Online Arrmor

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
I moved to Online Armor mainly because Comodo was asking me about files I
did not recognise. It seems OK thus far.
However Shields-Up spotted port 0 as being closed, but went on to say port
0 is never used. Can anyone explain?
And while I'm here, whatever happened to PCflank and is there anything
similar?
--
Jim S
        Tyneside UK
     www.jimscott.co.uk

Re: Online Arrmor
On Fri, 13 Mar 2009 00:44:22 GMT, Jim S wrote:

Quoted text here. Click to load it

If on WinXP or Vista, steer away from any 3rd party software firewall
programs; They are useless to say the least. Stick with the built-in
application.

Re: Online Arrmor
Kayman wrote:
Quoted text here. Click to load it

Yeah, the "cool" firewall from Microsoft is the best firewall there is
(especially for hackers).

Re: Online Arrmor
nospam-@operamail.com says...
Quoted text here. Click to load it

Nonsense. Software firewalls are an important part of your security
(unless you're doing all your online work in a sandbox or VPN, which is
significantly more complicated for the average user).

Re: Online Arrmor
Quoted text here. Click to load it

They aren't an important part of my security. In fact they aren't part
of my security at all. Because there's no reason at all to use them.

If you think you need a firewall to shield open ports, the Windows
Firewall is absolutely sufficient. If you want sensible monitoring of
connections: install Port Reporter.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Online Arrmor
says...
Quoted text here. Click to load it

Windows firewall is inbound only.

Are you using Windows, cobalt?

Re: Online Arrmor
wrote:

Quoted text here. Click to load it

Are you even understanding what he is saying?

Re: Online Arrmor
b__nice@hotmail.com says...
Quoted text here. Click to load it

Yes, I understand what he's saying. However, this thread started with
someone who is using Online Armour and had a question about port 0.
Cobalt's immediate response was to get rid of any 3rd party firewall on
XP or Vista. That isn't exactly the best advice, considering he doesn't
know anything about the user's system or experience. Is Jim S behind a
router? Does he know anything about security? Is he the only user of the
computer? To just make a blanket statement about not using a 3rd party
software firewall and stick to the one built into windows is just wrong.

Port Reporter is a nice tool, but all it does is log information. And it
isn't exactly for the novice.

The reason I asked whether he is using Windows is because the vast
majority of people I encounter who reject software firewalls outright
are *nix users.

Re: Online Arrmor
Quoted text here. Click to load it

Which is exactly what it's supposed to do.

Quoted text here. Click to load it

Neither are logs/messages of the various personal firewalls.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Online Arrmor
says...
Quoted text here. Click to load it

Log files isn't usually the primary reason someone uses a software
firewall.

Rather than continue this back & forth, why don't you just share exactly
how an average Windows user on an internet-connected computer can fully
protect himself?

Re: Online Arrmor
Quoted text here. Click to load it

One reason I hear rather frequently is that personal firewall would tell
people what's going on on their systems. Logfiles exist exactly for that
purpose.

Quoted text here. Click to load it

Because there is no "one size fits all" solution. A good starting point
would be:

- Think before acting.
- Never be root. Use an administrator account only for administrative
  tasks. Use a normal user account for everything else.
- Configure software that requires admin privileges for non-admin tasks
  to run with limited user privileges [1].
- Keep your operating sytem and all of your softwar up-to-date.
  Automatic updates help.
- Don't provide services you don't want to provide [2,3]. Or use the
  Windows Firewall to block inbound connections.
- Disable autostarts for removable media (via gpedit).
- Use AV software to prevent known malware from being executed by
  mistake.
- Don't use IE, at least not without locking it down tightly. Better use
  Firefox/SeaMonkey with NoScript or Opera, as they are easier to
  secure.
- Before installing software think twice about whether you really need
  it. Less is more.

Additional steps could be:

- Use sandboxed environments (preferrably virtual machines) for
  evaluating software.
- Revoke "execute" permission from caches and temp directories.
- Use Software Restriction Policies to allow only whitelisted software
  to be executed.
- ...

[1] http://www.planetcobalt.net/sdb/submission.shtml
[2] http://www.ntsvcfg.de/ntsvcfg_eng.html
[3] http://www.dingens.org/index.html.en

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Online Arrmor
says...
Quoted text here. Click to load it

That all sounds great. But I said for the average Windows user. Do you
really expect aunt Esther to understand how lock things down through the
registry and group policy editor? Or figure out how to set up a VPN?

I agree with everything you recommend. But executing several of those
steps is well above the knowledge level of the average Windows user.
Hence, software firewalls as a simpler, reasonably secure alternative to
add to the OS updates, more secure browser, AV, etc.

Re: Online Arrmor
On Sat, 14 Mar 2009 00:51:51 +0200, G wrote:

Quoted text here. Click to load it

Education G, it's called EDUCATION!

A sensible aunt Esther would not drive a motor vehicle without prior
familiarization in relation to correct operating procedures of her car and
traffic/street rules.
 
Quoted text here. Click to load it

No, it's not! Admittedly, the hype of snake oil is more readily available
(marketing at its 'best').  

Re: Online Arrmor
Kayman wrote:
Quoted text here. Click to load it

Yeah right.. tell that to my mom who doesn't even know how to send an
email and every time we told her how to, the very next day she asks again.

Quoted text here. Click to load it

The analogy is irrelevant. A more appropriate analogy is whether a
sensible aunt Esther should be taught the about whole legal system in
the country before doing anything since what she is doing may break any
arbitrary law.

Quoted text here. Click to load it

Re: Online Arrmor

Quoted text here. Click to load it

Does she need to be able to install software at all?  She's a perfect
candidate for a limited user access account.

This will limit what she can do with her PC without assistance, but I'd
argue that she probably can't install a new stereo into her car without
a trained professional's assistance either.

Re: Online Arrmor

Quoted text here. Click to load it



  I prefer the analogy in which the user should only be allowed to
drive the car if they can take apart the engine, and then put it back
together.

  Geo


Re: Online Arrmor
claimed to have wrote:

Quoted text here. Click to load it

The issue isn't users driving, users are allowed to drive without too
much of a problem, the problem is only when they start tinkering under
the hood installing or removing components they don't understand.

Re: Online Arrmor
On Sat, 14 Mar 2009 22:27:43 -0700, DevilsPGD


Quoted text here. Click to load it

  But isn't it that using a computer means that the user has to always
tinker somehow with his/her computer? ( From Skype to Google's
toolbar)  Of course, as you say, the user could pay someone more
knowledgable to do it for them , but then it would be quite expensive
for most people.  

  Would you say that installing updates would qualify as installing
components?

  Geo


Re: Online Arrmor
claimed to have wrote:

Quoted text here. Click to load it

Indeed, and that's the crux of it.  People want the convenience without
the responsibility.

Quoted text here. Click to load it

Probably.  I'm not suggesting a hard and fast rule, to stick with the
arguably bad analogy, some drivers don't know how to add fuel to their
vehicles, some can do windshield fluid and add oil but not change oil,
others do their own oil changes, some rebuild engines.

In the same vein, there is a difference between automatic updates
(Windows Update, Chrome, Firefox, AV definitions), approved automatic
updates (Adobe Reader, Flash, most other software), manually updating
software, installing new software, and choosing what software to
install.

This is true in most areas of life, my mom needs help hooking up a new
DVD player, my dad hooks up his own DVD players but needs help pulling
new coax and crimping ends, I do all of the above myself.

Making installing new software a bigger deal in terms of user interface
might help, since it would stress to users the difference between "do
whatever you want, you won't break anything" user mode and "you might
screw up your system" administrative mode.

Re: Online Arrmor

Quoted text here. Click to load it

YABA (Yet Another Bad Analogy)

Site Timeline