Firewalls - more trouble than good ?
07 January 2003, 08:13 PM
#3
Scooby Regular
Join Date: Sep 2001
Location: Kingston ( Surrey, not Jamaica )
Posts: 4,670
Likes: 0
Received 0 Likes
on
0 Posts
Nope .. firewalls are your friend.
SOFTWARE firewalls are a pain in the ar$e though.
get a smoothwall or a router that does runs a firewall away from your desktop.
Steve
SOFTWARE firewalls are a pain in the ar$e though.
get a smoothwall or a router that does runs a firewall away from your desktop.
Steve
Trending Topics
07 January 2003, 11:09 PM
#8
Moderator
Join Date: Dec 1998
Location: Staffs
Posts: 23,573
Likes: 0
Received 0 Likes
on
0 Posts
Doesn't ZA check for updates? So it would have to call home for that surely?
I'm not saying it doesn't (I don't run it anymore - proper hardware firewall appliance for me) BTW, but more info would be interesting.
Personally, wouldn't touch Norton with somebody else's barge pole...
I'm not saying it doesn't (I don't run it anymore - proper hardware firewall appliance for me) BTW, but more info would be interesting.
Personally, wouldn't touch Norton with somebody else's barge pole...
07 January 2003, 11:25 PM
#10
Scooby Senior
Join Date: Feb 2000
Location: West Midlands
Posts: 5,763
Likes: 0
Received 0 Likes
on
0 Posts
Gastro,
go into the NFP setup (possibly Advanced Options under the Web tab, depending on the version you are using). Select the web address for the Turbosport site (which provides ScoobyNet pictures) and ensure that you allow the Referrer ID (possibly under Browser Privacy).
When you move from one web-site to another, your brower automatically tells the new site where you came from. Thus, say, ScoobyNet can know that you were just on DebbieDoesDallas.com or whatever. Usually this is blocked by NPF, so that you can maintain at least some privacy, but Turbosport checks that the referrer is actually ScoobyNet so that it's bandwidth can't be misused by other sites.
I hope that makes sense, and that your NPF does it's job properly (i.e. how you want it to work!).
mb
go into the NFP setup (possibly Advanced Options under the Web tab, depending on the version you are using). Select the web address for the Turbosport site (which provides ScoobyNet pictures) and ensure that you allow the Referrer ID (possibly under Browser Privacy).
When you move from one web-site to another, your brower automatically tells the new site where you came from. Thus, say, ScoobyNet can know that you were just on DebbieDoesDallas.com or whatever. Usually this is blocked by NPF, so that you can maintain at least some privacy, but Turbosport checks that the referrer is actually ScoobyNet so that it's bandwidth can't be misused by other sites.
I hope that makes sense, and that your NPF does it's job properly (i.e. how you want it to work!).
mb
08 January 2003, 12:18 AM
#11
Scooby Regular
Join Date: Jan 2003
Posts: 932
Likes: 0
Received 0 Likes
on
0 Posts
All software firewalls are insecure. They are a comprimise. A sortware program running on the machine it is meant to be protecting is never gonna provide good protection. If I had to use a windows machine, and had to run a firewall on the same machine, I would probably opt for blackice, outpost or NIS. NIS is pretty good but do NOT trust the automatic rule creation. At the end of the day they are better than nothing and will keep your average windows script kiddie out if correctly configured.
If you have the money, and time, set up a *nix box running strict IP tables and snort on the perimiter into some kind of security router (NetGear does a good one for about 150 quid) preferably with NAT (although its a pain in the ****)Packet inspection with strict rules is the only way to protect against a good attacker.
You can also set up extra rules in your OS. If your running windows, you can shut off unwanted services in Start > settings > network connections. Right click on your network connector and select properties. Select TCP/IP and go to properties. Click the advanced tab, then go to the options tab, select TCP/IP filtering and then properties. You can configure to only allow port access you require.
If your running *nix, you don't need any help : p
If you have the money, and time, set up a *nix box running strict IP tables and snort on the perimiter into some kind of security router (NetGear does a good one for about 150 quid) preferably with NAT (although its a pain in the ****)Packet inspection with strict rules is the only way to protect against a good attacker.
You can also set up extra rules in your OS. If your running windows, you can shut off unwanted services in Start > settings > network connections. Right click on your network connector and select properties. Select TCP/IP and go to properties. Click the advanced tab, then go to the options tab, select TCP/IP filtering and then properties. You can configure to only allow port access you require.
If your running *nix, you don't need any help : p
09 January 2003, 01:46 PM
#13
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Another vote for Sygate - very good software based firewall.
I would agree with Gedi that they are a compromise, but their major function is to protect the average home user from the more common forms of attacks found on the Internet. I've always compared them to house alarms / car alarms. If by their presence, it means that your next door neighbours house is broken into or their car nicked, then your alarm has done it's job. Harsh, but true.
In the same way that most of the stuff you see on the Internet is readily available. What you can't gauge is the technical competance on the person using the software / launching the attack against you. Most of the time, if these people encounter a firewall or (more likely if you have it setup correctly), they don't see any response from your PC / IP address, they will go somewhere else. There are plenty of people who are still ignorant of the risks and make much easier targets. Do nothing will make you a target. By at least having a decent software based firewall and some good anti-virus software you are taking reasonable steps to protect yourself.
From a company point of view I would want something a lot bigger and better! We've got more than 800 customer firewalls under management and it's a serious committment in terms of resources to actively manage these correctly.
Intrusion detection also is becoming more important. But that's another story
Chris
I would agree with Gedi that they are a compromise, but their major function is to protect the average home user from the more common forms of attacks found on the Internet. I've always compared them to house alarms / car alarms. If by their presence, it means that your next door neighbours house is broken into or their car nicked, then your alarm has done it's job. Harsh, but true.
In the same way that most of the stuff you see on the Internet is readily available. What you can't gauge is the technical competance on the person using the software / launching the attack against you. Most of the time, if these people encounter a firewall or (more likely if you have it setup correctly), they don't see any response from your PC / IP address, they will go somewhere else. There are plenty of people who are still ignorant of the risks and make much easier targets. Do nothing will make you a target. By at least having a decent software based firewall and some good anti-virus software you are taking reasonable steps to protect yourself.
From a company point of view I would want something a lot bigger and better! We've got more than 800 customer firewalls under management and it's a serious committment in terms of resources to actively manage these correctly.
Intrusion detection also is becoming more important. But that's another story
Chris
01 July 2003, 07:41 PM
#14
Scooby Regular
Join Date: Jan 2001
Location: Cheshire
Posts: 1,717
Likes: 0
Received 0 Likes
on
0 Posts
Just wondering ? - I know the obvious Pro's but IMHO having Norton firewall has been nothing other than a pain in the @rse ! Half the time I disable it to see piccies from the BBS etc.. and I'm sure it was the culprit for me not being able to get ADSL working again ?
Anyone else had problems ?
Cheers,
Gastro (without anything with Norton installed on it !)
[Edited by Gastro - 1/7/2003 7:41:39 PM]
Anyone else had problems ?
Cheers,
Gastro (without anything with Norton installed on it !)
[Edited by Gastro - 1/7/2003 7:41:39 PM]
Thread
Thread Starter
Forum
Replies
Last Post
Mattybr5@MB Developments
Full Cars Breaking For Spares
20
22 October 2015 06:12 AM