Home page logo

basics logo Security Basics mailing list archives

RE: Personal Firewall for Business use
From: "Kent James" <kent () caspia com>
Date: Thu, 6 Nov 2003 17:49:11 +0400

-----Original Message-----
From: Kevin Saenz [mailto:ksaenz () spinaweb com au]
Sent: Tuesday, November 04, 2003 6:50 AM
To: Security-Basics
Subject: Re: Personal Firewall for Business use

I really don't understand your relationship with a firewall and MSBlaster.

Huh? Somehow we are not communicating. MS Blaster infected on port 135.
Blocking that port with a firewall blocked the infection. That's the
relationship. Now that was not the only way to block the infection, patching
was also necessary since a firewall is easily bypassed by, for example,
notebook computers. But even a minimally configured firewall should have
stopped MS Blaster, and in this case it did.

I am not a big proponent of personal firewalls, for the reasons that you
mentioned. I was simply saying that I have used them in isolated cases, and
they have done some good for me.

Another reason that I often give against PFs is that, when used truly as a
personal firewall (and not as a basic port filter, as in my example) they
keep asking, "Do you want to enable internet access for application xxx?"
Trouble is, trojans can have the exact same name as a "real" application,
only located in another directory. Most users will just routinely say yes,
and pretty soon the personal firewall is worse than useless.

But what choice do users really have, particularly modem users? Our clients
are mostly small, and are often in transition from 3-4 people all with
individual modem accounts, to a network with a shared internet connection.
When we talk about firewalls and such, they begin to get scared. Somehow
they don't understand that anything we do on a LAN is better than the
wide-open world of the Windows user without a PF connecting to the internet
with a modem.

I'm almost convincing myself that I *should* be promoting PFs!

  Kent James, Ph.D, MCSE
  Computer network support in Baku, Azerbaijan
  UNDP Azerbaijan ICT Strategy Implementation Advisor
  Email business: KentJ () seabak com  personal: Kent () caspia com
  UNDP: kent.james () undp org
  Baku work (+99412)920126 mobile: (+99450)3584553
  Redmond: 1-425-882-2193

The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]