Re: alternate to firewall?
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: alternate to firewall?

From: ashecorven <gharoway@netspace.net.au>
Date: Wed Sep 28 2005 - 09:56:42 CEST




"Duane Arnold" <notme@notme.com> wrote in message 


news:Xns96DDDAB262ED5notmenotmecom@207.217.125.201...


> "ashecorven" <gharoway@netspace.net.au> wrote in


> news:dh8tic$1lth$1@otis.netspace.net.au:


>


>> Thankyou VB, james and casey for your responses.


>>


>> I should have explained some more. I have being using tiny firewall


>> for quite a while but now i have bought a router and i do believe


>> (please correct me if i'm wrong) i don't need the "main" use of the


>> firewall anymore.


>


> Well, some say yes and some say no. If you're practicing safe hex, have a


> router that does logging so you can watch inbound and outbound traffic to


> and from the router and basically know what you're doing like looking for


> dubious remote connections and using proper tools to help in the


> detection process, then no you don't need a PFW/packet filter solution to


> supplement the router.


>


> But most home users don't know how, and therefore, some use a PFW/packet


> filter solution to supplement the router as most routers for home usage


> cannot stop outbound if needed. And I am not talking about the worthless


> Application Control in PFW solutions but rather the ability to stop


> outbound by at least setting filtering rules to stop outbound by port or


> IP.


>


>> But tiny like other firewall products i have used in


>> the past (ZA, Sygate) it pops up when a new program starts and asks


>> whether it is trustworthy etc. or if the file has changed since the


>> last time is was run etc. I find this quite useful and was wondering


>> whether there were any programs that did JUST that.


>


> It's worthless as malware can circumvent and defeat it. It can be


> defeated at the computer boot process as malware can get to the TCP/IP


> connection first and be done before the PFW solution can even start and


> get there to do anything. Anything running at the machine level with the


> computer's O/S suspect to being attacked and defeated.


>


>>


>> However i would like to know which firewall software is currently


>> regarded as the best.


>


> None of them as they all do the same thing some with more bells and


> whistles than others.


>


>


> I would rather a firewall that uses minimum


>> system resources. Any trustworthy third-party websites with features,


>> effectiveness, etc?


>


> Snake oil



Understood.



>


> Duane :) 


Received on Thu Sep 29 20:11:08 2005