I moved to Online Armor mainly because Comodo was asking me about files I
did not recognise. It seems OK thus far.
However Shields-Up spotted port 0 as being closed, but went on to say port
0 is never used. Can anyone explain?
And while I'm here, whatever happened to PCflank and is there anything
They aren't an important part of my security. In fact they aren't part
of my security at all. Because there's no reason at all to use them.
If you think you need a firewall to shield open ports, the Windows
Firewall is absolutely sufficient. If you want sensible monitoring of
connections: install Port Reporter.
By the way, here's a little info about port 0 and why it is mentioned:
If you want to be helpful, then suggest a different tool for the average
user. Criticizing ShieldsUp! and leaving it at that doesn't do much
good. I'm not suggesting anyone should be dependent upon a single
source. But it will definitely show whether your firewall is working.
Yes, I understand what he's saying. However, this thread started with
someone who is using Online Armour and had a question about port 0.
Cobalt's immediate response was to get rid of any 3rd party firewall on
XP or Vista. That isn't exactly the best advice, considering he doesn't
know anything about the user's system or experience. Is Jim S behind a
router? Does he know anything about security? Is he the only user of the
computer? To just make a blanket statement about not using a 3rd party
software firewall and stick to the one built into windows is just wrong.
Port Reporter is a nice tool, but all it does is log information. And it
isn't exactly for the novice.
The reason I asked whether he is using Windows is because the vast
majority of people I encounter who reject software firewalls outright
are *nix users.
Log files isn't usually the primary reason someone uses a software
Rather than continue this back & forth, why don't you just share exactly
how an average Windows user on an internet-connected computer can fully
One reason I hear rather frequently is that personal firewall would tell
people what's going on on their systems. Logfiles exist exactly for that
Because there is no "one size fits all" solution. A good starting point
- Think before acting.
- Never be root. Use an administrator account only for administrative
tasks. Use a normal user account for everything else.
- Configure software that requires admin privileges for non-admin tasks
to run with limited user privileges .
- Keep your operating sytem and all of your softwar up-to-date.
Automatic updates help.
- Don't provide services you don't want to provide [2,3]. Or use the
Windows Firewall to block inbound connections.
- Disable autostarts for removable media (via gpedit).
- Use AV software to prevent known malware from being executed by
- Don't use IE, at least not without locking it down tightly. Better use
Firefox/SeaMonkey with NoScript or Opera, as they are easier to
- Before installing software think twice about whether you really need
it. Less is more.
Additional steps could be:
- Use sandboxed environments (preferrably virtual machines) for
- Revoke "execute" permission from caches and temp directories.
- Use Software Restriction Policies to allow only whitelisted software
to be executed.
How about nmap-online.com?
ShieldsUp! might actually be a decent port scanner, if it weren't used
to spread Gibson's gross misunderstanding of networking concepts.
The problem with ShieldsUp! isn't the actual results of the scan, but
Gibson's interpretation of them. For instance: there is no such thing as
"stealth" in TCP/IP.
That all sounds great. But I said for the average Windows user. Do you
really expect aunt Esther to understand how lock things down through the
registry and group policy editor? Or figure out how to set up a VPN?
I agree with everything you recommend. But executing several of those
steps is well above the knowledge level of the average Windows user.
Hence, software firewalls as a simpler, reasonably secure alternative to
add to the OS updates, more secure browser, AV, etc.