OSNews

In addition to that what happens if the computer is a mobile machine that goes to coffee shops and malls. I don't think I trust either of those with the security of my computer.

This was a mindset I argued against for years and somewhere along the way my arguments started to stick. The idea that you can do boundary protection and be done, is insane. Anyone having any control over security for an enterprise needs to realize that there is more to network security than border firewalls.

I couldn't agree more. Rather like those corporations that "standardize" on exactly one vendor's Anti-Virus product. Just hope *you* don't get by the worm that silently avoids that particular flavor of protection...

The better way to avoid the virus issue is this; simply don't run McAfee or Nortons - and you won't have that problem.

For me, Kaspersky wins hands down everytime; its interface may not be exactly eye candy, but it does the job without bringing the whole thing down to crawl and crash the system.

The problem with running client firewalls in an enterprise environment (most specifically a fully AD integrated Windows environment) requires so many ports open you can just as well turn the whole damn thing off as those are also the ports most trojans and viruses use.

Rigorous policies, a virus scanner on both client and server, no local admins and an very tight border security comes a long way in keeping crap outside.

You appear to lack an understanding of computer security. But I'm guessing you read much about it from 'experts in the field'.

Firewalls are routers that have rules to control how or if they route traffic between networks.

A firewall serves no purpose on a PC.
If you want to protect your PC from exploitation of network services then just disable those network services.

A firewall is a device which permits or denies connections. A firewall can be hardware or software based.

Firewalls are routers that have rules to control how or if they route traffic between networks.

A firewall is not a router. Many routers include firewall functionality. You can buy hardware firewalls without any routing functionality.

A firewall serves no purpose on a PC.

A software firewall does serve a purpose on a PC, it permits or denies connections.

If you want to protect your PC from exploitation of network services then just disable those network services.

Close, but wrong. A firewall is not a replacement for security, so disabling services that aren't required is essential, however to state that disabling services is the only action required is wrong. If a trojan creeps in, masked by a root kit and opens a port to allow remote control of your PC, a firewall might just save the day.

You appear to lack an understanding of computer security.

No, _You_ appear to lack an understanding of computer security.

Edited 2007-02-19 10:32

A Trojan masked by a rootkit that can't disable/bypass your software firewall? I think not.

So your argument is that a software firewall can prevent unauthorised outgoing connections?

I'll give you that preventing unauthorised outgoing connections is a useful thing. But you first have to control everything about what a program is allowed to do otherwise a malicious program can just use another program, that is authorised to make connections, to make the connections it needs.

A firewall is not a replacement for security,
This is very true and is my biggest issue with software firewalls and anti-virus. They add very little in terms of security while costing money, eating computing resources and giving the user a false sense of security.

There is a huge industry built around selling users 'security' software by marketing through fear and aren't solving the problem in the right place.

A Trojan masked by a rootkit that can't disable/bypass your software firewall? I think not.

Quite right, hence the reason why I said "a firewall might just save the day.", (Emphasis added).

So your argument is that a software firewall can prevent unauthorised outgoing connections? [/i]

No, my arguement is that whilst a firewall should not be used as the basis of a security implementation, it does compliment properly securing or disabling services. Firewalls (hardware and software) are not infallable, but they should not be overlooked.

There is a huge industry built around selling users 'security' software by marketing through fear and aren't solving the problem in the right place.

Very true, and I'm aware of far too many people that buy into this false sense of security.

Edited 2007-02-19 13:35

For suitably malicious values of 'handy', you mean?

I -think- it does, only when you turn it off it sets the service into the "Stopped" state.
The thing is though, its startup type is still set on "Automatic" so when another service/program/whatever wants to use it's functionality it gets restarted automatically. I could be wrong, I don't have Vista installed on any of my computers right now but that's what it seems like.

It's more of a bug than Windows/Bill Gates trying to control your actions I think

Of course, in that case there is something to be said here about quality control at microsoft but then again, no one should be really THAT suprised...

I don't care if it gets infected

Well you should! The odds are that once a machine becomes infected, it will be used as a host for sending spam.

Well, given the charm offensive launched by Ballmer these days vs. open source/Linux, that's indeed surprising.

But no, your allegation is nonsense, certainly regarding the chosen articles. They are usually linked by people about whom one couldn't have the slightest suspicion that they are in any way and/or disproportionately anti-MS.

Not to mention the fact that sane people are anti-Microsoft by default, given the very nature and track record of that company, but that's another discussion.