firewall

Hi, I just have a problem with this-beeing without Firewall- and tell the windows firewall is enough and ok! and also the software doesn't have any password (master password). but I am disagree with this by my old exprience about that a Hacker can access to my computer with many ways you know better, for example open ports of win firewall ( assume I am a simple user), so he or she can get access. then can change setting of my Fsecure app, and so he/she can install every badware or Trojan ,... on my system. and you guess, after afew hours he own my system and my lovely Fsecure can't do anything anymore after this.it's to late. So thell me what should we do? against hackers and beenig safe without strong and reliable firewall?
sincerely yours
H.B

Comments

  • Ukko
    Ukko Posts: 3,609 Superuser

    Hello,

     

    Sorry for my reply. I am only an F-Secure user (their home solutions).

    Just as discussion between Community users (and some of my feelings).


    First of all, there are some feature requests about "not a built-in Windows Firewall" (own firewall):

    partly related:

    it is possible to vote them - if you are sure and feel that it is needed.

    Some of recent discussions about:


    My own feelings - own firewall is good if (when) it is better than Windows Firewall.
    But does it possible to create basic functionality of firewall  better than this is implemented in Windows Firewall? I think it is a pretty tricky.

    Most likely, that something like advanced user interface (or just interface) for friendly control and rule it - is something that needed. Since own interface of Windows Firewall is a bit "technical" (although, quite clear). All in all, it is just about rules for inbound and outbound connections.

    And solutions like F-Secure SAFE (or beta FS Protection) with additional feature for Windows Firewall abilities (this one).

     

    Maybe, discussions about "own firewall" are about another features or functionality. For example, those that are not always based on Firewall meanings.


    What about password protection for (settings?!). Basically, settings are protected by Administrator rights. I think it is more powerful than "password".

    In general, good to elevate first to Administrator rights (with secure design - you have to type your Administrator login and your password; Not just like "UAC" allowance) AND then to type one additional password. But sounds a bit strange for own use. And, perhaps, if there is a malicious software with so abilities (as to change your settings of F-Secure solution) - then.... probably... malicious software will do something else (not need to disable security solution for trouble).

    In addition, if malicious software is already on system - then it is (also) not nice. Since security solutions should prevent it (thus, maybe to improve protection against this).

     

    But I am not sure about statement that such malicious software (or attacker) will use "Open ports of Windows Firewall". By the way, what is it?

    Perhaps, it is not enough setting. Even if port is opened on system (for example, server with "80"-port) - it is not enough for harmful access to system (at least, if any known vulnerabilities are not exist).

     

    So, what are set of features for Firewall that are suitable (needed) for you (based on your opinion)?

     

    Sorry for my English!

     

    Thanks!

  • alexpower88
    alexpower88 Posts: 19 Explorer
    Hi my dear friend, thank a lot that you spent your time to answer me completely. I just tell this shortly that you know what I experienced: first I install badware app on my Samsung mob , then i realized that someone has access to my device and even his phone was in my Google account about 3 ,4 different phone, I became angry and I told him mother.F go out of my privacy,then he copied all my 3 years info, pic, bank card, ....everything...password of my 3 important Email and at the end he locked my phone. I flash my device but put those emails ( with to step verification sms)on device, efew weeks later I realized he was so busy with my laptop,first he changed ESET any.virus setting to do easily his dirty work.then he was admin and I simple user without much authority , he encrypted many very important files, delete some, and encrypt system files all over hard disk. Oh God disaster. And after 8...9 month I steel have a doubt that may be hi is doing some damage to my devices. I even don't know how he enter to my systems( flash mobile again, new emails) but after a while it's start with sign: the authority of folders drives, start to change windows ability come slow, many program don't work anymore ...etc.
    Sorry for my long story
    Maybe because of that I need a full protection ( strong and intelligent FIREWALL)why intelligent? Because it should check every in ,out, very deeply and find root of that file and approved it's health for sytem ,!! Otherwise 《nobody can , nobody have time and patience to check FIREWALL alarms about svchost permits to run!!! So all the people will say okkk it's absolutely for windows so ok access Grant!!!! Boom very easy hacker came to your system by faking trojan as a windows file. At the end my dear friends and Engineers, you tell me what should we do about this problem?
  • Ukko
    Ukko Posts: 3,609 Superuser

    Hello,

     

    Thanks for your feedback. Just as an explanation: I am only an F-Secure user (their home solutions) too.

    So, this is just discussion and my own feelings. Good if there will be response from more experienced users or technical people.

     

    Anyway, based on your story:

    I think that, maybe, if mobile device was compromised - then it can be a background for all further troubles.

    What I do able to suggest (or to check) is review your access point / router.

    Since even if your Windows device with good state (Firewall or so) - vulnerable router (for example, how you get Wi-Fi network to laptop or Internet via Ethernet) is pretty dangerous. Usually, it is can be "default password" for admin panel OR known troubles with certain model.

     

    As a result (if a router is hacked / compromised), all connected devices to this network are vulnerable. And such state can be with exploitation.

     

    In addition, when malicious software is launched under system - then even "own" firewall is not always helpful. There are some old school designs (as whitelist-based security solutions) around Application control. For example, tool / solution VoodooShield or certain technologies under full security solutions that are good protection against so tricky setting - but, in general, it is not always useful. Need to control all and it can be misleading with some forms when you have to do it too often.

    But I think that such functionality can be good addition to F-Secure home solutions (I think that something like that is implemented with their business solutions and, perhaps, with Mac-platform solutions).

     

    Sorry for my English.

     

    Thanks!

  • nanonyme
    nanonyme Posts: 145 Path Finder

    Hey, 

    Just adding here that the only way to get UAC with password prompt working well without the cheaper Windows home versions being a serious nuisance is to create a separate admin account and routinely use your machine as standard user. You might be positively surprised that few things you do require UAC elevation so you get to enjoy a secure and mostly hassle-free system. 

This discussion has been closed.