too many firewalls?

Sorry forgot to say I've checked with the shields up site,

all service ports up to 1055 are in stealth mode. When I shut down Zone alarm they remain in stealth mode. Is it worth keeping ZA to indicate, and consent, to new programs accessing the internet?

The only reason for using a software firewall is to stop outgoing traffic. A hardware firewall will only stops incoming traffic. If you still get a Trojan in your computer or you click on an e-mail that has malicious code in it, you can stop it with the software firewall from ever going out on the internet. I do not use a software firewall...

Zone Alarm offers no virus protection that I am aware of. One of the worst misconceptions that people have about firewalls is that they protect users from acquiring viruses or trojans. They do not - whatever you allow your browser or email program to download, the firewall allows. The only thing the firewall may be able to do is to stop outgoing traffic, but if the malware is using a trusted application for this (like Outlook Express) the firewall can't prevent that, either.

Oh, but it can be useful for other purposes, like blocking semi-naughty programs from calling home every time they're started, or for logging ip activity. Of course, real malware will have no problems disabling a software firewall, especially not if you run as an administrator (which is what many people do, because so much software won't work otherwise).

Regards,

Not really. Programs from large and otherwise trusted vendors who do an E.T. are better off blocked. This includes vendors like Adaptec, Apple, Adobe, Veritas and many others. Even though you may trust these companies, do you really trust everybody at their marketing department?

You jump to conclusions -- your "therefore" lacks any substantiation at all.

Software firewalls most definitely can be useful, but are not the holy grail of security, and often are worse than nothing in that they lull users into a false sense of security. That doesn't mean that they don't have useful purposes too.

In message , SteviE writes

Software firewalls can be better for understanding and controlling outgoing connections. That is because they can often tell which application program is trying to connect. That means both that you can often make rules specific to a particular application program and that you can more easily diagnose new unexpected outgoing connection attempts.

Regards

It doesn't do that.

Wrong, that depends on the device used and the configuration of the deivice.

Wrong, if malware is executed, the system is toast and the firewall placebo is toast as well.

Summary: you are clueless.

Wolfgang

I'm saying "A can be B", "A is not C", and "A can be worse than nothing", and you manage to find a contradiction there? I'm intrigued by how your brain works, cause it sure isn't by logic.

Then I repeat "A can be B", and you find that contradictory to my first three statements?

Let's do this *VERY* slowly, so you might have a chance to grasp it: That A doesn't encompass C and B is a subset of C doesn't mean that A doesn't encompass B.

Personal firewalls? When did that enter the discussion? Personal firewalls are just a subset of software firewalls, which is what we've been talking about. Again, you seem to confuse the part with the whole.

Go take a reading class and a logic course too, and bother us no more.

*plonk*

"" wrote in news:85Sqd.49$ snipped-for-privacy@fe1.columbus.rr.com:

Wrong

A hardware firewall will only stops incoming traffic.

Wrong

Wrong the PFW solution can easily be and are defeated by malware. ;-)

You need to understand what a FW is suppose to do first those appliances that do have *true* FW and software host based FW(s) that run on computers that are considered FW*(s). And I am not talking about ZA, Outpost, Norton etc, ect the PFW solutions.

Appliances like Watchguard, Cisco, Snapgear etc, etc are appliances that fall into the below category of being FW appliances. *What does a FW do*?

Appliances like D-link, Linksys, Netgear etc, etc are not FW appliances and do not fall into the category of FW applianc. They are NAT routers with soem FW like features.

Duane :)

Since they can be fooled by malware their output is worth nothing.

Wolfgang

Words like 'semi-naughty' are senseless when we talk about security.

Therefore they are of some worth only for the person/company who sells them.

Wolfgang

Wolfgang Kueter wrote in news:cohim1$85e$ snipped-for-privacy@news.shlink.de:

Since you have made it clear that you don't believe in software firewalls to begin with, what is even the point of your reading and commenting in this group to begin with?

Ah. I see.

Wolfgang Kueter wrote in news:coi5rh$8b5$ snipped-for-privacy@news.shlink.de:

Then why are you in comp.security.firewalls?

You manage to contradict yourself within one sentence.

and to contradict your first sentence with the second.

I simply stick to the basics: Personal firewall are crap.

Wolfgang

Wolf has been in the NG for couple of years and here most likely a few more years before I even showed up to *learn* and he has his take on PFW(s) -- not a good view of them BTW. ;-)

However, the man is one of the Top Dogs in NG and knows a thing or two about FW(s) and security. I have certainly learned a thing or two from his posts.

You'll do well to learn who the Top Dogs are in the NG. There are about 5 or

6 of them that frequent the NG. I am not one of them. ;-)

Duane :)

To discuss firewalls? There are more to firewalls than the crap (yes, crap. There, I said it too.) people install on their desktop computers. Most people don't have a clue, and a "personal firewall" is not necessarily the best solution to all things related to security on the Internet.

Firewalls has been discussed here since long before any of the "personal firewalls" were ever produced, so it's actually more tempting to ask why desktop applications for Windows (mostly anyways) computers are discussed here.

But really, I'm not sure I care any more, the confused end-users will always outnumber the professionals.

No really, I do know the difference between a firewall and Virus protection. I have Zone alarm security suite if you check here:

will see it has this feature. As to how good it is I don't know.

Just to let you know I'll keep everything running. My router will remain NAT. I've also got it set up with a DMZ pointing to a non existent IP - I have no intention of running any public servers. The Smoothwall will be put between this and my LAN. My pcs will continue to run ZA, since as I thought it will allow me to monitor programs attempting internet access.

Thanks for the responses, I'd say a software firewall is a poor solution on its own?

BTW ZA does have anti-virus feature.