[thelist] Internet Security

Boris Mann boris at bmannconsulting.com
Tue Aug 12 18:09:13 CDT 2003

On Tuesday, August 12, 2003, at 04:49 PM, Kelly Hallman wrote:

> On Tue, 12 Aug 2003, Hershel Robinson wrote:
>> Regarding software firewalls, Sam Spade apparently feels they are 
>> somewhat
>> worthless ( http://www.samspade.org/d/firewalls.html ) but I do run 
>> on my PC
>> a personal firewall from Kerio.com. It is useful anyhow (as 
>> mentioned) to
>> block applications from connecting out to the internet.

That Sam Spade article is a must read. I saw it go by, and promised to 
stay out of this, but....

 From the article:

"If you don't want to spend that amount of energy on it, buy a 
standalone dedicated NAT or NAT+firewall box. I like the NetGear RT-311 
and its siblings, but there're a bunch of others out there too. It'll 
sit there, do its job and never bother you again."

> Anyhow, it should be harmless.. you could probably disable such
> notifications.  I think that's part of what Mr. Spade was getting at..
> personal firewalls make people in his business annoyed because they 
> alert
> users to things that constitute normal network behavior (or at least
> harmless network behavior).  Possibly, but I still run ZoneAlarm
> (appropriately configured) on all the local PCs -- for the outbound.

The only reason to run BOTH a network firewall (so inexpensive, and so 
many other benefits, like taking up less system resources than running 
some PPPoE soft client on your PC, like being a switch, like having a 
DynDNS client built in, etc. etc. -- just get one) and a personal 
firewall on your machine is if you don't adequately protect the client 
machine -- i.e. you don't keep up with patches, you let trojans in, 
etc. etc.

A network firewall will adequately protect you from external attacks 
(and if you're serious about security, you'll get one). Nothing will 
save you from yourself if you let bad code run on your computer.

Boris Mann

More information about the thelist mailing list