Are firewalls really needed?

Page 1 of 12 12311 ... LastLast

  1. Posts : 207
    Windows XP Professional SP3/Windows 7 Ultimate x64
       #1

    Are firewalls really needed?


    I was going crazy about Shields Up reporting that two ports were open until I found that Skype was the culprit as this happened only when Skype was running, otherwise all my ports were stealth. I found out that having an open port is not really a security concern as I read here:
    Skype makes port 80 & 443 wide open to the public?! - Skype Community

    In that same thread a member says:
    "If your using NAT then your box is fine anyway, unless you have DMZ or port forwarding turned on.

    When someone is trying to find out what your box is running they'll use a port scanner like nmap or something, they'll see what ports are open (like port 80 say) and then what O/S your running (they'll get this from the TCP fingerprint) and know what exploits are available for the O/S or more accurately the services running on the machine i.e. Apache on *nix variants IIS on Windows.

    Anyways a firewall is a total waste of time for people that know whats running on their box, Firewalls are there for people who don't know how to admin their box properly i.e. Close off all your services and open the ones your only need and know that are secure.

    My box only has 5190 (apache) and ssh running on a different port (latest patches. A firewall is useless for me anyway because i don't have anything running on any other ports.

    Besides even if your are on a firewall anyone could still knock you offline with enough bandwidth (like zombie machines running trojans) or if they were on a 100meg atm link or something."

    Do you agree with that statement?
      My Computer


  2. Posts : 759
    W7-Enterprise + WS-2008 (Converted to Workstation)
       #2

    NO....
      My Computer


  3. Posts : 7,878
    Windows 7 Ultimate x64
       #3

    Software firewalls are designed to protect "you" from "yourself". With a NAT hardware firewall, you only protect the bad guys from coming in. However, they don't do jack to stop you from going to a malicious website and clicking on something and accepting the payload. This is where the software firewalls come into play.
      My Computer


  4. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #4

    I agree with pparks1 and hackerman1. I will add that a software firewall is one more layer of protection for your system.
      My Computer


  5. Posts : 1,251
    Windows 7 x64 Home Premium
       #5

    "Anyways a firewall is a total waste of time for people that know whats running on their box, Firewalls are there for people who don't know how to admin their box properly."
    I have several Win 7 System programs like System32\rundll32.exe that attempt to make TCP contact several times each day with a variety of IP addresses owned by Microsoft and others like wmplayer.exe that call Redmond several times to various IP's every time they are used.

    I also have at least 10 installed programs that continue to phone home whenever they are used and nearly every program I have installed tries to phone home via TCP during the installation. I know these things because my software firewall is set to alert me to any communications that I have not previously authorized so that I may block their TCP communication attempts.

    My question is how can I accomplish this same level of flawlessly tight control over potential unwanted outbound TCP traffic and UDP traffic as well on all these different levels without a software firewall?

    ~Maxx~
    .
    Last edited by Maxxwire; 20 Sep 2010 at 01:45.
      My Computer


  6. Posts : 207
    Windows XP Professional SP3/Windows 7 Ultimate x64
    Thread Starter
       #6

    Maxx, I didn't claim the quote in your post, as I said in my post that's what a skype forum member said which prompted me to start this thread.
      My Computer


  7. Posts : 1,251
    Windows 7 x64 Home Premium
       #7

    antares- Sorry about that. I should have known as much because I've never known you to express yourself in that kind of a manner. I will remove your name from the quote immediately.

    ~Maxx~
    .
      My Computer


  8. Posts : 207
    Windows XP Professional SP3/Windows 7 Ultimate x64
    Thread Starter
       #8

    No problem Maxx! Regards.
      My Computer


  9. jav
    Posts : 713
    Windows 7 Ultimate x86 SP1
       #9

    Maxxwire said:
    My question is how can I accomplish this same level of flawlessly tight control over potential unwanted outbound TCP traffic and UDP traffic as well on all these different levels without a software firewall?
    Original poster has based his statement more likely from security point of view.

    And thing you want to try to accomplish isn't "really" a security threat. It's just your preference or wish to control your privacy.


    pparks1 said:
    Software firewalls are designed to protect "you" from "yourself". With a NAT hardware firewall, you only protect the bad guys from coming in. However, they don't do jack to stop you from going to a malicious website and clicking on something and accepting the payload. This is where the software firewalls come into play.
    In a way, I don't really agree with you.

    I can't see Windows firewall doing anything to protect me when I want just stupidly go on and install "free smilies"

    So I don't really think it's firewall's job to protect me from this.
    HIPS firewall can block it. But again I think HIPS shouldn't be job of Firewall.

    Now, outbound firewall can warn me and save me or I can just ignore it as I do UAC.
    (when I am sayinh "I", I am referring to Avereage user, not me )
    But still, I don't really think average user needs proactive outbound control firewall. as he will allow everything anyway.

    Of course, He needs firewall! But I think average user needs more of a silent firewall which will do only those task for what it was created for:
    Packet filtering.


    By all those statement I am in noway trying to defend Original Poster.
    I am just trying to examine why he might have stated it or In some cases I am just giving my opinion.
      My Computer


  10. Posts : 465
    Windows 7 Ultimate x64 and Home Premium x64
       #10

    Well, there is also the point that a Software Firewall is a second layer of protection for you in a Shared Network Environment. So in the case of a home or group environment, you are only as secure as the weakest (Basically, the stupidest) person in your network. And believe me, you can have people violating your computer's security by simply not being as security conscious as you and putting a virus wild into your own network.

    It happened to me in a corporate environment when the Blaster Worm was blocked by the firewall normally, but once an infected machine was brought into the network, it spread like wildfire.

    Also, a software firewall helps in the situation where you take your computer out of a protected network environment, namely, your own, and use it in other locations. Again, while it seems redundant to have a Software Firewall setup within your network, it is wisest to have it still due to the fact that people can also sneak into your network, either by plugging into it, or someone not being smart with their internet browsing.
      My Computer


 
Page 1 of 12 12311 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:45.
Find Us