Personal Firewall

CaroKann · Sep 10, 2001

That is a fairly interesting article about LeakTest on webattack.com. It basically points out that spyware or whatever will usually be able to communicate over the network because it's disguised as (or embedded in) a game or utility that the user trusts. So the user clicks "allow" when the little firewall dialog pops up, and the trojan horse goes on its merry way.
That problem aside, I've had mistrust of the whole software firewall thing for a long time now. Someone tell me if I'm missing something, but what's to stop a trojan horse from installing *itself* as a firewall (in the same manner the real firewall software did) and thus "allow" itself to do whatever it wants. There's nothing magical about a firewall program, it installs like anything else you pull off the net.. the OS doesn't magically know "oooh *that* is sacred, *that* is a firewall!" To go one step further, a hacker could write the trojan horse to recognize the mainstream firewall apps (ZoneAlarm, Sygate, etc) and patch their exe's or DLL's to open up holes. Next time the user reboots, the altered firewall program will run and the trojan horse will have free reign. Hell, lets take it one step further, whats to stop a trojan horse from patching windows itself (a winsock "upgrade" perhaps) and instructing the hardware to send out packets.
It all comes down to that little double-click you do on that exe you just downloaded off the net.. do you trust it? really? you better be right!

Babak · Sep 11, 2001

Caro, you are partially correct. I heard of a virus that was going around that would circumvent ANY firewall through an ingenious method. It would basically tell the computer (at start up) that the firewall was already running and therefore, didn't need to be started. Neat huh?
This is why a software firewall is only part of your protection. The other is a good and UP TO DATE anti-virus with active web filtering (PC-cillin is great). Plus you can always get a hardware firewall. And most importantly your own common sense to not go around launching attatchments willy nilly or doing other things that will leave your system at the mercy of a hacker (like leaving yoru computer on 24/7)

rtstrading · Sep 16, 2001

I am using Norton Personal Firewall and Win 2000 with no problems. Also have Win ME running with NPF 3.0...no problems. Easy to use also.

guidodf · Sep 17, 2001

I am using Tiny Personal Firewall; it is true that it takes some knowledge of ports, protocols and stuff, but I must say that it doesn't take a PhD to get the basic concepts that are needed to configure TPF properly.
When I downloaded it my expertise on the subject was close to non-existant; after spending no more than three hours reading stuff found on the net I was able to configure it more or less properly. Now I find myself with the best (and free) firewall and with a basic knowledge of the technicalities of the net. I am very far from being a techie, but knowing the ropes gives you the chance to learn more reading stuff that, if completely ignorant on the subject, would be meaningless.
My suggestion is to go for TPW AND to spend some time getting to know how it works.

Ciao

Guido

ddefina · Sep 17, 2001

I've been using the free and then pro versions of Zonealarm for a couple years and they work great. Occasionally the program locks things up, but this is rare. Steve Gibson is a programming genius--if there is such a thing. Read Steve's very interesting documentary of how he handled a "hacker" attack on GRC.com at http://grc.com/dos/intro.htm

dvegadvol · Oct 4, 2001

Is my choice. No lockups, no conflicts and it generates a log of the ip addresses of those vermin scanning your system. I send an e-mail to the sys admin to let him know of this activity.

Cheers

MegRean · Oct 4, 2001

I'm currently using Outpost firewall. You might check it out at http://www.agnitum.com
In my opinion it's the firewall to go at the moment ( also running on XP) ...
it got a couple of great features ... just give it a try =)

B.S. Dick · Feb 8, 2002

Dear Thomas,

I have excellent experiences with ZoneAlarm Free and Pro (which I bought after using ZoneAlarm Free). Pro was worth every dollar. It is easy to use and easy to configure. If you are really into defending your computer I suggest you get yourself NeoTrace as well as ZoneAlram Free or Pro. If ZoneAlarm picks up an IP address from a 'ping' or genuine attempt to break into your computer, you can use NeoTrace (CNET for the demo) to trace the IP and even get a satellite picture from the geographical location that belongs to the IP!

ZoneAlarm is definitely NOT spyware. I have installed various programs that work alongside ZoneAlarm and monitor my internet connection.

If you want to rid your computer of spyware try Adaware (also on CNET). The demo is free and very user-friendly.

Volunteer · Feb 9, 2002

Anybody know anything about the quality of the Internet Connection Firewall that's part of WinXP?

Splat · Feb 9, 2002

WinXP's firewall only works on inbound traffic not on outbound traffic. That is, it will stop e.g., incoming port scans but
not any trojan or spyware from sending data out from
your computer.

Regards,

Splat