Education G, it's called EDUCATION!
A sensible aunt Esther would not drive a motor vehicle without prior familiarization in relation to correct operating procedures of her car and traffic/street rules.
No, it's not! Admittedly, the hype of snake oil is more readily available (marketing at its 'best').
Yeah right.. tell that to my mom who doesn't even know how to send an email and every time we told her how to, the very next day she asks again.
The analogy is irrelevant. A more appropriate analogy is whether a sensible aunt Esther should be taught the about whole legal system in the country before doing anything since what she is doing may break any arbitrary law.
Replying that WF is inbound only, gives the impression you didn't understand a word of what he said.
Do you really expect aunt Esther to understand the nonsense presented to her by a PFW?
I agree that it would be great to educate others on these issues. But we also have to be realistic. Windows' greatest benefit (simplicity for the masses) is also its greatest security issue.
The average user will only go so far when it comes to learning about security. I realize that software firewalls aren't perfect. But they DO provide benefit for the average user. And when someone posts a question about the operation of the firewall they're using, I think it's a lot more productive to help them make sure it's working properly than to just blindly steer everyone away from them.
In most modern firewalls, rules are learned for what should be permitted. So you only have to agree for your browser once, etc.
My dad is a senior citizen (not tech-savvy at all) and has no problem with it. He can read the warnings (although they are extremely rare for him now). If he doesn't recognize the program, he just denies it. It has already learned to allow for software updates for his OS, AV, etc.
Malware usually has no problem with it either.
Good.
Ouch.. another problem right there.
And when your dad gets hit by a real malware, chances are he will either get no warning at all or he will make wrong decisions based on it.
[ quote restored & trimmed ]
So? It's still aunt Esther who has to make the decision based on what the personal firewall tells her.
cu
59cobalt
Take a look at Mac OS X to understand that this is simply not true.
cu
59cobalt
The person who installs the personal firewall for aunt Esther could just as well take the above mentioned steps.
cu
59cobalt[ quote restored & trimmed ]
So? It's still aunt Esther who has to make the decision based on what the personal firewall tells her.
M-hm. So you think he'll be able to distinguish explorer.exe from exp1orer.exe or explore.exe? Or the services.exe in C:\\Temp from the services.exe in C:\\WINDOWS\\system32 (if the personal firewall doesn't show the full path)? Somehow I'm not convinced.
cu
59cobalt
Great ;-) GRC is demonstrating his unwillingness to learn again and again.
With common BSD socket based implementations (like Windows or Linux are using), the usage of port 0 is not possible with the regular functions for TCP and UDP sockets.
But one can use this port using a raw socket. And many filter implementations fail to filter that correctly.
To try this is useless. If malware is running on your PC, your PC usually is a zombie in a botnet already.
Yours, VB.
I doubt that. If you would understand, you would recommend to not offer network services instead of filtering them.
A "novice" will not understand anything what is logged, if it is logged by a "Personal Firewall" or by another tool. No one can who does not understand network protocols.
Yours, VB.
That's true. The primary reason most commonly seen is that people don't understand that they make their PC more insecure with "Personal Firewalls" instead of making it more secure.
He has nearly no chance to "fully protect". In spite of all these "Personal Firewalls" and virus scanners, have a look on all those botnets. Probably your PC is a zombie, too. What do you think why they're here? What do you think how Spam is sent today, how the DDoS and blackmailing attackes are carried out?
Microsoft had the chance to make Windoze much more secure by not offering network services in the default configuration instead of filtering, by not using ActiveX as a browser plugin concept because depending on IUnknown is hara-kiri, by not using the worst browser ever named "Internet Explorer", by making a sensible concept for privilege separation the default instead of everyone being "Administrator" and by not opening useless popups like with Windows Vista.
By becoming sensible.
The user has no chance. People like you are telling him, that he can buy security in boxes. And he wants to beleive that, he does believe.
The opposite is true.
Security is nothing, which can be added to a system in any way. It is an aspect in the design of a system, which has to be regarded while system design and implementation.
People who are using Windows can only try to fix the worst of the design flaws - deactivating network services instead of filtering like Torsten is telling on , not using Internet Exploder, being very careful with Java Applets, JavaScript and Flash because of their b0rken security concept which relies on DNS, not believing too much in HTTPS because of the b0rken design of depending on DNS for certificate assigning, too, and being conscious of how to handle certificates and how to manage keys properly.
Most people are not able to do this. And this is the reason for the millions of Windows PCs which are all zombies.
Probably like your Windows PC, too.
Yours, VB.
Yes.
And who is the decision maker for all that rules? The only person, who cannot make sensible decisions here for sure. The only person, who should be protected, is now the person who is responisble to protect:
the user.
What a nonsense!
Ridiculous.
Yours, VB.
As a matter of fact, as well in TCP as well as in UDP port 0 does exist.
It cannot be used without a raw socket in common BSD API, though.
This does not mean that I'm thinking GRC is understanding what he's doing and telling at all, of course ;-)
Yours, VB.
Better exchange "excellent" with "bullshit".
Of course, no network server can test your own system, because of the problem that the network in between your host and the server can and will filter and modify. You're testing the net, not your host.
And of course, using netstat is enough on Windows, too, to find out what's really going on. Of course, you don't need some network server based tool at all.
Better exchange "helpful" with "dumb" or "incompetent, but friendly".
Yours, VB.
And of course, this information is wrong. Better don't believe in GRC. You could read RFC 793 and RFC 768 yourself instead of helping GRC spreading his nonsense.
For Windoze?
C:\\> netstat -ano
or if you want to have a GUI.
What else?
Of course the average user cannot understand what's going on on his PC anyways, and GRC offers a warm and fancy feeling to him, like smoking a doobie.
The opposite is true: it can't for obvious reasons.
Yours, VB.
It can't, too. How do you know if the network in between is filtering or not using such a network based tool?
Of course, this one is much better than GRCs crap because of being technically correct.
Yours, VB.
How else would Joe Average test his border router from the outside?
cu
59cobaltCabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.