The Best FireWall!

  • Thread starter Thread starter SeaWolf
  • Start date Start date
Now see, that is exactly the kind of elitist crap that comes from your
typical systems geek. It's the old "My shit's so good it don't need no
stinkin' documentation" statement. As a project manager I run into this
sort of dopiness all the time from beginners, newbies, and people with no
hope of ever making it to even lead programmer status.

Look, it's a real simple choice. If you want a girlfriend, you got to go to
the dances and talk to the girls. If you don't go to the dance, you'll just
do what you did LAST night. Which is sit alone at the computer, in the dark
with your pant's unbuckled, one hand on the keyboard and your other hand . .
.. Uh. . . otherwise occupied.

It's the same with software users, you can't tell them they are stupid just
because they don't WANT to spend the time trying to figure out some idiotic
and cryptic message. If you do, they'll just use something else, and you
are back at the keyboard, in the dark with your pants down around your
ankles, telling yourself just how special and misunderstood you are.
 
["Bob Adkins"; Fri, 13 Feb 2004 01:03:19 GMT]
Zonealarm was just too confusing, and the odd interface didn't help
either. Kerio's default settings are perfect for Joe Average. When a
window pops up, allow the apps that legitimately need the Internet,
deny the ones that don't. Hey, even I can handle that. :)
Click to expand...

:-) Well, that's exactly how ZoneAlarm works on my machine. When an app
requests access to the Net, a little window pops up and you can choose yes
or no. This is, I believe, called "learning mode" or something.
 
But unlike Win 9x/ME I've heard that it's practically impossible to
close all internet ports without destroying the OS ... forcing you to
use a firewall. I don't call that "customizable".


Art
http://www.epix.net/~artnpeg
Click to expand...


It can easily be done, and no, it won't explode the OS. Even MS OS's,
with the BIG target they have on them, can be made very secure with
the right tweaks.
 
Now see, that is exactly the kind of elitist crap that comes from your
typical systems geek. It's the old "My shit's so good it don't need no
stinkin' documentation" statement. As a project manager I run into this
sort of dopiness all the time from beginners, newbies, and people with no
hope of ever making it to even lead programmer status.

Look, it's a real simple choice. If you want a girlfriend, you got to go to
the dances and talk to the girls. If you don't go to the dance, you'll just
do what you did LAST night. Which is sit alone at the computer, in the dark
with your pant's unbuckled, one hand on the keyboard and your other hand . .
. Uh. . . otherwise occupied.

It's the same with software users, you can't tell them they are stupid just
because they don't WANT to spend the time trying to figure out some idiotic
and cryptic message. If you do, they'll just use something else, and you
are back at the keyboard, in the dark with your pants down around your
ankles, telling yourself just how special and misunderstood you are.
Click to expand...


Ok, ok, you're right, they need to write better help manuals. Geeze.
Now you have me asking myself why I'm posting to alt.binaries.freeware
and not out meeting girls.
 
Ok, ok, you're right, they need to write better help manuals. Geeze.
Now you have me asking myself why I'm posting to alt.binaries.freeware
and not out meeting girls.
Click to expand...


Because you are who you are, perhaps.


--

Nicolaas.



- The more you know about people, the more you admire in cats.
 
Windows XP is "complete garbage"? How interesting. You should try it
for a month before you join the anti-Microsoft crusaders. You may be
surprised. :)
Click to expand...

You should try reading some of the security newsgroups for awhile before
you make such statements. You are showing your complete ignorance about
security as well as operating systems. Win NT/2000/XP is full of holes and
the worst ones are just being discovered.

I run WinME: how does that make me an "anti-Microsoft crusader?"
 
<john p.> wrote in message
| On Fri, 13 Feb 2004 03:20:12 GMT "Richard Steinfeld"
|
| >
| >...I regret the day that Peter Norton sold his
| >well-crafted products to Symantec.
| >
|
| I don't mean this to sound like a PC log cabin story, but I
remember
| when the name Peter Norton attached to a product meant superb,
tightly
| coded utilities that would fit on one or two floppies. His low
level
| disk utilities saved my butt on more than one occasion when my
| partition tables got farkled and I couldn't even boot. After
Symantec
| bought Norton they obviously made a marketing decision to put
most
| their efforts into jazzing up the interface with eye candy,
while
| putting very little into actually developing the products.
Symantec's
| advice when you try to install an upgrade to one of their
programs and
| something goes wrong is to start by *uninstalling every
Symantec
| product on your system*. My response is, if that's what it
takes to
| fix your bad installation routine, then they ain't going back
on.
| Peter Norton should sue Symantec for defamation of character,
but he's
| probably too busy sitting on a beach somewhere sipping a pina
colada.
| --
| john p.


You said it perfectly, John.
Reminds me of how Famous Amos sold his cookie business to a bunch
of shysters and could not regain his name, which he had sold.

Richard
 
|
| >Yeah, you software developers. Step one is to hire a good
| >technical writer to help you make up good names for your
| >functions. Step two is to hire a good technical writer and pay
| >enough for decent documentation so that your customers know
what
| >the hell they're doing. Yeah, dammit!
|
| That's exactly the problem.
|
| Tech writers are professionals that love to show off their
technical skills
| and impress their employers and all the little people.
|

Unfortunately, you're generalizing, Bob.
We have obviously not met the same tech writers.

| Fire the tech writers, find someone with common sense (not easy
these days),
| and let him help with the interface.
|

On most projects, the tech writer is the only person engaging
with the product from the position of the end user. I have been
asked to assist the developers in interface design. I'm damn good
at it. Programmers, architects, project managers, and product
managers usually can't relate with their software from the end
user's perspective.

And this is why we have been forced to suffer with a number of
word processing programs that make the typist contort: they were
designed by people who type with two fingers (or one finger).

Richard
 
| Now see, that is exactly the kind of elitist crap that comes
from your
| typical systems geek. It's the old "My shit's so good it don't
need no
| stinkin' documentation" statement. As a project manager I run
into this
| sort of dopiness all the time from beginners, newbies, and
people with no
| hope of ever making it to even lead programmer status.
|



....

| It's the same with software users, you can't tell them they are
stupid just
| because they don't WANT to spend the time trying to figure out
some idiotic
| and cryptic message.

Well put!
I can't tell you how frustrated I feel when I arrive on a project
(I'm usually called in far too late) and find a menu option named
"frammis veeblefetzer" when I would have just named it "save and
remain in program." Now, it's too late and it is forever more,
"frammis veeblefetzer." Further, there's a button at the left
screen top named "frammis" and at the lower right named "Veebled
fetzer: yes/no."

Sometimes, I reflect that a good programmer is indeed a "software
engineer." In my book, that's a good thing: engineering is a
discipline; there are ways of doing things properly and
carefully, especially providing ways of undoing stuff. And a
responsible programmer will incorporate hooks into his code where
he thinks that there may be a desire to couple in at that point
some day. I'm rambling, but you get the point.

Good coders, good architects, good project managers -listen-
before the coding begins, and often while the coding is
happening.

Richard



If you do, they'll just use something else, and you
| are back at the keyboard, in the dark with your pants down
around your
| ankles, telling yourself just how special and misunderstood you
are.
|
| | > Dumbing down generally means compromising security. If you
were
| > uncomfortable with Kerio's simple rulesets, maybe you need
Tinkertoys?
|
|
 
Bob Adkins typed:
That's a fair question.

My answer is that Kerio 2.1.5 works perfectly fine. Any
"improvements" in later versions only added unnecessary bells and
whistles, and no real world improvements.

Bob

Remove "kins" from address to reply.
Click to expand...

Ok. i got it and i (think )i'll try it.
 
donutbandit typed:
You should try reading some of the security newsgroups for awhile
before you make such statements. You are showing your complete
ignorance about security as well as operating systems. Win NT/2000/XP
is full of holes and the worst ones are just being discovered.
Click to expand...

Instead of looking only holes and bad stuff, look for good ones. It's best
OS so far

I run WinME: how does that make me an "anti-Microsoft crusader?"
Click to expand...

Running ME would make you one-of-the-kind (i won't say stupid, since i don't
want to offend you). Very rare people still run ME. Rather 98 than ME. ME
was (is) definitely the most buggiest system EVER made by M$.
I bet you didn't try XP yet...otherwise you'd see that between ME and XP is
some 158343% difference. I'd say also that between W98 and XP is only about
5843 %difference. (all in favor of XP, sure).
 
It can easily be done, and no, it won't explode the OS. Even MS OS's,
with the BIG target they have on them, can be made very secure with
the right tweaks.
Click to expand...

We're talking here about Win XP. Here's what needs to be done
according to Marchand:

http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html.en

I don't call that "easy". And let me divulge my advisor on this. It's
Nck Fitzgerald, the former editor of the Virus Bulletin and top expert
and consultant in the field of viruses. Nick was the one who pointed
us to Marchand's article (above link). During the course of many
conversations with Nick, I learned that he's opposed to the use of
firewalls for several reasons. Perhaps the most compelling reason is
the principle that you don't add system complexity and likely
additional vulnerabilities to a system unless absolutely necessary for
some reason. It's a fact that there's a lot of smoke and mirrors, BS
and marketing hype on this subject. And there are better ways.

Now, later on, Nick made a comment to the effect that in the Win XP
case, the situation is complex and dangerous enough that attempting to
close all ports is definitely not something for typical users ....
just experts.

Let's be clear on what we're talking about. The goal for a single user
PC is to achieve an empty netstat -an result, reflecting no open
ports. That goal does not seem "easy" to achieve with Win XP for
typical users.


Art
http://www.epix.net/~artnpeg
 
Now, later on, Nick made a comment to the effect that in the Win XP
case, the situation is complex and dangerous enough that attempting to
Click to expand...

We keep mentioning "typical user".

We keep throwing words like "dangerous" around, as though Windows XP can
harm you bodily or harm your hardware.

If the typical user backs up his files (family photos, DOC's, e-mail
addresses) as any sane person would do, the worst-case scenario is a new
install of Windows. How dangerous is that?

If Windows Internet access were all locked down like Fort Knox, Windows
would be hard to use for the average person.

I'm looking forward to WinXP SP-2's fully functional firewall.

Bob

Remove "kins" from address to reply.
 
Agreed. But what about shutting down all of them? There's the rub.
Click to expand...

Why would you shut down all services? Do you even know what a
service is and what a typical Windows service does?
Win 9X/ME are simply at the peak of their power curve, having
already been through the mill of vulnerabilities, patches and
exploits.
Click to expand...

Sorry, but seeing that you think Win9x is the best MS can produce makes
me chuckle immensely. I wouldn't go back to a DOS-based kernel even if
someone paid me. The improvements in 2000/XP are /that/ big to me (and
to almost everyone else who own a copy).
 
So, what's then the issue with many people run 2.1.5 instead newer
one? Supposely newer uses too much resources...???
Click to expand...

The newer one is bloated, suffers from featureritis and has a horrible
interface. They ruined a great product and orphaned the old codebase.
 
Sorry, but seeing that you think Win9x is the best MS can produce makes
me chuckle immensely. I wouldn't go back to a DOS-based kernel even if
someone paid me. The improvements in 2000/XP are /that/ big to me (and
to almost everyone else who own a copy).
Click to expand...

Sometimes I wonder if the Windows XP detractors are talking about the same
Windows XP I use. :)

I think many people refuse to try Windows XP because of what they have heard
from biased detractors. I think many people wouldn't like it even if it were
100% perfect. It's like the "green eggs and ham" principle.

Bob

Remove "kins" from address to reply.
 
We keep mentioning "typical user".

We keep throwing words like "dangerous" around, as though Windows XP can
harm you bodily or harm your hardware.

If the typical user backs up his files (family photos, DOC's, e-mail
addresses) as any sane person would do, the worst-case scenario is a new
install of Windows. How dangerous is that?
Click to expand...

In my case, I prefer to use a cloned drive as backup since I'd hate to
ever have to reinstall Windbloze and go through all my surgery on it
again :)
If Windows Internet access were all locked down like Fort Knox, Windows
would be hard to use for the average person.
Click to expand...

I have an entirely different take on it. What makes Windbloze
dangerous are all the unnecessary features that are included by
duh-fault. It's those unnecessary features that get naive users into
deep doodoo with M$'s "trustworthy computing" (LOL!). IMO, the naive
public should never have been handed the messes called "features" on a
silver platter. When they have need for some service or feature, it
could instead be available as an option complete with dire warnings
and the latest patches.


Art
http://www.epix.net/~artnpeg
 
Agreed. But what about shutting down all of them? There's the rub.
Click to expand...

Why would you shut down all services? Do you even know what a
service is and what a typical Windows service does?[/QUOTE]

Check out my web page on this:

http://home.epix.net/~artnpeg/internet.html
Sorry, but seeing that you think Win9x is the best MS can produce makes
me chuckle immensely. I wouldn't go back to a DOS-based kernel even if
someone paid me. The improvements in 2000/XP are /that/ big to me (and
to almost everyone else who own a copy).
Click to expand...

Sorry you don't see fit to back up your claim that it's easy to close
all open ports on Win XP.


Art
http://www.epix.net/~artnpeg
 
Back
Top