[Dshield] "Personal Firewalls" are mostly snake-oil"

John Hardin johnh at aproposretail.com
Mon Jul 22 16:57:17 GMT 2002

> On Mon, Jul 22, 2002 at 07:17:09AM +0200, Stephane Grobety wrote:
> > But the point is that it's not because a solution is not "the best" or
> > a perfect one that it's "snake oil". Personal FW DO have an effect.
> > They DO keep the random scan down and more often than not, they do
> > succeed in protecting the user from some of his/her mistakes (like
> > not knowing that IIS is running on his/her machine or turning on file
> > sharing and giving "guest" full acess to a share).

...unfortunately these are largely the same users who have been
conditioned to click [OK] to get the damned distracting dialog box off
the screen without reading and thinking about what it's asking. This may
greatly hamper the effectiveness of personal firewalls on the Windows
platform - they detect unsafe traffic, but the user tells them to permit
the traffic just to get them to shut up.

John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
 "To disable the Internet to save EMI and Disney is the moral
  equivalent of burning down the library of Alexandria to ensure the
  livelihood of monastic scribes."
                                    -- John Ippolito of the Guggenheim
 305 days until The Matrix Reloaded

More information about the list mailing list