A firewall is a policy-enforcement measure; it typically looks at network
traffic, and blocks or allows it based on a set of rules.
Early firewalls, in the mid 1990s, were routinely configured to examine
and filter inbound traffic, while permitting all outbound traffic. The
assumption was that OUR machines could be trusted, the threat was all "out
there".
That argument was kind of reasonable as long as every machine had a
dedicated sysadmin who was intimately familiar with every bit of the OS and
every executable program (or fragment thereof) on the machine.
That stopped being a reasonable assumption a long time ago, but the
Windows firewall was one of the last examples of this philosophy. In an era
of worms, trojans and viruses, it simply isn't a useful approach any more.
(This might be fixed in Vista.)
Most really good firewalls live in their own box, on the network rather
than as software running on the individual machines. Software firewalls
have a special advantage over network firewalls -- when strange traffic
shows up, a software firewall can track it back to a specific application,
perhaps to be subjected at that point to an advanced virus scan.
On the other hand, we're starting to hear of malware targetting specific
firewalls, for instance adding itself to the firewall's list of "blessed"
applications.
The Windows firewall is better than nothing, but there are much better
choices available, and even the best arre struggling to stay ahead of the
malware writers. Some of the good choices, such as ZoneAlarm, have free
versions available that will do the job.
David Gillett
On 2 Aug 2007 at 9:23, chipo chika wrote:
> How effective is windows firewall? How vunrable ic My pc protected by
> windows xp firewall and running Escan anti virus? Do I need additional
> protection? If so whats the recommended?
The NOSPIN Group Promotions is now offering
our special coffee cups and mouse pads
with the PCSOFT logo... at a great price!!!
http://freepctech.com/goodies/promotions.shtml
|