Slashdot Mirror

← Back to Stories (view on slashdot.org)

Personal Firewalls Mostly Useless, Says Mail & Guardian

Posted by ryuzaki0 on from the linux-incompatible dept.

hweimer writes "More and more security researchs come to the conclusion that personal firewalls are ineffective in controlling outbound traffic. An article in the Mail & Guardian online mentions a test that 'showed that the software often causes more problems than it solves. Not one of the six firewall programs the magazine tested, regardless of whether commercial or freeware, could prevent all attempts from the test programs at establishing outgoing connections between the PC and the internet.' Simple PoCs are available, too."

7 of 303 comments (clear)

  1. misleading headline by macadamia_harold · · Score: 5, Informative

    More and more security researchs come to the conclusion that personal firewalls are ineffective in controlling outbound traffic.

    The article's about personal software firewalls, not personal hardware firewalls. Furthermore, the fact that personal software firewalls are useless and buggy is not really a new discovery.

    --
    Push Button, Receive Bacon
    1. Re:misleading headline by Pieroxy · · Score: 4, Informative

      I use my very old laptop with BSD on it as a gateway
      For a few bucks, you could buy a small linksys dedicated box. That box - in addition of doing the job fine - pumps up less power than a laptop will ever do even in their lowest consumption settings. In a few month, the cost of the Linksys box will be recouped on the electric bill. And it is smaller and heats up less.

      My view on the problem at least.

      --
      Write boring code, not shiny code!
  2. ZoneAlarm? by CyberZCat · · Score: 5, Informative

    Did they test zonealarm? Because even with my best efforts to circumvent it (for testing), it's still able to block everything. Even as an Admin user, it's not possible to stop the service unless you "officially" exit the program. I've been using it for years, and I haven't once ever had a program that it didn't block (if I chose to block it). Even test software which was spesifically meant to try to find holes in personal firewalls. The new version does other handy things too, like keeping an eye on software which tries to monitor your keyboard/mouse (such as keyloggers) and giving you the option to block them from doing that. Very handy.

  3. Re:Question by legoburner · · Score: 4, Informative

    Although they do not provide much benefit, it can sometimes be worth it, especially if you have a wireless network behind your firewall. One rogue worm-ridden computer on your wireless network and bad things can happen to all your machines. Having a software firewall will be consume resources and might annoy you from time to time, but will reduce the chance of infection from common worms. You should never presume your internal network is secure unless you can completely verify every last bit that comes in to it.

    --
    Warhammer forums
  4. Re:Which software? by Lambticc · · Score: 5, Informative

    _G Data InternetSecurity 2006 _F-Secure Internet Security 2006
    _Kaspersky Internet Security 6
    _Trend Micro PC-Cillin 14 Internet Security
    _Symantec Norton Internet Security 2006
    _Zonelabs Zonealarm Internet Security 2006
    _McAfee Internet Security Suite 2006
    _Computer Associates eTrust Internet Security Suite r2
    _Panda Platinum Internet Security 2006
    _Softwin Bitdefender 9 Internet Security

    This is all I could find from the german site PC Progressionell ..meine Deutshe ist nicht so gut.

  5. Re:IP Tables by mpapet · · Score: 4, Informative

    Linux has IP Tables which is very good for the job. Is it as good as BSD? I would argue less time consuming if you already run Linux, but it's not the same.

    Notes: I believe for stateful packet inspection, the kernel needs ip_conntrack and a few other things in it. Most distro kernels have this but it's worth double checking. From there, it's learning the IP tables syntax which isn't hard after going through one of the many examples out there. Once you get logging going, check out intrusion prevention systems!

    http://www.google.com/search?hs=3PG&hl=en&lr=&clie nt=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&q= iptables&btnG=Search

    --
    http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
  6. BSD firewall tutorial (was Re:misleading headline) by badger.foo · · Score: 5, Informative
    The manuscript at http://www.bgnett.no/~peter/pf/ is for a half day tutorial in setting up OpenBSD's PF firewall (also available on FreeBSD, NetBSD and DragonFlyBSD).

    The response I get (yes, I'm the guy who wrote the tutorial) is that people find it quite useful.

    The fact that it includes a few tips on how to give spammers a hard time helps too I guess.

    --
    -- That grumpy BSD guy - http://bsdly.blogspot.com/