This is the talk page for discussing improvements to the Personal firewall article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|
"Features" section needs to be rewritten
editThe "Features" section needs to be rewritten. --Crid 06:33, 20 November 2005 (UTC)
"See also" and Windows XP
editThe current version of See also mentions Windows XP and its firewall (incidentally, in greater detail than one usually expects to find in such a section). Is there really any reason to single out Windows XP's firewall in an article about personal firewalls, though? If it's meant to be a list, surely it should include links to other products as well, such as Zonealarm or the likes. Any kind of firewall list will be incomplete anyway. In fact, there already is a list of personal firewall vendors on the article, makes no sense at all to me to have the wiki-link to Windows XP in See also. Capi 04:36, 23 January 2006 (UTC)
- I updated that section just now, so that at least it's more accurate. While I agree with you that singling out XP SP2's firewall (for better or worse) doesn't make a lot of sense, given the flow of the rest of the article, it's still useful information considering that XP SP2's firewall is actually part of the Windows operating system. Perhaps a better solution would be to include it in the "Problems and Weaknesses" section? Perhaps the "Features" section could be revised to include a mention of this? I'm just here to improve the quality of Windows-related information. :-) Warrens 20:48, 24 January 2006 (UTC)
"external links"
editLet them in alphabetic. -- Leon Sep.29 2006
Btw, http://www.firewallleaktester.com/ firewall review is done in 2006 and seems to be quite outdated by now. The link could be removed [imho]. -LK, 11.7.2008
ICMP
editCould an expert please explain what users should do with warnings about ICMP echo requests? This is probably one of the most difficult situations facing normal users because most experts say this traffic can of course be blocked whereas others say it depends on the ISP. Firewall manuals usually provide no help either. Apparently some ISPs check whether customers are online and drop the connection if they don't get an echo reply. Also, it would be interesting and important to note in the article why for example IANA would want to scan computer connections in this way:
KERIO PERSONAL FIREWALL Incoming Connection Alert! Remote: 192.168.254.254 - ICMP [8] Echo Request Someone on address 192.168.254.254 wants to send ICMP Packet to your machine Details about application: TCPP kernel driver.
Inner workings
editThis article completely omits the information on how a software firewall actually works. I believe it boots itself as a part of the protocol stack but I'd like to know more about it. --ZeroOne (talk | @) 08:25, 14 March 2007 (UTC)
- There is additional information in the external links, for example in the Software Firewalls: Made of Straw article, which goes into a lot of detail on how firewalls work. 193.136.128.14 19:06, 15 March 2007 (UTC)
'Desensitize'
editClarify 'desensitize' as in "The high number of alerts generated by such applications can possibly desensitize users to alerts."
Criticisms
editIn criticisms section there should be mentioned, that firewalls very often (or always?) use kernel level drivers and bug in them may cause system crash without any warning. So firewall bugs can be very nasty problem! I have experienced it with zonealarm and kerio. 195.163.176.146 10:09, 25 April 2007 (UTC)
This section in particular, in fact the whole article is completely lacking in citations of sources. The criticisms section appears to be original research, and so needs to be removed unless citations are added. See Wikipedia:Verifiability, Wikipedia:Citing sources. 83.105.29.229 (talk) 09:13, 26 November 2008 (UTC)
The whole page, and the criticisms section in particular, puts inordinate weight on the faults of some specific PFW packages and treats them as general faults of all PFW packages (e.g., opening listen sockets). Someone with more expertise than I have need to make this article more balanced, discussing the facts: that these criticisms are not inherent in the software class but show up in some of the software out there, and that not all PFWs use the same interface hook methods. Skreyola (talk) 21:49, 5 April 2009 (UTC)
Came here just by taking a search on drivers (interested about why the winPcap one is needed for showing remote IPs when firewalls ocasionally do it, when blocking some unauthorized phone call) and have read Sam Spade creator(s) comment. Very odd and article by somenone who doesn't use a firewall being listed here in this encyclopedia entry... — Preceding unsigned comment added by 201.15.143.33 (talk) 01:13, 29 July 2012 (UTC)
-- I agree with your criticism of the Sam Spade external link. It is a personal opinion article that presents no data or links to data to support his opinions. It is also outdated, as evidenced by multiple broken links, but also evidenced by the fact the author appears to have written this before the importance of filtering outgoing IP traffic was widely understood. In the current environment in which most malware is intended for theft of data, the ability to prevent malware from "phoning home" is critical. Furthermore the most insidious "rootkit" malware now operates at the kernel level and therefore removal can be time consuming. Unless the computer administrator is prepared to immediately wipe an infected drive and reinstall the entire system, it is a good thing to be able to block outgoing traffic to a particular site, or range of sites during the time that work is being done to track-down and remove the malware. The author suggests to the unsophisticated reader that "software firewalls" are inferior, even though he reports he runs a dedicated BSD computer as his own firewall. Even though his firewall has its own computer, it is most definitely a software firewall, and its hard to imagine that the author wouldn't have known that. The only really valid criticism of personal firewalls in this article is that if a trojan identify the presence of the firewall, then the trojan can disable said firewall. It is worthwhile pointing out that this is just as true of typical anti-virus software. Certainly no-one would recommend that anti-virus software should therefore not be used. In view of the above concerns, I am removing the external link to the Sam Spade article, as I believe it is outdated at best and misleading at worst. I also will add a note to the "Software Firewalls: Made of Straw?" external links to clarify that the articles are Windows specific and pertain to Layered Service Providers which are a feature unique to Microsoft's Winsock2. Plamoa (talk) 16:49, 30 March 2013 (UTC)
comparison
edita comparison table more detailed than /wiki/Comparison_of_firewalls would be helpful here. i may start working on one when i get home.
Translation
editI recently had to visit this page for a school project and stumbled upon the German version of this page: http://de.wikipedia.org/wiki/Software_Firewall. from the looks of it, it is a lot more detailed then the english site. it may be a good idea to get one of the translate projects to help us translate it —Preceding unsigned comment added by Robo-kun (talk • contribs) 15:03, 5 May 2010 (UTC)
History
editDonald Woeltje, a senior security consultant at the time (working for the client the Anheuser-Busch Corporation), developed the concept of the "personal firewall" while working on the BudNET architectural redesign project. The BudNET network is the data internetwork that connects Anheuser-Busch to all of its distributors worldwide. Mr. Woeltje was responsible for developing a proposed information security infrastructure design to be used to protect all BudNET computer systems. This was in 1997, which pre-dates all commercial personal firewall software designed for end user systems. It was his recommendation that A-B install firewall software on all Windows NT workstation and server systems (which is what comprised BudNET at that time). This was an idea well ahead of its time, as no such software specifically designed for this purpose had yet been developed and it would be years before such software was available. He contacted and brought in several of the enterprise class firewall vendors, at the time, for in person meetings and during those meetings, he pitched the idea of installing firewall software on every computer. All (but one) of the manufacturers laughed at the idea. Among these were companies that included Cisco, Checkpoint, Secure Computing, Milky Way Networks, Axent Technologies, GnatBox, Network-1, and a few others. The only company that said they could accommodate such a thing was Cyberguard, with their Cyberguard for NT product.
Of course, history has shown us that the concept of the "personal firewall" has become one of the defacto standards in protecting end user systems. Windows-based operating systems now come with it standard as a part of the OS and even Checkpoint, one of the manufacturers that laughed at the idea, sell their own version, known as Zonealarm.
Some might think that Mr. Woeltje would be wealthy by now from royalties on the use of the concept but sadly that is not the case. After talking to most of the major manufacturers about the concept, he never patented it. So, he has never received anything for his idea. And now he is unemployed and unable to find work in the information security industry.
173.8.106.225 (talk) 20:08, 7 September 2015 (UTC) Anonymous Yahoo News Reporter
References
- ^ A copy of the BudNET project security proposal documentation from Mr. Woeltje himself and verification by his employer about the validity of the documentation