firewalls

Hello

Still trying to grow in understanding - I've seen posts in this group that
say, with broadband you need a software firewall as well as the hardware
firewall built into your modem/router. This seems to be based on the idea
that hardware routers stop incoming assaults, but don't stop outgoing "phone
home" or mailer viruses/trojans from dialling out.

BUT - if there is no dial-up modem attached, how would they "dial out".

Edification please!





Me

Me wrote:
> Hello
>
> Still trying to grow in understanding - I've seen posts in this
> group that say, with broadband you need a software firewall as well
> as the hardware firewall built into your modem/router. This seems
> to be based on the idea that hardware routers stop incoming
> assaults, but don't stop outgoing "phone home" or mailer
> viruses/trojans from dialling out.
> BUT - if there is no dial-up modem attached, how would they "dial
> out".
> Edification please!

They don't have to dial out, you're leaving the gate wide open..! All
dialling out on a dialup connection does is connect you to your ISP's
server, very slowly. The only difference with broadband is that you're on
all the time (unless you turn your PC off) and a lot faster.

I'd go along with the suggestion of a software firewall on the PC as well
as that in the router, belt & braces never hurt anyone ;-)

Ivor (using Norton Personal Firewall, the one in XP is crap..!)

On Mon, 15 Nov 2004 17:46:49 -0000, "Me" <(E-Mail Removed)> wrote:

> I've seen posts in this group that
>say, with broadband you need a software firewall as well as the hardware
>firewall built into your modem/router.

its an opinion, not one I share. My machine is unstable enough without
a suite of paranoiaware adding to the mayhem. If you have antivirus
protection and an incoming hardware firewall and scan for other
malware regularly there's little to worry about. Quality Assurance
rather than Quality Control.

Phil
--
spamcop.net address commissioned 18/06/04
Come on down !

In an earlier contribution to this discussion,
Me <(E-Mail Removed)> wrote:

> Hello
>
> Still trying to grow in understanding - I've seen posts in this group
> that say, with broadband you need a software firewall as well as the
> hardware firewall built into your modem/router. This seems to be
> based on the idea that hardware routers stop incoming assaults, but
> don't stop outgoing "phone home" or mailer viruses/trojans from
> dialling out.
>
> BUT - if there is no dial-up modem attached, how would they "dial
> out".
>
> Edification please!

"Phone home" is perhaps a misnomer. In this context, it simply means connect
to a particular internet site whose URL is programmed into the rogue
software. All it needs is an internet connection. An 'always on' ADSL
connection is just what the doctor ordered!

A software firewall knows which applications have been authorised by you to
talk to the internet. When an unauthorised application tries to do so, the
firewall will alert you.
--
Cheers,
Tim
______
Please reply to newsgroup. Reply address is invalid.

thanks, that makes sense

> >say, with broadband you need a software firewall as well as the hardware
> >firewall built into your modem/router.
> its an opinion, not one I share. My machine is unstable enough without
> a suite of paranoiaware adding to the mayhem.

Hey, as long as you`re happy that any program you use could take it upon
itself to start connecting automatically to "look for updates" etc.

Personally, I block all applications except ones I specifically WANT to
let out. It makes little difference to me if I block Adobe Acrobat from
connecting to the net to check for updates - even if it carried a
vulnerability that might allow it to pass data to an unknown third party,
it couldn`t do so easily on mine - its blocked.

--
Please add "[newsgroup]" in the subject of any personal replies via email
--- My new email address has "ngspamtrap" & @btinternet.com in it ;-) ---

On Mon, 15 Nov 2004 20:07:46 -0000, Colin Wilson <(E-Mail Removed)>
wrote:

>Hey, as long as you`re happy that any program you use could take it upon
>itself to start connecting automatically to "look for updates" etc.

a risk I am prepared to take if it avoids getting a faceful of popup
warnings everytime I do something new or different.

Phil
--
spamcop.net address commissioned 18/06/04
Come on down !

Phil Thompson wrote:
> On Mon, 15 Nov 2004 20:07:46 -0000, Colin Wilson
> <(E-Mail Removed)> wrote:
>
>> Hey, as long as you`re happy that any program you use could take
>> it upon itself to start connecting automatically to "look for
>> updates" etc.
>
> a risk I am prepared to take if it avoids getting a faceful of popup
> warnings everytime I do something new or different.

Not a risk I'm prepared to take. I lost the entire hard drive of my laptop
due to inadequate security. I like to know *exactly* what my system is
accessing and when, if I have to put up with a few warnings then so be it.

Ivor

> >Hey, as long as you`re happy that any program you use could take it upon
> >itself to start connecting automatically to "look for updates" etc.
> a risk I am prepared to take if it avoids getting a faceful of popup
> warnings everytime I do something new or different.

Once you`ve blocked an application from accessing the net (some
installers give you an option on updates during the install process) most
won`t bother trying again - at least not for a while IME

--
Please add "[newsgroup]" in the subject of any personal replies via email
--- My new email address has "ngspamtrap" & @btinternet.com in it ;-) ---

On Mon, 15 Nov 2004 21:24:39 -0000, "Ivor Jones"
<(E-Mail Removed)> wrote:

> I lost the entire hard drive of my laptop
>due to inadequate security.

was it nicked ?

;-)

Phil
--
spamcop.net address commissioned 18/06/04
Come on down !