ragnarok2040 wrote:Yeah, all they have to do is scan your ports and if any are detected to be open, try to upload various programs/exploits through them. There's different tricks for each port, so all they have to know is the open port in order to know what will or will not work.
Right.
The problem with that scenario is that most virus writers and 'hackers' are just script kiddies using well documented *and patched* exploits; if you have a *genuine* hacker after you your firewall is not a lot of use - in fact often you can be
worse off with a firewall, because of a false sense of security (Oh, I have a firewall, I don't need to worry about what websites I visit / what .exes I run) and whats worse, some firewalls will bounce back signals from port scans letting the 'hacker' know *exactly* what firewall you are using and what ports it is trying to protect.
That combined with their being known exploits on certain software firewalls, together with the knowledge that if you have a firewall you're likely to be of the 'well if its not telling me theres nothing wrong, theres nothing wrong' mentality *simply because you have 'a firewall'* means in a lot of cases its *easier* to go for a supposedly protected machine.
Do I think firewalls are useful computer securikty devices? Yes.
Do I think you'll be rooted the second you go online if you don't have one? Absolutely not.
The average computer user with a fully updated and patched OS and a virus checker with the latest definitions stands very little chance of anything bad happening to their PC.
If you're a heavy P2P user, or download a lot of 'dodgy' stuff (warez, cracks, etc) or piss off script kiddies on a regular basis, and / or are paranoid then yeah you probably should have a firewall.
Just so you know, I'm not currently using a firewall, and I got a nearly perfect score on grc.com (I have open ports, but nothing can be done with them - gibson always has loved scaremongering) and have
never been hacked. Hell, I've never been infected with a virus.
Common sense > any kind of 'automatic computer security' application.