Software Firewalls-how good are they really?

[GDW]

Software Firewalls-how good are they really?

Earlier today I was chatting to someone on Direct Connect who despite using a Sygate firewall had his computer hacked. The hacker was able to send 'loop commands' to his cd burner and effectively broke it crashing his PC at the same time. Now I was a bit sceptical about this, when literaly half an hour later my pc locked up and I got a blue death screen stating something along the lines of the fact that a file had created an infinite loop command and that I should shut down the PC. After shutting it down the darn thing wouldnt post. I tried it a few times and nothing happened. Then I left it for a few hours and it booted up ok.


Now Im a bit feckin paranoid about the whole episode, its a bit spooky if u ask me. So whats the best way to protect my system from these wee bastards that wont cost an arm and a leg. I currently use Sygate as per the chap above I was chatting with.
Im not convinced I was hacked but it all seemed very strange.

 

[Summo]

I think most peeps here will tell you that ZoneAlarm is still the daddy. Free version available here

 

[Testin da Cable]

I rather doubt that this has something to do with your firewall.

Running the filesharing client opens a hole in your fw that allows communication to your pc. It may well be possible to create a code snippit [perhaps packaged inside something ordinary like an mp3 file] that gets executed and does 'something'. There are several evil things I can think of that can be done quite easily in this fashion. I suggest you write an email to the people who made the client you are using to ask them about this issue.

You should think of the average [ie. your] firewall as semipermeable. From the "outside" it's like a steel plate, but from the inside it's more like a sponge. Once you've opened a channel to "outside", it's there and can be seen by others. In the case of a distributed file-sharing client, this is "normal" behaviour. As most home systems run little firewalls, the peeps who make the clients have come up with sollutions to counter this, ie sacrifice the security of the firewall to expand the file-sharing network. The so-called "push request" is an example of this. Imo, from a security point of view, this is a disaster.

 

[Will]

Aye, true. Just to expand this a little further, I run a software firewall (Zonealarm of course) and also have NAT with my hardware router. Seems to lock everything down nicely, but I have a way of setting up the router as a hardware firewall. Do you think it's worth the effort?

 

[Sawtooth]

I take it the XP firewall is pants. I have the Mc Cadburys Firewall...seems okay


Saw

 

[bodhi]

I just use the University firewall. Nothing's got through so far.

 

[Embattle]

Originally posted by sawtooth
I take it the XP firewall is pants. I have the Mc Cadburys Firewall...seems okay


Saw

Its fine, just doesn't inform you of outgoing.

 

[Testin da Cable]

it's not fine heh. there are several ways an evil person could compromise it when used "as is", but then there are several ways an evil person could compromise anything short of a giga-class firewall

 

[Embattle]

Yes by getting a twat to dl BO then you wouldn't know whats going out, I generally consider myself smart enough not to get done

 

[Testin da Cable]

so? then I'll hide the code in something you might dl, like goat pr0n or so
you may well be smart enough to be aware of the risks, but there are a zillion others out there not like you Emb.

 

[Embattle]

Not my problem what they do

 

[Wazzerphuk]

No point in a firewall... just use 2K properly.

Or linux, natch.