recently, there is an online paper from the german chip magazin recommending users to switch off any desktop firewall for the sake of system resource. Although they also recommend others measures to counterbalance the desktop firewall switch-off, I personally feel that this is a wrong advice for computer practise nowadays. So I wrote a comment in the forum, but it seems most of the forum users agree with Chip and I am quiet alone.
Wouldn’t it have made sense to move this to the “Computer Firewall” section and not the “Anti Virus” section. After all the subject tittle is called “switch off desktop firewall” and not “switch off desktop anti virus”.
I see what they are saying, but really a computer firewall dosn’t slow down your system that much unless it is an over bloated piece of ■■■■. I am willing to sacrafise 1% of my cpu to increase my privacy and security by 70%.
Do you think Germans are stupid? Maybe you should have read the full article. They explain how to use the router’s built-in SPI firewall instead of a personal software firewall. Nowhere do they advise not to use any firewall at all 88)
without a firewall, your PC is like a Living Dead…
Customizing your firewall will make sense in lowering Cpu Usage (:WIN) PC performance will not dramatically change if proper maintenance is applied :■■■■
We all know that and before you jump to conclusions you have to take into account that the smarter users know that a hardware firewall although tough cannot replace a software firewall entirely.
Hardware firewalls are only strong when they’re configured right. And let’s be honest, who knows that as a normal user ? I wasn’t saying Germans where stupid, but they miss something ;D…
lol, Germans …
This one was not too very nice, eXPerience…
As a native German, I’d say this message has to be called HUMBUG
SW FW’s are NOT existing without a reason (some of them, may be)
This thread seems to propose that German Papers and the German folk’s intelligence are somehow connected to eachother.
This ain’t so, and has never been, my dear. And hopefully will never be.
Reminds me of some unholy times…
The Advice given by the German Computer Magazine is indeed wrong. Why? Because more and more Firewall’s are not just Firewalls anymore. If we look at COMODO Firewall Pro 3, It includes HIPS and other features to also fight malware, and more and more vendors are using these techniques. They need to do some more reasonable research before making such assumptions IMO.
Do they recommend switching off The firewall in aviras security suite also ? :THNK Times are depressing folks. I’ve come to the conclusion that its more of a headache to read security forums because of all the varying info and biased opinions.
I don’t have a router either, it’s my computer, an ADSL modem, and the Internet. If I disable my software firewall it’s, “hello world please hack me!!”
People will read this article and disable their firewall. This mag assumes everyone has a hardware firewall. Most will and will probably be OK, provided they don’t have some problem with the configuration. Some of them won’t have, and will have just been served a very bad piece of advice.
If you don’t want to install a 3rd party firewall, leave the Windows one on. If you think the Windows firewall is slowing down your computer, you really need to relax and decrease your caffeine intake.
(:LGH)
I think that software firewalls are too hyped and under hyped. At times a software firewall is not needed. While others it is needed. The most common case where a software firewall isn’t needed is when your behind a router obviously. Otherwise a software firewall is kind of useless, except for the outbound, but we all know how I feel about that. I am going to go out on a limb and say this:
If you are not behind any kind of hardware protection, you still do not need a software firewall!
As long as you have a strong antimalware system, disabled services that do not HAVE to be running, have a strong HIPS AND IDS, you essentialy do not need a firewall.
Remember, a hacker attacks you through services, and malware. Of course you are still open to a talk, but strictly speaking if vulnerable services are shutdown, and your windows system is fully patched a software firewall isn’t needed.
A HIPS is called a Host Intrusion Prevention system. It is a piece of software that run on your computer. Basically, and this varies among the software, but it will alert you to suspicious activity asking if you want to allow it or not. For example, if I download a random file, and I execute it, and the file is trying to modify my startup. A HIPS would ask me and I can allow or deny it.
An IDS is called an Intrusion Detection System. These can vary in type. Generally they are embedded in hardware firewalls and have two main purposes. Detecting intrusions and generating good log files: Snort. Or in addition to generating superb log files, the IDS is capable of stopping network based exploits such as Denial of Service, or Malformed Packets.
If you are using eMule, I suggest leaving services intact, just disable all of the sharing options (I.E do not share my library) or what ever the option is in eMule. Then move everything in the eMule shared folder out of there. This will ensure that you are not sharing files. The next thing is NEVER EVER download programs off of eMule, or limewire ect, they are mostly bad files that will only cause you trouble. Also follow this simple guide when downloading music:
A 3:00 song at 128 bit rate the size of the song should be around 3 MB 2.99 MB is fine, just as 3.01 MB is fine.
Just as 2:40 song at 128 bitrate should be 2.4MB ect.
A 3:00 song at 192 bit rate should be at like 4 -6MB due to the increase in quality.
ALSO! Check to see that the file your downloading has the .mp3 extension (will show up in windows explorer as mpeg layer 3)
Thanks for the answer. Anyway I’m using eMule for a couple of years and I already know the basics to avoid fake files and stuff. Other thing is that eMule is an sharing program and I am actually sharing a folder that I designed for it and I think there won’t be no security problems by sharing a single isolated one. What i really wanted to know is if there could be other security advices besides using CIS and ipfilters.