[Dshield] RE: this whole personal firewall debate

Kenton Smith ksmith at chartwelltechnology.com
Wed Jul 24 17:56:32 GMT 2002

*This message was transferred with a trial version of CommuniGate(tm) Pro*
I was beginning to tire of this whole debate, however it seems to be
back on the road to constructive discussion so I'm going to throw
something else into the fire. As the holder of a GSEC I have more than
the average user's knowledge in security stuff, although I have no
illusions that I am a firewall expert (that's coming I hope). But like
many of us I have a spouse at home who "just want to surf the net with
out having to answer a whole lot of questions I don't understand".

Here's my simple (I think) question:
Is having a personal firewall on a home machine (if you have a business
spend the money for something else), free or otherwise, better than
having no protection between you and the Internet?

Here are my thoughts:
Why? Because even if they set it up in the default mode and never touch
it again, it's going to at least keep out some of the riff-raff. It
seems to me that as a security professional the biggest pain-in-the-butt
(or one of them) is all the zombie computers out there throwing crap at
my firewalls and IDS's. If home users with poorly configured O/S's had
at least *some* means of preventing their system from becoming a zombie,
it would get rid of a lot (not all) of this excess noise. Now maybe (I'm
no expert on these products), the problem lies in that the user is asked
any questions at all, as then the default wouldn't change unless the
user chose to specifically change something.
Is this too simplistic? I don't think so.

BTW, I don't have one of these running on any the machines in my house,
I have a cheap Linux box running IP-Tables.

Kenton Smith

More information about the list mailing list