FIREWALL CHECK

Discussion in 'Windows Vista Security' started by Richard, Jul 27, 2008.

  1. Richard

    Richard Guest

    I need some help please. I have Windows Vista Home Premium and Norton
    Internet Security 2008.
    When I try to log onto the Internet, I get a firewall check. I reply:
    (1) disable the (Windows) firewall,
    (2) don't perform this check again.
    But this check reappears every time I try to log onto the Internet.
    How do I stop this message reappearing?
     
    Richard, Jul 27, 2008
    #1
    1. Advertisements

  2. Richard

    Charlie Tame Guest


    At some point in the future you will be forced to completely remove
    Norton, it is the single worst piece of junk ever sold for the PC.
    McAfee is no better really.

    By default the Windows firewall causes little trouble, but to isolate
    the problem you need to go into the Norton Settings and disable it all,
    work back from there. Actually it would be better to uninstall Norton
    completely but you MUST follow their instructions and use their removal
    tool because otherwise trying to uninstall it will likely trash your
    system. This is quite deliberate on their part to stop you from getting
    rid of it.
     
    Charlie Tame, Jul 27, 2008
    #2
    1. Advertisements

  3. They make a removal tool to stop you from getting rid of it?
    Are you insane?
    :eek:)
     
    FromTheRafters, Jul 27, 2008
    #3
  4. Richard

    Peter Foldes Guest

    Get rid of Norton. The Windows Firewall is far better than any 3rd party Firewall
     
    Peter Foldes, Jul 27, 2008
    #4
  5. Richard

    Kayman Guest

    A number of experts agree that the retail AV version of McAfee, Norton and
    Trend Micro has become cumbersome and bloated for the average user.

    The major Norton criticisms are related to stability and footprint, the
    most common problem being slow-downs because of the massive system
    resources Norton hogs. There are products on the market with equal or
    better test results than Symantec's products, consuming less resources at a
    lower price (even free ones).

    The retail version of Norton can play havoc with your pc. Uninstall it
    using Norton's own uninstall tool:

    Download and run the Norton Removal Tool and try to get a refund:
    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039
    The Norton Removal Tool uninstalls all Norton 2008/2007/2006/2005/2004/2003
    products and Norton 360 from your computer.

    You are not going to find anything better than the Vista FW and Vista in
    itself due to the advanced features the FW and Vista are using.

    Jesper's Blogs-
    At Least This Snake Oil Is Free.
    http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx
    Windows Firewall: the best new security feature in Vista?
    http://blogs.technet.com/jesper_johansson/archive/2006/05/01/426921.aspx

    Exploring The Windows Firewall.
    http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
    "If you try to block outbound connections from a computer that’s already
    compromised, how can you be sure that the computer is really doing what you
    ask? The answer: you can’t. Outbound protection is security theater—it’s a
    gimmick that only gives the impression of improving your security without
    doing anything that actually does improve your security. This is why
    outbound protection didn’t exist in the Windows XP firewall and why it
    doesn’t exist in the Windows Vista™ firewall."

    Managing the Windows Vista Firewall
    http://technet.microsoft.com/en-us/magazine/cc510323.aspx

    Tap into the Vista firewall's advanced configuration features
    http://articles.techrepublic.com.com/5100-10877-6098592.html
    "...once you discover the secret of accessing its advanced configuration
    settings via the MMC snap-in, you'll find it to be far more configurable
    and functional. At last, Windows comes with a sophisticated personal
    firewall that can be used to set up outbound rules as well as inbound, with
    the ability to customize rules to fit your precise needs."
    Or
    Configure Vista Firewall to support outbound packet filtering
    http://searchwindowssecurity.techtarget.com/tip/0,289483,sid45_gci1247138,00.html
    Or
    Vista Firewall Control (Free versions available).
    Protects your applications from undesirable network incoming and outgoing
    activity, controls applications internet access.
    http://sphinx-soft.com/Vista/
    The free version may be all you need, check the comparisons under
    the "Download and Buy" link.

    Real-time AV applications - for viral malware.
    Do not utilize more than one (1) real-time anti-virus scanning engine!
    Disable the e-mail scanning function during installation (Custom
    Installation on some AV apps.) as it provides no additional protection.

    Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail
    http://thundercloud.net/infoave/tutorials/email-scanning/index.htm
    Viral Irony: The Most Common Cause of Corruption.
    http://www.microsoft.com/windows/IE/community/columns/filecorruption.mspx

    Avira AntiVir® Personal - FREE Antivirus
    http://www.free-av.com/
    You may wish to consider removing the 'AntiVir Nagscreen'
    http://www.elitekiller.com/files/disable_antivir_nag.htm
    or
    Free antivirus - avast! 4 Home Edition
    It includes ANTI-SPYWARE protection, certified by the West Coast Labs
    Checkmark process, and ANTI-ROOTKIT DETECTION based on the best-in class
    GMER technology.
    http://www.avast.com/eng/avast_4_home.html
    (Choose Custom Installation and under Resident
    Protection, uncheck: Internet Mail and Outlook/Exchange.)
    or
    AVG Anti-Virus Free Edition
    http://free.grisoft.com/
    (Choose custom install and untick the email scanner plugin.)
    or
    ESET NOD32 Antivirus - Not Free
    http://www.eset.com/
    or
    Kaspersky® Anti-Virus 7.0 - Not Free
    http://www.kaspersky.com/homeuser

    and (optional but highly recommendable)

    On-demand AV applications.
    (add them to your arsenal and use them as a "second opinion" av scanner).
    David H. Lipman's MULTI_AV Tool
    http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
    http://www.pctipp.ch/downloads/dl/35905.asp
    English:
    http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/
    Additional Instructions:
    http://pcdid.com/Multi_AV.htm
    and/or
    Kaspersky's AVPTool
    http://downloads5.kaspersky-labs.com/devbuilds/AVPTool/
    There's no updating involved since the scanning engine is updated
    several times a day and you simply download the updated scanner whenever
    you want to do a scan.

    Dr.Web CureIt!® Utility - FREE
    http://www.freedrweb.com/cureit/

    Malwarebytes© Corporation - Anti-Malware
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe
    Note: It is Free for private use. Just download (do NOT buy) and install.

    A-S applications - for non-viral malware.
    The effectiveness of an individual A-S scanners can be wide-ranging and
    oftentimes a collection of scanners is best. There isn't one software that
    cleans and immunizes you against everything. That's why you need multiple
    products to do the job i.e. overlap their coverage - one may catch what
    another may miss, (grab'em all).

    SuperAntispyware - Free
    http://www.superantispyware.com/superantispywarefreevspro.html
    and
    Ad-Aware 2007 - Free
    http://www.lavasoftusa.com/products/ad_aware_free.php
    http://www.download.com/3000-2144-10045910.html
    and
    Spybot Search & Destroy - Free
    http://www.safer-networking.org/en/download/index.html
    and
    Windows Defender - Free (build-in in Vista)
    http://www.microsoft.com/athome/security/spyware/software/default.mspx
    WD monitors the start-registry and hooks registers/files to prevent spyware
    and worms to install to the OS.
    Interesting reading:
    http://www.pcworld.com/article/id,136195/article.html
    "...Windows Defender did excel in behavior-based protection, which detects
    changes to key areas of the system without having to know anything about
    the actual threat."

    After the software is updated, it is suggested scanning the system in Safe
    Mode.

    A clarification on the terminology: the word "malware" is short for
    "malicious software." Most Anti-Virus applications detect many types of
    malware such as viruses, worms, trojans, etc.
    What AV applications usually don't detect is "non-viral" malware, and the
    term "non-viral malware" is normally used to refer to things like spyware
    and adware.

    Good luck :)
     
    Kayman, Jul 28, 2008
    #5
  6. ????????? I can accept that there is an argument as to whether it is
    adequate or not (I'm clearly on the "It's not!" camp), but I've *NEVER*
    heard it rated as better than any other firewall!!!

    What do you base this statement on??

    --

    Regards,
    Hank Arnold
    Microsoft MVP
    Windows Server - Directory Services
     
    Hank Arnold (MVP), Jul 28, 2008
    #6
  7. This is the same guy who last week told someone that a failing CMOS
    battery was the probably cause of a system clock losing time during
    the day while it was powered-up with Windows running.
     
    Paul Montgomery, Jul 28, 2008
    #7
  8. Richard

    Kayman Guest

    Peter said: "any *3rd party* Firewall"* and most probably referred
    specifically to 3rd party software personal firewalls (PFW).
    I can't speak for Peter but there are credible reports in circulation
    confirming his assertion. The reports are not commercially sponsored.
    BTW, test reports conducted by some firewall testing organizations used to
    test the Windows Firewall for *outbound traffic control* (a function which
    never ever was incorporated) and compared it with 3rd party f/w apps.
     
    Kayman, Jul 28, 2008
    #8
  9. Richard

    +Bob+ Guest

    I think you need to be a little more definitive on what reports to
    make the claim you did. Lots of reports (in many industries) make
    claims but when you examine their testing criteria and methods you
    come to other conclusions.
    Which is why you want a real personal FireWall like Zone Alarm. If you
    have a router in place with NAT and WPA with a good password, inbound
    is of relatively limited concern. Outbound, OTOH, not only prevents MS
    programs and others from calling home for no apparent reason, but
    helps identify when an evil program has infected your system and is
    attempting net access. These issues are much more of a concern than
    inbound access.
     
    +Bob+, Jul 29, 2008
    #9
  10. Richard

    Mr. Arnold Guest

    And they can cut through the snake-oil crap in ZA or any other solution like
    ZA like a hot knife through butter. The job of a personal FW (it's not a
    FW)/packet filter is stop unsolicited inbound packets, by default, from
    reaching services and the O/S running on the machine and to prevent outbound
    packets from leaving the machine, by setting packet filtering by port
    TCP/UDP, protocol -- HTTP, FTP, ICMP, etc, etc, IP, subnet mask or domain
    for inbound and outbound traffic.

    The job of the personal FW/packet filter has been blown up out of
    proportion, and it's not a malware solution, trying to protect you from you
    that it cannot do. That's snake-oil and candy technology in them as a home
    user security blanket giving a false sense of security.


    http://www.securityfocus.com/infocus/1840

    There are other ways, that one can cut through the crap snake-oil like
    Application Control in PFW(S). Another way is to beat the PFW(S) to the
    network connection during the boot process before the PFW service is even up
    and running. It has done its thing and is done before the PFW could even
    know that it has happened.
     
    Mr. Arnold, Jul 29, 2008
    #10
  11. Richard

    Peter Foldes Guest

    Hello Hank

    From personal testing (usage). I have tried a few 3rd party ones and aside from bloating and the obvious cost they are no better than the Firewall supplied by Windows.
     
    Peter Foldes, Jul 29, 2008
    #11
  12. Once you have an "evil program" executing on your machine, the
    game is over. That is unless it is a very lame "evil program". The
    firewall application would now be running on a system that can't
    be trusted - and so itself can't be trusted even if it tells you it can
    be trusted.

    IOW a false sense of security exists whether or not the machine
    is compromised.
     
    FromTheRafters, Jul 29, 2008
    #12
  13. Richard

    +Bob+ Guest

    I agree that some programs can work towards beating your outbound
    firewall - but on a practical basis, it catches quite a few. Some is
    better than none.
    99.99% of users have a false sense of security. THat's why so many of
    their machines get infected. An outbound firewall is one more layer
    that can help identify problems.
     
    +Bob+, Jul 29, 2008
    #13
  14. Richard

    Mr. Arnold Guest

    Application control in PFW(s) is not outbound control. It's application
    control, which should be under the control of the O/S. The buck stops with
    the O/S not the PFW/packet filter. If the O/S can be fooled, then anything
    that runs with the O/S can be easily fooled too.

    Any of today's PFW(s)/personal packet filter even Vista's FW/packet filter
    has the ability to stop outbound packets from leaving the machine by setting
    outbound packet filtering rules. The stuff you're talking about has no
    business trying to do application control. Their job is to act as packet
    filter.

    99.99% of users don't have a false sense of security. 99.99% of users don't
    know what security is about period. 99.99% of them if a message comes up
    into their face to allow or disallow something, they flat out don't know the
    circumstances as to why it's even happening.

    So, they stop something like Svchost.exe from accessing the network.
    Svchost.exe is not the one that wants access. Svchost.exe only host
    something, a program, that wants the access. So, they stop Svchost.exe this
    time never knowing what they really needed to stop. Then they turn around
    and allow Svchost.exe to access the network, and then the exploit now has
    its shot to get out un-detected, piggy backing of that instance of
    Svchost.exe that was granted access.
     
    Mr. Arnold, Jul 29, 2008
    #14
  15. Richard

    Kayman Guest

    What is there to 'catch'. Since malware already has/is manipulating your OS
    the game is lost[PERIOD]!
    And 99.99% of quoted statistics are made up on the spot...
    No, unsafe browsing and relying on Phony-Baloney Ware such as 3rd party
    software (so-called) firewalls aka Illusion Ware gets you in hot water.
    Relying on this layer is precisely what gives you this false sense of
    security.

    Educate yourself, Google can assist.
    BTW, ever wondered why nobody responded to your WLM query?
     
    Kayman, Jul 29, 2008
    #15
  16. As an aside, would you feel safe with an antivirus that recognizes
    "quite a few" viruses? True, some is better than none, but the
    idea that only the lame ones will be caught would not give me the
    warm fuzzy feeling that personal firewall applications seem to promise
    the user.
    ....and 90% of those achieve it without additional software running
    on their machine telling them how safe they are.
    I agree that they are not *completely* useless.
     
    FromTheRafters, Jul 29, 2008
    #16
  17. Richard

    +Bob+ Guest

    But the point be argued here is having an outbound firewall vs. none
    at all (windows firewall).

    No A/V solution will catch everything. Add a few layers - an extra
    non-unobtrusive, non-performance impacting layer that can help is
    worth it, IMHO.
    When has an outbound firewall ever done anything to make the 99% feel
    safe? Most of them don't even know it's there until it reports
    something. They feel safe thorough ignorance of the dangers, not
    knowledge of the solutions.
     
    +Bob+, Jul 30, 2008
    #17
  18. Richard

    Mr. Arnold Guest

    Once again, will someone tell this person what outbound packet filtering
    means, which Vista has outbound packet filtering. What he is talking about
    is application control, which are two differnt things and is snake-oil.
     
    Mr. Arnold, Jul 30, 2008
    #18
  19. Richard

    +Bob+ Guest

    Nonsense. Not all malware is sharp enough to avoid firewall detection.
    Not all malware infections are lost cases. Repair is possible quite
    often. The earlier the problem is detected, the higher the probability
    for repair. There are enough malware schemes that don't avoid the
    firewall that it is worth using one. PERIOD.

    Museums have sophisticated security systems. Nonetheless, criminals
    get through them and steal valuable items fairly consistently. Do the
    museums throw up their arms and say "we won't bother with an alarm
    system since there are _some_ people who can beat it". No, they
    install a security system that keeps out the large majority of
    potential thieves, recognizing that no system is perfect.
    The fact that some people have an illusion of safety does not negate
    the increased security offered by an outbound firewall.
    There's a difference between relying and utilizing.
    No, I've been spending my "wondering time" puzzling over how someone
    becomes such a condescending, know-it-all, dick head like you.
     
    +Bob+, Jul 30, 2008
    #19
  20. Richard

    +Bob+ Guest

    On Wed, 30 Jul 2008 13:01:16 -0400, "Mr. Arnold" <MR.
    Vista's outbound filtering needs manual configuration and is well
    beyond the scope of anyone who doesn't have serious training.
    Application filtering is not snake-oil and does have value. It's also
    possible for average users to actually turn it on an have it work.
     
    +Bob+, Jul 30, 2008
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.