PDA

View Full Version : firewalls



susievb
01-01-2005, 03:05 PM
I have just got a new pc with XP home ed. I have yet to install the sevice pack 2 but when I do is the firewall that comes on it good enough? or should I also install a free one like zone alarm as well to be safe?

Susie

tweak'e
01-01-2005, 03:14 PM
install a decent one regaurdless.

if you havn't got one on disk then make sure the MS one is running before going onto the net, otherwise you will be infected rather quickly.

Baldy
01-01-2005, 04:11 PM
install a decent one regaurdless.

if you havn't got one on disk then make sure the MS one is running before going onto the net, otherwise you will be infected rather quickly.

That is scaremongering ROT!

FoxyMX
01-01-2005, 04:15 PM
Specifically what is rot, Baldy?

tweak'e
01-01-2005, 04:20 PM
bollocks baldy.

with the amount of ifected pc's still on the net, a stock standard windows install will be infected within minutes (as tested by a few websites if you care to look). going by the amount hitting my firewall at the moment which is a least 1 every 2 minutes i would say it still holds true.

Jen
01-01-2005, 04:21 PM
That is scaremongering ROT!How? It is quite true if you go onto the net with a freshly installed XP OS (no security patches applied yet) without at least XP's inbuilt firewall activated you run the risk of getting infected reasonably fast. This is particularly so when the blaster worm was at its peak in circulation.

XP's built in firewall only stops incoming connections, so it is not as good as third party programs which monitor out-going connections. This is particularly handy if you get infected by a worm/trojan that wants to call home, as the firewall often provides the first clue of the infection when an unusual application/process requests access to the internet.

Greg
01-01-2005, 05:56 PM
Once you've got your firewall configured it's a good idea to disable XP's built in one

Baldy
01-01-2005, 06:05 PM
I still stick by my belief that a firewall (for the average user) is unneccessary. We live in a paranoid world I know, but come on, how many computers are going to get invaded.

FoxyMX
01-01-2005, 06:14 PM
Have you got Windows XP, Baldy? If so, I challenge you to turn off the Windows firewall and any third party firewall, if you have one, carry on with your normal internet useage and let us know how long it takes for your computer to go down. ;)

agent
01-01-2005, 06:50 PM
The average time it takes for a Windows (possibly XP) installation to be infected when going out on the internet without any security at all is about four minutes now.

If you watch the incoming connection attempts on an XP computer connected directly to the internet, you'll notice a lot, if not most, of the connections will be made to port 135. There is no use for port 135 over a wide-area network except for worms and such malware.

pheonix
01-01-2005, 06:54 PM
Baldy, it is not Hackers that the firewall is there for, it is the "worms" that exploit a weakness in windows. They spread by looking for other computers on the net, that also exhibit that weakness. A firewall stops them from exploiting your computer. So not only does it save you the hassle of a fixup, but also, because you weren't infected, slows the spread. If everyone had firewalls, then the blaster worm would have been a non-event.

Also, firewalls can alert you to that trojan or spyware that came in with that program you wanted to try out. Still a weakness with the standard Windows version, as stated earlier, doesn't stop outgoing "malware".

So stopping Hackers is not the main aim of domestic type firewalls, just being a good citizen on the Internet. Besides, good insurance that costs nothing. The last test that was carried out with Xp, no ServicePacks, was 16 minutes before being infected ( http://channels.lockergnome.com/news/archives/20040928_xp_survival_time_on_the_net_16_minutes.ph tml )

E|im
01-01-2005, 07:11 PM
Try Outpost pro.

sarel
01-01-2005, 07:38 PM
I agree - the other day I had to reload WinXP (lost everything after a HD crash). The time it took me D/L Zonealarm (10 mins on dialup) - 2 worms on me PC - next time I'll load it from a disk and just update.

sarel

TonyF
01-01-2005, 07:55 PM
I hope Baldy is beginning to realise that his belief has little support in this Forum, and also that "rot" is hadly a suitable comment.
Tony

Baldy
01-01-2005, 07:59 PM
OIC ~ Well luckily I'm not using XP.

Soooooooo, if you're an XP user, is it virtually mandatory to use a firewall? Gawd, the memories of how marvelous XP was ~ or was going to be ~ are still fresh in my mind. If the chances of XP being exploited within 4 minutes of going on the net (as a poster in this thread says) no wonder there are so many who do an animated MS rant frequently. :yuck:

Baldy
01-01-2005, 08:01 PM
I hope Baldy is beginning to realise that his belief has little support in this Forum, and also that "rot" is hadly a suitable comment.
Tony
So it seems. Well happily,I don't use the easily exploited WinXP ~ lucky me!

FoxyMX
01-01-2005, 09:33 PM
So it seems. Well happily,I don't use the easily exploited WinXP ~ lucky me!
Oh, so you didn't actually install Windows XP (http://pressf1.pcworld.co.nz/showthread.php?t=34875) in the end?


OIC ~ Well luckily I'm not using XP.

Soooooooo, if you're an XP user, is it virtually mandatory to use a firewall?
That is correct.

Maybe next time you might like to do a bit of research before taking on someone who does actually know the facts.

Scouse
01-01-2005, 10:16 PM
Hoo boy! Maybe next time you might like to do a bit of research before taking on someone who does actually know the facts. Baldy must be reaching for the first aid kit. :cool:

Elephant
01-01-2005, 10:22 PM
I have just got a new pc with XP home ed. I have yet to install the sevice pack 2 but when I do is the firewall that comes on it good enough? or should I also install a free one like zone alarm as well to be safe?

SusieI use WinXP Pro with SP2 installed. At the moment I have a dialup connection to the Internet but have used broadband wireless.

A dialup connection normally means that you will get a new IP address every time you connect and while I used dialup with Xtra for years I never got a worm or trojan with no firewall installed.

I installed Kerio Firewall being free only when I had broadband and before Service pack 2 for XP came out.

Be careful opening Emails even from people you know. Use an Antivirus checker like Norton, AVG, EZTrust etc.

Currently running WinXP Pro SP2 with firewall on. Email through Microsoft Outlook and the ISP is Orcon. I am not running the likes of Zone alarm but have nothing against it.

If you just got this computer then hopefully it should have come with a new version of WinXP WITH SP2 already installed. Firewall is turned on by default.

tweak'e
02-01-2005, 11:44 AM
If you just got this computer then hopefully it should have come with a new version of WinXP WITH SP2 already installed. Firewall is turned on by default.

at worse they could have just stock windows installed (not even drivers installed). also with supermarket pc's they often have customised setups includeing the firewall turned off by default!

the problem of course is with no firewall its eaier for YOU to infect everyone else!

Chilling_Silence
02-01-2005, 12:25 PM
Baldy:
Tweak'e and Jen are right, there is simply NO excuse to go online without a Firewall using WinXP.

Hell, any version of doze for that matter. Send me your IP and I'll break your box right now and prove to you that you _need_ a firewall if you run Doze!

I can take your bragging one step farther and say I dont Degfrag my HDD, its a high-performance unbreakable file-system. I dont have Anti-Virus software, I dont have Spyware worries, I dont have a firewall, and I can modify the source code to my OS at any time (And I do) and make it more how I want it!

Ive got a firewall on my familys WinXP SP2 PC, even thou they're behind a NAT'd router, and soon to be behind a Linux firewall/proxy also. Having done a fair bit of security analysis work, I can safely say that while ignorance is bliss, there's no excuse not to have AV software and a Firewall! Even Microsoft acknowledge its a _must_ have. Check out the Windows Update website and there's three things a windows box NEEDS:
1. Up-to-date Windows, security patches etc
2. Firewall - No excuse not to have it
3. Anti-Virus software

Realistically they should add Anti-Spyware software to that list, as some predictions are that in 2006 it'll outnumber virus problems. That I believe.

My 2c worth anyways.


Chill.

Safari
02-01-2005, 02:02 PM
Check out the Windows Update website and there's three things a windows box NEEDS:
1. Up-to-date Windows, security patches etc
2. Firewall - No excuse not to have it
3. Anti-Virus software

Realistically they should add Anti-Spyware software to that list, as some predictions are that in 2006 it'll outnumber virus problems. That I believe.

My 2c worth anyways.


Chill.[/QUOTE]

If MS thought a firewall was essential why did they not design the XP firewall to be more effective.
The reality is that very few home computers on XP have an additional firewall and with just normal web browsing and email use very few have any problems that could be put down to lack of a firewall.
Sounds as if you are rather paranoid about security.

Remember the average user is not using their computer for the things that a lot of the forum members do. All they do is email and occasional web browsing and installing and and configuring a firewall is not something they would want to get involved with and would probably cause more problems than it prevented.

Spyware is another problem again and we can blame MS insecure systems for that and of course the answer to that is obvious.

ninja
02-01-2005, 02:45 PM
The problem with a lot of firewalls, is that they do invoke an element of scaremongering - you can see the corporate sense in this "OMG wow - ZoneAlarm stopped eleventeen hacksters this week I should send them money". Whilst it seems more and more advisable to use them, they do cause problems significant problems for the uninitiated.

It doesn't take long with ZoneAlarm before someone has blocked IE and the base DNS processes from accessing the intarweb and no longer has connectivity. Joe User generally doesn't understand the intricacies of a firewall, doesn't understand the questions being asked when a program requests access, nor desires to learn them. Most people just want to turn on their intarwebnet and have it work. They do cause a significant number of problems for end users and for Internet Helpdesks having to support them.

We did some interesting research at work and found that customers who had significant problems downloading large attachments all used ZoneAlarm. After looking into it, it turns out that ZA by default blocks the protocol used to negotiate the size of packets exchanged between server and client. As such data was being sent in smaller blocks so was more prone to errors etc, which effectively slowed their internet down significantly causing more frequent problems.

The next step from that is the pop up alerts, or the cutesy little map features that Symantec Firewall has which displays a map with a big X-hair on it pointing at the country that "hackers" came from. This often spurs the just a tad more enlightened user to start taking screenshots and e-mailing every abuse/support desk they can find to report these "hackers". Whilst users think they are contributing something to the greater good, getting an e-mail with an MS Word attachment containing a screenshot pointing to Pakistan sent to support@domain.xx.xx abuse@domain.xx.xx dns@domain.xx.xx to every host between them and the purported hacker's location really does very little.

Whilst the idea of a firewall is excellent, it is exceedingly difficult with the number of users that don't understand what is going on with them to have firewalls used effectively. An initial install of Zone Alarm can completely shoot internet access out with two clicks on the first alert that pops up. Then the uninstall process can (and regularly does) completely hose the TCP/IP stack breaking things further.

The number of misguided complaints to abuse@myisp.xx.xx I get each week from people complain that our DNS servers have been trying to "h4x0r my intarweb and steal my jiggahurtz" is infuriating - not to mention time wasting on my part, and the part of the customer thats taken the time to write in about some innocuous traffic.

It'd be good to see more people using firewalls, however the software needs to be better better built for end users - i.e. it shouldn't post confusing popup "alerts" and be more silent in it's alerts of supposed "hacking". There should also be more information available when it does ask a question so that when someone sees OMG "iexplore.exe is trying to access the intarweb" the instinct isn't to click NO! straight away.

These are two quite good reads:
http://www.samspade.org/d/persfire.html
and:
http://www.samspade.org/d/firewalls.html



"Personal Firewalls" are mostly snake-oil
The second is more insidious... Why is an end user going to buy / register / upgrade their 'personal firewall'? They're not going to do so if they don't perceive any benefit from it. If it were a properly written application that just sat there, doing its job quietly in the background, users would forget it was there. But if it pops up warnings about 'attacks' all the time then it's clearly Doing Something. Most of those warnings are entirely frivolous - normal network traffic.


Well worth reading the entire page.

pheonix
02-01-2005, 03:20 PM
Yes in an ideal world, but who can afford a hardware firewall?

He's is a little wrong, or this was written before the msblaster worm.( referring to his mention of "If you're running a Windows machine and not running IIS you have nothing to worry about".)
I install a software firewall on all computers that come through the shop. With zonealarm, just turned the notifications off. A small piece of instruction and they have had no problems. When the Blaster worm struck, no clients got it. Co-incidence or firewall?
That is more proof to me of the value of a software firewall than an opinion.
Sorry, firewalls are an "insurance" for the average user.

Chilling_Silence
02-01-2005, 06:46 PM
Even just a firewall that performs the same function as my routers NAT would suffice!!

The windows firewall is basic to prevent what ninja has described.

Im not currently happy with any of the firewalls out there. They're all much to difficult for Joe-Average to use.

Ideally a firewall is needed thats about as easy as running the installer and thats it.
Advanced options such as pinholing should be available.... But stuff application-level security. Its piss-easy for a trojan to hijack another process/executable etc.

If you dont trust the applications your PC runs, time to think about a change.....


Chill.

augustus
02-01-2005, 07:06 PM
I use KERIO - works fine.

tweak'e
02-01-2005, 08:42 PM
ninja......the same spade thing is old and if i remember correct it was partly due to the guys little spat with zonealarm.

as far as customers blocking themselves off the net (or blocking their favorite program) it just a matter of learning to use a program just like every other one they use. frankly if they can't work out a yes or no question they shouldn't be allowed a pc ! ! !

as far as compalints eg "someones hacking my pc!" and the "i got 54 attempts today wow" once the novelty has worn off it soon goes. look at how many firewall alert requests we get here now.....none.

however i do have to agree about the over the top warnings/alerts most firewalls have, there often there simly to promote their product, just like everyone else. people soon get sick of it and turn the alerts off.

unfortunatly the people that NEED firewalls the most are the ones most likly won't have one or use one properly.

ninja
02-01-2005, 09:00 PM
as far as customers blocking themselves off the net (or blocking their favorite program) it just a matter of learning to use a program just like every other one they use. frankly if they can't work out a yes or no question they shouldn't be allowed a pc ! ! !
Generic host process for win32 (or something to that effect) is attempting to access the internet. Do you wish to allow this?

User: Hmm... that doesn't sound like intarwebnet explorer. *clicks no*

Seconds later...

Generic host process for win32 (or something to that effect) is attempting to access the internet. Do you wish to allow this?

User: Hmm... that doesn't sound like intarwebnet explorer. *clicks no*

More seconds later...

Generic host process for win32 (or something to that effect) is attempting to access the internet. Do you wish to allow this?

User: Gah... stupid thing keeps annoying me *ticks the remember this box and clicks no*

Bang... no more DNS. Thus no more intarweb. Thus no more Inbox Outlook Express e-mails. Generally followed by a call to their ISP - don't see ZoneAlarm having a helpdesk (at least Norton have the decency to).

I wouldn't expect many home users to look at that message and think wow I bet I need that to be online.

JJJJJ
02-01-2005, 09:04 PM
I'm probably in a minority group but I'm firmly of the opinion that for the average home user an external fire wall is just something else to annoy you.
If you use an ISP who blocks virus and you have a good anti-virus program then a fire wall is unnecessary. All the know alls who subscribe to this forum are forever rubbishing MS's built in fire wall, but in reality it gives ample protection.
If you want it and are worried still you could try Zone Alarm. But in my opinion it's just a nuisance. Forever telling you that some perfectly legitimate program wants to contact the web. I took it out after a month.
Another near useless program is AdAware. Every time I run it , it finds half a dozen "tracking cookies". You remove these cookies and they are back again in about half an hour. They are inserted by sites you regularly visit. AdAware has never, ever found anything else on my computer.
I'm fully of the opinion that most "protection programs" are purely there to make money for the writers. Viruses, in the main, are being over hyped.
I can do a lot more damage to my computer than any virus ever has.
Jack

Chilling_Silence
02-01-2005, 09:37 PM
I think that Jack, Tweak'e and Ninja all have some valid points here.....

Application level security isnt a _must_ for 95% users - Something that'll NAT will work fine.

JJJJJ: The WinXP Firewall (In answer to the origional question, and confirming what you've said) is sufficient for a _lot_ of things, but personally I dont trust Doze because I cant see the inner workings of it.

Personally, I reakon we need a simple firewall that can NAT, and open ports, and thats what Im going to start working on shortly.

Thats my programming Goal, and if there's anybody else here who likes that idea, then I'd be keen to hear from them

Cheers


Chill.

E|im
02-01-2005, 09:44 PM
If you use an ISP who blocks virus and you have a good anti-virus program then a fire wall is unnecessary. All the know alls who subscribe to this forum are forever rubbishing MS's built in fire wall, but in reality it gives ample protection.
We need moderators that delete such bollocks when it gets written so poor advice doesn't get spread around. :stare: :stare:

Chilling_Silence
02-01-2005, 09:49 PM
And this Moderator doesnt like people who are so arrogant.

Something like this _may_ be more fitting:
In reality ISP's block Email viruses, but not the likes of the Blaster etc. So therefore they cant protect against everything.

E|im - last warning dude - You gotta keep it friendly or I'll put my Moderator hat on and you can wear the banned label for a week aight!

tweak'e
02-01-2005, 09:50 PM
Generic host process for win32 is allowed through by default with most firewalls so i don't know how that can be an issue. also the default browser is allowed through much to my disgust.

sorry chill i got to disagree...Application level security IS a must for 95% of users. its the top 5% of users who don't really need it due to their forever watchfull eye and good net/pc habits.

i know lots of people (most of them are newbies) where the firewalls has saved their bacon on more than one occasion. in 2 cases its saved them a rather big phone bill (a rather nasty dailer).

Chilling_Silence
02-01-2005, 09:53 PM
You've got a point, but how hard is it to modify some trojan source so it hijacks explorer.exe? Effectively making that security added redundant...

tweak'e
02-01-2005, 09:59 PM
yeah thats why i don't like allowing things through by default. if your already infected it can go through unnoticed. however most firewalls now check what module etc actaully makes the call so it can pick an app useing another app to get through.

Chilling_Silence
02-01-2005, 10:03 PM
What do you mean by what module? The executable will be running and making the call, Ive seen it done, and Ive seen it pass through the firewall.... Zone Alarm, Kerio, Symantec etc

Im not trying to be negative or anything, just asking for a little clarification :)

ninja
02-01-2005, 10:21 PM
Thats my programming Goal, and if there's anybody else here who likes that idea, then I'd be keen to hear from them
It's a common joke at work that we should badge up our own custom firewall, with lots of flashing lights, radio buttons and slider bars.... that don't actually do anything.

God bless the placebo effect.

Jen
02-01-2005, 10:34 PM
What do you mean by what module? The executable will be running and making the call, Ive seen it done, and Ive seen it pass through the firewall.... Zone Alarm, Kerio, Symantec etcI know when I used Agnitum Outpost last, it would alert me that a program that had previous permission, has now been altered since it last accessed the internet and would then re-ask for permission. The alert went on to mention that this would happen if you had just updated that program, otherwise consider blocking it (or words to that affect). I remember the firewall went nuts after I installed SP2 on XP with all those updates ... :rolleyes:

E|im
02-01-2005, 10:53 PM
I know when I used Agnitum Outpost last, it would alert me that a program that had previous permission, has now been altered since it last accessed the internet and would then re-ask for permission. The alert went on to mention that this would happen if you had just updated that program, otherwise consider blocking it (or words to that affect). I remember the firewall went nuts after I installed SP2 on XP with all those updates ... :rolleyes:
Yeah component control. Quite a useful feature as other firewalls just check if the main exe is modified, but there are also DLLs and other parts of the program that can be modified as well, possibly indicating a trojan. But blimin annoying with all the alerts it pops up so I just turn it off.

Twelvevolts
02-01-2005, 10:57 PM
OK - stock Windows XP install with no patches will get the Sasser worm in approximately two minutes. Try it yourself or search the web for information on the Sasser worm. Get yourself a slipstreamed disk (builds in SP2 to XP) and you won't have to worry about that.

As for what a Firewall will do for you, read the excellent article on a reported at
http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm
on a honey pot test run by Kevin Mitnick. Looks like the Windows firewall alone stopped a compromise during this test. However, Zone Alarm also works just fine, nowithstanding the advice I got to the contrary from the Paradise Technical Help Desk.

Don't have Zone Alarm and Windows Firewall turned on at the same time.

mikebartnz
02-01-2005, 11:23 PM
Generic host process for win32 (or something to that effect) is attempting to access the internet. In most cases if Windows was not running unneccessary processes Generic host process for win32 would not be trying to access the net.
It is a mugs game going on the net without a decent firewall.

JJJJJ
03-01-2005, 07:01 AM
JJJJJ: The WinXP Firewall (In answer to the origional question, and confirming what you've said) is sufficient for a _lot_ of things, but personally I dont trust Doze because I cant see the inner workings of it.



Chill. I'm sure that most of us don't want to see it working.
I just want to install something and forget about it. I don't get viruses therefore it must be working.
I have SP2 and NAV and they seem to do the job. They work together.
When I installed my ADSL modem it KINDLY activated it's own firewall.
Unfortunately it would not allow me to send or receive E-mail. This is a problem I can do without!
I de-activated the firewall and all is OK again. But if I switch the modem power off. Next time I start the firewall is back. So I just leave modem switched on.
Seems the modem doesn't like SP2.
Jack

JJJJJ
03-01-2005, 07:12 AM
We need moderators that delete such bollocks when it gets written so poor advice doesn't get spread around. :stare: :stare:

So are me to believe that Eljim is the only person who doesn't write "BOLLOCKS"?
Jack

FoxyMX
03-01-2005, 09:50 AM
I de-activated the firewall and all is OK again. But if I switch the modem power off. Next time I start the firewall is back.
Did you save the settings after deactivating the firewall?

tweak'e
03-01-2005, 10:54 AM
What do you mean by what module? The executable will be running and making the call, Ive seen it done, and Ive seen it pass through the firewall.... Zone Alarm, Kerio, Symantec etc

Im not trying to be negative or anything, just asking for a little clarification :)

no prob chill ;-)

a good example is spyware useing IE to access the net. even tho it uses IE most decent firewalls will actually pickup that another exe is trying to access through IE. basicly keeps tabs on what dll's etc that are in use, what process is uesd etc. i can dig up the exact info but it will take me ages to go refind it all again. the other way which u mention was to infect the iexplorer.exe and yes if its infected BEFORE you put the firewall on, the firewall and user won't notice unless you happen to pick up that its connecting on its own (ie you havn't open up a browser and its trying to connect. perfect indication of an infection)

Prescott
03-01-2005, 04:39 PM
i dont ever need to touch my firewall, well maybe once a month if there is an update, it just runs in the background, using zone alarm

say if you have a hardware firewall would you still need a software based firewall?

tweak'e
03-01-2005, 04:51 PM
say if you have a hardware firewall would you still need a software based firewall?
a hardware firewal won't control applications so yes you will still need one.

btw isn't a hardware firewall simply a bit of software running on hardware much like a software firewall running on a pc ?? :thumbs: ;)

Chilling_Silence
03-01-2005, 04:55 PM
Thanks Tweak'e :)

Actually, a lot of hardware firewalls, such as routers etc run Linux and use iptables. IIRC some Linksys routers do too... Its just embedded linux.

My next question:
Why is the Linux firewall situation so pathetic? I know there's like 3 or 4 different firewalls...... they all are simply front-ends for iptables AFAIK.

Murray P
03-01-2005, 05:17 PM
JJJJJ, you need to adjust ZA so that it is not throwing up trivial alerts. Once you are satisfied with whats accessing the net, just let it get on with it without telling you each time. Same with Adaware, uncheck the check for cookies bit if you don't want it to do so.

They are tools that you have to spend, at least some, time learning to get the best out of, like any tool. The thing about firewalls, is that they do their job by checking types of activity, antivirus, in the main, uses definitions to target a particular beastie, quite different and for different purposes.

As has been mentioned, a NAT router will get you a long way towards being protected from incoming unwanted connections. If your just running a broadband modem (PCI usually or USB) then your going to be more vulnerable and get alot more unspecified connection attempts which a firewall will go nuts over. Essentially, what you want the software firewall for is outgoing if you have a NAt router or dialup.

Chill, wnat abeta tester? I can break most things without trying (hope your debugger is robust ;) )

tweak'e
04-01-2005, 11:04 AM
Thanks Tweak'e :)

Actually, a lot of hardware firewalls, such as routers etc run Linux and use iptables. IIRC some Linksys routers do too... Its just embedded linux.

My next question:
Why is the Linux firewall situation so pathetic? I know there's like 3 or 4 different firewalls...... they all are simply front-ends for iptables AFAIK.

i thought there was a linux personall firewall in devolpment at sourceforge. however i suspect linux dosn't have the huge amount of scumware like windows has to deal with, linux users normally set things up fairly tight and most (but not all) linux installs don't have a lot of unneeded crap running (unlike windows). however a linux firewall with app control would be great.

Chilling_Silence
04-01-2005, 01:45 PM
Theres a few... Guarddog/watchdog or something... Theres one for GNOME AFAIK.... firestarter..... and lest we forget, iptables!

Sorry to deviate so much from the origional question ;)


Chill.

Murray P
04-01-2005, 02:08 PM
Guarddog (http://www.simonzone.com/software/guarddog/#introduction)

D. McG
05-01-2005, 11:59 PM
Remember the average user is not using their computer for the things that a lot of the forum members do. All they do is email and occasional web browsing and installing and and configuring a firewall is not something they would want to get involved with and would probably cause more problems than it prevented.
How true, but given the state of affairs with security issues, all users should be aware that if they are going to be using the Internet in any form they should know about the threats - viruses / worms, malware, spyware, port intrusions, phishing scams etc. and what they need to do about them. And software vendors need to ensure that their software is well-documented so that users aren't left in the dark or left to experiment - with hopeless results.

The trouble is that there is this 'too complicated for me' / 'ignore it and it'll go away' mentality that stops many of these users finding such things out - and thats what many cyber-evil-doers (for want of a better family-friendly term) take advantage of.