using it
and confirm where they have it from. If you read the comments for that
software you will see that it contains a trojan.

Only because you see a "respected house" even in a "respected
neigborhood" does not mean that there is nothing illegal or dangerous
behind the doors. But with your PFW and AV software you just get
careless because you think you are invulnerable against anything.

detect it).I know it works because the firewall stops the application.Yes

No. You have seen a pop-up and you hope that the firewall did actually
stopped it. You don't know what it actually did to your system. You
don't know if it, while you were reading the pop-up, actually tunneled
information out through Internet Explorer. You don't know what it
actually modified on your system and where it might have changed
something. You don't know if there is something waiting in the
background for the moment when you even turn off your PFW because some
other program you use does not work together with your PFW. You don't
know. That is the point: your computer is compromised because of you
downloading software. The pop-up makes you think that "you know" and
that you prevented something bad. You prevented something, maybe, but
you don't know anything. And that is the problem: you think you know
although you don't. If, in a month from now, your ISP gives you an angry
call and has disconnected you from its network because you were relaying
spam mails you just wonder, why and how, because you PFW did stop the
trojan from talking to the outside while in reality it may have made a
few other changes for later...

The outgoing pop-ups may be nice to learn but as part of security
software people quickly depend on it and believe it completely. If you
really want to know what is going over the wire, get a network sniffer.
That gives you the truth about what is going on. If you just want to
know what application does send data out, there are other non-intrusive
programs available that log you with outgoing connections and you can
learn that way...

Gerald

Gerald

 

[Beauregard T. Shagnasty]

Why are you using Microsoft software when it is so bad?

Because I develop applications with Visual FoxPro. No other reason.

Why are you using it?

<snip rest>

Would you mind giving us your Microsoft employee number?

 

[Hank Sniadoch]

What are you going to do wiht his Microsoft Employee Number ?? Are you
stupid ?? Do you think anyone is stupoid enough to give that to you ??
Jerk.

 

[Gerald Vogt]

Because I develop applications with Visual FoxPro. No other reason.

You don't need internet to do that. And there are other languages.

Gerald

 

[Martin]

Because I develop applications with Visual FoxPro. No other reason.

Why are you using it?

<snip rest>

Would you mind giving us your Microsoft employee number?

I think it is Bill Gates' alias...

I don't know why more people haven't realised that Windows XP SP2 Firewall
is the ultimate solution to their problems! Just unload all other software,
other than Windows, and hey-presto - no more problems!! (or could that be
because it doesn't tell you anyway??)

One question - the OP stated in that last reply:

"I don't have anything that "calls out"."

And, how exactly can you know that, for sure, 100%, no doubts, when nothing
will warn you about it trying to call?? I have installed several Microsoft
items that have immediately tried to connect to the internet, before they
are even installed. Am I to believe that I shouldn't have trusted Microsoft
either??????? If I was using only the Windows Firewall I also would not
have known they had connected, and would presume that they didn't! At least
ZA allowed me to choose if it could connect, just as it does anytime IE or
OE (or anything else configured for 'net access) is changed in any way (even
updates).

Ahh, why are we bothering? This guy will argue with us no matter what we
say or do, so what's the point???

 

[Beauregard T. Shagnasty]

What are you going to do wiht his Microsoft Employee Number ?? Are you
stupid ?? Do you think anyone is stupoid enough to give that to you ??
Jerk.

You missed the humor there, Hank.

 

[Beauregard T. Shagnasty]

You don't need internet to do that. And there are other languages.

Not when the employer says "use FoxPro."

 

[Beauregard T. Shagnasty]

Ahh, why are we bothering? This guy will argue with us no matter
what we say or do, so what's the point???

Agreed. I just hope anyone reading along sees enough of our replies to
not heed Gerald's advice.

 

[Gerald Vogt]

I don't know why more people haven't realised that Windows XP SP2 Firewall
is the ultimate solution to their problems! Just unload all other software,
other than Windows, and hey-presto - no more problems!! (or could that be
because it doesn't tell you anyway??)

Because there are companies that try to sell software that you don't
need. I never said to unload software other than Windows. I said do not
install software that you don't trust and in particular do not rely on
other software to protect you from the software you installed before. Go
to a university and ask security researchers. This system is flawed and
can never properly work. Many people have reported infections although
they had all this nice PFW and AV running. Some computers have been
infected just because they were running PFW/AV that was exploited.

You cannot make a system more secure by just adding additional
complexity and trying to achieve something that is impossible to
completely achieve. Accept your responsibilty for your actions instead
of relying on others to fix the problems you cause. Don't use software
that you don't trust. Accept that software that you install and wants to
talk to the internet will do so. Learn how to use and in particular
configure your computer. Why spending $$ on a software to block traffic
that you could just as well prevent just by configuring your application
properly? All the PFW wants to do is to make you believe that with it
you are perfectly safe so why bother... (This is called risk
compensation. Just like the studies that show that people driving on
their bicycle with helmet generally drive faster and more risky.)

And to get back to your initial question: you just don't read that much
about people having problems with the SP2 firewall. You just read about
people having problems with PFWs or that have been infected in spite of
the running PFW. You don't usually read that much about what does not
make problems in particular if it is free and not big promoted. Just two
days ago I received a recommendation for the IT department of the
Technical University of Munich telling people to favour the SP2 FW
instead of some other PFW because all those PFWs just deeply impact your
Windows system and cause all kinds of problems without any real
benefits. Instead a proper code of practice for the use of the internet
is better.

Just look at you: you are using Microsoft Outlook Express
6.00.2900.2180. This is not the lastest updated version of OE. This is
exactly what frequently happens who rely on their PFW and AV: why should
they bother with updates when they are so well protected by their PFW??

"I don't have anything that "calls out"."

And, how exactly can you know that, for sure, 100%, no doubts, when nothing
will warn you about it trying to call?? I have installed several Microsoft

If I want to know sure for 100% then I use something that gives me
exactly this 100% certainty: use a network sniffer on the wire between
the computer and the internet. Or if you have a router in between let it
log the outgoing traffic. Then I do know 100% for sure. Your PFW may or
may not report something...

items that have immediately tried to connect to the internet, before they

What items?

are even installed. Am I to believe that I shouldn't have trusted Microsoft
either??????? If I was using only the Windows Firewall I also would not
have known they had connected, and would presume that they didn't! At least

How do you know that it does not do something else, too, like collecting
information about you? If you don't have your outgoing filter you should
be aware of your risks. If you want software not to talk to the
internet, do not connect the computer to the internet. Then you can be
100% sure.

ZA allowed me to choose if it could connect, just as it does anytime IE or
OE (or anything else configured for 'net access) is changed in any way (even
updates).

Again, your conclusion is wrong. You deduct from the fact that you get
pop-ups that allow you to choose that this works each and every time.
There is the flaw. This is incorrect but unfortunately exactly the
effect of people using PFWs.

Ahh, why are we bothering? This guy will argue with us no matter what we
say or do, so what's the point???

Arguments are the point of any discussion. If you don't want to discuss
I don't know why you argue...

Gerald

 

[Gerald Vogt]

Agreed. I just hope anyone reading along sees enough of our replies to
not heed Gerald's advice.

Well, I hope that anyone reading this sees that thinking a software is
the solution to all their computer security problems and that with that
software they don't have to worry about anything anymore is utterly wrong.

Gerald

 

[Martin]

[SNIP]

Just look at you: you are using Microsoft Outlook Express 6.00.2900.2180.
This is not the lastest updated version of OE. This is exactly what
frequently happens who rely on their PFW and AV: why should they bother
with updates when they are so well protected by their PFW??

Well, there's my point! Everything here is set for auto-update and even
that doesn't work properly!!!!!

 

[Gerald Vogt]

Well, there's my point! Everything here is set for auto-update and even
that doesn't work properly!!!!!

Exactly! Because you don't want to care about it. You just want to do
anything you want and somebody or something else should prevent any evil...

Gerald