I’m surprised I don’t blog more about technical items since that’s what my day job is. Perhaps my blog is to escape from all things technical.
Anyway, I came across this dialog box the other day on one of my machines and had to laugh. It’s a great example of poor computer security and bad usability. It kind of defeats the purpose of a firewall if every time an application tries to start listening on a port, the OS asks you if it’s okay. Firewalls are not designed to be user-friendly. Firewalls are designed to work by policy. And policy doesn’t change when a new application starts up.
4 Trackbacks/Pingbacks
Very good point. You’re correct, firewalls shoudln’t be userfriendly. I haven’t made any changes to my firewall setup @ home for a year or so probably. I’ve got a homebrew script that makes use of iptables to firewall and forward requests. I always just disable the windows firewall because I see it as basically being worthless.
I think I’ve even seen a pretty simple VBA script that can turn it off. And it basicly just a version of what Zone Alarm was doing 3 years ago with some fancy vector graphics added to it.
I will say that it has made my life of maintaining my Mom’s computer a bit easier because it doesn’t leave all of her ports open by default anymore. Mom’s and firewalls have been a notorious pain in the butt in previous years.
Thanks Dave, I deleted your duplicate anonymous comment. The real question is why are all those ports listening in the first place so you need a firewall? This is a home machine – it should default to not listen on any port except via 127.0.0.1. But a netstat on my XP box shows it listening on at least 3 ports using the default IP address – not 127.0.0.1.
And is that with the Windows FW turned on already?
Leaky computers weren’t really a problem back in my dialup days, but now that I have an always on connection and a seldom off PC, I need something much more robust than windows FW. I remember how difficult it was for me to figure out how to close ports on my windows 98SE machine way back when so this is a tool that can be useful, but it still needs more functionality.
Post a Comment