- Jul 27, 2015
- 5,458
Quote : " Everyone knows what a firewall is, right? Wrong…
Let’s take a real-life example; does your Mother actually know (or care) what a firewall is? Does your little sister really need a firewall to protect her from the world of online criminals? By clearing up three misconceptions about firewalls, we hope our less-experienced users will understand the place of firewalls in the modern arsenal of online protection options.
Misconception 1: Firewall was a good movie(!)
Whilst your Mother may have enjoyed handsome Harrison Ford’s appearance on the 2008 movie Firewall, it’s likely she will admit the film had a rather predictable plot. Sure, Firewall highlighted some of the threats in the online world, but I think you’ll agree that Firewall wasn’t an Oscar-nominating moment for Harrison Ford. Enough said.
Misconception 2: Firewalls protect your computer by detecting malware
Firewalls can provide a false sense of security in the modern online world. Allow us to explain: The main purpose of a software firewall is to eliminate potential entry points attackers could use to get onto your computer. However, what if you put up the firewall when you already have malware active on your PC? You may think you’re protected, but you already have a malware infection and the firewall won’t make it go away.
This is because software firewalls are simply not designed to detect malware that is already active on your PC. Even with a firewall, malware could be actively communicating your data with a hacker on the other side of the world.
Also, common malware infection methods don’t require using any sort of brute-force methods of breaking into your computer. They infect using methods that a firewall can’t block in the first place, such as convincing the user to run an application that is other than what they think they’re getting.
Misconception 3: Firewalls are always HIPS (host-based intrusion prevention systems)
Not so long ago, all software firewall products did exactly what users expected them to do: Filter network data. Today, that’s still the classic definition of the term ‘firewall’; however, firewall technology was soon ‘developed to death’ (= no more space for innovation -> all vendors offering a similar level of quality). Therefore, vendors started to add new and often overkill features to their firewall products, such as monitoring of all sorts of operating system changes and detecting thousands of other ‘suspect’ things.
The major problem with these technologies is that for all their monitoring and detection capability they are relatively clumsy. They tend to raise an alert for each and every action that could possibly lead to an attack, but the truth is that about 99.9% of all such alerted actions are not malicious.
As mentioned earlier, such alerts are annoying and even dangerous because they can train users to click ‘Allow’, day in, day out. Eventually, the users’ well-intended and complacent clicking of ‘allow’ is likely to allow an intruder through the gate.
HIPS are therefore recommended for experts only, who can fully understand the large amount of alerts they produce and take advantage of the extra protection layer this can provide. "
Full Source :
blog.emsisoft.com
Let’s take a real-life example; does your Mother actually know (or care) what a firewall is? Does your little sister really need a firewall to protect her from the world of online criminals? By clearing up three misconceptions about firewalls, we hope our less-experienced users will understand the place of firewalls in the modern arsenal of online protection options.
Misconception 1: Firewall was a good movie(!)
Whilst your Mother may have enjoyed handsome Harrison Ford’s appearance on the 2008 movie Firewall, it’s likely she will admit the film had a rather predictable plot. Sure, Firewall highlighted some of the threats in the online world, but I think you’ll agree that Firewall wasn’t an Oscar-nominating moment for Harrison Ford. Enough said.
Misconception 2: Firewalls protect your computer by detecting malware
Firewalls can provide a false sense of security in the modern online world. Allow us to explain: The main purpose of a software firewall is to eliminate potential entry points attackers could use to get onto your computer. However, what if you put up the firewall when you already have malware active on your PC? You may think you’re protected, but you already have a malware infection and the firewall won’t make it go away.
This is because software firewalls are simply not designed to detect malware that is already active on your PC. Even with a firewall, malware could be actively communicating your data with a hacker on the other side of the world.
Also, common malware infection methods don’t require using any sort of brute-force methods of breaking into your computer. They infect using methods that a firewall can’t block in the first place, such as convincing the user to run an application that is other than what they think they’re getting.
Misconception 3: Firewalls are always HIPS (host-based intrusion prevention systems)
Not so long ago, all software firewall products did exactly what users expected them to do: Filter network data. Today, that’s still the classic definition of the term ‘firewall’; however, firewall technology was soon ‘developed to death’ (= no more space for innovation -> all vendors offering a similar level of quality). Therefore, vendors started to add new and often overkill features to their firewall products, such as monitoring of all sorts of operating system changes and detecting thousands of other ‘suspect’ things.
The major problem with these technologies is that for all their monitoring and detection capability they are relatively clumsy. They tend to raise an alert for each and every action that could possibly lead to an attack, but the truth is that about 99.9% of all such alerted actions are not malicious.
As mentioned earlier, such alerts are annoying and even dangerous because they can train users to click ‘Allow’, day in, day out. Eventually, the users’ well-intended and complacent clicking of ‘allow’ is likely to allow an intruder through the gate.
HIPS are therefore recommended for experts only, who can fully understand the large amount of alerts they produce and take advantage of the extra protection layer this can provide. "
Full Source :
Three misconceptions surrounding firewalls - Emsisoft | Security Blog
There's a common misconception that having a firewall installed is enough to protect your computer from hackers. In the old days, this might have been the case. However, nowadays, a firewall on its own will not give the average user enough protection from modern malware. Even if you have a good...
blog.emsisoft.com
