Google Answers: Negative aspects of software firewalls in non-network situations?

View Question

Q: Negative aspects of software firewalls in non-network situations? ( No Answer, 3 Comments )

Question

Subject: Negative aspects of software firewalls in non-network situations?
Category: Computers > Security
Asked by: nautico-ga
List Price: $10.00

Posted: 25 Jan 2004 07:44 PST
Expires: 26 Jan 2004 05:54 PST
Question ID: 300017

I write a computer advice column for my local newspaper. I need a
couple of paragraphs that address the pros and cons of installing a
software firewall (e.g., Zone Alarm) on a home (non-network) computer,
with particular emphasis on the cons.

Having experimented with various firewall programs, I've come to the
conclusion that they're more trouble than they're worth. I'm simply
not willing to spend time tweaking firewall settings, and I find that
their annoying intrusion alerts negate the alleged value of their
protective effects. In short, I'm perfectly content with using a
combination of Norton Anti-Virus, AdAware, and Ad PopUp Killer to
preempt all of those intrusions that *I* regard as threatening. This
is what I intend to say to my readers, unless someone can come up with
a persuasive argument to the contrary.

Clarification of Question by nautico-ga on 25 Jan 2004 09:12 PST

I hear you, and I've heard much the same from others. That said, I'm
not sure what the operative threat really is in the absence of a
firewall. I've been functioning well without one. To what kinds of
intrusions am I vulnerable and what would be their effect? I've read
the MS article to which you refer, but I've never been victimized by
the intrusions it describes. I realize, of course, that they may loom
right around the corner. Perhaps I simply prefer living with a low
level of paranoia. Also, when I did use a firewall, experimenting with
both XP Pro's built-in version and Zone Alarm, I found that I was
having to temporarily disable it much too often, especially when
trying to send files within chat systems such as MSN & Yahoo Messenger
and ICQ. I remain to be convinced that the benefits outweigh the
annoyances.

Answer

There is no answer at this time.

Comments

Subject: Re: Negative aspects of software firewalls in non-network situations?
From: omnivorous-ga on 25 Jan 2004 08:53 PST

Nautico --

I'm afraid that I have to take the opposite position: during the
install of a new computer, someone installed an IRC virus on my system
while I was connected to the Internet (and before I got Zone Alarm on
that machine).  It meant the computer had to be returned ot the
manufacturer because H-P no longer provides a CD to allow re-imaging a
clean disk.

Unfortunately, your advice might also be mis-read: someone connected
to Comcast cable or Verizon DSL will say, "Gee, I don't have a network
-- I've only got one computer."  But by virtue of the full-time
connection with these broadband networks their computer is not just
connected, but could be turned on remotely.

Microsoft concurs, even recommending "competing" products:
http://www.microsoft.com/security/articles/firewall.asp

Much of the copious amount of spam that I receive is redirected from
sites which have been infiltrated -- and are being used to redirect
the mail of spammers:
http://computer.howstuffworks.com/spam4.htm

My issues with firewalls are much more subtle:
*  it's difficult to tell if the Microsoft firewall in the OS is working or not
*  allowing and disallowing programs with some software firewalls is a
bit difficult
*  firewalls make it difficult to run LOCAL area networks

Best regards,

Omnivorous-GA

Subject: Re: Negative aspects of software firewalls in non-network situations?
From: sherlockh-ga on 25 Jan 2004 15:51 PST

>>I find that
>>their annoying intrusion alerts negate the alleged value of their
>>protective effects

You can turn off the 'pop up' alerts in "Zone Alarm", ie. in "Alerts & Logs",
"Main" tab, select "off".  Now, they will not pop-up, and will just
appear in the log (which can be viewed with log viewer).  So it should
be just as secure.

Subject: Re: Negative aspects of software firewalls in non-network situations?
From: nautico-ga on 26 Jan 2004 05:54 PST

The following review of MS's forthcoming SP2 for Win XP from PC
Magazine includes this about installed firewall enhancements:

"The Internet Connection Firewall will be renamed Windows Firewall,
will be enabled by default, and will also add more stringent
protections against misuse of the computer's ports by outside
programs. Reportedly, you will have detailed control of port settings,
though this feature is not yet present in the beta. Only specific
programs will be allowed to receive connections from outside sources.
You still won't get the protection against outbound traffic that
programs like ZoneAlarm provide, though."

Interesting that this new firewall will be enabled by default, which I
suppose means that it's better to use it than not to use it. I think
I'm going to cry "uncle" on this one!

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.

Search Google Answers for

Google Home - Answers FAQ - Terms of Service - Privacy Policy