Zonealarm

  • Thread starter Thread starter Dajan
  • Start date Start date
Mick Murphy said:
"I wouldn't advise Avast. It is not so safe. Try Avira"

I think that is a very dangerous statement by you.
I hope that you are prepared to back it up.
Companies don't appreciate statements like the above.

"Avira": install to get NAG screens!

Look at the test results from many antivirustesters. What's wrong with that?
But do whatever you want, I stop with comments on this subject.
 
Flight said:
They just showed for everyone watching it, that fingerprints can be so
easily cheated. Nothing else, blundering idiot!

I am telling you now don't get the old man's nose open, because he is
sick in the head, and he doesn't have anything going on in his,
otherwise, old, lonely and loony tune life but Usenet. He is some kind
of kin to Ringmaster Albright. He is just out here attacking people for
no apparent reason, with a lot of lip dribble service. At least with
Ringmaster, he has a mission statement of get Frank, get Microsoft and
get anyone that talks pro on Microsoft, while old man Montgomery is just
loosy as a goosy and out here.
 
Flight said:
"We" want everything for nothing and complain if someone tries to get
something back for all the work. Ever looked what it really costs? If
someone rejects a very good working program only because that "nag screen"
then go on, I won't help you any more.

I am neither complaining nor requiring help. I migrated to free AV
after having used paid-for products in the past. None of the ones
I have used has ever caught malware except Norton 5.0 - which
caught kakworm coming from a microsoft helpdesk after I had
already applied the scriptlet typelib / eyedog patch.

I don't think it is a bad thing to pay for software, and I believe the
free ones are adequate for my low risk data. People with high
value (and hence high risk) data should get payware and make use
of the support it helps pay for.
 
Flight said:
I wouldn't advise Avast. It is not so safe.

When asked whose ass he pulled that one out of, he replied:
Look at the test results from many antivirustesters.

Didn't cite any, because there aren't any that call Avast "not so
safe".

DDW
 
jhnlmn said:
I cannot figure out what that built-in Vista FW is good for.
All incoming connections are blocked by the router anyway,
and, I heard, that software FW are not as secure as hardware.

Makes sense for a laptop - where you might not
always be behind *your* router - or I suppose
a desktop setup when *your* router isn't *yours*
anymore due to intrusion.
But what I really need is control over outgoing connections.

More a want than a need. Outgoing connections come
from software already executing on the machine you
are "protecting" - this is not really a firewall's function.
 
jhnlmn said:
Well, if they managed to hijack your router, then all is lost
and software FW will not help either (neither built-in nor third
party).

Why do you say that? Just because they have your
router does not mean they have your computer too.
That's a good part of what makes a router a firewall.
But, as I already said, my problem is not with viruses

Of course not, we were talking about the usefulness of
Windows Firewall if a *real* firewall in the form of a
router was also used. Viruses are not really a firewall
issue - but a network worm may well be thwarted by
the presence of the Windows Firewall in case you find
yourself no longer shielded by the router or other true
firewall appliance.
(the last time I had a real damage from a virus was back in 92),
but with "legitimate" software, such as Acrobat reader,
Media player and many others, which connect to Internet
behind my back without my permission and send who-knows-what
about me to their headquarters.

Hmmm...okay... yeah, some people are real sensitive
about that sort of thing.

[snip]
 
jhnlmn said:
Well, I am not an expert. My thought was that in order to
reconfigure my router someone should get access to the
password, which is only possible by hijacking my PC

Generally, routers still have the default user and password.

Mine was user and user.
My neighbors was (okay..still is) user and admin.

http://www.routerpasswords.com/
or getting a physical access to both. But if they hijacked
my PC, then they also compromised my software firewall
as well, which is much easier to do than to record a password
for the router. Of course, I ignored the fact that a router
may be buggy and intruder may take advantage of it.
But I didn't hear so far about intruders attacking home
routers, while there is endless stream of attacks on home PCs.
The original question was whether one still needs a third party
firewall in Vista. So, I just tried to explain why I still need one.

I was refering to your first contribution, not the original
post for the thread,

You said in part:

"I cannot figure out what that built-in Vista FW is good for.
All incoming connections are blocked by the router anyway,
and, I heard, that software FW are not as secure as hardware."

Which is correct.

What the software firewall is good for is when you find
yourself *not* behind a real firewall for whatever reasons.
I guess that most of the people simply not aware why their
PCs (and Web browsers) keep slowing down to a crawl.
I have dozens of programs installed and most of them are trying
to check for updates and download huge files behind my back,
install them and reboot my PC - all the time interfering with
my work. I just cannot use PC without an outgoing firewall anymore.

Outbound sniffing and filtering would be better applied in an
environment that is not the same environment as that that is
being "protected" by such filtering. It goes for inbound too.

As you said - "...software FW are not as secure as hardware."

Application control and internet access control are nice, but
are not a good security move because malware will be written
to tunnel within the programs that are allowed access. Your
filter software won't alert to them and you will think it is not
happening. So - you will end up in the same situation with the
added overhead of the filtering software running and finding
nothing.
 
jhnlmn said:
change the router password, then built-in Vista FW would give some
protection.

My broadband cable provider's setup instructions make no
mention of passwords or usernames. I believe that to be the
normal situation. If so, there are many people out there that
fit into your "so lazy" category. I suppose those laptop users
that are too lazy to drag around their personal router/firewall
could also benefit from what you call "built-in Vista FW"?
But who said that app control and FW are for security only?

Nobody, why do you ask? I will say that firewalls *are* for
security and not just 'nice to have' functionality. The features
that became associated with firewalls have become computer
hosted applications that attempt to mimic true firewalls. The
features are okay, but shouldn't be confused with what a real
firewall is.
I already wrote that my biggest problem is not with viruses

Again, viruses are not addressed by firewalls. Lets not talk
about viruses. I did mention malware though - I suppose that
having unwanted actions by legitimate programs monitored is
a good enough reason for such features as internet access
control. You may not want consent.exe to access the internet
just as you are typing your credentials into the box. But it is
not a firewall thing. It's like saying one word processor is
better than another because it plays music while you type.
but with "legitimate" apps, such as Acrobat, WMP, iTunes, etc,
which manage to slow down my PC and Web connection
almost to a halt. Luckily, these apps are not so devious
and do not perform any tunneling.

By all means use outbound filtering - especially when you feel
such benefit from it. But it is a shame to have to trade the FW
that came with Vista away just because of that feature. What
Zonealarm should do is make an outbound filtering application
that *isn't* glued to their firewall so that users can keep the
Windows Firewall *and* have the features from Zonealarm
if they value them.
I admit that I didn't ran any formal benchmarking,
but my feeling is that my PC is running faster with an outbound
FW - at least CPU and network activity indicators do go down
each time I block a third party app from connecting.

A feeling is good enough for me - benchmarking is overrated. :o)

If you can set your router firewall up for logging, see how often
Zonealarm phones home. Does it phone home more often than
the major offender of your legitimate irritations? Block one -
send two of its own?
 
Back
Top