Re: WinXP SP2 firewall

Alan Illeman wrote:
> "Triffid" <triffid@nebula.net> wrote in message news:NW3of.2425$El.260542@news20.bellglobal.com...
>> Alan Illeman wrote:
>>> "Ansgar -59cobalt- Wiechers" <usenet-2005@planetcobalt.net> wrote in message news:40at1dF19h0avU1@individual.net...
>>>> That's plain wrong, because no firewall protects you from virii.
>>>> When a firewall detects an infection you're already toast.
>>>
>>> That doesn't explain why I've been virus free for so long.
>>
>> You are virus free because you use AVG.
>>
>> The fact you also use a PFW is irrelevant. Claiming you are virus
>> free "because of" a PFW is plain wrong, as 59cobalt pointed out.
>
> That is just plain silly. AVG doesn't prevent infections, it just
> checks if they are present.

No. On-demand scanners allow you to scan files before you execute them.
On-access scanners check whether a file you're about to access/execute
is infected. Both will help you to avoid an infection.

> His comment..
>
> "no firewall protects you from virii. When a firewall detects an
> infection you're already toast."
>
> ..misses the point entirely. A firewall, correctly implemented,
> prevents unauthorised access.

You seriously need to get your terms straight. A firewall prevents
unwanted traffic between two or more networks. That's what firewalls are
made for. In case of a host-based firewall it prevents unwanted traffic
*to* that host. It may thus protect a host from worms. Virii OTOH,
though some of them may also show worm characteristics, are in general
something completely different as they don't necessarily need to cause
any kind of network traffic.

That's why personal firewalls can't (by design and definition) protect
you from virii though they may protect you from worms. If a personal
firewall detects traffic caused by a virus on your system, the virus is
already active and has compromised your system.

cu
59cobalt

-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq