I am using NIS Ver 126.96.36.199 and I have noticed that it will not let me synchronize the computer date/time with either of the internet time servers...windows or nist. I have tried the faq's at Symantec and googled for info but no results yet. Can anybody in this group give me advice? Regards Patrick.
I'm home user and recently I tested my laptop security since I'm going to travel for a while and I will not carry my NAT router with me. During test I noticed that I have C$ in shared resources, I thought that I had got rid off that hole long time ago, but it was there. I also forgot to reconfigure wireless connection NetBIOS over TCP and file and printer sharing was on. I tried to access to root from remote computer and one thing prevented me to attempt to access to root was that useless ZA who luckily asked me do I want to put new network in a trusted zone. Then I turned ZA off and I used Windows firewall, I tried to access C$ and I got login/password prompt, like I expected it didn't block, I got a lesson and here it is: There is no good protection for home users, most of us don't even know how to configure wireless connection nor we are aware that C$ exist, there is only protection which at least tries to block and one which not. To an ordinary home user who will just take his laptop and connect to a hotel wi-fi network without reconfiguring anything, that's what most of us do, Windows firewall is useless. ZA will at least put wi-fi network in internet zone and it will try to block something. So please don't advice us to use Windows firewall, we are not computer geeks who know how to configure OS and applications (we use application control) we don't understand words like NetBIOS (we use firewalls ZA, NIS etc.), we use our computers not knowing how they work. ZA or NIS is built for us not for you, you have Windows firewall and many options in windows registry, leave ZA, NIS etc. to us, we need them. To use Windows firewall we should first learn something about Windows and networks and sometime we are busy people not having time or interest for that.
Windows-Firewall has a correct default configuration, especially for rookies. Just don't change anything, and you're protected.
I.e. with Norton InSecurity you don't add any extra security, but you're adding extra security threats you don't have with just Windows-Firewall.
Try to understand.
I'm not calling any rookies to understand technical issues. And as soon as I'm getting to know a "Personal Firewall", which is increasing security above Windows-Firewall or just stopping services, I will recommend it.
What I'm seeing, though, is selling snake-oil, which even is making the users more insecure in many situations, not more secure.
Except you're not seeing how things work in the "REAL WORLD". I've seen many people that were using Windows XP + SP2 and the Windows firewall on a public IP that were compromised in short order, under a month in most cases. Once adding a PFW to their solution they go at least a year without the same problems - that's REAL WORLD experience.
Like it or not, you are in the same position you say I'm in - your POC fails to prove the PFW solutions don't block it, your statements don't reflect how PFW's work in the real world, your solution of only using the Windows Firewall is weak at best, and you kill-file anyone that strongly disagrees with you.
As for your claim that I'm hiding/being anonymous, you've got to be really reaching for straws here. I am always reachable via email, see sig, and it's been that way for almost 20 years, feel free to contact me anytime you want - others do.
Ask yourself this, since your POC fails on a properly configured system, since ZAP does work for many users, why do you keep denying that PFW's work?
Sure, PFW solutions are what I would consider as a LAST option, having a NAT Router appliance being better than Windows or a PFW solution, but even PFW's protect a users computer better than Windows firewall does.
So far, all I've seen from you and your followers is a bunch of hype, while in the real world I've seen a LOT of installations where ZAP and even Tiny protected the users from being compromised on public internet connections and even on clients LAN's that were compromised.
What does posting your real name mean? Nothing. Your message to the public is still flawed and full of holes that you don't dispute.
You completely fail to address how PFW solution actually protect many users and dismiss them all when users misconfigure them, just as they would with Windows Firewall.
It's really pompous of you to make the claims that I'm telling lies when you refuse to believe what people in the real world have shown you and others many times.
Like it or not, just because you think you're the end-all guru, you need to take your head out of your a$$ and look at what is happening in the real world around you - being locked behind your keyboard all the time is warping your ability to analyze how things actually work outside of your limited experience.
Oh, and you can find people that will tell you that your POC doesn't work also, but you just kill-file them instead of testing on your own. It's easy to say the facts prove something when you discount all the results that disprove it.
Yep, from the outside, after allowing applications to quietly open holes and by not blocking outbound connections that phone home to download more payloads.....
When XP Firewall first came out, apps could open holes without any notification, now, some app do it with little notice to the users, like AOL software does. If they had been behind a NAT device they would have not been compromised.
It's not funny to see file/printer sharing enabled on a single user/node computer directly connected to the internet with it's running Windows firewall to protect (or not as the case most often is) it.
I see, but then the damage actually *was* initiated from the inside and not from the outside. It was made possible from the outside by mistakes made on the inside.
You are right about the "outbound part" not taken care of by windows firewall, but I'm among the ones convinced that the average user is not able to stop the right things anyway.
Users (and novices in particular) should not run programs they don't trust. When You decide to install or run a particular app to help You accomplish something You also accept to let it do what it takes.
Most likely not. But then there is also UPnP, of course.
I am not too familiar with the XP firewall. But are You saying that windows will more or less silently allow opening ports for file- and printersharing? - I find that hard to believe. Which applications or parts of windows will do that?
Finally, just a short comment to Your 1 month w/o PFW followed by a whole year with statement: Would it be fair to assume, that after having been compromised for the first time users will have a significant raise in awareness to how they act? And that that higher level of awareness is the prime reason for taking longer to be compromised again - and not being the result of installing a PFW?
I don't consider Windows file/printer sharing to be an inside thing when the user is connected to the internet directly.
I agree, and in the case of some malware, a PFW can alert the user to it existing when Windows Firewall would not have even burped.
That's the first thing I disable for any NAT device.
There were a number of them out when Windows Firewall was first presented, and AOL will modify it to allow AOL ports, I've seen computers with IM installed that have IM App installed exceptions, I've seen users with a single computer, that has F/P sharing installed by default, with exceptions created by users (and by apps in the early days).
I have not see any users with File/Printer sharing unblocked when running ZAP or Tiny during this same period.
Yes, it would be fair to assume that, but most users remain ignorant even after warnings and help.
Windows Firewall is a pretty straight-forward, simple, small, easy and usually sufficient host-based packet filter, whereas all common PFWs are bloated monster which seemingly only exist to f*ck up everything.
When a firewall is present, it is. Because that is what firewalls do: Establish a border line - in this case betweeen the outside and the inside.
Makes no difference. In line with Your own final comment, average users will not react properly to the burp anyway :-)
Of course You do :-) I was thinking of those out there who has it turned on without knowing and without having a clue (and without caring, for that matter). They are in the exact same situation.
Could You name some app's that would need to specifically open for F/P sharing?
Whether that's a problem solely depends on the purpose.
There could be good reasons for that, like enabling IM-partners to connect directly. Remember that most users expect their software to "just work". Companies struggle to find ways to deal with that. We are back to the basics: User installs IM app, user accepts risk.
So a user did mingle with it :-)
Maybe not. However, I hope You don't use that as a valid argument to install a PFW.
Well, then a PFW will not make much difference anyway.