Time to vent.

This week there have been at least three posts for support that come to mind where people want support. In their posts (and/or replies) they've mentioned that they've disabled the firewall on their router AND on their PCs.

Do. . . do these people have ANY concern for their computers? Have they never heard of viruses, hacks, zombie computers, worms, and all the other myriad things that are "lurking" out there on the Internet?

Sure, it's "easier" to host games or a TeamSpeak server or whatever else on your computer if you disable your firewalls, but the whole POINT of a firewall is to make it difficult to get to your computer.

When you remove these roadblocks, you also remove the same roadblocks that stop people from attacking your system.

I know it's a pain, when you're coming home, with bags of groceries in your hand, to stop and unlock the door to get into your house - why not just remove the doors altogether? Sure, nobody out there is "out to get you" - you haven't made any enemies, so nobody will "target" your house, right?

There's certainly NO chance of some random person passing your home, seeing the lack of doors, and wandering in to help themselves to your television.

ARGH!

Time to vent.

This week there have been at least three posts for support that come to mind where people want support. In their posts (and/or replies) they've mentioned that they've disabled the firewall on their router AND on their PCs.

Do. . . do these people have ANY concern for their computers? Have they never heard of viruses, hacks, zombie computers, worms, and all the other myriad things that are "lurking" out there on the Internet?

Sure, it's "easier" to host games or a TeamSpeak server or whatever else on your computer if you disable your firewalls, but the whole POINT of a firewall is to make it difficult to get to your computer.

When you remove these roadblocks, you also remove the same roadblocks that stop people from attacking your system.

I know it's a pain, when you're coming home, with bags of groceries in your hand, to stop and unlock the door to get into your house - why not just remove the doors altogether? Sure, nobody out there is "out to get you" - you haven't made any enemies, so nobody will "target" your house, right?

There's certainly NO chance of some random person passing your home, seeing the lack of doors, and wandering in to help themselves to your television.

ARGH!

Yeah, i know what you mean

I have a hardware firewall (SPI + NAT) on my router, and then windows XP firewall

I know im safe, or as safe as i need to be

Netgear Technical support asked me to put my pc in the DMZ for a test, i just laughed - Cause i wasnt going to do that, especially not on a pc without a firewall!

This software is supposedly getting more and more simple to use, i mean, for gods sake, software such as zone alarms firewall, asks you what you want to allow internet access...


I have nothing against the luddites/computer 'unsaavy', its fair enough. What annoys me is the people who think they know, and dont, or do stuff that they have no idea about...

Yes, you are right.


To disable the firewall should be only to be sure, that the firewall is not the reason for the problem.

It's no solution for any problem.

Yes, you are right.


To disable the firewall should be only to be sure, that the firewall is not the reason for the problem.

It's no solution for any problem.

Yeah, only a cause of many more, as WolfStar76 said

My favorite is the people who pretend to be all educated about firewalls. Case in point - the user in the Server Support forum (English Windows) who posted he doesn't use any software firewalls because (to paraphrase) there isn't one that doesn't cause more problems than it solves.

Um, again, creating problems is kinda the POINT of firewall software.

I've given up trying to help people like that - there could be any NUMBER of malware applications on that box causing problems. Good luck getting it solved.

My favorite is the people who pretend to be all educated about firewalls. Case in point - the user in the Server Support forum (English Windows) who posted he doesn't use any software firewalls because (to paraphrase) there isn't one that doesn't cause more problems than it solves.

Um, again, creating problems is kinda the POINT of firewall software.

I've given up trying to help people like that - there could be any NUMBER of malware applications on that box causing problems. Good luck getting it solved.


I think we should write a selection of general answers for these sorts of queries

Or just do like thomas, and tell people to search :) - Shame we cant trash them

there isn't one that doesn't cause more problems than it solves.

Using a firewall (aka packetfilter) on a "normal" desktop system is usually totally unecessary, as a normal desktop system should not have ANY services that listen on ports. In this case, adding in a firewall just adds an attack-vector (yes, firewalls can have (and have had!) bugs that lead to vulnerabilities that the attacker can exploit remotely to gain access to the system).
The thing is, on the most used operating system it seems to be difficult (if not impossible?) to close-down all listening services and still have a functioning system. This undesired behaviour can be "patched over" with a firewall, but as said above, this is not really the sollution but rather a workaround.

I'll have to agree to disagree with you there.

I've read multiple reports (and I'll have to see if I can find them anymore to cite them as a source) that have shown where an XP box, with no firewall and a direct "pipe" to the Internet (no hardware firewall) is usually located and infected with some sort of malware in 4-8 hours - and that's without user intervention or actively surfing the Internet/Downloading/etc.

I will freely admit, however, this was around the SP1 version of XP, and there were some nice updates in SP2, so that may no longer hold true - but it's more than enough to make someone like me wary.

If you have a HARDWARE firewall in place, I'd say a software firewall is an "option" - but one well worth having. (Much like an airbag is a nice option - as long as you're already wearing a seatbelt).

But, to each their own. You're a coder, if I'm not mistaken, as may very well know the ins and outs in finer detail than I do. :)