 |
 |
Putting a "firewall" on the machine that winds up protecting itself is something of a bad idea. A firewall really wants to be an entity which has all the packets in the network flowing past it, where it makes determiniations about them. Putting this software right on the client machine, espically a software platform that more resembles swiss cheese than rock would seem to be fraught with potential problems. Would this help, at least some? Probably. Proper security is much more like an onion than a castle wall--oen does things layer by layer, each hopefully adding something to the equation. You might want to tell your users that it isn't likely to hurt, but also, it isn't likely to be of tremendous help in some new nasty attack. I have heard too many people say "we have a firewall! We're safe!", not understanding that a firewall by definition has to let certain types of packets though (like http), and as such isn't protection for a web server. If you can educate people that this is just one tool in the arsenal of security and not a holy weapon, then it is likely a win. I still question the effectiveness of the placement of the tool however. --STeve Andre' (Political Science computer geek) On Thursday 16 January 2003 14:15, Cheryl Akers wrote: > BlackICE personal firewall as sold by the computer store for $5 > Should I recommend it to my faculty users? > > Rating? > > 1) Better than nothing > 2) More trouble than it is worth > 3) If you're going to pay, buy something worthwhile like Zone Alarm > > Is the firewall in XP as good as the one in BlackIce for nonserver > purposes? > > Other thoughts? > > Thanks > Cheryl