What is Digg?22 Comments
- rideaurocks, on 10/12/2007, -0/+2The people that need a software firewall are the same people who are too dumb to use it correctly.
svchost.exe - block
*****.exe - allow
It's funny, it's sad, it's true. - TennBikeBerk, on 10/12/2007, -0/+2The reason you need a software firewall is to protect you against malicious outgoing traffic.
Say you download some malicious software. Your hardware firewall will let it though because you requested it. When that software starts dialing home or sending out thousands of spam e-mail messages, your hardware firewall won't do anything for you. However, a software firewall would hopefully (if it protects against outgoing traffic that is) notify, and give you the option to block that software from accessing the internet.
Thus the importance of a software firewall. I should mention that if you are very careful about what is on your machine and regularly run anti-trojan/spyware/malware/virus software, you may not have the desire to monitor your outgoing traffic, which would mean that you are fine with just a hardware firewall. - rideaurocks, on 10/12/2007, -0/+1The security testing was alright. Most of the information is obtained thru the browser - running winxp, firefox 1.5. Public IP easily obtained. One site even used a Java hack to figure out my private IP. Thought that was neat. At any rate,
"In any of these cases you will not see an event notification on your computer because our connection attempt did not reach your computer. In any case, your computer is secure."
So basically a software firewall is unneeded when your hardware firewall is working fine. Oh snap! For av I use AVG. For antispyware I use Spybot S&D. To make neither needed, I use firefox and run as user instead of admin. Security is easy when you know what you're doing. - swoosh86, on 10/12/2007, -0/+1"use a security suite instead of individual products"
I strongly disagree with that statement. The best combination of protection is not offered by just one company's "care package" - T-Bird, on 10/12/2007, -0/+1Still though, people who are not security saavy need to have a guide which doesn't speak in computer lingo. I think it's pretty good for those types.
- LtJimDangle2, on 10/12/2007, -0/+1o.O
- TennBikeBerk, on 10/12/2007, -0/+0@holymoses
If you don't download malicious software, then great for you. I'm not really sure what you're asking. If your machine is free of all things malicious, then ideally you wouldn't need the features of a software firewall, and so one could argue that it's unnecessary. However, sometimes you can find out that you have malicious software through a software firewall. I believe this is how the first spyware program was found....Steve Gibson was testing out an early version of ZoneAlarm when a program dialed home to update some advertising.
I'm not sure about your last statement. It is possible to contract a virus (or other form of malware) and "repair", delete, or "heal" it. - holymoses, on 10/12/2007, -0/+0@TennBikeBerk
Let's say I don't download malicious software. What do I do then? I've never had a piece of spyware, ever. If your box is compromised, no piece of software is going to help you. - MadEnvoy, on 10/12/2007, -0/+0@TennBikeBerk - Agreed
@swoosh86 - Agreed
I have been working in the industry for quite some time now and have a hardware firewall and software firewall installed. I also run multiple products for security instead of relying on an "All-in-One". The best defense is a paranoid offense... - inactive, on 10/12/2007, -0/+0Steve Gibson and Leo Laporte both make good arguements for using the Windows software Firewall no matter where you are. If an infected machine joins your network, that router doesn't do you any good.
- squirlyblack, on 07/30/2008, -0/+0 While running under Windows (because linux does not bring this many problems related to security) you run firewall not necessarily for blocking outside attacks, but, as TennBikeBerk said, you use it to stop the software you downloaded without knowing it’s content that dials out a new connection, or sends spam through e-mails. So I agree with him and swoosh86 when saying that you need a personal protection while surfing on the web, and the best deals do not come in a package. https://cisco.hosted.jivesoftware.com/index.jspa?c ...
- gotamd, on 10/12/2007, -0/+0I'm a little skeptical of their picks for the "best firewall". I didn't read too much past there, but I will later.
- inactive, on 10/12/2007, -0/+0why the hell would you need software firewall when youve got a hardware one...thats right, you dont
just toss ol' pccillin or norton AV and whammo. - runelind, on 10/12/2007, -0/+0Are we still confused on software vs hardware firewalls? They are all software firewalls.
At home I have an OpenBSD firewall/router/email relay/http relay, but I still have my OS firewalls turned on (XP/mac/linux), why? Because it would be silly not to. - kblowers, on 10/12/2007, -0/+0you also need a software firewall on your client machines so that when your neighbor gets on your wireless network you're protected from what's on his computer too...
- diecastbeatdown, on 10/12/2007, -0/+0hardware is the only solution if you really care, otherwise get a cheap computer and put linux on it as a router with iptables/snort-inline/etc, be creative.
hardware solutions which are worth putting money into are sonicwall and cisco. - Buelldozer, on 10/12/2007, -0/+0There is so much misinformation in both the Article and the Digg comments it's no wonder most peoples computers are such a mess.
- fortezza, on 10/12/2007, -0/+0Don't just think "I need a firewall", think about what you need a firewall to do. Most people are looking for Network Intrusion Prevention(NIP) and Host Intrusion Prevention( HIP). On my home network, I use IPTables for NIP. On my Linux boxes I use nothing, though I periodically scan for virus-infected files and watch my logs ( using LogWatch ) for suspicious activity. I have one Windows virtual machine ( http://www.vmware.com ) that I run Norton Internet Security 2005(HID) on, even though that system practically never accesses the Internet except for online school work.
I like using a linux box for a software firewall because they are cheap, very flexible ( easy to upgrade the software, memory, network interface speed, process, etc. Some good techniques are to have it run in Transparent Bridging mode so that the firewall cannot be access over the network. While that means you cannot configure it remotely, it also means an intruder cannot access your firewall either. Another technique I found that works well is disallow all network traffic in both directions unless it is specifically enabled. It is more work than to allow all traffic by default and then block specific ports, but it is also more secure as only network connections you specifically allow can go in/out of your home network.
More advanced techniques are Network Intrusion Detection(NID) and Host Intrusion Detection(HID), but I won't go into those here. - runelind, on 10/12/2007, -0/+0sonicwalls are overpriced pieces of junk. I like to disassemble the ones we've yanked from the field and install something else on them.
- dharm, on 10/12/2007, -1/+0very nubbish guide...
i read it and it sounds like it was written by a person with very basic security knowledge
software firewalls mostly blow... just get a good router, and install
i suggest you not install a security suite, as most suck...
get a few spyware/adware removers (adaware, spybot etc...)
for anti-virus, i suggest Kaspersky Anti-virus
and the last thing to do is format your hdd and get rid of ms windows =p - FlyingAvatar, on 10/12/2007, -2/+0Spam article.
- inactive, on 10/12/2007, -4/+0This is ok, we can't be all pros..
kiltak
http://geeksaresexy.blogspot.com
Digg is coming to a city (and computer) near you! Check out all the details on our 
© Digg Inc. 2009
— Content created and posted by Digg users is