What do you guys think of this? Be honest...

[FrequentZ]

Discussion of 1 vs. 2 vs. 3 aside.....
What the hell are you trying to protect? My point here is - Is your data worth the effort it is going to take to get past even one ? Probably not.
No offense, but I can't think of a single damn thing I could want off someone's personal computer. Paranoia strikes deep, my friend. Are you so busy trying to protect yourself that you have stopped having fun?
That's just my opinion.

[imchaser]

Hell, why stop at 3?

[kadeng]

When you find something major, come back and tell me.


Hmm,Invictus did you forget the problem firewalls had with Leaktest and Zonealarm did not?


Major don t you think?

[iNViCTuS]

First of all...leak test sucks.

What problem are you referring to exactly?

[kadeng]

Hmm,now your playing dumb and stupid.

You have to do better!

No one can learn from you when you act like this.

All the big firewall vendors did update their firewalls after the launch of Leaktest!

So your saying they are all morons listening to Steve Gibson?

A big vendor like Symantec knows notting about security but you do? lol

[Louie]

Steve Gibson is a fool I must say. He is as bad as Carolyn Meinel, especially with his look you've won letter. All you need is one good software firewall on a different computer then you are trying to protect or a firewall appliance. And of course some NAT!!!

[iNViCTuS]

Kadeng...

I was trying to help you in the first place by informing you that using multiple personal firewalls is STUPID....period.

I do not know why it is so hard for you to get that fact through your thick skull. Let me ask you a question. Have you ever been hacked while using a personal firewall? If not then why the hell do you have three of them. I am a firewall engineer for one of the largest banks in the world and believe me when I tell you that I have seen just about everthing over the last 7 years when it comes to firewalls. If you want to find out how "secure" your firewall is, test it yourself. Don't rely on someone who has created a simple scanner that isn't worth a ****.

If you don't want to listen to me then don't...I am just trying to help everyone else here since I have been down this road many times before.

And by the way...according to leaktest, a "leaky" firewall is one that does not block trojans and viruses. Well let me tell you this, that is not what a firewall is intended to do. That is what antivirus software is for. A firewall is intended to filter ports in and out of your network. Many personal firewall vendors have added in this type of functionality as "features" like I said earlier. Choose a firewall based on which features you desire.

Also, many personal firewalls are not really firewalls, they are IDS's. It is your responsibility to decide what you want.

I find it funny that you are so worried about your systems that you use 3 personal firewalls, yet you are not at all concerned about sending your clear text passwords across the Internet. Or maybe that is something your limited knowledge hasn't led you to realize yet.

Get a clue....

[mrwall]

I'd like to agree with Invictus,

Most -so claimed- personal FWs are actually flow-based/heurystic analysis NIDS, they see an abnormal connection to/from an irregular port and consider it malicious activity or a HACK!!...

Try running RealServer behind ZA for Gods sake and you'll undertsand what I mean, it just needs something that maintains state and has *real* capabilities of acting like a FW....

Also, as invict noted, most packet FWs just don't pass the Layer 3 and 4 limits, and Application GWs/Proxies only work on Layer7 of the OSI model, although there are current attempts by kick-ass manufacturers to integrate the functionality of all the three mentioned technologies into one solution <flow-based NIDS + stateful packet inspection with an undertsanding of the underlying protocol> like the new version's of CP <wich could act like Proxies using resources> and StoneSoft's StoneGate's multi-layer stateful inspection solution. Yet, these solutions aren't mature enough to integrate into the final releases. CP allows you to check any part of a packet <any part of the OSI model> using INSPECT code, but the lack of documentation makes it look like magic more than reality

At the end, I would like to stress on invict's point, running multiple FWs on one box is just a plain stupid act with no use. Take it or leave it, but my knowlege with CP and experience with other top-notch vendor's solutions makes me sure of what invict and I are saying...

my 0.02$,
etsh911

[kadeng]

I do not know why it is so hard for you to get that fact through your thick skull.

My thick skull needs more than words.

Let me ask you a question. Have you ever been hacked while using a personal firewall?
Like i said it ads something to security.
Try Norton personal Firewall + Sygate and do peer to peer with Morpheus.
Look at the sygate log[traffic]

I am a firewall engineer for one of the largest banks in the world and believe me when I tell you that I have seen just about everthing over the last 7 years when it comes to firewalls. If you want to find out how "secure" your firewall is, test it yourself. Don't rely on someone who has created a simple scanner that isn't worth a ****.

If you don't want to listen to me then don't...I am just trying to help everyone else here since I have been down this road many times before.

And by the way...according to leaktest, a "leaky" firewall is one that does not block trojans and viruses. Well let me tell you this, that is not what a firewall is intended to do. That is what antivirus software is for.

So the firewall engineer is telling me antivirus is 100% security against virus/trojans?lolAnd he forgets the popup windows a firewall shows[your tiny also]to warn you about the app. trying to connect?lol
Every firewall uses them!


A firewall is intended to filter ports in and out of your network. Many personal firewall vendors have added in this type of functionality as "features" like I said earlier. Choose a firewall based on which features you desire.

Also, many personal firewalls are not really firewalls, they are IDS's.
Norton,Sygate,Tiny,Zonealarm and Outpost have ids!


I find it funny that you are so worried about your systems that you use 3 personal firewalls,
2 personal firewalls+xDSL router with NAT.

yet you are not at all concerned about sending your clear text passwords across the Internet.
clear text passwords=leaktest with you as ids!
Or maybe that is something your limited knowledge hasn't led you to realize yet.

Every human has a limited knowlidge!

Get a clue.... [/B][/QUOTE]

[ZeroOne]

Originally posted here by hot_ice
But what if she's on the pill and you use a condom? Surely that reduces the risk. Hmmm...but then the pill would be like the virus scanner and the condom would be the firewall. Have I got the analogy right?

Greg

Nope, it's just vice versa. See, the pills don't protect you from viruses, condoms do.