Firewalls - what the heck?
|
| Author | Content |
|---|---|
| phsolide Nov 22, 2011 12:22 PM EDT |
It took me a while to understand why Windows computers need "personal firewalls" or whatever baby talk they use to describe that function: because nobody, and I mean nobody, not even MSFT, understands all the network stuff that a Windows OS does from time to time. If you've ever looked at what a NAT firewall (on a real, different machine) has open for a freshly-booted Windows box, you'll just be stunned. Windows OS needs some kind of override because MSFT didn't take any care when they built Windows networking. But why does a Linux machine need this? If you don't run telnetd or sshd, or you've got sshd set up more-or-less correctly, why bother with a "personal firewall"? It's relatively easy to track down which process has which socket opened, and it's pretty easy to not start superfluous daemons. Also, there's a commercial on this article that actually has sound. I've got a bunch of common ad-servers set to 127.0.0.1, but something managed to sneak through and advise me to drink "Red Bull". Rubbish. |
| helios Nov 22, 2011 1:14 PM EDT |
Yeah, I posted a comment about this to his website but he didn't allow it. I told him the danger wasn't outside attack, it was video ads that the user cannot get rid of while they are trying to read an article. This is becoming pervasive on the big commercial sites and even adblock plus AND my own hacks to ad-servers won't block most of these. I don't care if he posted a link to the cure for cancer. I quit reading when I had to mute the d@mmmm thing three times and it kept unmuting itself. |
| mrider Nov 22, 2011 1:48 PM EDT |
It's painful how Windows centric that thought process is. Connecting a Windows computer directly to the Internet without an intervening firewall is like parking a BMW in New York, leaving the doors unlocked, the keys in the ignition, and a $100 bill on the seat. My laptop has no network accessible ports open at all. I feel perfectly comfortable exposing it directly to the Internet with no intervening filters whatsoever. Like someone on his site posted - the only thing I have to worry about is a remote exploit in the network stack, and if there is one, then a software firewall likely won't help. Certainly there are plenty of times when a firewall is required. But every single time. No. |
| mbaehrlxer Nov 22, 2011 9:26 PM EDT |
helios: turn off flash. i think on firefox there is a plugin that allows you to turn individual flash frames back on. on chromium it's a setting. when i actually do want to see a flash frame i can just right-click and run it selectively. greetings, eMBee. |
| helios Nov 22, 2011 9:36 PM EDT |
Yeah, I had that for a while but it got to be such a pain that I disabled it. Time to try it again. Thanks. |
| BernardSwiss Nov 23, 2011 1:19 AM EDT |
That plugin is called, quite simply, Flashblock. It replaces Flash objects with a a similarly-sized object. Mousing over it will reveal the source, clicking the play button will over-ride the block for that sole video. There's also a whitelist, but I rarely use that feature. Between Flashblock and "Nuke Anything Enhanced" (lets you remove annoying elements via the right-click menu) I don't feel any need to bother with a broad-spectrum ad-blocker(*). (*) (and since I recognize that the ads are paying the freight, I prefer to let them through unless they give me reason to block them specifically, and auto-flush cookies when I close the browser). |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!