On 6 Oct 2004 at 10:16, Sven wrote:
> For a firewall to be effective, it must protect you from undesirable
> incoming and outgoing Internet traffic. The Windows firewall does not
> do that, it only provides some protection one way, from incoming. With
> only the Windows firewall, programs on your computer, to include
> spyware, etc., are free to access the Internet at will. Most good third
> party firewalls will alert you when this occurs and give you an option
> to allow it access or not.
The first network firewalls routinely blocked incoming connections while
permitting those outbound. The assumption was that most users knew every
piece of software on their machine, that it was configured correctly, and
what kind of network traffic it used. About 1990, that was true often
enough to be a useful default assumption.
But as the size of the OS and applications has grown, as the volume of
viruses, worms and spyware has grown, and as Internet-connected computer
use has become more and more a mainstream consumer feature, most people
don't know all of the software that's supposed to be on their machine, let
alone the things that aren't supposed to be there. The "block inbound
only" approach became obsolete somewhere around 1995, and I am disappointed
to read that Microsoft's second attempt at a personal firewall has
apparently not progressed beyond that point.
One of the virtues of a software "personal" firewall over an external
hardware firewall is that, for strange outbound traffic, it can query the
OS and identify the particular process/program attempting the connection.
This is a terrific help when the traffic heralds the presence of some new
bit of malware.
I second the recommendation that if you have a third-party software
firewall, you should probably continue to use it. If you don't, I
recommend that you get one.
David Gillett
The NOSPIN Group is now offering Free PC Tech
support at our newest website:
http://freepctech.com
|