Is a Software Firewall Necessary?
Posted 04 July 2004 - 05:00 PM
Posted 05 July 2004 - 03:03 AM
I would recommend keeping a software firewall even with a router for those reasons. There are free ones avalable from Sygate and Zone Alarm, if you don't wish to renew Norton's license.
Posted 05 July 2004 - 08:51 AM
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Posted 05 July 2004 - 12:23 PM
Also, are firewalls suppose to prevent spyware and adware? I'm trying to do everything possible to keep all this crap off my system.
Currently I have:
Security settings set at custom (prompt for Run/Download signed Active X, disable unsigned Active X/Script not safe, etc)
Privacy tab set at prompt for 1st party cookies, block 3rd party.
Running Spyware Blaster
And I always check for Windows Critical Updates
Even with all these I manage to find a couple of items during the scans. Is it inevitable even with all the prevention above?
Although my system is pretty clean, my sister has a pretty bad problem with spyware (I've posted messages for help) and since then I've been trying to educate family and friends about all this. In the past 2 weeks (trying to fix her problem) I've learned so much about spyware and adware but still find myself unable to answer alot of their questions, such as which cookies should be accepted when prompted, when to run active x when prompted, etc. What exactly does spyware do. I find myself mumbling with the answers.
I did download Netscape to try it out; this helps the Active X problem but not cookies, correct? How harmful are cookies anyway? Does Active X install the spyware/adware or do cookies?
Sorry, I meant to make this short but more questions keeping popping into my mind. Most of my questions are probably not appropriate for the Firewall forum, I probably should post them somewhere else.
Posted 05 July 2004 - 03:41 PM
Netscape isn't quite as good as Firefox. There's a link to it in my signature. Firefox allows you to block cookies very selectively - by site - and doesn't load ActiveX at all.
Posted 05 July 2004 - 05:30 PM
Posted 06 July 2004 - 07:51 AM
Posted 06 July 2004 - 12:40 PM
Now I'll have to try one of the suggested firewalls.
Posted 13 July 2004 - 01:44 AM
Posted 13 July 2004 - 05:54 AM
Cookies are not that harmful really.
I did download Netscape to try it out; this helps the Active X problem but not cookies, correct? How harmful are cookies anyway?
First the function of cookies.
Basically because of the way http works, there is no way for the server to remember unique visitors. Basically you go to one page, request the page, it gets sent the connection is broken. When you go to the next page linked to that on the same server (usually domain too), you will need to connect again get sent the page, and the connection is broken again...
Obviously the server doesn't know if you are the same user since you make mutiple connections. Even IP addresses are not fool proof because of NAT and other systems where multiple users share the same IP or on dialup where ips are rotated.
This can be a problem if you visit password protected pages. After you log in, the server has to have someway of identifying you, otherwise it will need to keep prompting for passwords.
Cookies solve the problem by acting like tokens or strings of info that identify the user and are stored on your computer The cookies can then be used to identify who you are ,store your prefered settings, passwords etc.
This is generally okay, though of course, another user at your computer will have access to the very same cookies, so you might want to clear them if you are not the only user of your computer.
Cookies normally are also fine since they are restricted to one particular domain, eg cookies you get on google.com can only be read by google. Google might know what you are doing on google.com, but it has no idea what you are doing on say yahoo.com
A privacy issue arises when being fed so called "third party cookies". These are generally by advertising companies. When you visit site X, you don't only get fed cookies from that site, but also cookies from Ad-based companies, the most famous of which is doubleclick. Owners of site X are paid of course or rewarded in some way for that use.
When enough sites, on the net do the same, you can essentially be tracked by them, say doubleclick, as you move from site to site. Eg You move from site X to Y, both of which host doubleclick cookies, your doubelclick cookies are then amended to note that you have visited sites X and Y, and more importantly , what type of topics you are interested in.
With time , if you do not clear the cookies, a profile of you as a user, can be built up.
This is a privacy concern, though not a security one.