wireless firewall wanted

superscaper

Conor wrote: »

There are a whole host of them but here's one...

CWS.EZSearch.This CWS variant removes and updates previous installations of CoolWebSearch such as CWS.BootConf and CWS.SVCHost32. It also disables firewall and antivirus software notifications of the Windows Security Center (found in WinXP SP2 and Win2003 SP1). It drops a copy of itself in the Windows system folder (usually as scrsvc.exe) and creates an autorun entry for this. If Windows Firewall is installed in the system, the hijack will also register itself in the Firewall policy as among the authorized applications that can access the network.

Out of genuine curiosity, how would a hardware firewall be of benefit in this situation?

superscaper

Conor wrote: »

And there posts someone who has absolutely no clue about security.

You could post a bit more maturely without silly personal comments like that, especially as Browntoa's malware guide has probably helped many people with their security.

Genghis

Conor wrote: »

Here's a reason. AS HAS HAPPENED QUITE A FEW TIMES IN THE PAST, especially on Norton/McAfee firewalls, some malware TURNS THEM OFF. Also said malware also turns off the security centre notifications so you don 't know it's been turned off.

Relying on a software firewall is mad.

I thought basic heuristic tests within the AV software would detect the firewall/AV being switched off? Its a bit of an old fashioned technique so I'd be surprised if any decent AV package would fall for it.

And you can have the best software and hardware firewall in the world but if they're configured in any way to give you access to the internet (e.g http) then an attacker can gain access. So, in my opinion, a software firewall and common sense while surfin' should be enough.

theGrinch

i have been advised by someone I trust in these matters that a physical firewall is an excellent source of protection over and above just the software firewall (though I will use both in conjunction). I have been told that the protection they offer will in most cases deter any hacker from focusing on my pc for any length of time.

albertross_2

It is.........., it's a router you need.

Conor_3

superscaper wrote: »

Out of genuine curiosity, how would a hardware firewall be of benefit in this situation?

It would prevent certain inbound ports being opened such as those in the 0-1000 range which are Windows/Network services and which are usually targetted to take advantage of exploits of those services.

For example, compromised software firewall would open up everything and could basically expose standard windows file and printer sharing to the world - a service a hardware firewall blocks from the WAN by default.

Conor_3

Genghis wrote: »

And you can have the best software and hardware firewall in the world but if they're configured in any way to give you access to the internet (e.g http) then an attacker can gain access. So, in my opinion, a software firewall and common sense while surfin' should be enough.

Oh dear...
With malware that can silently disable a software firewall, it's simply not worth the risk.

It's not that they can gain access, it's what ports they can gain access to.

For example, you DO NOT want them able to open an incoming connection to Port 139, which does NetBIOS. With that open, it's possible to read/write to a computer or do a Denial of Service attack. NetBIOS hacks are one of the most easy to do if they have File and Printer Sharing enable.

Here's a quick example of a NetBIOS hack and how easy it is..

http://info-x.co.uk/docview.asp?id=116

Still trust just using a software firewall???