If you have a well configured hardware firewall is a software firewall
necessary?
Thanks
--
Replace [dot] to reply
Bolts 03/04 Stanley Cup Champs
Arsenal 03/04 Unbeaten
Rays 03/04 not last in AL East

In an earlier contribution to this discussion,
KerplunKuK <kerplunkuk79@yahoo.co.uk> wrote:

I wish I had a pound for every time this has ben asked!

The answer is a resounding *yes*. A hardware firewall will help to stop
nasties from getting in to your system, but it won't stop rogue applications
(Trojans etc.) from connecting to the internet and sending all your private
information to all sorts of undesirable places. A software firewall such as
ZoneAlarm will know (after you've configured it) which bone fide
applications are allowed to access the internet, and will warn you if
anything else tries to do so - and will prevent it from doing so unless you
authorise it.
--
Cheers,
Tim
______
Please reply to newsgroup. Reply address is invalid.

Tiscali Tim wrote:
This only applies if you have the misfortune to be using Windows.

Real operating systems don't have this problem.

Paul

In an earlier contribution to this discussion,
Paul Russell <prussell@sonic.net> wrote:

As far as I can remember, the OP didn't say what OS was being used.

Why don't other OS's suffer this problem? Can't anyone be bothered to create
Trojans which run on them?

--
Cheers,
Tim
______
Please reply to newsgroup. Reply address is invalid.

Thanks, I am using Win XP and Mac OSX. Is there a list anywhere of software
firewall compatibility with routers, or is it a try it and see job?

--
Replace [dot] to reply
Bolts 03/04 Stanley Cup Champs
Arsenal 03/04 Unbeaten
Rays 03/04 not last in AL East
"Tiscali Tim" <tele@privacy.net> wrote in message
news:2t27u6F1q6kh5U1@uni-berlin.de...

On 12 Oct 2004 in uk.telecom.broadband, "KerplunKuK" wrote:

It surely depends on whether youhave one or more systems on your (LAN)
side of the hardware firewall... While any worm or virus is stopped in
its tracks from reaching your ISP (on the assumption something one day
gets in), will it spread unchecked to the rest of your kit, and be very
much unnoticed ? I am happy to suggest a firewall for every system, as
it could alert the user to something odd going on with theirs...

--
PlusNet <http://tinyurl.com/24ymz> - I recommend them and save some cash.

In an earlier contribution to this discussion,
KerplunKuK <kerplunkuk79@yahoo.co.uk> wrote:

firewall runs in your computer(s) - quite separate from the routers**. The
SP2 version of Win XP has a firewall of sorts, but many people still think
that ZoneAlarm (even the free version!) is better.

Sorry, I'm not competent to comment on software firewalls for Mac operating
systems.

** For while, before I bought an ADSL router/modem, I was using an old W98
PC as a router by running WinRoute software in it. I couldn't make this work
at the same time as running ZoneAlarm in this particular computer - but the
other computers in my network (with which the router PC was sharing the
internet connection) were fine with ZoneAlarm.
--
Cheers,
Tim
______
Please reply to newsgroup. Reply address is invalid.

On Tue, 12 Oct 2004 17:03:00 +0100, "Tiscali Tim" <tele@privacy.net>
wrote:

Correct.

And that is the only reason other OS's don't have that problem.

And it isn't as absolute as the previous poster suggested anyhow.
There are fewer such programs for other OS's , but not none, for most
of them.
--
Alex Heney, Global Villager
Never deprive someone of hope; it may be all they have.

To reply by email, my address is alexATheneyDOTplusDOTcom

On Tue, 12 Oct 2004 17:10:01 +0100, "KerplunKuK"
<kerplunkuk79@yahoo.co.uk> wrote:

I doubt very much if there is such a list, because there shouldn't be
an issue.
--
Alex Heney, Global Villager
Never deprive someone of hope; it may be all they have.

To reply by email, my address is alexATheneyDOTplusDOTcom

KerplunKuK wrote:

For Mac OS X you already have ipfw built-in. No fuss no muss, just one
click and you're all set.

For Win XP you definitely need a software firewall, e.g. ZoneAlarm.
Recently I set up a brand new XP box with a static IP address and no
firewall and it was "owned" within about an hour. Bloody Micro$oft -
what a shower.

Paul

From Alex Heney on 12/Oct/2004 21:48:
This is not /entirely/ true. Other OS's tend to have slightly more secure
designs though they are still susceptible to buffer overflow and similar
attacks. On Windows, the use of IE and OE contribute massively to the
vulnerability of the platform.

The bottom line is that ALL Internet connections MUST be secured with a
firewall. Machines that connect to the Internet directly using a modem (or
similar) should always have a software firewall installed. Windows machines
should all always have a software firewall that checks outgoing traffic, this is
currently less critical on Linux, etc. but is likely to become more important
over time.

--
Julian Knight, http://www.knightnet.org.uk/
Sheffield, United Kingdom
Security, Directory, Messaging, Network & PC Consultant
Yahoo! IM=knighjm, Skype Internet Phone: callto://j.knight

From KerplunKuK on 12/Oct/2004 17:10:
There are no issues between software firewalls and hardware ones, only between
running multiple software firewalls on one machine -- definitely not recommended!

There are many good software firewalls around, some of which are free or have
free versions. My own favourite is Kerio Personal Firewall but a simpler one to
use is ZoneAlarm (note though that ZA uses more resources and can impact online
gaming). Alternatively you can go for an all-in-one security solution such as
that from Symantec.

Whichever one you use, make sure that you actually READ the messages that it
pops up for you! Many people don't and that makes it worse than useless. Only
allow traffic if you know that it is valid. Most software firewalls come with a
decent set of pre-defined rules which help so that most messages will come from
outgoing traffic. You create a rule for outgoing traffic (by selecting a tick
box) ONLY if you know the application has a valid reason for having a connection.

You will get tons of messages in the first few days and then you should get
hardly any.

--
Julian Knight, http://www.knightnet.org.uk/
Sheffield, United Kingdom
Security, Directory, Messaging, Network & PC Consultant
Yahoo! IM=knighjm, Skype Internet Phone: callto://j.knight

I believe 25 minutes is the going rate now for a broadband connection
without any protection.

--
Please add "[newsgroup]" in the subject of any personal replies via email
--- My new email address has "ngspamtrap" & @btinternet.com in it ;-) ---

Colin Wilson wrote:
It beggars belief that people are still paying money to Microsoft for
this insecure POS called Windows. Oh well, "100,000,000 flies can't be
wrong...", and all that.

Paul

Sadly the typical user will justify the purchase of a new computer with
"look, you can play solitaire"

We can but help and educate where we can (when the sh!t hits the fan) :-}

--
Please add "[newsgroup]" in the subject of any personal replies via email
--- My new email address has "ngspamtrap" & @btinternet.com in it ;-) ---