I wouldn't say that it's *always* unecessary, just not in a typical home
envirnoment.  If I were using my home PC to do "real work" that mattered if
it were lost then sure, my level of paranoia would escalate and I would
consider a software firewall.  Like I said, my work laptop has it.  I try
to restrict internet access for the kids and have a nightly backup to make
sure that we don't loose the family photos and our e-mail in the event of a
hard drive crash.

While I might be upset if covert software such as Sony's rootkit got
installed without my knowledge it's not worth it to me for my home
especially if I have to buy it for 8 computers.  (Remember--the subject is
"Home network problem".)

Dave Parnin
--
Nishikawa Standard Company
Topeka, IN  46571
daparnin@xxxxxxxxxxxxxx




                                                                                
                              
                      "Jones, John                                              
                              
                      \(US\)"                  To:       "PC Technical 
Discussion for iSeries Users"          
                      <John.Jones@xxxxx         <pctech@xxxxxxxxxxxx>           
                              
                      l.com>                   cc:                              
                              
                      Sent by:                 Subject:  RE: [PCTECH] Home 
network problem                    
                      pctech-bounces@mi                                         
                              
                      drange.com                                                
                              
                                                                                
                              
                                                                                
                              
                      12/29/2005 03:06                                          
                              
                      PM                                                        
                              
                      Please respond to                                         
                              
                      PC Technical                                              
                              
                      Discussion for                                            
                              
                      iSeries Users                                             
                              
                                                                                
                              




While I don't agree that a software firewall is unnecessary, I do agree
with Dave's summary.  Don't just de-activate, but uninstall ZA.  Get the
share working.  Then re-install ZA.  If the share breaks, you have an
obvious path to troubleshoot (or seek support from the vendor).

As has been mentioned before, many of the better approaches to security
involve a layered approach.  Layer the software firewall on top of the
hardware firewall.  Layer the AV & AntiSpyware apps ontop of that.

The software firewall specifically provides a layer of support that the
hardware firewall doesn't.  For instance, the hardware firewall would
not stop the privacy invasion caused by the Sony rootkit exploit.

--
John A. Jones, CISSP
Americas Information Security Officer
Jones Lang LaSalle, Inc.
V: +1-630-455-2787  F: +1-312-601-1782
john.jones@xxxxxxxxxx

-----Original Message-----
From: pctech-bounces@xxxxxxxxxxxx [mailto:pctech-bounces@xxxxxxxxxxxx]
On Behalf Of daparnin@xxxxxxxxxxxxxx
Sent: Thursday, December 29, 2005 1:50 PM
To: PC Technical Discussion for iSeries Users
Subject: Re: [PCTECH] Home network problem





That sounds like an internal security problem.  If you have a virus or
spyware that's harvesting your personal info then deal with that with
anti-virus or anti-spyware software.  Catch it before you get infected.
If you are logging on to a commercial web site and entering things like
credit card numbers then make sure that it's a secure connection.  If
not then don't blame them for sniffing out your data.  If your kid set
up the network/Internet connection for you and you are using it without
knowing you've got a secure environment, again, that was your decision.
Personally, I've got anti-virus and anti-spyware software and I'm
trusting my router to keep hackers out.  It may not be perfect but I
also don't triple-lock my doors, have bars on my windows, or let my kids
secure the Internet for me either.  If it were a business environment I
would be more concerned about security.  At home I'm more concerned with
restricting what web sites my kids can go to.  I can also see the other
PC's on my network.

Regardless of your desired level of security I still advocate taking
Zone Alarm out of the mix until sharing works as expected.  It may not
be part of the problem but you may not know that.  Once you have things
working you can put it back in if that's what you want.


Dave Parnin
--
Nishikawa Standard Company
Topeka, IN  46571
daparnin@xxxxxxxxxxxxxx






                      Dan

                      <dan27649@xxxxxxx        To:       PC Technical
Discussion for iSeries Users
                      om>                       <pctech@xxxxxxxxxxxx>

                      Sent by:                 cc:

                      pctech-bounces@mi        Subject:  Re: [PCTECH]
Home network problem
                      drange.com





                      12/29/2005 01:45

                      PM

                      Please respond to

                      PC Technical

                      Discussion for

                      iSeries Users







On 12/29/05, daparnin@xxxxxxxxxxxxxx <daparnin@xxxxxxxxxxxxxx> wrote:
>
> Why are you running Zone Alarm?  I thought that you said you said that

> it was a desktop PC and that you had a Linksys router.  The router
> should handle the firewall function for you.  I would vote to
> eliminate the things such as Zone Alarm that could be getting in your
> way and make the environment as simple as possible.  Once you have it
> working in a simple environment then you can start making things more
> complex.


I have a similar situation at home, using a consumer-level
router-firewall, and ZA.

Unfortunately for Jeff, my 16-year old got the "network" set up, and we
had some issues, but he figured them out.  I probably should have him
give me a rundown of what he did.  But, I digress.

The basis for deciding to do this was that esteemed members of this list
educated me (let's see how accurately I remember the lesson!) that the
router-firewall only restricts things coming in, and doesn't care if
you're sending all your keystrokes, bank account numbers, social
security numbers to some friendly guy in Russia.  That's where the
ZA-type firewalls come into play.

Did I remember the lesson correctly?

- Dan
--
This is the PC Technical Discussion for iSeries Users (PcTech) mailing
list To post a message email: PcTech@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives  at
http://archive.midrange.com/pctech.

--
This is the PC Technical Discussion for iSeries Users (PcTech) mailing
list To post a message email: PcTech@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/pctech.


This email is for the use of the intended recipient(s) only.  If you have
received this email in error, please notify the sender immediately and then
delete it.  If you are not the intended recipient, you must not keep, use,
disclose, copy or distribute this email without the author's prior
permission.  We have taken precautions to minimize the risk of transmitting
software viruses, but we advise you to carry out your own virus checks on
any attachment to this message.  We cannot accept liability for any loss or
damage caused by software viruses.  The information contained in this
communication may be confidential and may be subject to the attorney-client
privilege. If you are the intended recipient and you do not wish to receive
similar electronic messages from us in the future then please respond to
the sender to this effect.

--
This is the PC Technical Discussion for iSeries Users (PcTech) mailing list
To post a message email: PcTech@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
 at http://archive.midrange.com/pctech.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.