Vista - Zonealarm

"jhnlmn" <guest@xxxxxx-email.com> wrote in message
news:34401be2b7dd8a265f05befca5e6926c@xxxxxx-gateway.com...Why do you say that? Just because they have your
router does not mean they have your computer too.
That's a good part of what makes a router a firewall.
Of course not, we were talking about the usefulness of
Windows Firewall if a *real* firewall in the form of a
router was also used. Viruses are not really a firewall
issue - but a network worm may well be thwarted by
the presence of the Windows Firewall in case you find
yourself no longer shielded by the router or other true
firewall appliance.
Hmmm...okay... yeah, some people are real sensitive
about that sort of thing.

[snip]

Well, I am not an expert. My thought was that in order to
reconfigure my router someone should get access to the
password, which is only possible by hijacking my PC
or getting a physical access to both. But if they hijacked
my PC, then they also compromised my software firewall
as well, which is much easier to do than to record a password
for the router. Of course, I ignored the fact that a router
may be buggy and intruder may take advantage of it.
But I didn't hear so far about intruders attacking home
routers, while there is endless stream of attacks on home PCs.
The original question was whether one still needs a third party
firewall in Vista. So, I just tried to explain why I still need one.

I guess that most of the people simply not aware why their
PCs (and Web browsers) keep slowing down to a crawl.
I have dozens of programs installed and most of them are trying
to check for updates and download huge files behind my back,
install them and reboot my PC - all the time interfering with
my work. I just cannot use PC without an outgoing firewall anymore.

"jhnlmn" <guest@xxxxxx-email.com> wrote in message
news:28e6f9f1411b084de8e1b080c4c2c37c@xxxxxx-gateway.com...Generally, routers still have the default user and password.

Mine was user and user.
My neighbors was (okay..still is) user and admin.

http://www.routerpasswords.com/
I was refering to your first contribution, not the original
post for the thread,

You said in part:

"I cannot figure out what that built-in Vista FW is good for.
All incoming connections are blocked by the router anyway,
and, I heard, that software FW are not as secure as hardware."

Which is correct.

What the software firewall is good for is when you find
yourself *not* behind a real firewall for whatever reasons.
Outbound sniffing and filtering would be better applied in an
environment that is not the same environment as that that is
being "protected" by such filtering. It goes for inbound too.

As you said - "...software FW are not as secure as hardware."

Application control and internet access control are nice, but
are not a good security move because malware will be written
to tunnel within the programs that are allowed access. Your
filter software won't alert to them and you will think it is not
happening. So - you will end up in the same situation with the
added overhead of the filtering software running and finding
nothing.

OK, I agree, if someone is so lazy and don't bother to
change the router password, then built-in Vista FW would give some protection.

But who said that app control and FW are for security only?
I already wrote that my biggest problem is not with viruses
but with "legitimate" apps, such as Acrobat, WMP, iTunes, etc,
which manage to slow down my PC and Web connection
almost to a halt. Luckily, these apps are not so devious
and do not perform any tunneling.

I admit that I didn't ran any formal benchmarking,
but my feeling is that my PC is running faster with an outbound
FW - at least CPU and network activity indicators do go down
each time I block a third party app from connecting.

"jhnlmn" <guest@xxxxxx-email.com> wrote in message
news:70730a171ea4274724267046147d4783@xxxxxx-gateway.com...My broadband cable provider's setup instructions make no
mention of passwords or usernames. I believe that to be the
normal situation. If so, there are many people out there that
fit into your "so lazy" category. I suppose those laptop users
that are too lazy to drag around their personal router/firewall
could also benefit from what you call "built-in Vista FW"?
Nobody, why do you ask? I will say that firewalls *are* for
security and not just 'nice to have' functionality. The features
that became associated with firewalls have become computer
hosted applications that attempt to mimic true firewalls. The
features are okay, but shouldn't be confused with what a real
firewall is.
Again, viruses are not addressed by firewalls. Lets not talk
about viruses. I did mention malware though - I suppose that
having unwanted actions by legitimate programs monitored is
a good enough reason for such features as internet access
control. You may not want consent.exe to access the internet
just as you are typing your credentials into the box. But it is
not a firewall thing. It's like saying one word processor is
better than another because it plays music while you type.
By all means use outbound filtering - especially when you feel
such benefit from it. But it is a shame to have to trade the FW
that came with Vista away just because of that feature. What
Zonealarm should do is make an outbound filtering application
that *isn't* glued to their firewall so that users can keep the
Windows Firewall *and* have the features from Zonealarm
if they value them.
A feeling is good enough for me - benchmarking is overrated. )

If you can set your router firewall up for logging, see how often
Zonealarm phones home. Does it phone home more often than
the major offender of your legitimate irritations? Block one -
send two of its own?