the nessessity of a firewall?

[pooh sun tzu]

This is beginning to grow annoying, because only a few people are listening.

I'd rather block NetBios at the perimeter than try and make sure every one of my hundreds of users has it switched off, besides I like NetBios.

This isn't about a hundred users, it's about a single home system. Please read the origonal post.

Try running Nmap on yourself.

Been there, done that, port 135 - 139 still disabled after shutting down NetBIOS.

I cannot tell you how many times someone has used a friends computer.. Next thing you know there is a trojan on the computer that opened a port letting the whole world connect. Something as simple as having Zone Alarm installed would at least pop up a notifcation

This is a singular system, and the only person that uses it is me. Thus I really don't have this problem of friends disturbint my computer.

You can see attempts to hack your computer, and where they come from.

That's great, now what? Report all 500 attacks a day to an ISP? No, you would simply do whatevery one else does with a home, single users, firewall logs. Look at them. And it would end there

Even if it's not related directly to you, wouldn't it make sense to have that extra protection in case someone else moof's it?

Not at all. I researched ISP's before I chose one, and comcast (as you can see), is the one I chosen to be the most open. Comcast does not disable any ports for any reason, and I know this after many calls with their support team while preparing wargames with friends of mine. I also know port 135 exists regardless of comcast because I secure other comcast users (friends) machines who have it running from start, but ends after disabling NetBIOS. This means that the entire security of my system is up to me, my knowledge, and my configurations.


Once again... everyone, we come back to the first step. If you feel a firewall is something I need, then by all means assist MsMitten in the Proof-of-concept attack. You want to make your point? Crash my box, crack it, hack it. If you can't, then my point is made. If you can, then I learn something new. Have fun!

[MrLinus]

If you feel a firewall is something I need...

I didn't think this was a "convince Pooh" thread since you started it off with

Why do you think a home user should work behind a firewall if closing ports and disabling services preforms the exact same functions?

You want us to convince you of something that may or may not be possible right now. So if we don't find any vulnerabilities in the UDP stack (which is the only open stack you have), then that proves you right(?). I don't think that's an accurate statement for a home user. You are a rarity for home users. You do spend the time to learn but, IMHO, you are basing your success on the lack of success of an attacker at this moment.

I won't do the DoS because while your ISP may be open -- particularly for it's users -- they may not take it too kinda to a UDP DoS (and there is a nasty one for XP via the IKE -- 500/UDP port) as it may disrupt service to other users. I suppose if I wanted, a simple UDP attack against any of the ports I found open would do it.

When I look at security, I tend not to look at the here and now but also the "what ifs". And that is, what if I am wrong? What if I have done everything possible and still, it's not enough? So I do all that I can and available to me so that I mitigate any possible risk to such a small amount that if the attacker got in he'd/she'd a) have to have a really strong desire b) would be amazing c) represent 0.00000001% of all attackers out there.

If you don't want a firewall, don't use it. If you feel safe, by all means, stick with what you have.

Personally, I don't make any assumptions about the OS even if I do lock it down. There is no way I can 100% trust an OS built by any human because of the potential of error (not bad nor good; just reality). I have to do what I can to mitigate that potential error.

Anyways, I honestly don't think you'd change unless it was a dramatic show of "attacking" and I don't feel comfortable doing that over a network that might take issue (especially with the laws in your country -- I do want to visit it at some point in the near future )

[pooh sun tzu]

This is my breather post. -takes a deep breath-

I was upset. I was defensive. I was on edge because I was afraid to fall into the catagory of admins that use a firewall without ever knowing the specifics of why it is useful in the first place, by not knowing their own system. You all have valid points, and all I did was fight then because of my fear of having to defend my thoughts and knowledge. That was immature of me, and I know now that if I would have listened much harder rather than played defence, things would have gone a lot smother. I apologize if I upset anyone or insulted them during this thread, but I also thank you for having patience, kindness, and the ability to pound something into the head of a tired person.

I am new here, and need to remember that sometimes. Take care, as I will implment my new firewall when I get home, and thus acknolwedge that there are still a lot of things out there I do not fully understand

regards,
Pooh Sun Tzu

[Maestr0]

Thus here we are, discussing it in terms of actual admins versus users. Why people keep mentioning home users after I agreed on page one, is beyond me

This isn't about a hundred users, it's about a single home system. Please read the origonal post.

LOL, relax mate. Its an interesting thread.


-Maestr0

[RejectKnowledge]

out of curiosity really.. which firewall did you settle for?

[pooh sun tzu]

Zone Alarm Pro. $$ but worth it... I hjope.

[swarisd]

I may be wrong, but in reading the original post, I made the assumption that the question asked leaned more towards Is there a need to have a firewall installed. The proof of concept is under the premise that the your system is hardened by you, who by the way is experienced in computers, networking and the such. I really thought the original question pretained to the average joe blow's system and not just your system.

Now, if the question is do YOU need a firewall, my answer would be maybe not.

If the question is does the average user need a firewall, the answer is by all means yes.

I'm feeling that the proof of concept here is slightly biased, because the given is the user knows how to harden their system.

I think the proof of concept should be based on the average joe blow user who just bought an emachine from Best Buy and installed DSL yeseterday.