READ NOW!! !! !! !! !! !! !!

Page 2 of 2 [ 25 posts ] Go to page Previous 1, 2

olle
Snowy Owl

Joined: 2 Mar 2008
Age: 32
Gender: Male
Posts: 157

07 Aug 2008, 4:56 pm

One thing about Norton: A highly new version of Norton Anti-everything Personal Everything Security for Windows, that I had the duty to install for a neighbour of mine, has a liiiittle flaw.

It blocks, by default, all traffic. Even outbound connections.
It has no rule to let through normal email POP or SMTP at ports 118 or 25.
Yes, it blocks all attempts to fetch or send email, by default.
I've never seen anything nastier by any security software.

I read reports online by users who desperately threw out their installation of Norton Anti-Everything Personal Security because of this. If only Symantec had been the ones who suffered from this, and not relatively innocent users.

Cormac_doyle
Yellow-bellied Woodpecker

Joined: 25 Jun 2008
Age: 50
Gender: Male
Posts: 67
Location: Ireland

07 Aug 2008, 7:26 pm

olle wrote:

Every firewall should by default block everything ... that way you get to chose what you allow out.

For example, if you use gmail (or similar), you have no requirement to allow out smtp traffic on port 25 ... something that most mass mailer viruses try to do.

Firewalls that do not start out by blocking everything are not worth using.

gamefreak
Veteran
Veteran

Joined: 30 Dec 2006
Age: 35
Gender: Male
Posts: 1,119
Location: Citrus County, Florida

07 Aug 2008, 10:36 pm

Cormac_doyle wrote:

NIS 2009 (on Beta at the moment) has dramatically reduced it's performace footprint ... it's actually very impressive.

However, since I work for the Symantec side of things, I have to admit I'm not entirely impartial

Symantec is doing this because the new NIS 2009 is being based around the Symantec Endpoint Security program that Fortune 500 companies and corporate users use. [Heck i use Symantec Endpoint Security on my home computer considering the fact that the school gives it out for free to all employees.] Phenomenal move Symantec made right there. Been satisfied with Symantec since the 1st Norton came out 18 Years ago.

gamefreak
Veteran
Veteran

Joined: 30 Dec 2006
Age: 35
Gender: Male
Posts: 1,119
Location: Citrus County, Florida

07 Aug 2008, 10:41 pm

olle wrote:

First thing Symantec knows what they are doing. It does that so NIS can build up rules so the firewall can efficiently block all connections you don't want. Also Norton Firewall is technically Sygate Firewall and is one of the best.[ In November 2005 Symantec bought out Sygate Security and branded Sygate Firewall as Norton Firewall.]

Aaron_Mason
Veteran
Veteran

Joined: 3 Jul 2005
Age: 40
Gender: Male
Posts: 511
Location: Bathurst, Australia

07 Aug 2008, 11:16 pm

olle wrote:

I hate to admit it (an anti-Symantec here), but Cormac_doyle has a point. A firewall should say "let this, this and this through, stuff everything else". Default Deny is the most beautiful security concept ever devised - I'm surprised it hasn't found its way into process execution.

It's far easier to track the 10 or 20 bits of goodness on your system than it is to track the 80,000+ bits of badness out there. Because of the imbalance of good versus bad virus protection is practically useless - if you don't get an update before the virus hits you, you're toast. A computer should not be allowed to run something the user did not intend to run. If in doubt, ask. That's what I liked about ZoneAlarm - if something wanted to access the internet from my system, it had to ask first.

_________________
We are one, we are strong... the more you hold us down, the more we press on - Creed, "What If"

AS is definitive. Reality is frequently inaccurate.

I'm the same as I was when I was six years old - Modest Mouse

olle
Snowy Owl

Joined: 2 Mar 2008
Age: 32
Gender: Male
Posts: 157

08 Aug 2008, 5:12 am

Cormac_doyle, gamefreak, and Aaron_Mason:

From a technical standpoint, yes, you have a point. But in order for a firewall to be secure, it must be used, and not circumvented by frustrated users. Bad usability is never a good thing, it might even be extra important in firewalls, since the wrong configuration of a firewall can be dangerous.

It might or might not be a good thing that a firewall for home PC users blocks all outgoing connections (except for the exceptions) in addition to invound connection attempts. I can't tell. But if this is done, the user must be given a clearly visible choice to easily allow the connection or deny it. Anything else is, from a usability standpoint, unacceptable.

In this case, Norton blocked email, a quite drastic move. It gave the average user no way of allowing email, or even knowing that the firewall was the reason they couldn't fetch their mail.

The neighbors who had bought the laptop from me, had no possibility of knowing what was going on. They are completely computer illiterate. It took me a long time finding the erratic firewall rule, fixing it, and tweaking Windows Mail connection settings.

As i said, some other newbies explained on the web how they have "solved the problem" by uninstalling Norton.

gamefreak
Veteran
Veteran

Joined: 30 Dec 2006
Age: 35
Gender: Male
Posts: 1,119
Location: Citrus County, Florida

08 Aug 2008, 10:18 am

olle wrote:

A problem like that will only happen on 1 and 1000 computers with NIS on it. The best way to get rid of that is have no other security software with On-Access protection on your computer.[ Like Avast, Ad-aware Or PCTools Firewall.] Also installing NIS on a clean windows install helps a lot.

gamefreak
Veteran
Veteran

Joined: 30 Dec 2006
Age: 35
Gender: Male
Posts: 1,119
Location: Citrus County, Florida

08 Aug 2008, 10:21 am

Aaron_Mason wrote:

olle wrote:

Thats the thing, A lot of people get scared when they see Zonealarm give a warning message 5 times before that user even gets to Google. Thats why i wouldn't install WinPatrol on computers i repair.[Although i use at at home and all computers i use.]

Dokken
Veteran
Veteran

Joined: 11 Oct 2007
Age: 45
Gender: Male
Posts: 998
Location: DeeSee/Merryland Area

08 Aug 2008, 5:33 pm

gamefreak wrote:

Ashton wrote:

gamefreak wrote:

Its called pick up a copy of Norton Antivirus or download Avast Home if your a cheapskate.

Norton, eww, hell no.

I highly doubt Twitter has a virus though, there'd be a mass uproar over it. You got it from somewhere else, trust me.

Believe it or not but Symantec made Norton not has much of a memory hog with the new 2008 Version. Also its not going to take up that much memory anyways if you just buy the standalone antivirus program w/o the internet securuty crap or norton 360 junk. As a tech i see the program as rock solid and sturdy compared to the rest. Heck, even AVG is now starting to become a CPU Hog. Besides the fact that i know people who quit using Norton and 3 Weeks later I have a house call to clean up their computers after a buttload of trojans bombared the system because AVG toke a nap.[Has On-Access Protection but its not good and it always clitches.] Heck even the so-called godly Kaspersky Antivirus eats up more resourecs.

Anyways make a complaint the the site and have the admin give the site a virus scan.

http://downloads.pcworld.about.com/arti ... mers.html#

PCworld is paid to promote Symantec products. Symantec products are crap.

For antivirus get G-Data AntiVirusKit (resources hog), Avira AntiVir Personal Edition (free I think), Kaspersky, and maybe nod32.

I know those are good ones when I used to sue windoze

Page 2 of 2 [ 25 posts ] Go to page Previous 1, 2

Jump to:

Similar Topics
How many of you read the TOS of websites and software? in Random Discussion	02 May 2025, 8:15 am ToughDiamond
You can read one of my short stories on Medium in Art, Writing, and Music	23 Apr 2025, 11:43 am Honey69
where can I read the mary worth comics? (from 1930s to now) in Random Discussion	10 May 2025, 2:35 pm lostonearth35
I couldn't read past 50 pages of the new hunger games book in Random Discussion	09 May 2025, 5:49 pm 1991s1

READ NOW!! !! !! !! !! !! !! Post Reply New Topic

READ NOW!! !! !! !! !! !! !!