jhnlmn said:
change the router password, then built-in Vista FW would give some
protection.
My broadband cable provider's setup instructions make no
mention of passwords or usernames. I believe that to be the
normal situation. If so, there are many people out there that
fit into your "so lazy" category. I suppose those laptop users
that are too lazy to drag around their personal router/firewall
could also benefit from what you call "built-in Vista FW"?
But who said that app control and FW are for security only?
Nobody, why do you ask? I will say that firewalls *are* for
security and not just 'nice to have' functionality. The features
that became associated with firewalls have become computer
hosted applications that attempt to mimic true firewalls. The
features are okay, but shouldn't be confused with what a real
firewall is.
I already wrote that my biggest problem is not with viruses
Again, viruses are not addressed by firewalls. Lets not talk
about viruses. I did mention malware though - I suppose that
having unwanted actions by legitimate programs monitored is
a good enough reason for such features as internet access
control. You may not want consent.exe to access the internet
just as you are typing your credentials into the box. But it is
not a firewall thing. It's like saying one word processor is
better than another because it plays music while you type.
but with "legitimate" apps, such as Acrobat, WMP, iTunes, etc,
which manage to slow down my PC and Web connection
almost to a halt. Luckily, these apps are not so devious
and do not perform any tunneling.
By all means use outbound filtering - especially when you feel
such benefit from it. But it is a shame to have to trade the FW
that came with Vista away just because of that feature. What
Zonealarm should do is make an outbound filtering application
that *isn't* glued to their firewall so that users can keep the
Windows Firewall *and* have the features from Zonealarm
if they value them.
I admit that I didn't ran any formal benchmarking,
but my feeling is that my PC is running faster with an outbound
FW - at least CPU and network activity indicators do go down
each time I block a third party app from connecting.
A feeling is good enough for me - benchmarking is overrated.
)
If you can set your router firewall up for logging, see how often
Zonealarm phones home. Does it phone home more often than
the major offender of your legitimate irritations? Block one -
send two of its own?