An exclusive gaming industry community targeted
to, and designed for Professionals, Businesses
and Students in the sectors and industries
of Gaming, New Media and the Web, all closely
related with it's Business and Industry.
A Rich content driven service including articles,
contributed discussion, news, reviews, networking, downloads,
and debate.
We strive to cater for cultural influencers,
technology decision makers, early adopters and business leaders in the gaming industry.
A medium to share your or contribute your ideas,
experiences, questions and point of view or network
with other colleagues here at iVirtua Community.
Yeah, so? The native Microsoft firewall for XP is all you need and you already have it. An outbound filtering one such as Sygate does not help security at all and the SP2 firewall is definitely the less CPU consuming one (i.e. \"alg.exe\" process and SharedAccess service running in \"svchost.exe\" process).
Last edited by KoolDrew on Tue Nov 29, 2005 10:03 am; edited 1 time in total
I have never heard a valid argument for host-based outbound filtering being of any help.
The 1st Immutable Law of Security: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore. At the point where you have malicous code on your machine, the possibility exists for that code to whatever it wants to your system, with or without your knowledge.
This is why the most critical thing is to prevent that code from ever getting on to your system in the first place. Proliferation of the malware is stopped by computers running guess what? A firewall that stops unauthorized inbound traffic.
Another argument that I hear a lot is that people use an outbound filtering firewall to block innocuous software which one would think is \"trustable\" that does \"call home\" for no good reason. However, if you are really concerned about that sort of activity, a firewall at the border (like ISA or Astaro) is a much better way to detect it. You simply cannot assume that which your host-based outbound filtering firewall is telling you is accurate.
Not to mention every host-based firewall that does outbound filtering is exceedingly annoying. So much so that it promotes insecure behavior, since most non-computer savvy users will just click on whatever it takes to make it go away, which is usually something on the order of \"allow this (or worse, ALL) traffic\".
If you want to talk about host-based firewalls being too complicated for the average user, look no further than one that does outbound filtering. A firewall that only filters inbound is far simpler, since most people only need to allow a few listening ports if any (file sharing being the most common probably). Compare that with every type of traffic that needs to get out of an average user's machine.
Outbound filtering at the edge of your network is a Good Thing. But host-based outbound scanning is really nothing more than marketing hype and a false sense of security. It may give you warm fuzzies, but it does nothing to increase your system's security posture.
The SP2 firewall is even unnecessary if your machine is the only one in its network. For example, I only have one PC and my Xbox in my network. My router gives me all the protection I need. If you have more then one computer in your network it is best to use the SP2 firewall as not all threats come from outside your router.
Last edited by KoolDrew on Tue Nov 29, 2005 2:34 pm; edited 1 time in total
It does, yes, since it creates an extra layer of protection for your computer. However, what KoolDrew meant was that it is not necessary. The SP2 Firewall does it's job well enough for most purposes and does not use a lot of resouces. If you added another firewall to your system, it would slow it down quite a bit.
However, what KoolDrew meant was that it is not necessary.
No, I meant it doesn't help.
\"host-based outbound scanning is really nothing more than marketing hype and a false sense of security. It may give you warm fuzzies, but it does nothing to increase your system's security posture.\"
Quote:
Well.... you really shouldn't use multiple firewalls at once.
Just to clarify this point, you should not run multiple software firewalls. A hardware firewall and software together is fine and is actually recommended in a network with more then one Windows machine. Also, a router is a MUST for a broadband connection.
Last edited by KoolDrew on Tue Nov 29, 2005 7:44 pm; edited 1 time in total
Just to clarify this point, you should not run multiple software firewalls. A hardware firewall and software together is fine and is actually recommended in a network with more then one Windows machine. Also, a router is a MUST for a broadband connection.
Why is a router a must for a broadband connection? The only thing I've noticed that our router does is possibly slow it down slightly.
The bottom line is that with any home-office broadband connection, a hardware firewall should be considered a bare minimum, and supplementing it with a software firewall on one or more computers (and don't forget anti-virus software) is almost always a good idea.