firewall

I do all of the above things EXCEPT for one... I use Internet Explorer. What is it about IE that makes it "unsafe" or risky to use ? Thanks.Alan

Since IE is used by 90+% of surfers it's the one targetted most often. Just a week or two ago there was an exploit that hackers managed to attach to some major websites that would install a keylogger without the user even knowing. This particular exploit did not work against any of the other browsers.

The anti-Microsoft crowd will insist that IE is also inherently less secure than the other browsers. And there is some validity to that stance. Partly because so much of IE was written prior to security becoming so important to Microsoft. And partly because Microsoft chose to rewrite IE so that it has become actually a part of the OS.

But the other browsers aren't perfect, either. An exploit very similar to this last one in IE affected all the major browsers. But, it was fixed fixed very quickly.

Personally, I'm typing this into Opera on one machine here. And I use Mozilla on other machines here. And, I set my mom up to use Mozilla, and she says it's working fine for her. Up until a year ago there were a few sites that I used regularly that didn't work in Opera. But lately I think I've only stumbled across one or two sites that I had to fire up IE to see. They're free (though I've paid for Opera) and they have some features I like (tabbed browsing, mouse gestures) so it's a welcome choice for me.

You mentioned NOT USING OUTLOOK EXPRESS, what is another alternantive?

Thanks!

Mozilla, Eudora, The Bat, Pegasus Mail, and dozens of others.

Ive used Yahoo for six years -- its been my default mail for Internet Explorer. Im now trying Firefox. I can get Thunderbird for it.

I an on a cable modem,and I use Norton 2004 and update definition faithfully EVERY day manually. I never open "ANY" attachments unless they are photos that I have ask someone to send me and only photos. I also run housecall antivirus weekly and also adware weekly.

Thanks

Try the free Zone Alarm for a while. If it doesn't frequently warn you that another machine has tried to send you a packet, I should be very surprised. It is not true that a firewall will only warn you that there is potential spyware on your machine. A good one, like Zone
Alarm, will hide your machine from potential attacks from outside. If you don't believe me, visit www.grc.com and use his Shields UP test of your ports to see how vulnerable you are to a port scan by a pottential hacker.
Then run the same test again with Zone Alarm running.
This is even more important using a cable modem which may be on line for hours.
Viruses aren't the only problem!!!

Roger

First off, there are dozens of perfectly innocent reasons another computer might be trying to make a connection to yours. Did you ever stop to think how data gets from somewhere on the Internet to your computer? Well golly gee, it's via a connection! IM clients use connections, P2P programs use connections, EVERYTHING you do on the Internet uses connections.

ZoneAlarm, and all other firewall programs, use alarmist terminology. They make it seem like the barbarians are going to breach the gates any second because someone tried to initiate a direct connection over AIM or some other IM client.

I might have even taken you half-way seriously if you hadn't decided to bring up the GRC website. Steve Gibson, the maintainer of that site, is not a credible source of information. REAL security experts have shown this time and time again. He knows enough to fool people who know nothing, that's it. Even someone with marginal understandings of computer security can pick up on the fact that the guy's full of *****.

Simple fact is, if you keep security patches up to date, don't run unnecessary programs, and avoid those that leak like a sieve... You're pretty safe. Real hackers are going to focus their efforts on more attractive targets than a home system, unless you do something to put yourself on their radar. Script Kiddies are the ones who will try and target home systems, and they rely almost exclusivly on tools designed to exploit known security holes. They rarely have any actual hacking abilities, and usually use programs written by someone else. So if you keep up on security patches, and avoid using programs that are easily exploited (Internet Explorer, Outlook Express, etc), you can keep them at bay pretty easily. Anyone else, who has some actual hacking skills, will have no problem getting into a Windows system, firewall or no.

You think that all these companies that you hear about being broken into aren't using a firewall in a league ZoneAlarm can't even dream of playing in? Or that they don't have a couple of full time security experts configuring things? Compared to that sort of setup, ZoneAlarm is like a wet tissue. It's not going to stop anyone who has the knowhow and desire. You're best just making sure you're not of any interest to such people.

It's all very well suggesting staying clear of Outlook Express, Internet Explorer (and ideally Windows), but these are the programs that the majority of Internet users run. So in 90% of cases some protection for them is desirable.

Besides, you are focused on the threat from direct attacks by hackers. You've been watching too many old movies my friend. These days, automated bots trawl the net for vulnerable ports and they don't differentiate between corporate or home users.

Yes, avoiding the obvious pitfalls and keeping your OS and programs up-to-date will go so far. However, surfing without a firewall to monitor and control traffic, is tantamount to living in a high-crime neighbourhood and leaving your front door wide open at all times of day and night, with a sign above the door saying "help yourself."

I agree with you eleibo, and I find yewanchor's post deeply disturbing.

That person appears to be saying that normal everyday home PC users need not use a firewall, and yet this advice is against "all other advice" I have seen and read from tech experts and technical newsletters and forums in the last 2 years or so.

I simply cannot believe that this person is suggesting to PC users that they should not bother with firewalls. He says that as long as we do not use Internet Explorer, or Outlook Express, etc we will be safe. When he says "etc" what does he mean? Does he mean "anything else that we use to surf the internet? Anything else to receive emails? Anything else to talk to other people via the PC? ANYTHING else?" If so, then the PC simply is not internet capable and is a glorified word processor or games console.

Every internet expert you read nowadays says you need at least 2 things on your computer;

1] An antivirus program which is updated regularly, and
2] A firewall program.

I would go further. I believe you also need programs that seek out and destroy adware, programs that protect against spyware, and programs that prevent any attempt by trojans/spyware/worms etc to install themselves in the PC's Start-up configuration. But at the very least, you need antivirus and a firewall.

With people like yewanchor telling us firewalls are not needed, and are practically useless, we begin to lose the battle against hackers and malicious code programmers even before we have started!

I am sure yewanchor means well, but in other quarters such negative comments and advice may be seen to have ulterior motives. It would not be in the best interest of such hackers and code programmers for everyone to install personal firewalls.

A personal firewall is a must. Do not be put off by people who say that firewalls are not necessary and are useless. They "are" necessary. They "are not" useless.

I would go further. I believe you also need programs that seek out and destroy adware, programs that protect against spyware, and programs that prevent any attempt by trojans/spyware/worms etc to install themselves in the PC's Start-up configuration. But at the very least, you need antivirus and a firewall.


Which programmes would do the above?

I would just like to tell a story about an incident I came across recently where Zone Alarm saved me a lot of heartache.
I was helping a neighbor with a locked up computer. Turned out their system was loaded with spyware and numerous viruses. After running multiple utilities,including McAfee and Symantec anti-virus, Ad-Aware, and Spybot, almost 2000, yes 2000, pieces of spyware were detected and removed. Three viruses were also detected and removed. At that point I was 99% certain that the system was pretty well cleaned up.
I then proceeded to install Zone Alarm. The computer was still freezing though. After Zone Alarm was installed, I was getting an alert every few minutes that "Exploer.exe is trying to access the internet". If you read it quickly or just at a quick glance, you may think that it's telling you that Explorer.exe was trying to access the internet. Turns out that "exploer.exe" is a variation of the W32/GAOBOTAO.WORM virus. Both McAfee and Symantec antivirus programs (both updated) failed to detect it during their scanning process. If it were not for Zone Alarm alerting me I would not have known that it was lurking on the system. I would have spent a lot more time than I did troubleshooting the freeze problem.
I have always used Zone Alarm and am an even stronger believer in using a firewall because of this incident.

Sadly, you're missing the whole underlying point to what I say.

The point I've been trying to make, and that you've overlooked completely, is that the first thing you need to secure a system is a set of "safe" habits. Buying a safe car isn't an excuse for not knowing how to drive first. And even though I'm not religious, I do believe it was Jesus who coined the phrase about teaching a man to fish to feed him for a lifetime. Same idea here. Telling someone to run a firewall is like giving them a fish. You only feed them for that one meal. Telling them to avoid commonly exploited programs, develop a set of "safe" computing habits, and then MAYBE a firewall would be to teach them how to fish so that they're never hungry again.

I don't deal in temporary solutions if a permanent one exists. In this case, if you use a different browser and email client you can not only avoid being the victim of a lot of attacks, but you also help distribute the user base across a different range of programs. Making it harder for anyone or any group of people to focus an attack. The potential damage is mitigated in part by the fact that it will only affect a small portion of the entire population. This is why I mention BOTH Mozilla AND Opera to people. And I usually toss in Eudora for the email side of things along with Mozilla's client. Sometimes I'll mention The Bat or Pegasus Mail as well. Give people options so hopefully you use something different from me, and we both use something different from the next person.

No, I don't miss the point at all.

You are telling people to "surf safe". You are telling them not to visit web sites where trojans and worms can be delivered to a PC. You are telling them "not" to open unsafe emails. You are telling them to use safer browsers and email clients.

You have given 2 analogies.

1] Buying a safe car is not an excuse for not knowing how to drive.

How would you suggest we learn how to drive then? In an unsafe car? In a car with no brakes, leaky gas tank, sloppy steering and tyres with no tread?

2] Although accepting you are not a religious person yourself, you mention Jesus wanting to teach people to fish for themselves so they can stand on their own feet, rather than have fish handed to them.

Was it not Jesus who fed the 500 with bread and fish?

I hasten to add I am also not a religious man.

"My" point is, where help is needed, lets give it. There is simply no point being high and almighty, (and I accept you are not, but many are), and saying that PC users must learn for themselves, and must find out for themselves that certain web sites are dangerous. They must find out for themselves that emails can contain viruses, and worms, and trojans, that can interfere with their systems and record their surfing habits and personal details and relay that information over the very internet connection that they are using. They must change their browsers, their email clients, their surfing habits otherwise they will become infected.

This is all true. They do need to learn these things. They do need to understand that some web sites can contain malicious content. That emails can spread virus infections, and that some browsers and email clients are apparently less secure than others.

But what is the point of learning if the lesson kills you? What is the point of finding out the hard way if some trojan has recorded your surfing habits, taken your passwords and account details and keystrokes and names and addresses by the time you have "learned the lesson"?

All of what you say is right. People need to understand the risks and change the way they surf and send and receive emails.

But they also need protection from hackers trying to compromise other people's PC's for their own ill gotten gain. That means 2 things.

a) Stop hackers from gaining access to their computers in the first place when users are connected to the internet, and

b) prevent unauthorised access to the internet from spyware programs on computers that may already be infected.

Firewalls do not stop viruses or worms or trojans from being installed on a computer. But as part of a suite of defences against such programs, they can prevent hackers from gaining information from them.

People have stated before that it is only large corporations that are being targeted and hackers are not interested in minnows like us. That is not necessarily so. The recent attacks on banks and financial establishements around the world which originated from a server in Russia used ordinary PC's from minnows like us to store and pass on information without the owners knowledge.

People say that IE and Outlook and Outlook Express are full of security holes, and that is true. But Mozilla, the makers of the Firefox browser and the Thunderbird email client, have recently had to patch their software because 2 potential security holes were found. Who knows what hackers and code writers have in store for those of us who are using Firefox, Opera, Thunderbird, Eudora if ever IE falls into minority use.

You state that you don't deal in temporary solutions, if a permanent one exists. If people use a different browser and email client you say that people can not only avoid being a victim of a lot of attacks, but they can also help distribute the user base across a different range of programs, making it harder for anyone or group to focus an attack.

I have used Netscape for years, and now use Firefox and Thunderbird. And yet, I still receive emails that contain viruses. I still receive spam emails that invite me to visit web sites that I have no intention of visiting because they are likely to contain suspect code or try to download malicious programs to my computer. Simply changing your browser or email client doesn't stop the attempts. I stop them. And if, at any time, I drop my guard, I know my firewall will help me prevent any unwanted internet access from my computer.

You say that people should be given options, so they can use something different from you. 5% of internet users use the same browser and email client that you and I do. Are we so different? We still surf the internet. We still send and receive emails. We still download programs for our own use.

You CANNOT expect every person to know and understand all of the risks. I DO NOT accept that people get what they deserve, and refuse to help them. A small portion of the entire population is still too many for me. I know I can't help everyone, but I can say to everyone I talk to, "GET A FIREWALL".

yewanchors, your analogies are flawed, and your philosophy and advice is wrong.

In grand CNet fashion, the reply link has mysteriously dissappeared, so I'm replying to markflax here.

You did indeed miss the point, but maybe it's my fault for not being sufficiently clear. So let's try this a different way.

Firewalls are a vital component to system security, no one will ever say otherwise who isn't in need of a clue. However firewalls depend on the user knowing what sort of things it does and doesn't do, and to have some sort of plan on how to fill in the gaps. The various little activities I propose people perform are designed such that they will teach people the necessary skills to recognize just what a firewall covers.

Further, when you compare the amount of benifit gained between learning to ritually perform the tasks I outline verses just slapping a firewall on a system and letting a user remain in ignorance, the amount of benifit gained from my skill building plan will far outweigh those of just slapping on a firewall. Whatsmore, is that when the user does get around to installing a firewall under my method, it will be far more effective. Whether the people know it or not, they will be making up for some of the gaps in a firewall's coverage.

All I'm suggesting is that people learn some of the "prerequisits" to firewall use prior to actually using one. You wouldn't want to take a calculus class without having taken basic algebra would you?

What browser and email programme would you use instead of Explorer and Outlook? Complete novice.

For browsers, there's really only two options: Mozilla (and cousins) and Opera. Pretty much everything else is either a new interface on Internet Explorer or Mozilla (AFAIK, no such products exist based on Opera). Mozilla is free, Opera is free, but only if you put up with an ad banner in the browser. Otherwise it's pretty reasonably priced at like $35 I think.

For email clients, you have a rather significant number of choices. Mozilla comes with it's own, there's also the old favorite of many long time Internet users Eudora, there's Pegasus Mail, and a couple of newcommers like The Bat. Mozilla's is free, I believe Pegasus is as well, Eudora has an ad supported mode much like Opera and some features are not avaliable in that mode, I think The Bat is like $20.

I'd suggest trying out all your options and picking the one that works for you. For me, Mozilla works exceedingly well for what I want, but others prefer Opera and that's fine. Everyone using Mozilla wouldn't be a huge improvement over everyone using IE.

Thank you

It seems to me that yewanchors(you *******) has a lot to say about the subject of firewalls. Personally I have found having a firewall a great benefit even though he says they dont work. It seems to me that he is more concerned about making others out to be extremely ignorant and/or stupid.
If you feel more comfortable surfing the net with a firewall in place then use one. There are plenty of free ones out there. If you dont find any benefit after a month or so you can uninstall it. Simple.
As for restricting where you surf and not opening an unknown file or clicking a link you are missing out on a lot of interesting subject matter.(No Im not meaning porn)As far as Im concerned there is a lot of great free stuff out there and some of it you will never find if you dont go looking down some of the side alleys.

I've only said that you need to have a foundation of security minded habits before a firewall can be effective enough to bother with. Otherwise, you're likely to poke way too many holes in it so that it's not really blocking anything. Not to mention, this way people won't think it protects them against spam, viruses, and spyware.

And if you think I'm just making this up, I just recently heard someone give a talk to just that effect, and they got the bulk of their information from CNet. The thing was riddled with so many inaccuracies and misconceptions, that anyone who followed the advice of the speaker would likely come away with the impression that firewalls are the magic bullet of computer security. If you have one running, it's OK to be a moron and just download whatever off of Kazaa... Who cares that I don't have an anti-virus program, my firewall will protect me! I don't need to patch my operating system for security exploits, my firewall will protect me! Seeing the pattern?

I recommend you use ZoneAlarm security suite which is a
comprehensive solution for all security related problems including virus attacks. Also it will be advisable to disable DCOM or distibuted component object model. This uses the existing networking protocol called RPC. You can visit grc.com/dcom and download the tool to diable it. This should some what protect you computer from unwanted intrusions. As an additional anti-virus I would recommend kaspersky anti-virus personal edition. Also run anti-spywares like lavasoft and spybot regularly, which are available for free. Test your windows every time you install new programs using Diagnose Windows available from seememe.com.

Nancy, when I first got a computer, I had expert users tell me "You aren't important enough for someone to want
to get into your machine." I was, and still am using 98se. Got a virus bad enough I eventually had to go in and clear the CMOS. When there are very good "free" fire-walls out there, why not use one? Better safe than sorry. I used one even when I had dial-up. Those that
advise you not to use one probably know more than I do about computer(some, not all), but they aren't going to fix your computer when they are wrong. Zone Alarm is pretty good(I've used it) and my favorite is Sygate. Sygate.com-on the left,click"Home office"-then choose
free personal firewall. With any firewall,as with anti-virus, keep it updated. Good luck. chuck

How does your getting a virus relate to the need for a firewall? Firewalls don't do anything for viruses, just like they don't do anything for spam, and really can only help contain certain kinds of worms.

All firewalls do is filter traffic to/from your system, that's it, end of story. They're not this magic cure that people seem to think they are. They are really quite limited in function, but people would know that if they took the time to learn even the very basics about firewalls before spouting off about how necessary they are.

SpyWare is a real problem today. It can come from any site, any time. You can be infected in a heartbeat.

One of the perks for using a firewall, especially ZoneAlarm, is that IF you get infected, and IF the program wants to "dial home" to report your use, ZoneAlarm will alert you of this traffic. You can allow or block.

Some programs need to access the net for updates such as Windows and Norton. You would naturally allow this. But SpyWare is too subtle and you will never know it accessed the net without ZoneAlarm.

Don't ask me how I know!

As to your comments about GRC, it is a tool only. You can get the same results from Norton or any other site.

To spout off a bit more ! !
Nobody has yet said that a firewall is essential but many very experienced people recommend them, and it would pay to remember that at the latest survey reported by CNet,95% of PC user are still using IE and OE. Amongst these users are millions who will never try Deepnet, Firefox, Opera, or Mozilla because they do not want to change settings on their computers, and will continue to use applications which are working to their satisfaction.
Admitted that home PC's are not of interest to hackers, and that firewalls are no protection against viruses, but the best protection for possibly a non-technical PC user against the destruction a passing script kiddy can cause, or the problems that can be passed on to other users by an undetected trojan or worm, is an effective firewall.
I personally do not like unrequested incoming contacts to my machine, even harmless pings, so I make sure that not only are all my ports closed, but by not responding my machine is invisible to any scans. In my opinion, and it is only an opinion, that this is a vital safeguard for any user, and above all for any broadband user who has a static IP. This is what Zone Alarm does for me, and has done for four years.

Final points:

Whatever your personal opinion of Steve Gibson, his 'Shields UP' tool is a very effective test of your machine's vulnerability to probes from outside, which could prove to be malevolent.

Major problems for large organisations are not usually the result of a pierced firewall, but except for DOS attacks are usually caused by a sloppy system administrator, or a careless system user.

So yewanchors, post your views by all means, but try to be a little less arrogant about it. Many users, experienced or otherwise, come to these forums for help or advice, so what is needed is practical, easy to follow advice, rather than lectures to exhibit your expertise.

Roger

And through all of that, without the end user having some basic common sense about how to go about using a computer on the Internet, a firewall is kind of like the cartoon character sticking their finger in the hole on a dam to try and hold the water back, only to have more holes pop up.

Until you learn basic things like keeping your security patches up to date, keeping your anti-virus program up to date, never opening unexpected attachments, never opening expected attachments without scanning them first, not saying "Yes" to every dialog that comes up in IE asking if you want to install something, etc... A firewall is just pointless. The little bit of security you might gain isn't going to even approach the potential for disaster you've got looming behind every other corner.

Thanks, Wayne and Roger for answering while I was away.
Both were right on. An UP-TO-DATE firewall isn't the answer by itself, but part of a program including anti-virus and anti-adware/spyware. If you don't want to run prevention, don't. But don't criticize others that do and are trying to help others understand their systems.
Even Microsoft got burned by not keeping up to date. chuck