Ucumist said:
I use NIS and have got use to having reference to the information it can show me. Whether or not this is of any real use or just a good Symantec sales pitch, I am not sure.
I found this comment at
www.samspade.org/d/firewalls.html and am interested if anyone else agrees with it.
Oh, the snakeoil thing, that's a rather old article.
Since the advent of XP (well MS blaster) even Microsoft recommend firewall protection, have provided an activated firewall with their OS and have amended advice on their support website where it suggested temorarily turning off firewalls. If you are using windows 98 on a standalone (non-networked) PC then a firewall is not essential, although I still consider outbound protection a good idea.
He points out that you can disable services, but neglects to mention that MS updates and installing some applications will sometimes turn them back on for you. A well written personal firewall is a quick easy fix and personally I've got better things to do.
He also points out that outbound protection can easily be circumvented and "if you've run a trojan your system is completely compromised". Now this is true, but you could make a similar case against most anti-virus software (I guess you could even use a similar argument to justify not locking your front door).
Many of the legitimate apps I use what to phone home, some even want to update themselves as and when they please, a few don't even have an option (in the UI at least) to disable this behaviour. Apart from possible privacy issues, I like to update stuff myself and do it when it is convenient - as a rule of thumb, if your computer starts crashing it is more often than not the last thing you've changed that caused it - if you don't know that something has updated itself and it causes problems this can present a headache. If software such as spyware (which often claims to be legitimate and only installed with consent) circumvents firewalls it is likely to be considered rogue and get added to anti-virus signatures. On the few occassions Iv'e been tricked into installing spyware my firewall has detected it while the anti-spyware apps have missed it.
Firewalls can break some networking standards, such as not responding to pings, but I can't recall any personal firewall I've used breaking traceroute other than for inbound traces (if set to 'stealth') but ironically the firewall built into my router does break traceroute - required adding a rule as a workaround.
On dial-up I used a personal firewall, now I have broadband I'm behind a cheap natted (and firewalled) router, but I still use a personal firewall to detect and control outbound traffic.