That was port 80 for http. Now internet traffic uses a lot of different ports and to be able to use the internet in a minimal capacity you need to have those ports open. There are pretty much only two ways you can set up a firewall. You can start with everything blocked and then open up what is needed. In that case you will be forever opening up ports and having to deal with a lot of angry people just trying to do their jobs. The other side is to have everything open and just block what is not decreed to be kosher by the pointy headed bosses.
Naturally this leaves lots and lots of ways for people to use work arounds and you will be forever trying to close the barn doors while the cows are running out. Either way you will eventually end up with a firewall which will have a lot of ways to allow unwanted traffic to get past. And you will find that there is a lot of traffic using those ways to get past. From the perspective of a home owner, even a yappy Chihuahua is better security than no dog.
Nothing can prevent all breaches or attacks, but the more roadblocks there are the less chance of an attack becoming a breach. Firewalls keep the honest, as such. They will deter the ones who are checking things out, or just poking around, learning how Third, if you don't have one, your inviting everyone and their brother to poke around your network unencumbered Network security is about layers.
The more layers you have the better off you will be. You need to also balance the amount of layers with whether additional layers will inconvenience your users. Now I would agree with the statement if its saying that a perimeter device that is just a firewall is pretty useless but if you have a box that performs a multitude of security related functions, AV, monitoring, etc Having a lockable front door doesn't make your house impenetrable but it is a lot more secure than leaving the door open.
Anyone that works in IT security knows that good network security is in layers. I completely agree in securing the end-point but you also need to have a decent perimeter firewall too and if you can afford it a good IPS. So to answer the question I am on the street. I fundamentally disagree with the "you cannot rely on your firewall anymore" argument. Hardening endpoints is all well and good, but firewalls are still important, even when dealing with APTs. Traffic filtering and port blocking should take place on egress as well as ingress, helping control data leakage and preventing malware from phoning home.
To me, the biggest unsolved security question is one that has no solution; what about social engineering? Look at what hackers like Kevin Mitnick have been able to accomplish without having to worry about firewalls or endpoint security. If you can't get around the firewall to get what you want, just social engineer someone into giving it to you.
A balanced, multi-layer security infrastructure is important, but your user is still either the strongest or weakest link in the chain. So actually she contradicts her own point. If in her view, users are allowed to download and install anything they want, she believes that there should not be any overall control???
The original quote is "do not worry about what your firewall is doing", therefore implying firewalls are still in use, the complete opposite of useless The title of this thread is like something from a tabloid. I don't think anyone on here would find anything new in the article, if you're serious about security then you'll have been taking this holistic approach since you got into the game.
Security is not about making it impossible, it's about being the bigger pain. You don't lock your front door or turn on outside lights because they stop someone entering your house. You do them both to make it a bigger pain to break into your house than the one across the street and to make sure that in court you have performed due diligence in attempting to protect yourself.
I live in a neighbourhood where there is no street lighting. It is a real problem. We used to have teenagers smoking pot standing under the tree out front. They did it there because it was so dark they could never be seen. We would accidentally fall off of the sidewalk or walk into a parked car having no idea it was there.
We were pretty risky for getting robbed just because it would be so easy to spend hours getting quietly into our house. So we bought a motion sensitive flood for the back of the house, a dusk till dawn that lights up the street and a motion sensitive light for the walkway that covers the front door. Now we are pretty confident that we are the absolute last house that will ever be robbed - without a single change to actually make it harder to get into our house.
Every house in my neighbourhood is in pitch darkness. Ours is bright enough to read outside of even under the darkest conditions. Only an idiot would pick our house with so many great targets just outside the reach of our lights. If I put that dead-bolt on my back door, I have no way of knowing if I ever deter an attempt to break into my home. But I know this: it's sure not going to make me any less safe for having done so! Once the doors are secure - remember the windows. Can we do too much to keep our families safe?
Can we do too much to keep our data safe? I think not. I would highly recommend a personal firewall without hesitation. All the best, John Luv2BSecure. Maybe not the best choice of words, as there are things that can be gained from running a personal software firewall.
Are personal software firewalls necessary? Perhaps this may be more to the point. In a public forum such as this, one has to take into account your audience. The experience level of persons participating here will vary from the newest users, to professionals, and all of us in between. The manner in which all these user systems are being used will be just as varied. When discussing the risks associated with the Internet and educating new users in securing their systems, I recommend the use of a personal software firewall as part of the layered approach to system security.
Encouraging users to take time and learn a little more about how things work is also important. Software firewalls will form part of this learning process and provide them with insight as to how their system and applications are interacting with the Internet. Some users may not want to go beyond a set it and forget it type approach. Others will gain experience and become more conversant with computer security. These users will discover the flexibility and control software firewalls and other utilities afford and use them to their fullest in securing and auditing their systems.
Experienced users can easily secure systems OS from unsolicited connection attempts, monitor outbound traffic and may be quite comfortable in running without a personal software firewall. And this approach is definitely not for everyone. But all these unsolicited connection attempts the scans most news users are alarmed to see in their logs are basically harmless and the least of our worries.
As JV is starting to touch on, social engineering is a greater threat. As mentioned above, the manner in which all these systems are being used will vary greatly. One has to take this into account when recommending what may or may not be required. How many different users will be using this system?
How many different users and systems are on the home LAN? As LowWatermark commented:. CrazyM , Nov 26, I really hesitate to post an opinion, since I know I have only a fraction of the knowledge of those who have posted. But what luv2bsecure said makes the most sense to me:. Scotcov , Nov 26, After typing a 15min response, I looked up at the screen and it was gone!! Here's a shorter version!! Are you talking about multiple and unsolicited 'probes' against a particular local port -- or are you talking about 'multi-port' scans?
I also agree that multiport scans are rare. Occassionally I get hit with a scan for a Rat or Bot on the higher port scale but none too often. Of course I would investigate. If you are stating that a Trojan or Bot might be dropped in a PC using one of the above utilities, than a properly configured Firewall should alert the user of the connection attempt.
I'm not being argumentative, It's just part of the learning experience and all comments are related to the learning curve!! Show Ignored Content. Your username or email address: Do you already have an account? No, create an account now. Yes, my password is: Forgot your password?
0コメント