Personal firewalls are 'futile'

I just posted the article Personal firewalls are ‘futile’.

Just like anti virus programs we need firewalls even so hard.
Online your a sitting duck for hacker and scriptkiddies who enter your pc in no time if you didnt protect your pc but as you can read in…

Read the full article here:  [http://www.cdfreaks.com/news/2802-Personal-firewalls-are-futile.html](http://www.cdfreaks.com/news/2802-Personal-firewalls-are-futile.html)

Feel free to add your comments below. 

Please note that the reactions from the complete site will be synched below.

I really don’t understand why this guy and others alike have to tell everyone in the universe <B>HOW</B> to do the bypass. :frowning: <B>GIVING</B> the hackers out there another tool to reek havoc.

:+ What a hero… Good on him… Personal firewalls currently only go so far. They currently are not designed to check EVERY file run from the machine. I feel he achieves nothing with this. Virus protection should be checking for trojans such as this.

Wait a minute, aren’t we supposed to run this by microsoft first? =)

Hello, It’s not the personal firewalls that are futile but rahter the os they run on, and the script kiddies, they’re pretty futile as well. A good OS is one that makes the whole premise of a virus obsolete. Sure you can still get a trojan on a BSD/System 4/5 system but unless your dumb enough to use root as your standard user this isn’t a big deal. A firewall in my opinion has one purpose and it is to filter packets (in/out) between an internal LAN (or single computer) and external computers (or rahter trusted adn non-trusted networks). Packet filtering will most likely do the job. That is the sole concern of a firewall. If you need advanced packet filtering / inspection then that is the job of a proxy and or virus software. I agree totally with freddy. Btw there will never be a system whether windows or unix that is completely safe, or a firewall / proxy that protects against every concievable threat ,no matter what you throw at it, it simply isn’t doable. Not doable unless you yank the network cable and lock it in a safe that is ;). Keigroove - Would you rather be kept in the dark about say a faulty brake system on your car and be totally surprised when one day the brakes don’t work, or would you prefer to be warned and have a chance to fix the problem? Just becuase you don’t know of a certain exploit doesn’t make you impervious to the attack, the good hackers still know of it. Whether or not the script kiddies know of it is quite inconciquencial as most don’t know what ot do with the information until someone posts a progam with a “click here to hack” button. The real hackers probably have better things to do than hack the average joe blow and his 4gig porn collection…anyhow. // swede242

Like I have anything that important on my little home computer that somebody is interested in hacking to get access to.

yeah, whoever’s post i just read is kinda right… i mean, if you run a strange exe on your machine, it doesnt even have to be clever enough to modify a dll of IE… it could just replace your firewall.exe with a modified firewall.exe which is a fake one or something when you next reboot. lol. but yeah, this does make me think… cant rely on zonealarm to block ALL progs from accessing the net for now… come on zonelabs, how about an update please, you loverly people!

You misunderstood. In the article he is saying how the firewall can be circumvented, then he goes and tells you HOW to do it. I was saying that he should just say that the firewall can be circumvented, there’s no need to go all out and show everyone how to do it. For example let’s say there’s a new security hole discovered in WinXP (and i’m sure it won’t be long). Joe Schmoe can either tell everyone in the world that it exists and also tell them how to exploit it… or he can be smart and tell people it exists and alert Microsoft. Microsoft will probably release a patch before anyone can take full advantage of the flaw.

Hello, Keigroove I see your point but I don’t agree with it. As I see it just because an exploit comes to the attention of the general public and script kiddies doesn’t make it harmful in itself. The harm is done in one of two ways: 1. The problem is never brought out in the light and the hackers exploit it time and again without anyone knowing how they did it, or maybe even that it occurred at all. 2. The information is released to the public and script kiddies use it to exploit systems that, in spite of the fact that the problem has been made public, haven’t been patched / updated because the lazy admin couldn’t be bothered to do his job. I conceede that this is more applicable to sys-admins. who actually get paid to keep the information safe and not to the average home user whom, unless interested in the subject of security, has no way to stay ajure with exploits. You could argue that this is of little value to windows users whom have a limited (if any) possibility to patch the code, but then releasing it to the public forces MS to act quicker. I doubt just reporting an exploit to MS would do much (common it’s MS we’re talking about here :wink: ) you have to force their hand. // swede_242

I’m not too sure who ripped who off. But this person came up with pretty much the same ideas. http://tooleaky.zensoft.com/

Firewalls ‘FUTILE’, I think not. What about all the good thinkz they do…have we forgotten ? Anwayz tot it was the responsibility of the OS to protect system DLL’s not the FIREWALL. Ms has built in everthing but the kitchen sink…herez one area they should pay attention to :4