Firewall etc

"Chappy" <guest.TakeThisOut@unknown-email.com> wrote in message
news:678d66473649f0292e558288ba35f829@nntp-gateway.com...
>
> Matousec ran a very comprehensive test of the available products for
> Windows..
> 'Matousec Firewall Challenge'
> (http://www.matousec.com/projects/firewall-challenge/)
>
> Windows firewall in it's default state scored a rather dismal 5% but
> does better with some advanced configuration, still not as good as
> others tho.
> Comodo scored the best for Free firewalls at 95% and is the choice of
> many of the security pros here in the Forums. Some in the Newsgroups
> here get rather "testy" when anyone mentions (God forbid) using a 3rd
> party firewall...call them "Snake Oil" and the like, but Matousec's test
> suite is very comprehensive and runs the toughest firewall attacks and
> go-rounds available so I'll take their word over the ...ahem "other" guy
> here who may come in and start bashing this post for Blasphemy.

If you think I was tuff on you, you post this nonsense to
comp-security-firewalls and let them rip you a new one. And I am going to
tell you again that Commode or any other 3rd party host based personal
firewall/packet filter are not FW(s). A FW's job is to stop unsolicited
inbound traffic by default, to stop inbound or outbound traffic by creating
packet filtering rules and two separate networks by the usage of two
interfaces with one facing the network it is protecting from and the other
interface protecting the network it is to protect. That's is their job. A
good 3rd party packet filter, I won't call them FW(s), but their job is NOT
to be malware detection/stoppage solutions with snake-oil in them.

The buck stops at the O/S for anyone that knows how to harden the O/S to
attack. The protection doesn't stop at some snake-oil solution that's trying
to protect *you* from *you*.

>
> If you think I was tuff on you, you post this nonsense to


Tuff?
That's a laugher

What I don't understand tho is the absolutely maniacal and almost violent
hatred of any 3rd party firewalls?
If you don't remember, the firewall in Windows was purchased from a 3rd
party and embedded into Windows, it was NOT designed by MS engineers!! Are
you all saying that other engineers can't design and build a useful & secure
firewall? I think they may have something to say about that, especially
considering that they do very well in unsponsored testing facilities.
Are you also saying that these testing facilities are full of it or don't
know what they're doing?
I would ask where would we be without those unsponsored testing facilities
doing the job of sorting out the good from the bad for us. I can't imagine
having to run our own tests on AV and other security software and I don't
think you'd relish that thought either, so we depend on those who've decided
to make a living from it to do this for us.

I'm certainly NOT against MS, in fact I stand up for their efforts against
allot of MS bashers, I know how difficult it is to make something this
complex perfect...it aint gonna happen. Just because I think another
company's firewall offers me better protection and an opportunity to
configure advanced rules to suit my needs, doesn't mean I hate the Windows
firewall or any other part of it. I'm sure there's things in Windows you
don't like either.
But I am entitled to my opinion just as you to yours, and I never hold yours
against you or call your decisions foolish. You have your reasons for your
decision and I mine. You can attempt to get others to listen to your advice,
and I can attempt to do the same, but we allow them to make the final
decision based on whatever information we can provide for our respective
points of view.

You can find a dozen sites that say Win Firewall Rox...and I can list a
dozen that says differently...so what. It's up to the end user to decide
which suits their needs best. If Windows starts embedding an AV app, is
everyone all of a sudden idiots if they stay with another proven product? I
certainly hope not, so why the big deal over their firewall, which again was
written by others outside of the MS family...proving that there are in fact
some intelligent and competent engineers out there writing software solutions
that can do the job.

We could go forever replying to little snippets of each others posts and
still make no headway, it's simply a waste of all of our time and energies.
Despite your arguments to the contrary, there are perfectly good, secure and
well designed firewall solutions out there ans MANY other people use these
products with excellent results. If you get excellent results from your
product, well that's excellent and more power to you, but don't go nutzoid on
others for their choice of solution.

In a way, I almost agree with you about all the other forms of protection
that even Comodo firewall has. In fact, I have most of that turned off and
use it basically as a packet filtering solution, I don't need all the HIPS
and hook alerts because I know what I'm doing, just as you others do too. But
we all know the majority of users haven't the time or opportunity to learn
what we have, so they can benefit from the higher forms of protections these
products can offer besides simply being a filtering interface. We can harden
our systems without (as you put it) having someone protect Us from Us, we
don't have poor habits and we know better. But 80% of todays users just don't
have that knowledge and that's where those of us that do, come in to help
them as best we can. And in my opinion, and a few others too, most casual
users can benefit from the enhanced forms of protections that some of these
other solutions can offer them. They need something that in it's default
configuration can keep them protected from themselves since they have no idea
how to take advantage of advanced configuration.
I agree that there are certainly some questionable products out there, and
that can be said for almost any class of s'ware product, and that's why we
depend on informed reviews to help sort out the cruft. And anyone who's been
following security software for any length of time, they know the labs and
reviewers they can trust.

Ok, I'm done, and if you insist on continuing on after this, be my
guest...it's your energy and time, not mine...well, not any more anyway. I'm
simply tired of this, I usually avoid getting caught up in this type of
useless merry-go-round. I could care less if I get the last word in or not,
but if that's what you need to make you feel good then have at it, it's all
yours.