Click on Comments for responses. I’ve heard the same from other IT people. SO…?
What do you think??
Same thing applies to HIPs – I haven’t a clue what this cryptic messages mean. If I’m doing something (normally I am, right?) I just click “Allow.” Basically, I hit “Allow” all the time.
I’ve asked the same question on other HIPS sites (not on a firewalls though). The answer is: “Google” the file or key name that pops up. Geez, I’d be doing that all day!!
I couldn’t disagree more with this article. Give up outbound protection? Never! I’m certainly no expert, and I don’t have to be an expert, to get a sense of why a program tries to connect to the net, and handle it properly. What if one’s AV misses that little trojan or keylogger? Then it will be able to spy on you, without any limits, because your firewall doesn’t give a sh*t. My god what a bad article!
However, with regard to HIPs, I think it is virtually useless without some explanation (by the program) of the process or program in question. Am I the only one who hasn’t a clue and therefore clicks promiscuously. I know, I know, when in doubt Google everything but please . . . I can’t spend my day doing that!
That’s why I liked about Spybot – they had 40,000 or so processes and a long list of HOSTs “blacklisted.” Has Comodo thought of something like a blacklist? Even if you believe 100% in HIPs, a blacklist can’t hurt, right? (Hence the popularity of McAfee Site Adviser).
While I share the views of the article (for the majority of the first part) because of my own experience, this is one contradictory part:
The problem is, such protection doesn't mean much. For one thing, if you have a good antivirus program, if you're smart enough not to open unknown e-mail attachments, and if you don't use Internet Explorer 6, you already have strong layers of defense against Internet-based attacks.
Yet at the same time it states:
Though it's great for experts to help keep software vendors on their toes with this kind of analysis, the average cautious PC user doesn't need the hassle.
If the average PC user = not classified as the more experienced smart ones, doesn’t that article mean they need such outbound firewall protection?
I’ll take it a level further with the following provocative statement…
You do not need Windows or any other firewall, to provide you with computer security!
Once your head stops rolling, you can read the explanation. Yes, there is a really big caveat to this statement. This is ONLY TRUE if you know enough about computers to harden the system’s configuration “behind the scenes” to lock it down like Fort Knox. As I understand it, this IS possible. But you have to be a true security expert to do this; this is not for the average, or probably even advanced computer user. So, kids don’t try this at home…
All that said, for those of us who live in the “real” world, I think a solid firewall that provides In/Out/Application/Advanced protection settings is a necessity. I agree to an extent with their statement that
if you have a good antivirus program, if you’re smart enough not to open unknown e-mail attachments, and if you don’t use Internet Explorer 6, you already have strong layers of defense against Internet-based attacks
to me the suggestion that you don’t need an Outbound firewall in this scenario is ludicrous. The best antivirus is quite capable of completely missing “in the wild” viruses. If your firewall isn’t capable to stopping Outbound connections, you could well be toast before you know it.
There are “2” computers that are perfect in all respects.
The one you don’t have (meaning don’t have a computer) and
the one that you never connected to the internet and never will. Needless to say never install any programs either. (:WAV)
Anything else is taking chances that something goes wrong. Life is a perfect example one day we all will lose it. (:AGL)
In the meantime happy computing and enjoy the fun of it. Acronis True Image, ghost, … will take care of the problems if you made a good copy of your comp at the beginning of the shiny new computer you one time had. (After uninstalling all the useless bundles they come with, even better just ditch it right away,install new from the restore disk update to the latest updates then ture it or ghost it and keep this copy safe. When needed it will not take more then 5 minutes on a vista computer and you are pristine clean again.
Thanks for your time and remember (((((Die sooner, be longer dead)))))) :THNK
I for one didn’t think bad of MS because his XP SP2 firewall didn’t block any outbound traffic, because it’s just nonsense to show popups to the average user, he would be calling tech support the minute after he turned the computer on. So that’s good advice for the know-nothing user, and I would recommend the same to him right now. But for the ones who like to care even a little… No outbound protection at all? Well you try, but let me disagree. And come on it’s not rocket science figuring out which program causes the popup, is it?
PS: I bet the author of the article uses a firewall with outbound protection himself.
(:LGH)
(:AGY) “Though it’s great for experts to help keep software vendors on their toes with this kind of analysis, the average cautious PC user doesn’t need the hassle.”
Yeah, the average computer user should let their computer be a zombie (all the while complaining that it runs too slow!). What lousy advice! I have cleaned up plenty of computers that “call out” for garbage (one I did was downloading the same Microsoft Updates, over and over, until the C drive was full–my parents’ computer, bless their uninformed hearts).
This guy is an expert? I’ve been using Comodo firewall for a couple of weeks now on several computers–it works great! I LIKE the fact it commuicates to me what my computer is doing (incoming and outgoing). Without decent information a firewall is a real “Mystery Date.”
Can’t wait for the Vista compatible version.
I have to throw my two cents in here too. I have long lived with Either Norton Internet Security or Zone Alarm security suite, and tried many others and I have to ask is this the first FIREWALL the author has used? How long has he understood the protection it offers is Imperitive to ALL, as it averages 22 minutes online and an unprotected PC will either be infected by malware, or hacked… Outbound protection is the ONLY way to ensure nothing is Infected and communicating without your knowledge. Comodo firewall is nice, VERY nice, it is extremely functional and provides Excellent information for figureing out WHAT is connecting (Parent) using WHAT Component or Program and much more, port, protocol…Nice. Some who are new to firewalls will LEARN from this information being fed to them and eventually KNOW how their protection works, you tell them not to bother then Someone better come up with something that is PERFECT and handles it all itself, but then who’d want it, we “Home Users” know we like to be in control of our own Machines, and LAN’s YES, We have LAN’s and we know how to use them BECAUSE, programs like this provide more than just Lots of good info for making a proper choice, they teach the people too…And really, If you clicked a link in an MSN Messenger window and thusly asked for it to open a browser Internet Explorer, and the firewall said…IExplore is trying to connect on port 80 and the parent MSN Messenger is requesting it…Well, say YES…If you open a game of Halo, or Need for speed, Hell Pacman especially, and a window pops up Saying HairyNat wants to use Telnet to connect to the internet on port 69696 Well, Think, Do I want this to connect? Even not knowing the program structure or files you will be able to know if you want to go online…Playing a Pacman Game…NO! You can safely deny anything without it being permenant, right. Im rambling, I just get carried away when people insult anyone for not knowing…Just because someone doesn’t know something yet, doesn’t mean they shouldn’t try to learn or that they are incapable…Again Comodo Rules, and beats all the rest…
