Is the Firewall still relevant today?

[HarborFront]

Remember MT is here to help people to protect themselves against threats, not to make them more vulnerable via flawed logic and experiments.
You asked , we replied to you that you are wrong, you refused the answers so why asking in the first place?

The only member going your way, does it because his system is totally customized (i know what he did) and he has decent knowledge of the implications of his actions and how to compensate.
This is not something you or other classic users can do.

Correct and that's why I asked whether the FW is still relevant today. Is it a must-have or good-to-have? I NEVER say you DON'T use one.

Going FW-less is something I intend to do and with discussions I can find out whether it works. If someone can do it then others can. It's a matter of trial and error. Maybe that guy you mentioned can come in to give some helpful insights.

I'm not the type which 'If ain't broken, don't fix it'. Sticking strongly to proven system is good but to me that is not progress

 

[Deleted member 178]

So just give us "why"? what advantages outweigh the cons (if any) if you don't use one ? many people asked, you didn't replied.

Going FW-less is something I intend to do and with discussions I can find out whether it works.

of course you can disable it, i did in the past when i was an hardcore gamer doing competitions, at that time we didn't have the internet speed as now. so disabling the FW allowed us to gains some FPs.
Does it works in term of security benefits? NO, we told you dozen of times.
The only gain you may have is a potential t increase of traffic speed , but you won't see it with nacked eyes.

If someone can do it then others can. It's a matter of trial and error.

Those doing that are particular people, mostly OS tweakers; when they tweak , they do it in several levels, not just taking out one feature without searching what it repercussions.

I'm not the type which 'If ain't broken, don't fix it'. Sticking strongly to proven system is good but to me that is not progress

progress is perfecting or replace things by better solutions , not just ditching things without replacement.

 

[HarborFront]

So just give us "why"? what advantages outweigh the cons (if any) if you don't use one ? many people asked, you didn't replied.


of course you can disable it, i did in the past when i was an hardcore gamer doing competitions, at that time we didn't have the internet speed as now.
Does it works in term of security benefits? NO, we told you dozen of times.
The only gain you may have is a potential t increase of traffic speed , but you won't see it with nacked eyes.


Those doing that are particular people, mostly OS tweakers; when they tweak , they do it in several levels, not just taking out one feature without searching what it repercussions.


progress is perfecting or replace things by better solutions , not just ditching things without replacement.

Already replied in the entire thread. Read my replies to them.

I'm not ditching entire security system only replacing some components

My simple answer is have the RIGHT layered security system and NOT just a layered security system.

 

[Tiny]

@HarborFront Why don't you take a poll also and see what people think? Personally though, I agree with what Umbra and kamla5abi have been saying as well as the majority. I however assume that you are asking for people's opinion about whether or not it is relevant. A simple poll would tell you what most people here believe is best.

 

[Deleted member 178]

Already replied in the entire thread. Read my replies to them.

I saw , you have no valid reasons, you want do it just because you can.

I'm not ditching entire security system only replacing some

You don't replace that s the problem. Terra Privacy isn't a FW, just a complement.
Your NAT router doesn't have all the functionalities/benefits a software FW gives.

i answered your questions 10 times, my conclusion:
You gain no security improvement nor you reduce risks by not using a FW.

When i do something on my security strategy is to reduce risks and increase security, if not, there is no point of doing it. Cyber-Security is important, is not fashion trying outfits or go naked for fun or style.

 

[HarborFront]

@HarborFront Why don't you take a poll also and see what people think? Personally though, I agree with what Umbra and kamla5abi have been saying as well as the majority. I however assume that you are asking for people's opinion about whether or not it is relevant. A simple poll would tell you what most people here believe is best.

No need to take poll. The outcome is obvious just like going sig-less because tradition bites hard

 

[roger_m]

No need to take poll. The outcome is obvious just like going sig-less because tradition bites hard

It's got nothing to do with tradition. Even those who are opting for signature-less protection instead of using a traditional antivirus are still using a firewall.

 

[Deleted member 178]

No need to take poll. The outcome is obvious just like going sig-less because tradition bites hard

It's got nothing to do with tradition. Even those who are opting for signature-less protection instead of using a traditional antivirus are still using a firewall.

His point is : "if we can go sig-less, why not FW-less "

Going Sig-less is easy , you have plenty of alternative mechanisms that restrain/block malware.
Going FW-less isn't possible without reducing security, you don't have alternatives, you don't have softwares that does what a FW does; no softwares except FWs monitor and block network traffic.

If we look at the EternalBlue exploit, it is a fileless network kernel exploits that spread via open ports (SMB, port 445) ; no softwares, whatever it is Terra Privacy's Hacker Deterrent or any can prevent it; your FW does prevent it, because you can block the port. simple as that.

Also, you can complement FWs with NIPS/NIDS like Snort (NIDS: Network Intrusion Detection System) because it monitor and detect malicious traffic packets, some plug-ins can be used to turn Snort into a IPS (Intrusion Prevention System) but it still not a full FW replacement and it is way above any Average Joe's skills anyway.

To use Analogies : Firewalls are your Locked doors; IDS/IPS are you alarm system. if you don't lock the doors, expect to be compromised or have data leaks somedays.

 

[tonibalas]

After reading the whole thread i would also like to say my opinion.
You want to use a system without a FW,ok your system you can do whatever you want.
You want to replace FW with other software that will filter inbound/outbound connections.Fine with that.
But now here is my point-observation.

You want to stop using Windows Firewall that is developed and updated by spending a lot of money
by one of the biggest companies in the world, MS.
At the same time you want to use 3rd party software that maybe aren't updated so often as Windows FW.
And of course you can't be sure if these software's don't have any vulnerabilities that a malware could use.

You wrote <<SRP, sandbox, anti-exe, BB/HIPS etc>> which means that will increase your attacking surface even more.
Why you want to do that when in fact you want to increase your security?

By the way very interesting thread with a whole bunch of useful information .

Thank you all for your replies.

 

[TairikuOkami]

You want to stop using Windows Firewall that is developed and updated by spending a lot of money
by one of the biggest companies in the world, MS.

Windows Firewall has not been really updated since Vista, because there is nothing to update (internet protocols have not changed for 20 years), it filters packets/traffic and that is it, most firewall updates are related to bug fixes and other features, but not to the core components. I think, MS will eventually drop it as an optional feature. Most MS articles mention Windows 7/2008, since it did not even bother updating those, only enterprise users take advantage of WF. Understanding Firewall Profiles

 

[darko999]

This is GDATA Firewall "It uses Windows Firewall but gives you full control over it + plus GDATA own settings".

As you can see it works like a charm.

 

[tonibalas]

@TairikuOkami even this bug fixes means that firewall is being updated.
My point is mostly about the increase of surface attack.
Now if someone wants to have a system without firewall is their choice and that's fine with me.
When MS will drop the firewall i believe there will be already an alternative for the users

 

[Behold Eck]

Maybe without a firewall nothing drastic may happen at all then again that maybe just down to luck ?

Without proper clinical trailing from a reputable company using numerous average users with and without firewallls we`ll never really know.

Untill then I`m happy enough to continue to use a firewll....just incase.

Really interesting discussion though and I hope HarborFront reports back if anything interesting results from his experiment.

Regards Eck

 

[HarborFront]

This is GDATA Firewall "It uses Windows Firewall but gives you full control over it + plus GDATA own settings".

As you can see it works like a charm.

The firewall traffic information looks great but for each traffic can it show what company it is connecting to like MS, Google, BitDefender, Norton etc?

 

[Deleted member 178]

The firewall traffic information looks great but can it show what company it is connecting out to for each traffic?

do an IP lookup (aka whois)

 

[HarborFront]

Maybe without a firewall nothing drastic may happen at all then again that maybe just down to luck ?

Without proper clinical trailing from a reputable company using numerous average users with and without firewallls we`ll never really know.

Untill then I`m happy enough to continue to use a firewll....just incase.

Really interesting discussion though and I hope HarborFront reports back if anything interesting results from his experiment.

Regards Eck

FYI, I discussed this issue(without using a FW) with an IT friend of mine running his boss's company today. I gave him some scenarios and he said that it can be done without the use of a FW. He also contributed some knowledge and experience to me as a system admin.

I'm positive it can be done without the use of a FW. I just need to select the RIGHT security layers to do the job.

 

[HarborFront]

do an IP lookup (aka whois)

This I know. No need to mention.

 

[Deleted member 178]

FYI, I discussed this issue(without using a FW) with an IT friend of mine running his boss's company today. I gave him some scenarios and he said that it can be done without the use of a FW. He also contributed some knowledge and experience to me as a system admin.

ask him if he will do that, i guess his answer is NO.

I'm positive it can be done without the use of a FW. I just need to select the RIGHT security layers to do the job.

Of course it can be done, the question is "what is the cost in term of security?" to me you lose more than you gain...
So basically you replace an efficient built-in feature you need by another soft you don't need , which may increase the surface attack, just to do the same job? seems crazy to me.

 

[HarborFront]

ask him if he will do that, i guess his answer is NO.


Of course it can be done, the question is "what is the cost in term of security?" to me you lose more than you gain...
So basically you replace an efficient built-in feature you need by another soft you don't need , which may increase the surface attack, just to do the same job? seems crazy to me.

Not to his company, definitely.

Like you mentioned you don't impose on others what others wants. Leave it to him to make his decision. And you can have yours.

 

[Deleted member 178]

i impose nothing, i just explained with details that it is nonsense. Now people do what they want; i cant stop people to jump from a cliff if they want , just tell them it is nonsense.