OT - computer speed

William Tasso wrote:

> Firewalls running as software on the box they're
> 'protecting' are about as much use as a chocolate Tea Pot.
>
> --
> William Tasso

Very whimsical. Bill is no unlettered clod. See ya at the Renaissance
Faire Billy Boy.

TS Moderator wrote:
> William Tasso wrote:
>
>> Firewalls running as software on the box they're
>> 'protecting' are about as much use as a chocolate Tea Pot.
>>
>> --
>> William Tasso
>
> Very whimsical. Bill is no unlettered clod. See ya at the Renaissance
> Faire Billy Boy.
>

I'd go along with William - if anyone attacks my firewall (just a D-Link
modem/router), the firewall box just hangs immediately, stops the bastards cold.
My server is not affected, all I lose till I restart the firewall is internet
access. They cost next to nothing, and are a good first line of defence.

However, I do use A/V software, as customers sometimes send me files to look at
that have an unexpected bonus ...

--
Karen

"Sometimes I think I have a Guardian Idiot - a little invisible spirit just
behind my shoulder, looking out for me ... only he's an imbecile" - Jake Stonebender

On or around Wed, 23 Aug 2006 23:05:36 +0100, "William Tasso"
<[email protected]> enlightened us thusly:

>On Wed, 23 Aug 2006 18:34:22 +0100, Richard Brookman
><[email protected]> wrote:
>
>> ...
>> my work PC and my
>> home laptop get used by just the one person - me. The only difference
>> (as
>> far as I know, which ain't much) is that the work PC runs off the central
>> server, so all the AV software, firewall etc are remote from my desktop.
>> (Thinks - might have answered own question, turn off the AV as an
>> experiment.)
>
>AV == Anti Virus? never use it, on any platform.

You must be lucky, or live right. I don't use OE and I take pains not to
open suspicious stuff, but still get the odd one spotted by the AV software.
The only one I had trouble with is one I opened deliberately to see what it
was, having carelessly not updated the AV first. AV now on daily automatic
updates...

>Also - Firewall should be a separate box/appliance/unit dedicated to the
>task of firewalling - anything else renders it more likely to
>interference. Firewalls running as software on the box they're
>'protecting' are about as much use as a chocolate Tea Pot.

I'd rate them more useful than that, although you're right that for the bets
firewalling ability you need a separate box. not always practical though,
and a software one is better than none. Correctly configured, the better
software ones do things that a separate box won't - Outpost for example
allows detailed control of what apps are allowed to do and where they're
allowed to connect, and also flags changes in apps for you to check - if you
know you've not changed any software and it pops up with "components have
changed" then you think "'ello, why's that, then?"

granted that lot is more than yer normal firewall stuff, but it's very
handy. Almost all the apps here are only allowed to connect to where I say
they can, for example: the mail program can only do POP and SMTP to the mail
server, not to any other address. Granted it could send viruses through
that server, but if a virus were to get onto the machine and attempt to send
mail by pretending to be OE for example, it'd get nowhere.
--
Austin Shackles. www.ddol-las.net my opinions are just that
"Would to God that we might spend a single day really well!"
Thomas À Kempis (1380 - 1471) Imitation of Christ, I.xxiii.

On 2006-08-23 09:16:43 +0100, Austin Shackles <[email protected]> said:
>
> there are some for Macs. I've often rather fancied a Mac, but the problem
> traditionally is that bang-for-buck, PCs were cheaper and software more
> readily available. I think this is not so much the case now, but there's
> still a lot more software for PC than for Mac even so.
>
>
> main problem with OE is that it ships and installs wide-open; it's possible
> to make it secure (and make it work reasonably) but you have to do a lot of
> farting about to make it so, and joe public doesn't bother and thus spreads
> viruses all over the place.

I'm using a Mac Newsreader now but it doesn't offer wuite what I need.
However my MacBook is Intel powered and so can dual boot into WinXP if
I need to. However I haven't needed to! I can get most of the apps I
need in Mac flavours, its rock solid, and a dream to use in comparison
with PC's. I agree there is more software availale but how many of us
need much else apart from an office suite, web browser, image editor,
ftp etc?


--
Darren Griffin
PocketGPSWorld - www.PocketGPSWorld.com
The Premier GPS Resource for News, Reviews and Forums

Darren Griffin - PocketGPSWorld.Com wrote:

> I'm using a Mac Newsreader now but it doesn't offer wuite what I need.
> However my MacBook is Intel powered and so can dual boot into WinXP if I
> need to. However I haven't needed to! I can get most of the apps I
> need in Mac flavours, its rock solid, and a dream to use in comparison
> with PC's. I agree there is more software availale but how many of us
> need much else apart from an office suite, web browser, image editor,
> ftp etc?

True but then Linux does all that easily and all installs from one cd.

It's when you do have specific likes and needs in software that the
problem arises. I am accustomed to reading and posting with Agent, in
comparison this thunderbird stinks, it forces manual snipping or quotes
the whole message for instance.

Also products like google earth seem to have taken a while to port.


That's why I've followed Ian Rawlings' suggestion and hope to continue
running a windows legacy os and its associated programs as a virtual
machine.

AJH
>
>

On Wednesday, in article
<[email protected]>
[email protected] "William Tasso" wrote:

> On Wed, 23 Aug 2006 18:34:22 +0100, Richard Brookman
>
> <[email protected]> wrote:
>
> > ...
> > my work PC and my
> > home laptop get used by just the one person - me. The only difference
>
>
> > (as
> > far as I know, which ain't much) is that the work PC runs off the cent
> ral
> > server, so all the AV software, firewall etc are remote from my deskto
> p.
> > (Thinks - might have answered own question, turn off the AV as an
> > experiment.)
>
> AV == Anti Virus? never use it, on any platform.
>
> Also - Firewall should be a separate box/appliance/unit dedicated to the
>
>
> task of firewalling - anything else renders it more likely to
>
> interference. Firewalls running as software on the box they're
>
> 'protecting' are about as much use as a chocolate Tea Pot.

I think that's an extreme view, but you're right about the basic
weakness. Much depends on the design of the Operating System: Windows
has some fundamental design features in older versions which really
don't help.

Countering that, hardware firewalling on a router doesn't always have
the ease of configuration that the resources of your computer can
provide. Layering that hardware firewall with a software firewall on
your PC gives the bad guys two distinct problems to deal with.

I use ZoneAlarm, which also gives me a chance to detect new or changed
software on my system. This may be more useful than its firewall
ability.

As for anti-virus, I try not to do stupid things. But, without some
scanning tool, you would pretty well have to put an axe through your
internet connection. That's the only way to be sure.

Of course, if you are using some other Operating System, and Mac OS/X
has an excellent reputation, you maybe don't need the same protection.


--
David G. Bell -- SF Fan, Filker, and Punslinger.

"I am Number Two," said Penfold. "You are Number Six."

On or around Thu, 24 Aug 2006 16:04:54 +0100 (BST), [email protected]
("David G. Bell") enlightened us thusly:

>Of course, if you are using some other Operating System, and Mac OS/X
>has an excellent reputation, you maybe don't need the same protection.

there are mac viruses now as well...
--
Austin Shackles. www.ddol-las.net my opinions are just that
In Touch: Get in touch with yourself by touching yourself.
If somebody is watching, stop touching yourself.
from the Little Book of Complete B***ocks by Alistair Beaton.

On or around Thu, 24 Aug 2006 15:10:22 +0100, Darren Griffin -
PocketGPSWorld.Com <[email protected]> enlightened us thusly:

>On 2006-08-23 09:16:43 +0100, Austin Shackles <[email protected]> said:
>>
>
>I'm using a Mac Newsreader now but it doesn't offer wuite what I need.
>However my MacBook is Intel powered and so can dual boot into WinXP if
>I need to. However I haven't needed to! I can get most of the apps I
>need in Mac flavours, its rock solid, and a dream to use in comparison
>with PC's. I agree there is more software availale but how many of us
>need much else apart from an office suite, web browser, image editor,
>ftp etc?

Railroad Tycoon, X2, X3, Age of Empires, Cossacks...

I dunno how many if any are available for Mac OSX

plus pagemaker (which might or might not be).

actually, that's my list of "why I don't run linux" and it may not all
apply to the Mac.
--
Austin Shackles. www.ddol-las.net my opinions are just that
In Touch: Get in touch with yourself by touching yourself.
If somebody is watching, stop touching yourself.
from the Little Book of Complete B***ocks by Alistair Beaton.

William Tasso wrote:

| On Wed, 23 Aug 2006 18:34:22 +0100, Richard Brookman
| <[email protected]> wrote:
|
|| ...
|| my work PC and my
|| home laptop get used by just the one person - me. The only
|| difference (as
|| far as I know, which ain't much) is that the work PC runs off the
|| central server, so all the AV software, firewall etc are remote from
|| my desktop. (Thinks - might have answered own question, turn off the
|| AV as an experiment.)
|
| AV == Anti Virus? never use it, on any platform.

I've had problems with Norton on other machines, but this came with it
installed and I have been pleased with it - it has stopped a couple of nasty
things in their tracks and seems to keep things sweet. I can accept certain
limitations (scanning Excel files every time they open is a bit annoying).
But Norton has always been there, and 6 months ago the machine was as quick
as could be. If my AV software is to blame, it can only be caused by the
months of updates. The symptoms are of a severe lack of RAM (like the old
memory "leakage" of Win98) that a reboot won't cure.

I think I'm going to try disabling the AV and seeing how it goes. After
that, it's a total re-install on my spare HD. I know that would cure the
problem, but it wouldn't explain why.

--
Rich
==============================

Take out the obvious to email me.

Richard Brookman wrote:
> The symptoms are of a severe lack of RAM (like the old
> memory "leakage" of Win98) that a reboot won't cure.

Coming late to this thread, but how about power save settings? Our PC
at home (running Suse 10.1 Linux) defaults to a power save setting
called "powersave" (!) that causes it to run like a dog. Change it to
"performance" and it's like sh** off a shovel.

Lizzy

Lizzy Taylor wrote:

|| Richard Brookman wrote:
||| The symptoms are of a severe lack of RAM (like the old
||| memory "leakage" of Win98) that a reboot won't cure.
||
|| Coming late to this thread, but how about power save settings? Our
|| PC at home (running Suse 10.1 Linux) defaults to a power save setting
|| called "powersave" (!) that causes it to run like a dog. Change it
|| to "performance" and it's like sh** off a shovel.
||
|| Lizzy

I am using the Windoze Home/Office Desk setting which never switches off the
monitor, drives etc, never stands by and never hibernates. It seems the
most appropriate for the use I make of it, which is 99% of the time on a
desk connected to the mains.

--
Rich
==============================

Take out the obvious to email me.

On Thu, 24 Aug 2006 08:37:39 +0100, Austin Shackles
<[email protected]> wrote:

> On or around Wed, 23 Aug 2006 23:05:36 +0100, "William Tasso"
> <[email protected]> enlightened us thusly:
>
>> On Wed, 23 Aug 2006 18:34:22 +0100, Richard Brookman
>> <[email protected]> wrote:
>>
>>> ...
>>> my work PC and my
>>> home laptop get used by just the one person - me. The only difference
>>> (as
>>> far as I know, which ain't much) is that the work PC runs off the
>>> central
>>> server, so all the AV software, firewall etc are remote from my
>>> desktop.
>>> (Thinks - might have answered own question, turn off the AV as an
>>> experiment.)
>>
>> AV == Anti Virus? never use it, on any platform.
>
> You must be lucky, or live right.

Lucky - as in, I remember the very first virus infecting a PC I owned.
Researched, worked out the what & how of it all and built my strategy
around that knowledge.

No open ports except those I specify.
OE - text only and no inline extras
IE - no script at all - except for a few hand-picked sites

> I don't use OE and I take pains not to
> open suspicious stuff, but still get the odd one spotted by the AV
> software.

I use OE for pop3 and Thunderbird for imap. Tried to use M2 for both -
gave it several months but it just ain't there yet.

>
>> Also - Firewall should be a separate box/appliance/unit dedicated to the
>> task of firewalling - anything else renders it more likely to
>> interference. Firewalls running as software on the box they're
>> 'protecting' are about as much use as a chocolate Tea Pot.
>
> I'd rate them more useful than that, although you're right that for the
> bets
> firewalling ability you need a separate box. not always practical
> though,
> and a software one is better than none.


not if the virus that gets you is able to disable/modify your installation.

> Correctly configured, the better
> software ones do things that a separate box won't - Outpost for example
> allows detailed control of what apps are allowed to do and where they're
> allowed to connect, and also flags changes in apps for you to check - if
> you
> know you've not changed any software and it pops up with "components have
> changed" then you think "'ello, why's that, then?"
>
> granted that lot is more than yer normal firewall stuff, but it's very
> handy.

Yes - that is a useful feature but as above, becomes void if your virus
can alter the parameters.

> Almost all the apps here are only allowed to connect to where I say
> they can, for example: the mail program can only do POP and SMTP to the
> mail
> server, not to any other address.

That's where a local mail server comes in handy - once you have that in
place your (separate) firewall can be configured to only allow outgoing
SMTP from that mail server. Helps make one a good neighbour

--
William Tasso

Land Rover - 110 V8
Discovery - V8

On Thu, 24 Aug 2006 16:04:54 +0100, "David G. Bell"
<[email protected]> wrote:

> On Wednesday, in article
> <[email protected]>
> [email protected] "William Tasso" wrote:
>
>> On Wed, 23 Aug 2006 18:34:22 +0100, Richard Brookman
>>
>> <[email protected]> wrote:
>>
>> > ...
>> > my work PC and my
>> > home laptop get used by just the one person - me. The only difference
>>
>>
>> > (as
>> > far as I know, which ain't much) is that the work PC runs off the cent
>> ral
>> > server, so all the AV software, firewall etc are remote from my deskto
>> p.
>> > (Thinks - might have answered own question, turn off the AV as an
>> > experiment.)
>>
>> AV == Anti Virus? never use it, on any platform.
>>
>> Also - Firewall should be a separate box/appliance/unit dedicated to the
>> task of firewalling - anything else renders it more likely to
>> interference. Firewalls running as software on the box they're
>> 'protecting' are about as much use as a chocolate Tea Pot.
>
> I think that's an extreme view, but you're right about the basic
> weakness. Much depends on the design of the Operating System: Windows
> has some fundamental design features in older versions which really
> don't help.
>
> Countering that, hardware firewalling on a router doesn't always have
> the ease of configuration that the resources of your computer can
> provide. Layering that hardware firewall with a software firewall on
> your PC gives the bad guys two distinct problems to deal with.

and extra layers to manage/verify - still, if it works for you I can't
fault it.

> I use ZoneAlarm, which also gives me a chance to detect new or changed
> software on my system. This may be more useful than its firewall
> ability.

This is a splendid feature, but it can be compromised just the same.

> As for anti-virus, I try not to do stupid things. But, without some
> scanning tool, you would pretty well have to put an axe through your
> internet connection. That's the only way to be sure.

bah - it is simply a matter of never running/installing (or allowing same)
anything unless you are sure of its provenance. Now, I know some folk are
forced to accept file formats which are inherently prone to abuse and in
that case I can see a strong argument for file scanning - but only if the
AV files are up to date.

> Of course, if you are using some other Operating System, and Mac OS/X
> has an excellent reputation, you maybe don't need the same protection.

Personally, I am entirely o/s agnostic. Of course, I have opinions about
which is best for any particular task, but I suspect voicing them would be
venturing into troll territory - and we have enough of those already

--
William Tasso

Land Rover - 110 V8
Discovery - V8

On or around Thu, 24 Aug 2006 23:37:04 +0100, "William Tasso"
<[email protected]> enlightened us thusly:

>Yes - that is a useful feature but as above, becomes void if your virus
>can alter the parameters.

I'm pretty sure that Outpost monitors itself for changes as well, and locks
everything up if things get altered. I do know that any change to any
software means that software can't get out without permission.

lets face it, the firewall is an obvious attack point, so the first thing it
has to do is monitor itself.

The router has a basic firewall in it as well, I believe.
--
Austin Shackles. www.ddol-las.net my opinions are just that
"There is plenty of time to win this game, and to thrash the Spaniards
too" Sir Francis Drake (1540? - 1596) Attr. saying when the Armarda was
sighted, 20th July 1588

Austin Shackles wrote:

> The router has a basic firewall in it as well, I believe.

It's not exactly difficult to grab an old PC, slap an extra NIC in it
and run something like IPCop on it. Add in a few of the extensions like
Cop+ and you have a moderately good standalone firewall for virtually no
cost.


--
EMB