If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#106
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
Kerry Brown wrote:
I don't think very many people that understand security think outbound filtering is not a useful thing to do. Many people that understand how computers work think that relying on a software firewall to stop something that is running on the same computer and has the same or higher privileges as the firewall isn't a good thing or even possible. Outbound filtering is very useful for some situations. Outbound Here is another one: I do not like that every time I open an MS application (Word, Excel, Windows ... ), it tries to talk to Microsoft. My firewall warns me about it and I deny it. Now, I have no idea why the application is trying to phone home. Why should it? The only reason I would accept is if it is trying to find updates. Well, in that case, I would rather do that myself, thank you very much. Online help? No, don't need it. Any other reasons? Sorry, now you are invading my privacy. |
Ads |
#107
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
H.S. wrote:
Looks like MS does not want to invest time and resources in developing a full firewall and is thus marketing and trying to convince its users that outbound control is unnecessary. No one here works for or represents MS, including MVPs. The Windows Firewall is inbound/outbound. |
#108
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
H.S. wrote:
Kerry Brown wrote: I don't think very many people that understand security think outbound filtering is not a useful thing to do. Many people that understand how computers work think that relying on a software firewall to stop something that is running on the same computer and has the same or higher privileges as the firewall isn't a good thing or even possible. Outbound filtering is very useful for some situations. Outbound Here is another one: I do not like that every time I open an MS application (Word, Excel, Windows ... ), it tries to talk to Microsoft. My firewall warns me about it and I deny it. Office Help is now online, d00d. Wake up and smell the coffee. |
#109
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
PA Bear [MS MVP] wrote:
Here is another one: I do not like that every time I open an MS application (Word, Excel, Windows ... ), it tries to talk to Microsoft. My firewall warns me about it and I deny it. Office Help is now online, d00d. Wake up and smell the coffee. Did you even read the rest of my post? Why are you snipping the relevant parts? |
#110
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
PA Bear [MS MVP] wrote:
The Windows Firewall is inbound/outbound. On XP Pro? Didn't think so. |
#111
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
Conversation in entirety:
http://groups.google.com/group/micro...486be8412ee2af reference to the inbound/outbound argument parts only This is one of those debates like *nix vs. Windows vs. OS X. Nothing is proven on any side, examples abound (some truthful and realistic from the single instance, some not so much) and nothing but emotions and egos get exposed. Personal experience and outside articles are quoted a lot. Some good for that single instance in time, others pulled from myth and legend and still others might actually hold up over scrutiny (the latter is often over-looked in the debate and glossed over at every turn by those opposed to the topic.) Ideas like "outbound only catches the stuff you already have and who says the application in question did not just change your outbound rules as you installed it so you still don't know you have it?" and "I like to know when something attempts to 'call home'" seem to cover most of the arguments. (Sound like "Windows has more security holes than other OSes" and "Macs just don't get viruses"...? Yeah - same type of arguments. heh) In the end - both are right, both are wrong. It's a personal preference. It's a way of computing, a mind-set, a need. I know many people who have ran many different OSes for many many years without a single instance of infection/infestation and they run no antivirus software and no antispyware software. They continuously (when someone finds out) get questions like "how do you know you actually don't have a virus or spyware/adware if you don't run anythign to prevent/check for it?" In the end - I just go by the idea that making things more complicated is seldom the proper course of action... Simplistic solutions are usually the most effective and the most eloquent. So which way do _I_ lean? Doesn't matter. Each person has their own reasoning behind whatever it is they do. I have used many different solutions (I do like to try things - see what I can learn and find) - and I do offer advice on the ones I tried that seemingly did their jobs without _over-complicating_ my life just to keep it working. However - I know that will be different for each person, and I cannot say which is less complicated for any one of them. Advice: Try each solution *if* this whole topic has any importance to you. All anyone here can offer is that someone practice some common sense. The world is dangerous - your computer gives you options the rest of the world does not (I cannot backup my car so that when I get in a wreck, I just reload for near instant recovery) - use them. Protect yourself when you can (Equate each of these to something on your computer: lock your doors to make it harder for intruders to get in while you are there *or* away, wear a coat when it is cold, wear sunglasses to protect your eyes, put on sunscreen to protect your skin, brush your teeth to prevent cavities, pick up 'your room', take out the garbage, cover your face when you cough/sneeze, store copies of important documents(life insurance, will, deeds, etc) far away from the originals, etc.) I know someone could pull one (or more) argument for one side or the other out of those - I could do it right now. heh The point - if the solution for everyone was obvious and one-sided - there would be no discussion. Being that each person is unique with differing experiences and external facts that help support their own experiences - the discussion is never-ending. Not one person here can definitively win their argument (even if you get rid of every actual 'crazy argument' -- although who decides that is yet another debate. hah) Interesting that a discussion about a particular patch that exasperated a problem in a particular piece of software could spawn a conversation along these lines... And the subject line stays the same through out. Amazing really. -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html |
#112
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
That is the only reason I can think of to use outbound filtering running on
the computer. Personally I'm not that paranoid about programs I install phoning home. In most cases I prefer that they do. Specifically in Microsoft's case I let it send the reports about how the program is working on my computer. These reports are anonymous and used to improve the product and fix bugs. For me that's a good thing. I do understand that some people don't think about this in the same way. In most cases this reporting can be turned off from within the program but it is often buried in an out of the way place. If this is your concern then by all means install a 3rd party firewall and use it to block this type of traffic. The whole point of my posts is not related to this. The point I'm trying to make is that one application cannot be relied on to block malicious outbound traffic from another application on the same computer. The traffic you want to block is not malicious or trying to hide in any way. -- Kerry Brown MS-MVP - Windows Desktop Experience: Systems Administration http://www.vistahelp.ca/phpBB2/ http://vistahelpca.blogspot.com/ "H.S." wrote in message ... Kerry Brown wrote: I don't think very many people that understand security think outbound filtering is not a useful thing to do. Many people that understand how computers work think that relying on a software firewall to stop something that is running on the same computer and has the same or higher privileges as the firewall isn't a good thing or even possible. Outbound filtering is very useful for some situations. Outbound Here is another one: I do not like that every time I open an MS application (Word, Excel, Windows ... ), it tries to talk to Microsoft. My firewall warns me about it and I deny it. Now, I have no idea why the application is trying to phone home. Why should it? The only reason I would accept is if it is trying to find updates. Well, in that case, I would rather do that myself, thank you very much. Online help? No, don't need it. Any other reasons? Sorry, now you are invading my privacy. |
#113
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
On Thu, 17 Jul 2008 13:07:01 -0700, Paul (Bornival) wrote:
snip - shutting down servies is nice ... but the trouble is that the MS documentatin is so poor that you never know what you really do when you shut down a service ... untill someone comes and complain that things do not work any longer as they did before... Then you realize that you better not shut down any service ... (I could luch longer about that, but, believe me, ther are so many softwares that capitalize on existing "default" Windows services that you think twice before shutting one down...). Disable any unnecessary and potentially dangerous Services Configure and adjust Services to suit your computing needs Windows XP Service Pack 3 Service Configurations http://www.blackviper.com/WinXP/servicecfg.htm (This can be a tedious exercise but will bear fruits later on!). |
#114
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
On Thu, 17 Jul 2008 13:25:01 -0700, Paul (Bornival) wrote:
"Kayman" wrote: On Wed, 16 Jul 2008 00:07:46 -0700, Paul (Bornival) wrote: "Root Kit" wrote: On Sun, 13 Jul 2008 18:03:01 -0700, Paul (Bornival) wrote: (I did so after seeing my unprotected WinXP computers so easily attacked ...). Educational reading (not only for Vista users). Managing the Windows Vista Firewall http://technet.microsoft.com/en-us/m.../cc510323.aspx I am amazed by how strongly people linked to MS state that outbound filtering is unecessary or even countreproductive. Yet, other people, not linked to MS, think otherwise. Why is it so ? You are wrong! Keep on lurking and you'll see why :-) |
#115
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
"Looks like MS does not want to invest time and resources in developing
a full firewall..." Sheesh, they got into enough trouble for bundling a web browser and a media player. Now you want them to bundle a firewall? --- Leonard Grey Errare humanum est H.S. wrote: Paul (Bornival) wrote: I am amazed by how strongly people linked to MS state that outbound filtering is unecessary or even countreproductive. Yet, other people, not linked to MS, think otherwise. Why is it so ? Looks like MS does not want to invest time and resources in developing a full firewall and is thus marketing and trying to convince its users that outbound control is unnecessary. Historically, MS has wanted their OS to be used by dumb average Joe users and thus tuned its system as such. Consequently, they compromised on multiuser features, restricted user usage habits and proper computer terminology. Result: Almost all users believe Windows must be run in admin mode. They do not gain any basic knowledge about computers which is commonplace among computer technologists (MS uses its own nomenclature, as you mentioned, probably based on recommendations by marketing drones). All this leads to significant ignorance of important issues related to computer security. But to be fair, these marketing strategies also resulted in the boom of personal computer. Also, the strict control over licenses also played a very important role in making Linux what it is today: secure, open source and, these days, with better GUI than Windows in many respects. Had Windows been "open", maybe there would not have been as much impetus in making Linux distros so user friendly. I have myself seen that current version of Ubuntu is much more easier to install than Windows! |
#116
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
On Thu, 17 Jul 2008 17:06:50 -0400, H.S. wrote:
Kerry Brown wrote: I don't think very many people that understand security think outbound filtering is not a useful thing to do. Many people that understand how computers work think that relying on a software firewall to stop something that is running on the same computer and has the same or higher privileges as the firewall isn't a good thing or even possible. Outbound filtering is very useful for some situations. Outbound Here is another one: I do not like that every time I open an MS application (Word, Excel, Windows ... ), it tries to talk to Microsoft. My firewall warns me about it and I deny it. Now, I have no idea why the application is trying to phone home. Why should it? The only reason I would accept is if it is trying to find updates. Well, in that case, I would rather do that myself, thank you very much. Online help? No, don't need it. Any other reasons? Sorry, now you are invading my privacy. The situation is very simple; If you don't trust an application then don't install it in the first place! Read EULA prior installing software and if deemed to be 'trustworthy' find out reasons as to why it is phoning home. If you still don't like it disable this function. |
#117
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
On Thu, 17 Jul 2008 17:02:23 -0400, H.S. wrote:
Paul (Bornival) wrote: I am amazed by how strongly people linked to MS state that outbound filtering is unecessary or even countreproductive. Yet, other people, not linked to MS, think otherwise. Why is it so ? Looks like MS does not want to invest time and resources in developing a full firewall and is thus marketing and trying to convince its users that outbound control is unnecessary. Historically, MS has wanted their OS to be used by dumb average Joe users and thus tuned its system as such. Consequently, they compromised on multiuser features, restricted user usage habits and proper computer terminology. Result: Almost all users believe Windows must be run in admin mode. They do not gain any basic knowledge about computers which is commonplace among computer technologists (MS uses its own nomenclature, as you mentioned, probably based on recommendations by marketing drones). All this leads to significant ignorance of important issues related to computer security. But to be fair, these marketing strategies also resulted in the boom of personal computer. Also, the strict control over licenses also played a very important role in making Linux what it is today: secure, open source and, these days, with better GUI than Windows in many respects. Had Windows been "open", maybe there would not have been as much impetus in making Linux distros so user friendly. I have myself seen that current version of Ubuntu is much more easier to install than Windows! You are completely wrong with your assumptions. Educational reading not only for the Vista user: Managing the Windows Vista Firewall http://technet.microsoft.com/en-us/m.../cc510323.aspx |
#118
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
On Thu, 17 Jul 2008 17:39:08 -0500, Shenan Stanley wrote:
Conversation in entirety: http://groups.google.com/group/micro...486be8412ee2af reference to the inbound/outbound argument parts only This is one of those debates like *nix vs. Windows vs. OS X. Nothing is proven on any side, examples abound (some truthful and realistic from the single instance, some not so much) and nothing but emotions and egos get exposed. Personal experience and outside articles are quoted a lot. Some good for that single instance in time, others pulled from myth and legend and still others might actually hold up over scrutiny (the latter is often over-looked in the debate and glossed over at every turn by those opposed to the topic.) Ideas like "outbound only catches the stuff you already have and who says the application in question did not just change your outbound rules as you installed it so you still don't know you have it?" and "I like to know when something attempts to 'call home'" seem to cover most of the arguments. (Sound like "Windows has more security holes than other OSes" and "Macs just don't get viruses"...? Yeah - same type of arguments. heh) In the end - both are right, both are wrong. It's a personal preference. It's a way of computing, a mind-set, a need. I know many people who have ran many different OSes for many many years without a single instance of infection/infestation and they run no antivirus software and no antispyware software. They continuously (when someone finds out) get questions like "how do you know you actually don't have a virus or spyware/adware if you don't run anythign to prevent/check for it?" In the end - I just go by the idea that making things more complicated is seldom the proper course of action... Simplistic solutions are usually the most effective and the most eloquent. So which way do _I_ lean? Doesn't matter. Each person has their own reasoning behind whatever it is they do. I have used many different solutions (I do like to try things - see what I can learn and find) - and I do offer advice on the ones I tried that seemingly did their jobs without _over-complicating_ my life just to keep it working. However - I know that will be different for each person, and I cannot say which is less complicated for any one of them. Advice: Try each solution *if* this whole topic has any importance to you. All anyone here can offer is that someone practice some common sense. The world is dangerous - your computer gives you options the rest of the world does not (I cannot backup my car so that when I get in a wreck, I just reload for near instant recovery) - use them. Protect yourself when you can (Equate each of these to something on your computer: lock your doors to make it harder for intruders to get in while you are there *or* away, wear a coat when it is cold, wear sunglasses to protect your eyes, put on sunscreen to protect your skin, brush your teeth to prevent cavities, pick up 'your room', take out the garbage, cover your face when you cough/sneeze, store copies of important documents(life insurance, will, deeds, etc) far away from the originals, etc.) I know someone could pull one (or more) argument for one side or the other out of those - I could do it right now. heh The point - if the solution for everyone was obvious and one-sided - there would be no discussion. Being that each person is unique with differing experiences and external facts that help support their own experiences - the discussion is never-ending. Not one person here can definitively win their argument (even if you get rid of every actual 'crazy argument' -- although who decides that is yet another debate. hah) Interesting that a discussion about a particular patch that exasperated a problem in a particular piece of software could spawn a conversation along these lines... And the subject line stays the same through out. Amazing really. Well, I don't think the discussion is about a particular software per se. Rather the requirement of 'outbound control' after the introduction of NT. Jesper M. Johansson wrote educational articles about this subject extensively. It's an important security subject and the message is not easy to convey, especially if one is blinded by the hype created by the makers of 3rd party software. -- Security is a process not a product. (Bruce Schneier) |
#119
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
Conversation in entirety:
http://groups.google.com/group/micro...486be8412ee2af Shenan wrote: snip Interesting that a discussion about a particular patch that exasperated a problem in a particular piece of software could spawn a conversation along these lines... And the subject line stays the same through out. Amazing really. Kayman wrote: Well, I don't think the discussion is about a particular software per se. Rather the requirement of 'outbound control' after the introduction of NT. Jesper M. Johansson wrote educational articles about this subject extensively. It's an important security subject and the message is not easy to convey, especially if one is blinded by the hype created by the makers of 3rd party software. Actually - if you read what I posted - this 'discussion' did start out as I stated... The subject line points this out quite readily. ;-) It "spawned" into what you are speaking of. -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html |
#120
|
|||
|
|||
FIX for ZoneAlarm & KB951748 issue released
Kayman wrote:
On Thu, 17 Jul 2008 17:39:08 -0500, Shenan Stanley wrote: Conversation in entirety: http://groups.google.com/group/micro...486be8412ee2af reference to the inbound/outbound argument parts only This is one of those debates like *nix vs. Windows vs. OS X. Nothing is proven on any side, examples abound (some truthful and realistic from the single instance, some not so much) and nothing but emotions and egos get exposed. Personal experience and outside articles are quoted a lot. Some good for that single instance in time, others pulled from myth and legend and still others might actually hold up over scrutiny (the latter is often over-looked in the debate and glossed over at every turn by those opposed to the topic.) Ideas like "outbound only catches the stuff you already have and who says the application in question did not just change your outbound rules as you installed it so you still don't know you have it?" and "I like to know when something attempts to 'call home'" seem to cover most of the arguments. (Sound like "Windows has more security holes than other OSes" and "Macs just don't get viruses"...? Yeah - same type of arguments. heh) In the end - both are right, both are wrong. It's a personal preference. It's a way of computing, a mind-set, a need. I know many people who have ran many different OSes for many many years without a single instance of infection/infestation and they run no antivirus software and no antispyware software. They continuously (when someone finds out) get questions like "how do you know you actually don't have a virus or spyware/adware if you don't run anythign to prevent/check for it?" In the end - I just go by the idea that making things more complicated is seldom the proper course of action... Simplistic solutions are usually the most effective and the most eloquent. So which way do _I_ lean? Doesn't matter. Each person has their own reasoning behind whatever it is they do. I have used many different solutions (I do like to try things - see what I can learn and find) - and I do offer advice on the ones I tried that seemingly did their jobs without _over-complicating_ my life just to keep it working. However - I know that will be different for each person, and I cannot say which is less complicated for any one of them. Advice: Try each solution *if* this whole topic has any importance to you. All anyone here can offer is that someone practice some common sense. The world is dangerous - your computer gives you options the rest of the world does not (I cannot backup my car so that when I get in a wreck, I just reload for near instant recovery) - use them. Protect yourself when you can (Equate each of these to something on your computer: lock your doors to make it harder for intruders to get in while you are there *or* away, wear a coat when it is cold, wear sunglasses to protect your eyes, put on sunscreen to protect your skin, brush your teeth to prevent cavities, pick up 'your room', take out the garbage, cover your face when you cough/sneeze, store copies of important documents(life insurance, will, deeds, etc) far away from the originals, etc.) I know someone could pull one (or more) argument for one side or the other out of those - I could do it right now. heh The point - if the solution for everyone was obvious and one-sided - there would be no discussion. Being that each person is unique with differing experiences and external facts that help support their own experiences - the discussion is never-ending. Not one person here can definitively win their argument (even if you get rid of every actual 'crazy argument' -- although who decides that is yet another debate. hah) Interesting that a discussion about a particular patch that exasperated a problem in a particular piece of software could spawn a conversation along these lines... And the subject line stays the same through out. Amazing really. Well, I don't think the discussion is about a particular software per se. Rather the requirement of 'outbound control' after the introduction of NT. Jesper M. Johansson wrote educational articles about this subject extensively. It's an important security subject and the message is not easy to convey, especially if one is blinded by the hype created by the makers of 3rd party software. Before Windows XP what were people using? What were they using on NT4 and on Windows 2000? Just because XP got a firewall now anything else has suddenly become unfit for use? Geez, I guess next the hype will be that anything but One Care will be no good. John |
Thread Tools | |
Display Modes | |
|
|