|
I agree. OK, you got me. I'll try it on one of the kids' PC's and see what happens. Personally, I never play Sony CDs. My 8-track player works just fine, thank <ker-chunk> you. You do make a lot of good points about layering protection. I was looking at it from a "what's to protect?" perspective. Performance could be affected if you get too much of that stuff. In the past I would typically reload Windows once or twice a year for the kids just because they bring home software from the library and then stop using it. That tends to keep things somewhat clean. I haven't really had to do it so much since XP came out. Dave Parnin -- Nishikawa Standard Company Topeka, IN 46571 daparnin@xxxxxxxxxxxxxx "Jones, John \(US\)" To: "PC Technical Discussion for iSeries Users" <John.Jones@xxxxx <pctech@xxxxxxxxxxxx> l.com> cc: Sent by: Subject: RE: [PCTECH] Home network problem pctech-bounces@mi drange.com 12/29/2005 04:01 PM Please respond to PC Technical Discussion for iSeries Users ZA has a free version: http://www.zonelabs.com/store/content/company/products/znalm/comparison. jsp?dc=12bms&ctry=US&lang=en&lid=ho_za or http://tinyurl.com/94j59 Personally, while ZA gets high marks I've been using an ancient version of the Kerio firewall for years. It's now been bought by Sunbelt Software, the folks who make Counterspy. For a limited time they're offering the Kerio FW for $14.95. Or you can use the free version: http://www.sunbelt-software.com/Kerio.cfm I would say the typical home PC network is where a personal/software firewall is most needed (along with the other security tools). It's that environment that won't have a competent IT professional available for installation, troubleshooting, and maintenance. The environments that pretty much anyone on this list are involved with are atypical. Atypical in the sense that they are actually managed. A typical environment will have children downloading music (maybe even legally), surfers of all ages who click on anything--including popups, people who forward chain emails, people who never wind up running an AV scan since the PC is never on when the scan is scheduled to run. They're behind, maybe way behind, on Windows Update (& Office Update if applicable). They may have wireless but probably don't have WPA configured. Or everything's at the defaults so just type 'Linksys' and you're in. They might even think the remote management facility of their router is cool so they open the management connection to the Internet (a huge no-no). Their browsers allow both JavaScript & ActiveX and have Flash/Shockwave installed. They don't use alternative media players. They listen to Sony CDs. These machines desperately need protection. -- John A. Jones, CISSP Americas Information Security Officer Jones Lang LaSalle, Inc. V: +1-630-455-2787 F: +1-312-601-1782 john.jones@xxxxxxxxxx -----Original Message----- From: pctech-bounces@xxxxxxxxxxxx [mailto:pctech-bounces@xxxxxxxxxxxx] On Behalf Of daparnin@xxxxxxxxxxxxxx Sent: Thursday, December 29, 2005 2:34 PM To: PC Technical Discussion for iSeries Users Subject: RE: [PCTECH] Home network problem I wouldn't say that it's *always* unecessary, just not in a typical home envirnoment. If I were using my home PC to do "real work" that mattered if it were lost then sure, my level of paranoia would escalate and I would consider a software firewall. Like I said, my work laptop has it. I try to restrict internet access for the kids and have a nightly backup to make sure that we don't loose the family photos and our e-mail in the event of a hard drive crash. While I might be upset if covert software such as Sony's rootkit got installed without my knowledge it's not worth it to me for my home especially if I have to buy it for 8 computers. (Remember--the subject is "Home network problem".) Dave Parnin -- Nishikawa Standard Company Topeka, IN 46571 daparnin@xxxxxxxxxxxxxx "Jones, John \(US\)" To: "PC Technical Discussion for iSeries Users" <John.Jones@xxxxx <pctech@xxxxxxxxxxxx> l.com> cc: Sent by: Subject: RE: [PCTECH] Home network problem pctech-bounces@mi drange.com 12/29/2005 03:06 PM Please respond to PC Technical Discussion for iSeries Users While I don't agree that a software firewall is unnecessary, I do agree with Dave's summary. Don't just de-activate, but uninstall ZA. Get the share working. Then re-install ZA. If the share breaks, you have an obvious path to troubleshoot (or seek support from the vendor). As has been mentioned before, many of the better approaches to security involve a layered approach. Layer the software firewall on top of the hardware firewall. Layer the AV & AntiSpyware apps ontop of that. The software firewall specifically provides a layer of support that the hardware firewall doesn't. For instance, the hardware firewall would not stop the privacy invasion caused by the Sony rootkit exploit. -- John A. Jones, CISSP Americas Information Security Officer Jones Lang LaSalle, Inc. V: +1-630-455-2787 F: +1-312-601-1782 john.jones@xxxxxxxxxx -----Original Message----- From: pctech-bounces@xxxxxxxxxxxx [mailto:pctech-bounces@xxxxxxxxxxxx] On Behalf Of daparnin@xxxxxxxxxxxxxx Sent: Thursday, December 29, 2005 1:50 PM To: PC Technical Discussion for iSeries Users Subject: Re: [PCTECH] Home network problem That sounds like an internal security problem. If you have a virus or spyware that's harvesting your personal info then deal with that with anti-virus or anti-spyware software. Catch it before you get infected. If you are logging on to a commercial web site and entering things like credit card numbers then make sure that it's a secure connection. If not then don't blame them for sniffing out your data. If your kid set up the network/Internet connection for you and you are using it without knowing you've got a secure environment, again, that was your decision. Personally, I've got anti-virus and anti-spyware software and I'm trusting my router to keep hackers out. It may not be perfect but I also don't triple-lock my doors, have bars on my windows, or let my kids secure the Internet for me either. If it were a business environment I would be more concerned about security. At home I'm more concerned with restricting what web sites my kids can go to. I can also see the other PC's on my network. Regardless of your desired level of security I still advocate taking Zone Alarm out of the mix until sharing works as expected. It may not be part of the problem but you may not know that. Once you have things working you can put it back in if that's what you want. Dave Parnin -- Nishikawa Standard Company Topeka, IN 46571 daparnin@xxxxxxxxxxxxxx Dan <dan27649@xxxxxxx To: PC Technical Discussion for iSeries Users om> <pctech@xxxxxxxxxxxx> Sent by: cc: pctech-bounces@mi Subject: Re: [PCTECH] Home network problem drange.com 12/29/2005 01:45 PM Please respond to PC Technical Discussion for iSeries Users On 12/29/05, daparnin@xxxxxxxxxxxxxx <daparnin@xxxxxxxxxxxxxx> wrote: > > Why are you running Zone Alarm? I thought that you said you said that > it was a desktop PC and that you had a Linksys router. The router > should handle the firewall function for you. I would vote to > eliminate the things such as Zone Alarm that could be getting in your > way and make the environment as simple as possible. Once you have it > working in a simple environment then you can start making things more > complex. I have a similar situation at home, using a consumer-level router-firewall, and ZA. Unfortunately for Jeff, my 16-year old got the "network" set up, and we had some issues, but he figured them out. I probably should have him give me a rundown of what he did. But, I digress. The basis for deciding to do this was that esteemed members of this list educated me (let's see how accurately I remember the lesson!) that the router-firewall only restricts things coming in, and doesn't care if you're sending all your keystrokes, bank account numbers, social security numbers to some friendly guy in Russia. That's where the ZA-type firewalls come into play. Did I remember the lesson correctly? - Dan -- This is the PC Technical Discussion for iSeries Users (PcTech) mailing list To post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/pctech or email: PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/pctech. -- This is the PC Technical Discussion for iSeries Users (PcTech) mailing list To post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/pctech or email: PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/pctech. This email is for the use of the intended recipient(s) only. If you have received this email in error, please notify the sender immediately and then delete it. If you are not the intended recipient, you must not keep, use, disclose, copy or distribute this email without the author's prior permission. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. The information contained in this communication may be confidential and may be subject to the attorney-client privilege. If you are the intended recipient and you do not wish to receive similar electronic messages from us in the future then please respond to the sender to this effect. -- This is the PC Technical Discussion for iSeries Users (PcTech) mailing list To post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/pctech or email: PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/pctech. -- This is the PC Technical Discussion for iSeries Users (PcTech) mailing list To post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/pctech or email: PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/pctech. This email is for the use of the intended recipient(s) only. If you have received this email in error, please notify the sender immediately and then delete it. If you are not the intended recipient, you must not keep, use, disclose, copy or distribute this email without the author's prior permission. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. The information contained in this communication may be confidential and may be subject to the attorney-client privilege. If you are the intended recipient and you do not wish to receive similar electronic messages from us in the future then please respond to the sender to this effect. -- This is the PC Technical Discussion for iSeries Users (PcTech) mailing list To post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/pctech or email: PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/pctech.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.