Firewall Question

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi,
Can I use Firewall ZoneAlarm along with default XP Pro Firewall.? Will there
be any conflict or stability issue in my system? I though have the latest
updates and pacthes of XP, but still am thinking of experimenting. Any advice
, please!

Thanks
 
In
kallu said:
Can I use Firewall ZoneAlarm along with default XP Pro
Firewall.?
Will there be any conflict or stability issue in my system? I
though
have the latest updates and pacthes of XP, but still am
thinking of
experimenting. Any advice , please!
Click to expand...


You can, but you shouldn't. You achieve no extra protection, you
incur the extra overhead of running two firewalls, and you run
the risk (probably small, but not zero) of conflicts between
them.

The Windows firewall monitors incoming traffic only. Almost any
third-party firewall will also monitor outbound traffic, stopping
rogue programs trying to call home, and is a better choice.

See
http://www.microsoft.com/athome/security/protect/firewall.mspx
which includes the following:

"Q. Should I use both the built-in firewall and a software
firewall from a different company on my Windows XP computer?



"A. No. Running multiple software firewalls is unnecessary for
typical home computers, home networking, and small-business
networking scenarios. Using two firewalls on the same connection
could cause issues with connectivity to the Internet or other
unexpected behavior. One firewall, whether it is the Windows XP
Internet Connection Firewall or a different software firewall,
can provide substantial protection for your computer."



Also note that if you update your third-party firewall to a new
version, the update routine will probably turn it off first. If
the Windows firewall isn't running, you will temporarily be left
with no running firewall, which is very dangerous. So turn on the
Windows firewall temporarily before doing maintenance on your
third-party firewall.
 
Zone Alarm should be sufficient by itself. It has the advantage of checking
outgoing as well as incoming. Download the free version and see how you
feel about it.
 
Hi all!

Thanks for all your advice. Before I installed SP2, I had been using Sygate
on advice of friends ( Was completly new then to thing as Computer). Now
after a year or so, I felt using/trying something which everyone says is good
would do me some good. LOL...but after hearing all you advices, I felted more
comfused (Pardon) and would'nt like to take the plunge. May be I should still
stick with the default service before being too advanturous.

Thanks
 
Hi all!

Thanks for all your advice. Before I installed SP2, I had been using Sygate
on advice of friends ( Was completly new then to thing as Computer). Now
after a year or so, I felt using/trying something which everyone says is good
would do me some good. LOL...but after hearing all you advices, I felted more
comfused (Pardon) and would'nt like to take the plunge. May be I should still
stick with the default service before being too advanturous.

Thanks
 
kallu said:
Hi all!

Thanks for all your advice. Before I installed SP2, I had been using Sygate
on advice of friends ( Was completly new then to thing as Computer). Now
after a year or so, I felt using/trying something which everyone says is good
would do me some good. LOL...but after hearing all you advices, I felted more
comfused (Pardon) and would'nt like to take the plunge. May be I should still
stick with the default service before being too advanturous.

Thanks
Click to expand...

Sygate is one of the best free personal firewalls available. You would
be wise to use it again or Zone Alarm, and disable the Windows firewall.
bj
 
If you have service pack 2 installed you will not need zone alarm. I have
windows xp home and I have sp2 and it works fine. Hope this helps. Bill
 
Because AFAIK, SP2 doesn't block outgoing nasties, which Zone Alarm does.
Correct me if I'm wrong.
 
Sorry, I fail to agree. There are too many software programs waiting out
there for the unwary with inbuilt dialers etc. - especially when you let
your youmg kids loose to download anything they fancy, but which you
personally would immediately reject.
 
Frank said:
You are correct, but if you keep your system clean and block incoming,
you won't have any outgoing to block.
Click to expand...


While that's technically true, Frank, I don't really think it's a
particularly wise stance, security-wise, particularly since all too many
of the people reading these newsgroups are because precisely because
they don't know how to keep their computers secure.

As you know, WinXP SP2's firewall does not protect the user from any
Trojans or spyware that he/she (or someone else using his/her computer)
might download and install inadvertently. It doesn't monitor out-going
traffic at all, other than to check for IP-spoofing, much less block (or
at even ask the user about) the bad or the questionable out-going
signals. It assumes that any application the user has on his/her hard
drive is there because he/she want it there, and therefore has his/her
"permission" to access the Internet. Further, because the Windows
Firewall is a "stateful" firewall, it will also assume that any incoming
traffic that's a direct response to a Trojan's or spyware's out-going
signal is also authorized. Also, remember that antivirus applications
are primary re-active in nature; they won't be able to identify and/or
block a virus, Trojan or worm until _after_ the malware has been
discovered and new virus definition files distributed.

Where computer security and privacy of personal data are concerned,
I have to strongly recommend a belt-and-suspenders approach. ZoneAlarm,
Kerio, or Sygate are all much better than WinXP's built-in firewall, and
are much more easily configured, and there are free versions of each
readily available. Even the commercially available Symantec's Norton
Personal Firewall is superior by far, although it does take a heavier
toll of system performance then do ZoneAlarm or Sygate. Having a
secondary means of detecting the presence/activities of potential
malware is simply common sense.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
 
In
johnf said:
Sorry, I fail to agree. There are too many software programs
waiting
out there for the unwary with inbuilt dialers etc. - especially
when
you let your youmg kids loose to download anything they fancy,
but
which you personally would immediately reject.
Click to expand...


Although Frank is correct, I agree with you. Given that mistakes
can be made (and not just by young kids), it's prudent to do
both.

--
Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup

 
Back
Top