Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: Are firewalls really needed?

19 Sep 2010   #1

Windows XP Professional SP3/Windows 7 Ultimate x64
 
 
Are firewalls really needed?

I was going crazy about Shields Up reporting that two ports were open until I found that Skype was the culprit as this happened only when Skype was running, otherwise all my ports were stealth. I found out that having an open port is not really a security concern as I read here:
Skype makes port 80 & 443 wide open to the public?! - Skype Community

In that same thread a member says:
"If your using NAT then your box is fine anyway, unless you have DMZ or port forwarding turned on.

When someone is trying to find out what your box is running they'll use a port scanner like nmap or something, they'll see what ports are open (like port 80 say) and then what O/S your running (they'll get this from the TCP fingerprint) and know what exploits are available for the O/S or more accurately the services running on the machine i.e. Apache on *nix variants IIS on Windows.

Anyways a firewall is a total waste of time for people that know whats running on their box, Firewalls are there for people who don't know how to admin their box properly i.e. Close off all your services and open the ones your only need and know that are secure.

My box only has 5190 (apache) and ssh running on a different port (latest patches. A firewall is useless for me anyway because i don't have anything running on any other ports.

Besides even if your are on a firewall anyone could still knock you offline with enough bandwidth (like zombie machines running trojans) or if they were on a 100meg atm link or something."

Do you agree with that statement?

My System SpecsSystem Spec
.

19 Sep 2010   #2

W7-Enterprise + WS-2008 (Converted to Workstation)
 
 

NO....
My System SpecsSystem Spec
19 Sep 2010   #3

Windows 7 Ultimate x64
 
 

Software firewalls are designed to protect "you" from "yourself". With a NAT hardware firewall, you only protect the bad guys from coming in. However, they don't do jack to stop you from going to a malicious website and clicking on something and accepting the payload. This is where the software firewalls come into play.
My System SpecsSystem Spec
.


19 Sep 2010   #4

Windows 7 Ultimate 32 bit
 
 

I agree with pparks1 and hackerman1. I will add that a software firewall is one more layer of protection for your system.
My System SpecsSystem Spec
20 Sep 2010   #5

Windows 7 x64 Home Premium
 
 

Quote:
"Anyways a firewall is a total waste of time for people that know whats running on their box, Firewalls are there for people who don't know how to admin their box properly."
I have several Win 7 System programs like System32\rundll32.exe that attempt to make TCP contact several times each day with a variety of IP addresses owned by Microsoft and others like wmplayer.exe that call Redmond several times to various IP's every time they are used.

I also have at least 10 installed programs that continue to phone home whenever they are used and nearly every program I have installed tries to phone home via TCP during the installation. I know these things because my software firewall is set to alert me to any communications that I have not previously authorized so that I may block their TCP communication attempts.

My question is how can I accomplish this same level of flawlessly tight control over potential unwanted outbound TCP traffic and UDP traffic as well on all these different levels without a software firewall?

~Maxx~
.
My System SpecsSystem Spec
20 Sep 2010   #6

Windows XP Professional SP3/Windows 7 Ultimate x64
 
 

Maxx, I didn't claim the quote in your post, as I said in my post that's what a skype forum member said which prompted me to start this thread.
My System SpecsSystem Spec
20 Sep 2010   #7

Windows 7 x64 Home Premium
 
 

antares- Sorry about that. I should have known as much because I've never known you to express yourself in that kind of a manner. I will remove your name from the quote immediately.

~Maxx~
.
My System SpecsSystem Spec
20 Sep 2010   #8

Windows XP Professional SP3/Windows 7 Ultimate x64
 
 

No problem Maxx! Regards.
My System SpecsSystem Spec
20 Sep 2010   #9
jav

Windows 7 Ultimate x86 SP1
 
 

Quote   Quote: Originally Posted by Maxxwire View Post
My question is how can I accomplish this same level of flawlessly tight control over potential unwanted outbound TCP traffic and UDP traffic as well on all these different levels without a software firewall?
Original poster has based his statement more likely from security point of view.

And thing you want to try to accomplish isn't "really" a security threat. It's just your preference or wish to control your privacy.


Quote   Quote: Originally Posted by pparks1 View Post
Software firewalls are designed to protect "you" from "yourself". With a NAT hardware firewall, you only protect the bad guys from coming in. However, they don't do jack to stop you from going to a malicious website and clicking on something and accepting the payload. This is where the software firewalls come into play.
In a way, I don't really agree with you.

I can't see Windows firewall doing anything to protect me when I want just stupidly go on and install "free smilies"

So I don't really think it's firewall's job to protect me from this.
HIPS firewall can block it. But again I think HIPS shouldn't be job of Firewall.

Now, outbound firewall can warn me and save me or I can just ignore it as I do UAC.
(when I am sayinh "I", I am referring to Avereage user, not me )
But still, I don't really think average user needs proactive outbound control firewall. as he will allow everything anyway.

Of course, He needs firewall! But I think average user needs more of a silent firewall which will do only those task for what it was created for:
Packet filtering.


By all those statement I am in noway trying to defend Original Poster.
I am just trying to examine why he might have stated it or In some cases I am just giving my opinion.
My System SpecsSystem Spec
20 Sep 2010   #10

Windows 7 Ultimate x64 and Home Premium x64
 
 

Well, there is also the point that a Software Firewall is a second layer of protection for you in a Shared Network Environment. So in the case of a home or group environment, you are only as secure as the weakest (Basically, the stupidest) person in your network. And believe me, you can have people violating your computer's security by simply not being as security conscious as you and putting a virus wild into your own network.

It happened to me in a corporate environment when the Blaster Worm was blocked by the firewall normally, but once an infected machine was brought into the network, it spread like wildfire.

Also, a software firewall helps in the situation where you take your computer out of a protected network environment, namely, your own, and use it in other locations. Again, while it seems redundant to have a Software Firewall setup within your network, it is wisest to have it still due to the fact that people can also sneak into your network, either by plugging into it, or someone not being smart with their internet browsing.
My System SpecsSystem Spec
Reply

 Are firewalls really needed?





Thread Tools



Similar help and support threads for2: Are firewalls really needed?
Thread Forum
Firewalls worth it System Security
Is more firewalls better? System Security
Windows 7 Firewalls System Security
Dropped Firewalls System Security
I know nothing about firewalls & how to analyze connections .. . System Security
firewalls System Security
Firewalls & Internet Security System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:53 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33