Hope we can keep this thread active and Up Top with tidbits of the uninformed / misinformed ! (:SAD)
I was typing to someone using Qnext. He is in northern Germany and works as a system administrator, at work he uses Windows 2000 but at home XP-Home.
I asked what security he uses at home and he mentioned avast for anti virus and he does not need a software firewall because his router has a built in firewall.
My wifes nephew who works with computers has said the same thing.
I know there are several stories to be told and new ones every couple months so this thread may help improve someones security. And that is even before Comodo Memory Firewall is integrated into the Comodo Firewall Pro.
Well, router is great for mainly for inbound protection. But your router can’t alert you if a malware is trying to make a connection to internet, whereas a firewall like ours would.
Here is a real life malware http://www.websense.be/securitylabs/alerts/alert.php?AlertID=570
this malware uses ICMP protocol to send information encrypted within ICMP packets. Now any firewall that’s worth talking about should be checking the ICMP and other non TCP/IP protocols as well. Afterall, there is no rule for malware authors as they can use any protocol they like, even their own! Don’t forget this malware has been around since 2006!
Go ahead everyone run it and see how your firewall passes or fails this, no matter which firewall you are using, test it! Also you can test it using without using a firewall with just a router.
This will show you importance of using a firewall on top of your router.
If any firewall that doesn’t pass this…(do i need to continue? :))
I hope this exercise will help people improve their security as per your request UncleDoug!
thanks
Melih
PS: I asked our guys to publish a test (as per the test on firewallleaktester.com site) but just for outbound connection checking. this will have 2 tests that any firewall should pass (slightly extended version of what is available, but pretty much similar concepts) we should release it in our forums soon (pls note, this is NOT a new vulnerability test, its been around for sometime)
Here is something you can test the basic outbound protection of your firewall(As Melih promised). This is a shaped up version of a testing utility we use inhouse.
It transfers data to the IP address using ICMP protocol and any basic firewall must catch it.
Yeah my router has a built in firewall also and I can tell you that comodo 2.4 has blocked some malicious incomming packets that my router missed. My routers firewall isn’t just set to lower security level either.
But I wouldn’t call this people stupid, just because they don’t run a software firewall behind a router.
I was doing so for many years, and I never had any problems. I agree that you can decrease the change of getting malware with an additional layer of security, but with an up-to-date system and a bit of brain, the chance of getting anything is very small. Especially if you are behind a hardware firewall.
People also dont wear always a helmet on the street, just because there is a small change that something may fall on your head (:NRD)
I was testing different software firewalls for the last few weeks, and my impression is: the change of getting problems because a software firewall is installed (BSODs, install/uninstall problems, incompatibility with other software, etc.) is much higher, than the chance of getting problems (i.e. malware) because of having no software firewall installed behind a router.
If you are into computers, it may be fun setting a firewall correctly up, and finding the perfect fit for your system. However, I can very well understand that not everyone is into that (just like wearing a helmet on the street).
PS: note that although posting here, I speak about all the firewalls I tried; not in particular about CFP
In the world of computers, they are smarter than I am, so I would not use the term stupid. But they have not taken into consideration that a router with built in firewall, only partially protects.
Several software firewalls would increase protection, some more than others.
But as you mentioned software conflicts can also arise, causing frustration.
I am one of the unluckky ones that have found problems with Gmail. On their forums the basic direction is that in IE7 plugins such as Verification Enginge is the culprit, or Mcaffee’s Site Advisor causes the problem, and Firefox has plugins that might creates the problems.
The recommendation is always to uninstall the plugin. Nothing refers back that it just might be Gmail itself, and the last update around Oct or Nov of 2007.
Although one suggestion was to change from U.S. English to European English.
IF and When? XP SP3 is released, what will it fix and what will it break?
