Verdict, Firewalls: yay or nay?

Sorry if this has alreayd been asked, if so, close the thread or merge it thanks

I've seen mixed reviews/opinions so let's ask straight out: Are you for or against firewalls?

So basically I'm asking you if:
1- You're for/against 3rd party firewalls and why
2- You're for/against firewalls in general(including the Windows one) and why

 

I just stick with the Windows firewall + my router. I haven't ever had a problem so I don't see a need for 3rd party firewalls.

 

But by that logic I could chose not to wear a seat belt considering I've never had an accident while not wearing one(assuming that it wasn't a punishable act not to wear a seat belt where I live). Does that still make not having a seat belt good though?

Idk, sometimes the "it works for me so it's ok" reason seems odd, yet sometimes it works.

 

Long time ago I used Zone Alarm (on a XP based machine), know I trust my security to the default Windows firewall; why? Because I don't need it's features basing in my internet activity.

 

On my laptop I use the KIS firewall - 3rd party ones often can do more than the windows one, especially for XP and still Vista.

On Win7 I think they upped the firewall, and I've kept it on (my old laptop).

Also, I KIS can ask you every time if you allow programmes access to the internet, the Win firewall will let any installed progrmme out I believe.

 

If I have Norton/Kaspersky IS, then, I would use their Firewall.
However, I am not using either 1 of them. So, I used the Windows Firewall, Windows Defender and Avira Antivir Personal 9 and SpywareBlaster. These combo already very good.
If I want even better protection, I would use SAS and MBAM as my on-demand scanner. I know Comodo Firewall is the BEST FREE Firewall out there. Yet, Windows Firewall is very light and I think it is solid enough(I know weaker than Comodo's).
It is not necessary to get a paid version Firewall. Comodo Firewall is the BEST FREE Firewall out there.
Actually, I do have a machine long time ago(Windows XP), running without Windows Firewall(turn off). It have only Avira Antivir Personal 9 and SpywareBlaster. Yet, I didn't have any problem on that machine. I am not telling Firewall is useless but it is not the super primary protection.

 

For XP, users have generally turned to 3rd party firewalls in order to customize their rules and the like more closely. However, Windows Vista and 7 have very well-developed firewalls that, for the most part, do not demand anything more elaborate for home users. Even for corporations, why run a 3rd party firewall when you're on intranet? At this point, 3rd party firewalls are increasingly pointless and empty in terms of their offerings over Microsoft's improved solutions.

 

I guess most important is, whether you're behind a well configured router or not.
If not, and most notebook users will often lack such 'luxury', a decent sw-firewall is necessary imo.
While Vista's fw is reasonably sufficient, the default for outbound is off.
This means that the standard for outbound filtering is almost zero, and you'll have to write rules yourself. All of them.
If you don't give a rats () about outbound, that's fine. Inbound is offcourse paramount.

Still, I like to know what's communicating outside without the need to set up every outbound rule myself, instead have a (easy) HIPS at my disposal and features like running programs sandboxed (for safe browsing), in a user-friendly program.
But that's preference.

 

I always keep my windows firewall on.

It's there for a reason!!!

 

There usually more trouble than the there worth, I use windows firewall because its just there also my router dose a good job at keeping the unwelcome out.

 

Windows firewall is crap...but other ones aren't better...

My friend is able to hack through my wap2 router and says that windows firewall is the easiest to get through... He said others like zonalarm and komodo are a bit more trickier, but he still got through them too.

Conclusion: firewalls won't stop people trying to get into your computers so it is pointless to debate about their useful or which one is better.

 

Wap2? Wireless Application Protocol 2 for GSM's with a color screen...
Some 12 years ago, it was interesting technology. But irrelevant for the topic.
You mean WEP2 perhaps?
WEP isn't very strong, a WEP password can be cracked in minutes. Since about 8 years.
With all due respect, your conclusion is bollocks.

 

Perhaps he means WPA2? But that has not, to my knowledge been cracked.

I use the firewall that came with NIS10, just because it is completely transparent anyways (I have not had to set any firewall exceptions) and because it came with the suite. If I were using NAV10, I would be using Windows Firewall.

 

I voted that I use a 3rd party firewall software solution (Norton Internet Security 2010). I download quite a few app's, which you knever know what might be hidden inside of them, so having a firewall application that checks for outbound traffic in addition to inbound traffic is a plus. Windows Firewall by itself only checks for inbound traffic.

 

So basically the main arguments are:

- 3rd party firewalls are overkill
- all firewalls are overkill since they don't actually protect all that well

 

Actually, I do agree with you. Firewall ain't the PRIMARY or MOST VITAL Protection to a System.

 

Well arguably the network configuration is usually the first defense a hacker would hit if he were trying to get to your computer. Usually those are more sophisticated than your average consumer firewall if you know how to do it right.

And to an extent, ubershnitz does have a point... if a hacker gets through your network encryption, chances are a consumer level firewall won't stop him at that point.

 

I think no-one will gonna hack me. LOL.
Because I am not VIP or something like that.
A normal Windows Firewall will do, for me. If I bought Kaspersky or Norton IS, I will use their Firewall of course.

 

I'd keep a firewall but I found something better. The rule here is very simple block all ports let the trusted IPs in. Looking for info you're not supposed to be looking for and you're going up on this list. I'm currently blocking 983,661,796 IPs, ad websites, trojan websites, sites asking for your location. The less info you give out the safer you are. Right ? It's just like your phone...answer only if you know the number displayed. Answering the phone to an unknown number gives the other party info... hey... he's home at this time ... No INFO!

 

Well, that definitely makes it safer - but its effort and work to set up.

 

@DarkSilver: You'd be surprised. That's like saying I won't get robbed because I have nothing extremely valuable in my house(at least not compared to most houses with a similar income). Just because you and your computer don't possess anything special or more valuable than the next average computer doesn't mean it won't become a hack target. We always think it happens to other people, but it doesn't always.

Arguably hacking is probably one of the least common threats but it still happens.

Another thing to consider is when you're on a public network. You're a pretty open target then.

@Twiz: Well arguably the phone analogy isn't perfect because honestly, someone I know could call me and I simply might not remember the number by heart. In this scenario, the logic would be flawed and I might miss an important call and be unable to contact said person until next I see them(i.e. the next time they can confirm me their number).

Same reason Det said, it requires work and research(to find the IPs you want to let through) to properly do this.

 

I turn Windows firewall off because it's a PITA.

I do configure my router firewall carefully, and include mac address filtering to prevent people from connecting.

No 3rd party security apps other than Virus Scan enterprise and its spyware plug-in.

 

I do agree with you.
Currently, I am not doing any banking stuffs. So, I didn't focus on my Firewall.
If I am doing online banking, I will get Norton or Kaspersky IS definitely.

 

Well, its still best to focus on security from the start, unless you reimage your HDD regularly and have absolutely nothing private on it (and no externals that can be infected)

 

Basically, I got 1 Back-up on my old desktop. I update the files between them once a month.
Well, I am going for a new Desktop and a External HDD. So, I think I have many back-ups after this and I have nothing private too.

 

I just use Windows Firewall, Microsoft Security Essentials, and a fair bit of common sense. Never been infected, although virused files have been found and removed when I download.

 

Well, if you use the backup drive you could in theory infect it.
Firewalls aren't the primary entry for viruses.

They are the gatekeeper against hackers, botnets, and should keep data in.

I suppose as long as you keep the Windows one its not too bad. Just none isn't adwiseable.

 

Actually external storage is a very easy way to get inside a computer(as it doesn't require internet). It's even easier when the storage in question has some form of a software embedded in it. I recall my friend getting his Physics class exam answers by plugging in his USB drive into the teacher's computer lol .

 

I use NIS 2010 at the moment, which of course has its own firewall. Once the license runs out for that, I will be moving to MSE+Windows Firewall.

 

windows firewall + microsoft security essentials + router = all ya need for security

 

I hate the "talkativeness" of 3rd party firewalls, partly because they are intrusive, and partly because of the vagueness of the popups, even for a bit of a nerd like me.

I just use Windows Firewall, no harm so far.

 

for me im using my router firewall + windows 7 firewall

 

firewalls are the most useless software one can install in his/her system, just be careful of what websites you visit, with a nice browser, and do not use any "cracks" etc. if you really need one, just use the built in one. i had comodo earlier, and it never did anything other than annoying prompts and adding to boot time..

 

I'm sorry to be a bit rude here. But, if you dont know what your talking about, dont give an opinion. Firewalls ARE NOT useless!

But i do agree, when you say this:

 

oh? how do you know that i don't know what i'm talking about? time to take your own advise here?

for me, and hundreds of tech students in my university, they are useless (course poll), and i believe that collectively, because you don't approve of what i think, we might know something about such applications?

i have used comodo till i formatted my system when windows vista sp2 came out, and i didn't see a single instance where it "helped" me. windows comes with it's own more than capable firewall, and you have uac and many other such things to further add a layer of security.

it all comes down to the user. i would never even use the antivirus software or the antispyware softwares either if i didn't use the removable media to share my files with other fellow students, take their cds/dvds/ext. hdd and put it in my system as who knows what virus they might be infected with.

this is all my opinion however.

 

I also Windows Firewall...same.


Cin...

 

So basically, the only reason Firewalls are so unpopular is because of the lack of threat? I asked my friend and he said the Windows Firewall(the Vista one) isn't difficult to get through so IMO it really comes down to a lack of threat on the side of hackers when compared to say viruses or spywares. One could argue that viral attacks aren't really that common anymore, but the fact that they are more common than hack attacks make AVs more popular than firewalls.

Firewalls are definitely not useless in the general sense; lots of banks and companies utilize active firewalls other than the built in Windows. I think the correct phrasing is that firewalls are overkill(and therefore useless) for the average user for which hacking does not present a common threat.

 

i found the comodo firewall + proactive defense useful...
i can block those malicious programs that auto-execute themselves

its not that you dont need firewall , its because you havent lost some sensitive information due to weak firewall and yes it matters a lot if start talking about CC

 

Like i said, i agree with everything u said in ur earlier post except when u say 'Firewalls are useless'.
Oh and the part abt Comodo as well. It may have not helped you out but it has helped me out in many instances in my university and office.

 

As I mentioned before, Firewall is not the 1st Primary or Ultimate Vital System Protector. However, lack of Firewall can leads to several problems sometime.
So, keeping Firewall turn-ed on is a good choice.

 

what are those malicious programs doing on your computer in the first place? and the firewall which comes with windows does a great job of blocking those applicaions which you don't allow to access the internet as well.

well, they have been for me, and for almost anyone that i know as well, what do you want me to say? i don't know anyone in this day and age who uses a 3rd party firewall, when you already have great operating systems and not to mention they all ship with one.

in what cases? i'm asking because maybe i missed something when i used it and might give it a look again.


and ofcourse banks and private organizations will have firewalls, they also have people with guns on their front doors, do you see the reason why?

 

Firewall are not useless.
They are an essential part of an OS to handle Network Packets.
However third party firewalls are rather redundant.
By default every OS that has networking capabilities should have a built in firewall.
In Windows, Windows Firewall is good enough without add much overhead to your system.

 

Let me clarify, i meant 3rd party software firewalls are useless.

 

Windows has a default setting of "outbound = open".

Also: You don't necessarily need malware if you want to block outbound connections.
You get plenty of legitimate software that thinks it should send user statistics off to the manufacturer.

 

Oh, god, yes. And it's easy with comodo to block those apps. Don't need those programs to go online and try to check if licence is valid.

 

Define "useless" really. They're obviously doing something as they're hogging system resources. Whether that "something" is deemed actually useful to the common computer user is another story...

Personally, a well configured router and a well encrypted network is IMO the best first protection against hack attacks. After that, for most people, anything more than the Windows Firewall may indeed be more hassle than anything else, but I wouldn't go as far as calling them "useless" either.

 

I have used outpost for a few years now , not on win-7 , yet . I like to see which apps are calling out to mother and shut them off , or let them on my schedule . I just like to know whats going on in the backround , and outpost does an excellent job of telling me exactly what prog is connecting on which port and whats going on . Has great logging features .
Windows firewall is like the doorman checks everyone coming in , but just holds the door open for the guy that got in through a window and is leaving with the TV and jewelry .

Update now using outpost 2009 on win 7 ult , lots o crap calling out .

 

Haha. Very nice explanation. Exactly my sentiments.

 

Perhaps the notebook user was browsing the internet and came across a drive-by trojan download?
Sometimes no user interaction is required other than just opening IE or FF and visiting a website.

Care to explain how the Vista or Win7 firewall blocks such malware from sending data outside? (I mean f.i. with the Private Profile without a Block all policy).
The default for outbound filtering is off and then again, the Vista or Win7 firewall is only useful in such a scenario if you already would know what outbound rules would be necessary to block the malware in question from sending private information outside.
That's right, to make use of outbound filtering, rules have to be made for almost every application installed (in this case also for the drive-by trojan) or you can use the rigid policy of ' Block all'.
Then the user can try to find out which process does what, which ones do normally communicate outside and what ports and protocols they (should) use.
I'd say, a daunting task for the average user (would they even know that the default is Off)
And on top of it all, check another Vista firewall default; "Outbound connections that do not match a rule are allowed." ( link).
Vista's firewall is sufficient for a corporate environment, for the average home user it's "two-way" firewall is a joke.

 

Yes had some early problems with malware. Presently using outpost 09. No use for microsoft.